×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security Systems Engineer Security Manager

Developer-First Cyber Security Engineer Secure Apps

Job in Greater London, London, Greater London, W1B, England, UK
Listing for: The Financial Times
Full Time position
Listed on 2026-06-09
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security, Systems Engineer, Security Manager
Salary/Wage Range or Industry Benchmark: 100000 - 125000 GBP Yearly GBP 100000.00 125000.00 YEAR
Job Description & How to Apply Below
Position: Developer-First Cyber Security Engineer for Secure Apps
Location: Greater London

Requirements

  • You do not need to be a deep AWS or cloud security specialist, but some exposure to AWS, cloud security or infrastructure-as-code security would be useful
    • ,
  • We’re looking for someone with practical App Sec experience who wants to grow their impact - someone who enjoys working with engineers, improving tooling and helping security become part of normal delivery rather than a last-minute checkpoint
    • ,
  • Application security experience: practical experience identifying, explaining and helping remediate application security risks in modern engineering environments
    • ,
  • Developer-friendly security mindset: you enjoy working with engineers, explaining risks clearly and helping teams adopt secure practices without unnecessary friction
    • ,
  • Vulnerability management experience: experience triaging and tracking application vulnerabilities from sources such as SAST, dependency scanning, secret scanning, penetration tests, bug bounty reports or third-party advisories
    • ,
  • CI/CD and code security awareness: familiarity with security tooling in development workflows, such as SAST, software composition analysis, secret scanning or repository security controls
    • ,
  • Threat modelling awareness: experience participating in, supporting or facilitating lightweight threat-modelling sessions for applications, services or new features
    • ,
  • Automation mindset: ability to write scripts or small tools, ideally in Python, to reduce manual effort, improve visibility or make security workflows easier
    • ,
  • Cloud security awareness:
    Some exposure to AWS, cloud security or infrastructure-as-code security would be useful, but is not essential
    • ,
  • Growth mindset: willingness to keep developing across application security, cloud security, secure development and modern engineering practices
    • ,
  • Practical experience in application security
    • ,
  • Experience working with software engineers to explain and remediate security issues
    • ,
  • Familiarity with common web application security risks and secure coding practices
    • ,
  • Experience with vulnerability triage, prioritisation and remediation tracking
    • ,
  • Experience using or interpreting findings from tools such as SAST, software composition analysis, secret scanning or similar
    • ,
  • Experience participating in or supporting threat-modelling activities
    • ,
  • Ability to write scripts or small tools, ideally in Python, to automate tasks or improve visibility
    • ,
  • Strong communication and collaboration skills
    • ,
  • Familiarity with Agile or Scrum ways of working
    • ,
  • (Desirable) Exposure to AWS security, cloud security or infrastructure-as-code security
    • ,
  • (Desirable) Experience with Terraform or Cloud Formation
    • ,
  • (Desirable) Experience with container or Kubernetes security
    • ,
  • (Desirable) Experience with bug bounty, penetration testing or security testing programmes
    • ,
  • (Desirable) Experience with Splunk or similar logging/SIEM platforms
    • ,
  • (Desirable) Exposure to AI security, such as LLM-enabled applications, AI-assisted development workflows or prompt/data leakage risks
    • ,
  • (Desirable) Experience building dashboards, metrics or reports to support vulnerability management
    • ,
  • (Desirable) Relevant security certifications or training, such as AWS security training, secure coding training, GIAC, ISC2, CREST or equivalent practical experience
What the job involves
  • We’re looking for a Cyber Security Engineer to help improve application security across the FT’s cloud-native technology estate. This is a hands-on role focused on making secure engineering easier for product, platform and software engineering teams
    • ,
  • Application security experience is essential for this role. You’ll help improve developer-friendly security guardrails across Git Hub-based CI/CD pipelines, application repositories and engineering workflows
    • ,
  • This includes working with SAST, software composition analysis, secret scanning, vulnerability management and secure coding guidance so that security findings are clear, actionable and owned by the right teams
    • ,
  • You’ll work closely with engineers to support practical threat modelling, triage application vulnerabilities, improve security playbooks and help teams remediate issues in a pragmatic way
#J-18808-Ljbffr
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search