Senior Application Security Engineer – DevSecOps & Cloud Security

Company: Jobit
Apply for the Senior Application Security Engineer – DevSecOps & Cloud Security
Location: London
Job Description:

An opportunity has arisen for a Senior Application Security Engineer to join a well-established health research organisation and charity that supports large-scale medical research to improve disease prevention, diagnosis and treatment.

As a Senior Application Security Engineer, you will play a key part in integrating security throughout the software development lifecycle, working alongside engineering and cloud teams to build, improve and maintain secure applications, platforms and deployment processes.

This is not a traditional vulnerability management role, it is a hands‑on Application Security role centred on secure design, CI/CD security, cloud‑native technologies, Kubernetes, API security, code analysis, security‑as‑code and supporting development teams to build secure applications.

This is a full-time permanent role, working on a hybrid basis with a Central London office location, offering a salary from £70,000 per annum and an excellent benefits package.

Visa sponsorship is not available.

You will be responsible for

  • Working closely with engineering and architecture teams to promote secure development from the earliest stages of delivery.
  • Implementing and maintaining application security testing solutions, enabling developers to identify and remediate security risks.
  • Enhancing secure development processes by integrating security controls throughout CI/CD pipelines.
  • Strengthening the security of GitHub Actions and comparable continuous integration and deployment platforms.
  • Providing technical guidance on secure API design and protecting externally accessible systems.
  • Supporting the security of Azure cloud infrastructure, including Azure Kubernetes Service (AKS).
  • Assisting with the protection of cloud-hosted data platforms and associated technologies.
  • Developing and maintaining security-as-code and policy-as-code using appropriate tooling.
  • Automating security processes through infrastructure-as-code and scripting techno

#J-18808-Ljbffr…

Posted: July 4th, 2026