Senior Cyber Security Analyst (OWASP / SAST /DAST - Banking Client
Application Security | Secure Design | Threat Modelling | DevSecOps
?? Locations: London | Paris | Brussels | Amsterdam
Rate: Flexible
Duration: 12 months
We are looking for a Cyber Security Analyst specialising in Application Security and Secure Architecture to join a high-performing security team responsible for protecting large-scale enterprise platforms.
This role focuses on embedding security into application design and development, performing security risk assessments, and ensuring that modern applications and platforms are built following secure-by-design principles .
You will work closely with software engineers, architects, DevOps teams and security engineers to ensure security is integrated throughout the technology lifecycle.
Key Responsibilities
Application Security & Secure SDLC
Perform application security assessments across modern enterprise platforms.
Review application architecture and ensure alignment with secure-by-design principles .
Embed security into the software development lifecycle (SDLC) .
Support development teams in implementing secure coding practices aligned with OWASP guidelines .
Security Testing & DevSecOps
Define and review security testing activities including SAST, DAST and software composition analysis (SCA) .
Work with engineering teams to integrate security scanning into CI/CD pipelines .
Analyse vulnerability scan results and support remediation of application security issues.
Threat Modelling & Security Risk Assessments
Conduct threat modelling exercises using frameworks such as STRIDE or MITRE ATT&CK .
Identify potential security threats, vulnerabilities and attack scenarios within applications and supporting infrastructure.
Perform structured security risk assessments and provide remediation recommendations.
Security Architecture & Secure Design
Review application and platform architectures to ensure appropriate security controls are implemented .
Translate high-level security policies into technical security requirements for development teams .
Work with architects to ensure applications are built following secure architecture patterns .
Security Advisory
Provide security expertise to engineering teams, project managers and technology leaders .
Support security decision-making during application design and implementation.
Contribute to security best practices, standards and guidelines.
Key Technical Skills
Strong experience in application security and secure software development including:
Secure Software Development Lifecycle (SSDLC)
OWASP Top 10 and secure coding practices
Application security testing (SAST / DAST / SCA)
Threat modelling methodologies (STRIDE, MITRE ATT&CK)
Vulnerability management and remediation
Secure architecture and design reviews
DevSecOps and CI/CD security integration
API security and modern application architectures
Experience with tools such as:
SAST / DAST platforms
Code scanning tools
CI/CD pipelines (GitHub, GitLab, Jenkins etc.)
Container security platforms
Cloud security tooling
Technology Environment
Exposure to modern technology environments including:
Cloud platforms (AWS, Azure or GCP)
Containerised platforms (Docker / Kubernetes)
Microservices architectures
REST APIs and modern application frameworks
Identity and access management solutions
Ideal Candidate Background
7-12+ years experience in cyber security
Strong focus on application security
Experience working closely with software engineering teams
Experience performing security architecture reviews
Experience in DevSecOps environments
Strong communication skills and ability to explain security risks clearly
Certifications (Optional)
Relevant certifications may include:
CISSP
OSCP
CSSLP
GIAC
Security+ or similar
What Makes This Role Interesting
You will work in a highly technical security environment, collaborating directly with engineers and architects to secure modern platforms at scale.
This role offers the opportunity to influence secure architecture, application security practices and DevSecOps adoption across complex enterprise systems.
Please do send across to me the most up to date CV to
*Rates depend on experience and client requirements
TPBN1_UKTJ