CrawlJobs Logo

Application Security Engineering Lead

barclays.co.uk Logo

barclays

Location Icon

Location:
United Kingdom , Glasgow

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Join us at Barclays as an Application Security Engineering Lead, where you'll design and deliver tools that help developers build secure software from the start. Your work will enhance security across the bank, protecting critical systems and sensitive information. To develop, implement and maintain solutions that support the safeguarding of the banks systems and sensitive information.

Job Responsibility:

  • Provision of subject matter expertise on security systems and engineering patterns
  • Development and implementation of protocols, algorithms, and software applications to protect sensitive data and systems
  • Management and protection of secrets, ensuring that they are securely generated, stored, and used
  • Execution of audits to monitor, identify and assess vulnerabilities in the banks infrastructure/software and support the response to potential security breaches
  • Identification of advancements in to support the innovation and adoption of new cryptographic technologies and techniques
  • Collaboration across the bank, including developers and security teams, to ensure that cryptographic solutions align with business objectives, security policies and regulatory requirements
  • Development/ Implementation and maintenance of Identity and Access Management solutions and systems

Requirements:

  • Experience with the software security landscape: CVEs, CWEs, common software vulnerability types
  • Experience with SAST, SCA, and DAST, including the strengths and weaknesses of each
  • At least one programming language (e.g. Java, Go)
  • At least one major cloud provider (e.g. AWS, GCP, Azure)
  • Experience with REST API design
  • Experience with HTTP Authentication
  • Experience with Linux at the terminal, including scripting and automation (e.g. shell, Python)

Nice to have:

  • Experience with CI/CD
  • Experience with GraphQL
  • Familiarity with authentication systems (e.g. OAUTH)
What we offer:
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution

Additional Information:

Job Posted:
December 23, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
barclays - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Application Security Engineering Lead

New

Senior Application Security Engineer II

As a Senior Application Security Engineer, you will drive security initiatives t...
Location
Location
United States , Seattle
Salary
Salary:
152850.00 - 244560.00 USD / Year
axon.com Logo
Axon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proficiency in programming languages like Python, Java, Go, or C#
  • Strong experience with modern development workflows, including CI/CD pipelines and Git-based version control
  • In-depth understanding of vulnerabilities and secure coding practices
  • Hands-on experience with security tools like Snyk, Semgrep, or similar
  • Ability to simplify and communicate technical security concepts to diverse audiences
  • Demonstrated success in partnering with developers to integrate security without disrupting velocity
  • Experience performing secure code reviews and interpreting SAST/DAST results
  • Familiarity with cloud platforms (AWS, Azure, GCP) and containerization (Docker, Kubernetes)
Job Responsibility
Job Responsibility
  • Integrate Security into Development
  • Build and maintain security automation tools to seamlessly embed security checks into CI/CD pipelines
  • Partner with engineering teams to design secure-by-default architectures and workflows
  • Enable Developer Success
  • Act as a trusted advisor and partner for development teams, providing actionable guidance to address security
  • Deliver training and mentorship on secure coding practices, empowering teams to proactively prevent vulnerabilities
  • Proactively Identify Risks
  • Deploy and operationalize static (SAST), dynamic (DAST), and dependency (SCA) scanning tools
  • Lead vulnerability management efforts, ensuring critical vulnerabilities are identified, prioritized, and remediated
  • Advocate for a "security debt" reduction mindset to maintain long-term product integrity
What we offer
What we offer
  • Competitive salary and 401k with employer match
  • Discretionary paid time off
  • Paid parental leave for all
  • Medical, Dental, Vision plans
  • Fitness Programs
  • Emotional & Mental Wellness support
  • Learning & Development programs
  • Snacks in our offices
  • Fulltime
Read More
Arrow Right
New

Senior Application Security Engineer

As an Application Security - Senior Product Security Engineer, you will play a c...
Location
Location
United States
Salary
Salary:
157000.00 - 216000.00 USD / Year
alpha-sense.com Logo
AlphaSense
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Application or Product Security, preferably in a SaaS or cloud-native environment
  • Strong understanding of web app and API security, microservices, and containerized architectures
  • Experience integrating security tooling into modern CI/CD workflows
  • Proficiency with SAST, DAST, IaC scanning, and container security platforms
  • Skilled in secure coding and code review for at least one major language (Python, Java, Go, JavaScript)
  • Familiarity with AWS security, Kubernetes security, and DevSecOps best practices
Job Responsibility
Job Responsibility
  • Lead application security initiatives across all SaaS products and microservices
  • Conduct threat modeling, architecture reviews, and secure code assessments for both backend and frontend systems
  • Implement and manage security automation in CI/CD, integrating SAST, DAST, SCA, and container image scanning tools
  • Collaborate with engineering teams to triage, prioritize, and remediate vulnerabilities across applications and containerized workloads
  • Drive AppSec awareness and training, developing secure coding practices and guidelines
  • Evaluate and deploy container security controls, ensuring images and orchestrators (Kubernetes, ECS, etc.) follow best practices
  • Support bug bounty and vulnerability disclosure programs and coordinate penetration testing
  • Stay ahead of emerging application and container threats, and recommend preventive controls aligned with OWASP and CIS benchmarks
What we offer
What we offer
  • Competitive compensation, benefits, and career growth opportunities
  • Opportunity to shape and drive product security strategy
  • Collaborative and security-minded engineering culture
  • Work on cutting-edge security challenges in a fast-growing company
  • Performance-based bonus
  • Equity
  • Generous benefits program
  • Fulltime
Read More
Arrow Right

