Application Security Engineer

Company: ION
Apply for the Application Security Engineer
Location: Greater London
Job Description:

This is an amazing opportunity to work with Markets Information Security Team at ION. As a Product Security Engineer, you would be the key enabler of secure and compliant products. This role reports to the Product Security Lead and partners closely with engineering and product teams to increase the overall product security posture. You will own and scale product/application security by embedding security into the Secure SDLC, automating controls in CI/CD, and driving measurable risk reduction. The role is hands‑on: you will perform security-focused code review and targeted testing, strengthen API security, implement supply chain security (SCA/SBOM) practices, and run an efficient vulnerability lifecycle with clear SLAs and metrics.

Key Responsibilities

  • Secure SDLC Ownership: Help to define lightweight, measurable SSDLC (requirements, design checks, guidance, release criteria); establish “paved roads” (reference architectures, secure templates, approved libs/patterns).
  • CI/CD Security Automation (Shift‑left): Own AppSec toolchain/pipelines (SAST, DAST, SCA, secrets, IaC/container); integrate risk‑based gating with clear developer feedback; tune rules, cut false positives, and standardize triage (tickets, auto‑routing, SLAs).
  • Code Review & Secure Engineering Support: Perform security code reviews for critical areas (authn/authz, sessions, crypto, data protection, input validation, business logic); provide remediation guidance, secure patterns, and concise code/design examples.
  • Secure Design Reviews & Threat Modeling: Run pragmatic threat modelling/design reviews for new features and changes; produce actionable outputs (mitigations, backlog, acceptance criteria, test cases); maintain requirements for identity, sensitive data, and privacy‑by‑design.
  • Supply Chain Security (SCA/SBOM): Manage dependency risk (triage, upgrade strategies, deprecations, guardrails); establish SBOM generation/use and provide evidence for assurance; assess third‑party components/SDKs and provenance/attestation risks.
  • Vulnerability Lifecycle, SLAs & Metrics: Run intake/triage across tools, pen tests, VDP/bug bounty, and internal findings; define remediation SLAs by severity/exploitability and asset criticality, manage exceptions and verify fixes; report meaningful metrics (MTTD, MTTF, reopen rate, recurring classes, coverage, control effectiveness).
  • Hands‑on Testing (Targeted & Risk‑Based): Execute focused testing on high‑risk areas (web, APIs, mobile/auth flows) to validate exploitability; coordinate third‑party testing and ensure findings translate into prioritized engineering outcomes.

Required Skills, Qualifications and Experience

  • 6+ years in Product Security / Application Security, with demonstrable engineering-facing delivery.
  • Strong understanding of OWASP (Web + API risks) and modern attack paths (authz flaws, SSRF, injection, deserialization, business logic abuse, supply chain).
  • Hands‑on experience integrating security into CI/CD (SAST/DAST/SCA/secrets), triaging findings, and enabling developer remediation.
  • Comfortable reading/reviewing code in at least one backend language (e.g., Java, C++, Go, Python, Node.js) and common web stacks.
  • Solid grasp of cloud‑native delivery practices: microservices, containers, CI/CD, IaC fundamentals, observability, and logging.
  • Strong communication skills: able to translate risk into clear engineering actions and influence outcomes.

Nice to Have

  • Threat modeling experience (STRIDE or similar) with real production outcomes.
  • Fintech or regulated‑environment experience in translating obligations into product controls (e.g., PCI, GDPR/DORA concepts).
  • Bug bounty/VDP experience (triage, validation, reporter comms process).
  • Certifications: OSWE/OSCP/GPEN/GXPN, cloud certifications, or secure software development certifications.

Ability to

  • Effectively communicate technical issues to diverse audiences, both in writing and verbally.
  • Handle sensitive and confidential matters, situations, and data.
  • Understand and follow broad and complex instructions.
  • Comprehend technical language and to confer, analyse and write in an objective, lucid manner.
  • Work independently and prioritize multiple tasks and adapt to needed changes.
  • Remain calm under high pressure/difficult situations.

Preferred Certifications

  • OSWE/OSCP/GPEN/GXPN, cloud certifications, or secure software development certifications.

ION adheres to an equal employment opportunity policy that prohibits discriminatory practices or harassment against applicants or employees based on any legally impermissible factor.

