Application Security Engineer – Leeds – up to £75K plus benefits (Hybrid working)
Change Digital are proud to be supporting a leading UK-based financial advice and wealth management firm in their search for an Application Security Engineer. This is an exciting opportunity to join a business committed to innovation, collaboration, and excellence in cybersecurity. Sitting within the Cyber Resilience & Architecture team, you’ll play a pivotal role in embedding security into every stage of the software development lifecycle and across cloud infrastructure.
You’ll work closely with engineering, DevOps, and platform teams to ensure applications and systems are secure by design — proactively identifying and addressing vulnerabilities before they become risks.
This is a hands‑on, technical role with a strong focus on collaboration, enablement, and continuous improvement of security tooling and practices. You’ll help shape the organisation’s secure development culture and strengthen its overall security posture.
Key Responsibilities
Secure Development Support
* Collaborate with software engineers to interpret and remediate security vulnerability from Static Application Security Testing (SAST) and Software Composition Analysis (SCA) findings.
* Provide secure coding guidance and support threat modelling activities.
* Promote secure development practices and help integrate security into CI/CD pipelines.
* Partner with DevOps teams to secure cloud‑native infrastructure and Infrastructure as Code (IaC).
* Support the implementation of security controls in cloud environments (e.g., AWS).
* Work closely with Architecture teams to contribute to the design and review of secure deployment architectures.
Vulnerability & Threat Management
* Operate and maintain vulnerability management tooling.
* Monitor, triage, and track remediation of vulnerabilities across applications and infrastructure.
* Provide reporting and metrics to support risk‑based decision‑making.
Security Testing & Assurance
* Coordinate penetration testing engagements with third‑party providers.
* Track findings and work with teams to ensure timely remediation.
* Support internal security assessments and red team exercises.
* Work closely with other security teams and departments to ensure a cohesive approach to cybersecurity.
* Provide guidance and support to other teams on security‑related matters.
* Participate in cross‑functional projects to enhance the company’s security posture.
* Communicate findings and recommendations to stakeholders in a clear and concise manner.
Qualifications & Skills (Examples)
* Proven experience in application or cloud security engineering roles.
* Relevant certifications such as OSCP or similar.
Technical Skills
* Strong understanding of secure software development practices.
* Hands on experience of SAST/SCA/Vulnerability Management tools.
* Strong understanding and familiarity of Cloud platforms.
Analytical Skills
Excellent analytical skills with the ability to identify and address complex security issues.
Communication
Strong communication skills to effectively convey findings and recommendations to stakeholders.
Problem‑Solving
Ability to think critically and solve complex security problems.
This role is urgent in nature so please email your CV to mitesh.fatnani@change-digital.co.uk or call 077 375 38 248 for more information.
Seniority level
Mid‑Senior level
Employment type
Full-time
Job function
Finance, Legal, and Information Technology
Industries
Security and Investigations, Financial Services, and Banking
#J-18808-Ljbffr