Application Security Engineer

Location
Location
Salary
Salary:
Not provided
ryzlabs.com Logo
Ryz Labs
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 3-5 years of experience in secure software development, Security Architecture, threat modeling, or related roles
  • Relevant Professional certifications such as CISSP, OSCP, GWEB, CREST-CWAT or similar are highly desirable
Job Responsibility
Job Responsibility
  • Work as an internal security consultant to help product & engineering teams understand the security risk and advise them on best practices
  • Design and implement secure architecture solutions for applications and systems
  • Conduct threat modeling exercises to identify and mitigate potential security threats
  • Document and communicate threat modeling findings and recommendations
  • Perform periodic Security Assessments and code reviews to ensure compliance with SSDLC practices
  • Perform proactive research to detect new attack vectors and pentest internal and external apps
  • Implement security controls and best practices within CI/CD pipelines. Automate the security testing tools and processes within the CD/CI pipeline
  • Develop security tools and security metrics
  • Manage and Oversee vulnerability disclosure program by coordinating with external researchers to validate and triage reported vulnerabilities
  • Develop and maintain security standards and guidelines for application development
Read More
Arrow Right

Senior Frontend Engineer (Application Security)

At Easygo, our DevSecOps team is at the heart of our engineering, security and o...
Location
Location
Australia , Melbourne
Salary
Salary:
Not provided
easygo.io Logo
Easygo Gaming
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's/Master's degree in Computer Science or equivalent practical experience
  • 7+ years of hands-on experience in software engineering, with a primary focus on security engineering
  • Strong understanding of code architecture and design principles
  • Excellent problem-solving skills and the ability to thrive in a fast-paced, dynamic environment
  • Strong communication skills for effective collaboration with teams and stakeholders
  • Analytical mindset to address complex technical challenges and devise innovative solutions
  • Positive attitude and eagerness to learn new technologies to grow as a security engineer
Job Responsibility
Job Responsibility
  • Lead by example, and drive the adoption of secure software development lifecycle (SSDLC) practices. This includes performing threat modelling, providing secure coding guidance to development teams, and embedding security requirements early in the design phase
  • Own, improve, execute and manage various security tests, including SAST, DAST, and SCA, to identify vulnerabilities. Analyse test results and prioritise findings. Fix what you find, and work with developers to ensure timely remediation
  • Implement and maintain automated security controls within the CI/CD pipeline. This involves integrating security tools to enable continuous security testing and monitoring, making security an integral part of the DevSecOps process
  • Deploy and configure Web Application Firewalls (WAFs) and Runtime Application Self-Protection (RASP) solutions to protect from real-time attacks. Respond to urgent application security incidents as needed
  • Take ownership of the platform vulnerability management program. This involves tracking, prioritising, and remediation of security flaws found in applications, ensuring all vulnerabilities are addressed and verified
  • Actively engage in hands-on coding, testing, debugging, and troubleshooting to ensure code quality, scalability, and maintainability
  • Write efficient, scalable, and maintainable code, adhering to coding standards and best practices
  • Innovate within the team by pushing for improvements and driving constructive changes to enhance team performance and efficiency
  • Analyse complex problems and provide effective solutions, contributing to team goals and initiatives
  • Lead and independently complete medium-sized projects or initiatives from start to finish
What we offer
What we offer
  • Access to over 9,000 courses across our Learning and Development Platform
  • EAP access for you and your family
  • Be rewarded with lucrative annual bonuses
  • Give back with a paid volunteer day
  • Fuel your day with daily breakfast and open pantries brimming with unlimited snacks and refreshments, all on the house
  • Break up the week with on site remedial massage Wednesdays
  • In house full-time barista’s providing you your daily coffee needs
  • Weekly team lunches and happy hour in the office from 4pm on Fridays
  • Enjoy a bustling office with the option for up to 2 days work from home per week
  • Fun office environment with pool tables, table tennis and all your favourite gaming consoles
  • Fulltime
Read More
Arrow Right