#J-18808-Ljbffr…

Posted: April 9th, 2026
Popular Searches
Jobs by Sector
Jobs by Location

Admin jobs | Airport jobs | Amazon Driver jobs | Amazon Warehouse Operative jobs | Apprentice Electrician jobs | Apprenticeship jobs | Bricklaying jobs | Business Analyst jobs | Business Development Manager jobs | Care Assistant jobs | Care Home jobs | Caregiver jobs | Civil Service jobs | Class 1 Driver jobs | Cleaner jobs | Cleaning jobs | Council jobs | Cyber Security jobs | Data Analyst jobs | Data Entry jobs | Data Scientist jobs | Delivery Driver jobs | Digital Marketing jobs | Driver jobs | Driving jobs | Electrician jobs | Graphic Designer jobs | Healthcare Assistant jobs | HGV Class 2 Driver jobs | HGV Driver jobs | HGV jobs | HGVClass 1 Driver jobs | Hospital jobs | Housing jobs | Immediate Start jobs | It Consultant jobs | It Support jobs | Jobs for 16 Year Olds | Joiner jobs | Labourer jobs | Management jobs | NHS jobs | Night Shift jobs | Offshore jobs | Online jobs | Paralegal jobs | Personal Assistant jobs | Project Manager jobs | Receptionist jobs | Sales Assistant jobs | Scrum Master jobs | Security Guard jobs | Security jobs | Security Officer jobs | SEO jobs | Support Worker jobs | Teaching Assistant jobs | Van Driver jobs | Warehouse jobs | Warehouse Operative jobs | Web Designer jobs | Weekend jobs | Work From Home jobs

Accountancy jobs | Administration jobs | Advertising jobs | Aerospace jobs | Apprenticeships jobs | Automotive jobs | Banking jobs | Call Centre jobs | Catering jobs | Charity jobs | Construction jobs | Creative jobs | Customer Service jobs | Digital jobs | Education jobs | Engineering jobs | Finance jobs | FMCG jobs | Graduate jobs | Healthcare jobs | Hospitality jobs | HR jobs | Insurance jobs | IT jobs | Legal jobs | Leisure jobs | Logistics jobs | Management Consultancy jobs | Manufacturing jobs | Marketing jobs | Media jobs | Nursing jobs | Oil and Gas jobs | PA jobs | Part time jobs | Pharmaceutical jobs | PR jobs | Property jobs | Public Sector jobs | Recruitment Sales jobs | Renewable Energy jobs | Retail jobs | Sales jobs | Science jobs | Secretarial jobs | Senior Appointments jobs | Social Work jobs | Teaching jobs | Telecoms jobs | Temporary jobs | Tourism jobs | Transport jobs | Travel jobs | Utilities jobs | Wholesale jobs

Jobs in Aberdeen | Jobs in Belfast | Jobs in Birmingham | Jobs in Bolton | Jobs in Bournemouth | Jobs in Bradford | Jobs in Bristol | Jobs in Cambridge | Jobs in Cardiff | Jobs in Cornwall | Jobs in Coventry | Jobs in Derby | Jobs in Devon | Jobs in Doncaster | Jobs in Dundee | Jobs in East Anglia | Jobs in East Midlands | Jobs in Edinburgh | Jobs in Essex | Jobs in Exeter | Jobs in Glasgow | Jobs in Hull | Jobs in Inverness | Jobs in Ipswich | Jobs in Isle Of Wight | Jobs in Kent | Jobs in Leeds | Jobs in Leicester | Jobs in Liverpool | Jobs in London | Jobs in Luton | Jobs in Manchester | Jobs in Middlesbrough | Jobs in Milton Keynes | Jobs in Newcastle Upon Tyne | Jobs in Newport, Gwent | Jobs in North East | Jobs in North West | Jobs in Northampton | Jobs in Northern Ireland | Jobs in Norwich | Jobs in Nottingham | Jobs in Peterborough | Jobs in Plymouth | Jobs in Reading | Jobs in Scotland | Jobs in Sheffield | Jobs in South East | Jobs in South West | Jobs in Southampton | Jobs in Stoke On Trent | Jobs in Sunderland | Jobs in Surrey | Jobs in Swansea | Jobs in Swindon | Jobs in Telford | Jobs in Wales | Jobs in Wolverhampton | Jobs in Wrexham | Jobs in York | Jobs in Yorkshire

Latest Job Pages: