Role:SR AppSec EngineerLocation: Manchester, UKDuration: 6+ Months
Role description:
Responsible for embedding security into SDLC and CI/CD pipelines, supporting application security testing, and guiding developers to implement secure-by-design principles. Drives DevSecOps practices across development teams to ensure robust, secure software delivery.
Key responsibilities:
Integrate security into SDLC and CI/CD pipelines.
Support SAST, SCA, IaC, and dependency scanning for applications and infrastructure.
Provide developer guidance and remediation support for identified vulnerabilities.
Promote secure-by-design and DevSecOps practices across development teams.
Collaborate with engineering and security teams to improve application security posture
Key skills/knowledge/experience:
DevSecOps implementation and secure SDLC practices
Static Application Security Testing (SAST) and Software Composition Analysis (SCA)
Infrastructure-as-Code (IaC) security and dependency scanning
Developer guidance and vulnerability remediation
Secure-by-design principles and application security best practices
JBRP1_UKTJ