Application Security Lead

Under minimal supervision, the Senior Application Security Engineer plays a crit...
Location
Location
United States , Scottsdale
Salary
Salary:
Not provided
discounttire.com Logo
Discount Tire
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5 years’ experience in Information Security with a focus on Application Security or DevSecOps
  • Hands-on experience administering and integrating security tools such as Fortify, Trivy, and Wiz
  • Strong understanding of application security principles, common vulnerabilities (OWASP Top 10, SANS CWE), and secure configuration practices
  • Experience automating security scans and controls within CI/CD pipelines (e.g., Bitbucket Pipelines, GitHub Actions, Jenkins, GitLab CI)
  • Working knowledge of cloud platforms (AWS, Azure) and containerized environments (Docker, Kubernetes)
  • Experience with vulnerability management, prioritization, and risk-based remediation workflows
  • Excellent communication and collaboration skills with the ability to influence technical and non-technical stakeholders
  • Demonstrated ability to operate independently in a greenfield or rapidly maturing environment
  • Strong analytical and problem-solving skills, with a focus on measurable risk reduction and program maturity
  • Bachelor's degree in Computer Science, Information Security, or a related field or equivalent experience is required
Job Responsibility
Job Responsibility
  • Lead the establishment, implementation, and continuous improvement of the enterprise Application Security program
  • Manage and administer application security platforms including Fortify, Trivy, and Wiz
  • Develop and maintain processes for application vulnerability scanning, triage, and remediation tracking
  • Partner with DevOps and Engineering teams to integrate application security controls and tooling into CI/CD pipelines
  • Define standards and best practices for secure development, container hardening, and software composition analysis (SCA)
  • Collaborate with Cloud Security and Infrastructure teams to ensure consistent coverage across workloads and environments
  • Prioritize and manage application vulnerability findings, working with product owners and development teams to validate and resolve issues
  • Build and maintain key performance indicators (KPIs) and metrics to measure program effectiveness and risk reduction
  • Coordinate and participate in security incident investigations involving application vulnerabilities or exploits
  • Serve as a subject matter expert and advocate for secure development practices across the enterprise
  • Fulltime
Read More
Arrow Right

Staff Application Security Engineer

As a Staff Application Security Engineer at Culture Amp, you will play a pivotal...
Location
Location
Australia , Melbourne; Sydney
Salary
Salary:
Not provided
cultureamp.com Logo
Culture Amp
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in application security engineering, with a proven track record of leading security initiatives in SaaS or cloud-native environments
  • Deep technical expertise in secure software development, secure coding practices, and common security frameworks (e.g., OWASP Top 10, NIST, PCI, SOC 2)
  • Proficiency in multiple programming languages (e.g., Ruby, Python, JavaScript, Go) and experience with modern web application architectures and cloud platforms (e.g. AWS)
  • Strong knowledge of security automation, CI/CD integration, and DevSecOps practices
  • Experience designing and implementing security tools, frameworks, and processes that scale with developer velocity
  • Demonstrated ability to lead and influence cross-functional teams, drive change, and deliver results in ambiguous or complex environments
  • Excellent communication skills, with the ability to explain complex security concepts to technical and non-technical audiences
  • Experience mentoring and developing engineers, and a passion for building a culture of security and continuous improvement
  • Familiarity with security-related compliance requirements and standards relevant to SaaS businesses
Job Responsibility
Job Responsibility
  • Lead and drive the most complex and high-impact application security reviews, threat modeling, and risk assessments across our product portfolio, providing expert guidance and direction for other team members
  • Collaborate with engineering, product, and platform teams to embed security into the SDLC, including secure design, code review, and automated security testing (DevSecOps)
  • Develop and scale security automation, tools, and centralized libraries that enable developers to build secure applications efficiently and at scale
  • Proactively identify, assess, and address security risks and vulnerabilities in our SaaS environment, including cloud-native and microservices architectures
  • Own and evolve our vulnerability management programs, ensuring timely triage, remediation, and communication of security issues
  • Mentor and support engineers across the organization, fostering a culture of security awareness, knowledge sharing, and continuous learning
  • Influence and drive cross-functional security initiatives, partnering with compliance, privacy, and infrastructure teams to meet regulatory and customer requirements (e.g., SOC 2, ISO 27001, OWASP)
  • Stay current with the latest security threats, technologies, and best practices, and advocate for their adoption within Culture Amp
  • Represent Culture Amp’s security expertise internally and externally, including supporting customer security reviews and contributing to the broader security community
What we offer
What we offer
  • Employee Share Options Program
  • Programs, coaching, and budgets to help you thrive personally and professionally
  • Access to external providers for mental wellbeing and coaching support
  • Monthly Camper Life Allowance
  • Team budgets dedicated to team building activities and connection
  • Intentional quarterly wellbeing pauses
  • Extended year-end breaks
  • Excellent parental leave and in work support program available from day 1
  • 5 Social Impact Days a year
  • MacBooks for you to do your best & a work from home office budget
Read More
Arrow Right

