{ “@context”: “http://schema.org”, “@type”: “JobPosting”, “title”: “Application Security Engineer”, “description”: “
Requirements
- Pragmatism: You understand the difference between partnering with Engineering and security being a blocker of progress
- Communication: You can translate a complex vulnerability into a business risk for a Product Manager and a technical fix for an Engineer
- AppSec Subject Matter Expertise: You have a strong understanding of critical security risks in applications, are able to identify them in code, and provide recommendations of how to remediate
- Cloud Native: Strong experience securing AWS/GCP environments and containerised workloads
- AI ready: You understand the unique risks of AI and have experience securing AI-driven workflows
What the job involves
- As our Cyber Security Engineer, you will be the bridge between Security and Engineering. You aren't here to block deployments; you’re here to ensure our code is resilient by design. You will empower our developers to ship fast without breaking the trust of our customers or regulators
- Secure the Pipeline: Integrate and automate SAST, DAST, and SCA tooling directly into our CI/CD pipelines to catch vulnerabilities before they reach production
- Harden the Product: Act as a Subject Matter Expert (SME) assisting engineers with the remediation of security vulnerabilities and bugs
- Safeguard AI: Design and implement security guardrails for AI-assisted development and LLM integrations, ensuring data privacy and preventing prompt injection or model leakage
- Threat Modelling: Partner with Product and Engineering teams to conduct threat modelling sessions for new features before they are built
- Security Architecture: Act as a consultant for infrastructure and application design, ensuring our AWS/GCP Kubernetes environments remain hardened
- Security Culture: Cultivate a Secure Development guild to level up our developers' secure coding skills
Tech Stack
- Backend
- Kotlin 1.7.20
- AWS
- GraphQL (it would be nice if you were familiar with this but it’s not a deal breaker)
- Postgres
- RabbitMQ
- Docker
- Kubernetes
- Frontend
- React & React Native, TypeScript, MobX, Redux, Stylus and SASS
- Other
- We build our Kotlin projects using Gradle and GitHub Actions, deploying to production as soon as we finish a feature
- We use JUnit Jupiter, Kotest and TestContainers for automated testing
Company: Deepstreamtech
Location: London
Job Description:
Requirements
- Pragmatism: You understand the difference between partnering with Engineering and security being a blocker of progress
- Communication: You can translate a complex vulnerability into a business risk for a Product Manager and a technical fix for an Engineer
- AppSec Subject Matter Expertise: You have a strong understanding of critical security risks in applications, are able to identify them in code, and provide recommendations of how to remediate
- Cloud Native: Strong experience securing AWS/GCP environments and containerised workloads
- AI ready: You understand the unique risks of AI and have experience securing AI-driven workflows
What the job involves
- As our Cyber Security Engineer, you will be the bridge between Security and Engineering. You aren’t here to block deployments; you’re here to ensure our code is resilient by design. You will empower our developers to ship fast without breaking the trust of our customers or regulators
- Secure the Pipeline: Integrate and automate SAST, DAST, and SCA tooling directly into our CI/CD pipelines to catch vulnerabilities before they reach production
- Harden the Product: Act as a Subject Matter Expert (SME) assisting engineers with the remediation of security vulnerabilities and bugs
- Safeguard AI: Design and implement security guardrails for AI-assisted development and LLM integrations, ensuring data privacy and preventing prompt injection or model leakage
- Threat Modelling: Partner with Product and Engineering teams to conduct threat modelling sessions for new features before they are built
- Security Architecture: Act as a consultant for infrastructure and application design, ensuring our AWS/GCP Kubernetes environments remain hardened
- Security Culture: Cultivate a Secure Development guild to level up our developers’ secure coding skills
Tech Stack
- Backend
- Kotlin 1.7.20
- AWS
- GraphQL (it would be nice if you were familiar with this but it’s not a deal breaker)
- Postgres
- RabbitMQ
- Docker
- Kubernetes
- Frontend
- React & React Native, TypeScript, MobX, Redux, Stylus and SASS
- Other
- We build our Kotlin projects using Gradle and GitHub Actions, deploying to production as soon as we finish a feature
- We use JUnit Jupiter, Kotest and TestContainers for automated testing
#J-18808-Ljbffr…
Posted: May 20th, 2026