Please mention DailyRemote when applying
AI Summary
Lead the application security strategy by embedding secure-by-design principles and automated controls into the development lifecycle. Partner with engineering teams to conduct threat modelling, manage security tooling, and oversee penetration testing and bug bounty programs.
Senior AppSec Engineer
Department: Consultancy
Employment Type: Full Time
Location: Remote
Description
The Role
Are you passionate about building security into software from the ground up? We’re looking for a Senior Application Security Engineer to take charge of strengthening and evolving security across our Loyalty division.
In this role, you won’t just identify risks you’ll lead the charge in transforming how secure software is built, working side-by-side with engineering and product teams to make security an intrinsic part of everything we deliver.
What you’ll be doing
What you’ll be doing
- Own and drive application security strategy, influencing key security metrics and outcomes
- Embed secure-by-design principles into every stage of the development lifecycle
- Partner with engineers and product teams to elevate security awareness and capability
- Introduce and optimise automated security controls within CI/CD pipelines
- Lead threat modelling and secure design discussions, shaping decisions around critical areas like authentication and data protection
- Ensure security tooling (SAST, DAST, SCA) is effective, scalable, and delivering real value
- Oversee and enhance testing initiatives including penetration testing, scanning, and bug bounty programmes
- Act as a trusted advisor to engineering teams triaging issues and guiding practical remediation
- Contribute to security standards, documentation, and audit readiness
- Champion a strong, proactive security culture across the organisation
Knowledge Skills & Abilities
- A background in software engineering with a security-first mindset
- Strong knowledge of modern web and API vulnerabilities (OWASP Top 10 and beyond)
- Hands-on experience with automation, scripting, and integrating security into CI/CD workflows
- Familiarity with security tooling such as SAST, DAST, and SCA
- Experience working in cloud-native environments (AWS), microservices, and containerised systems
- Confidence in reviewing architecture, leading threat modelling, and influencing secure design decisions
- Excellent communication skills, ablility to engage, educate, and inspire engineering teams
Behaviours
- An open and genuine communicator
- Able to take responsibility for your actions
- Always learning and wanting to improve
- Takes responsibility for own development
- Love what you do
- Value and support your team
- Embrace who you are
- Open minded and willing to explore new ideas
What We Offer
We value our team and to attract exceptional people, we offer an excellent package! In 2023, 2024 and 2025 we were recognised as one of the Best Workplaces in Tech by Great Place To Work UK, the global authority on workplace culture.
As a Leighton employee you can look forward to:
- A competitive salary this will be dependent on experience.
- A contributory pension scheme
- Private healthcare
- 25 days annual leave, plus bank holidays and the opportunity to buy or sell holiday
- A flexible approach to working hours
- Continuous personal development, career path and training
- And more....
Automatically Apply to the Best Remote Jobs
Stop the endless job search. Our AI finds and applies to the best jobs for you.