Staff Application Security Engineer

As a Staff Application Security Engineer at Culture Amp, you will play a pivotal...
Location
Location
Australia , Sydney
Salary
Salary:
Not provided
cultureamp.com Logo
Culture Amp
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in application security engineering, with a proven track record of leading security initiatives in SaaS or cloud-native environments
  • Deep technical expertise in secure software development, secure coding practices, and common security frameworks (e.g., OWASP Top 10, NIST, PCI, SOC 2)
  • Proficiency in multiple programming languages (e.g., Ruby, Python, JavaScript, Go) and experience with modern web application architectures and cloud platforms (e.g. AWS)
  • Strong knowledge of security automation, CI/CD integration, and DevSecOps practices
  • Experience designing and implementing security tools, frameworks, and processes that scale with developer velocity
  • Demonstrated ability to lead and influence cross-functional teams, drive change, and deliver results in ambiguous or complex environments
  • Excellent communication skills, with the ability to explain complex security concepts to technical and non-technical audiences
  • Experience mentoring and developing engineers, and a passion for building a culture of security and continuous improvement
  • Familiarity with security-related compliance requirements and standards relevant to SaaS businesses
Job Responsibility
Job Responsibility
  • Lead and drive the most complex and high-impact application security reviews, threat modeling, and risk assessments across our product portfolio, providing expert guidance and direction for other team members
  • Collaborate with engineering, product, and platform teams to embed security into the SDLC, including secure design, code review, and automated security testing (DevSecOps)
  • Develop and scale security automation, tools, and centralized libraries that enable developers to build secure applications efficiently and at scale
  • Proactively identify, assess, and address security risks and vulnerabilities in our SaaS environment, including cloud-native and microservices architectures
  • Own and evolve our vulnerability management programs, ensuring timely triage, remediation, and communication of security issues
  • Mentor and support engineers across the organization, fostering a culture of security awareness, knowledge sharing, and continuous learning
  • Influence and drive cross-functional security initiatives, partnering with compliance, privacy, and infrastructure teams to meet regulatory and customer requirements (e.g., SOC 2, ISO 27001, OWASP)
  • Stay current with the latest security threats, technologies, and best practices, and advocate for their adoption within Culture Amp
  • Represent Culture Amp’s security expertise internally and externally, including supporting customer security reviews and contributing to the broader security community
What we offer
What we offer
  • Employee Share Options Program
  • Programs, coaching, and budgets to help you thrive personally and professionally
  • Access to external providers for mental wellbeing and coaching support
  • Monthly Camper Life Allowance
  • Team budgets dedicated to team building activities and connection
  • Intentional quarterly wellbeing pauses
  • Extended year-end breaks
  • Excellent parental leave and in work support program available from day 1
  • 5 Social Impact Days a year
  • MacBooks for you to do your best & a work from home office budget
  • Fulltime
Read More
Arrow Right

Security Engineering Lead

Citi's Application, Platform and Engineering team is looking for a Security Engi...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bring your deep-dive application security engineering expertise from building production systems
  • thrive in a results-driven environment, where flexibility fuels impact
  • be a game-changer, ready to step beyond your designated role
  • love the synergy of pair programming
  • seize the opportunity to secure AI applications at scale
  • have a relentless passion to learn more about AI security, LLM attacks, and bringing your knowledge to shape Citi's secure AI future
  • proven track record of architecting and building secure, large-scale production applications and business-facing platforms from the ground up
  • hands-on experience finding and exploiting vulnerabilities, conducting red team exercises, and thinking like an attacker to strengthen defenses
  • experience building security tools and secure production systems with Go, Python, JavaScript
  • deep experience with HashiCorp Vault for enterprise-scale secrets management
Job Responsibility
Job Responsibility
  • Build secure AI products
  • conduct penetration testing and vulnerability research
  • design automated security solutions
  • identify and mitigate AI-specific vulnerabilities
  • lead security practices in development lifecycles
  • mentor engineers on secure coding practices.
What we offer
What we offer
  • 27 days annual leave plus bank holidays
  • discretional annual performance-related bonus
  • private medical care and life insurance
  • employee assistance program
  • pension plan
  • paid parental leave
  • special discounts for employees, family, and friends
  • Fulltime
Read More
Arrow Right
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Poland Jobs Ireland Jobs Germany Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy