Senior Security Engineer (Application Security)

TL;DR

Senior Security Engineer (Application Security): Ensuring the security of software applications by working with development teams to implement secure coding practices and guidelines with an accent on secure coding practices, vulnerability identification, and mitigation. Focus on conducting security assessments, performing code reviews to uphold security best practices, and building automated security verification workflows.

Location: Hybrid role requiring at least one day per week in a UK office (Bristol, Glasgow, or London). Unfortunately, we are unable to offer sponsorship for this role.

Salary: £52,800–£76,038

Company

hirify.global is on a mission to solve the climate crisis through its Plan Zero initiative, focusing on building a resilient and performant business through information security strategies.

What you will do

• Ensure the security of software applications by collaborating with development teams.
• Develop and implement secure coding practices and guidelines.
• Conduct security assessments to identify vulnerabilities in existing applications.
• Recommend and implement mitigations for identified vulnerabilities.
• Perform code reviews to ensure new code adheres to security best practices.
• Build and administer automated security verification workflows.

Requirements

• Experience as a Senior Engineer with a growth mindset.
• Passion for developing products that positively impact the mission to deliver Plan Zero.
• Ability to work collaboratively in teams, sharing knowledge and building features.
• Motivation for owning products from inception to continuous improvement.
• Value test automation as a key part of the security engineering role.
• Ability to build scalable, resilient solutions.
• Must be able to work in the UK and commute to one of the hub offices (Bristol, Glasgow, or London) at least once a week.
• Cannot offer sponsorship for this role.

Nice to have

• Experience with Cloud Native Application Protection (CNAPP) and Cloud Security Posture Management (Wiz).
• Familiarity with Application Security Posture Management (Wiz Code).
• Experience with Web Application Firewall (WAF) and related technologies (Cloudflare).
• Knowledge of GCP, AWS, and Azure native security and compliance monitoring.
• Skills in SaaS discovery, event monitoring, and security posture management.
• Experience with Endpoint, Cloud, and Identity Detection and Response.
• Proficiency in Threat Modelling.
• Familiarity with Issue and Project Tracking (Jira).
• Experience with Cyber Asset and Attack Surface Management.
• Knowledge of Infrastructure Vulnerability Scanning.

Culture & Benefits

• 34 days of holiday (including bank holidays).
• Eligible for an on-target bonus of 15% based on collective performance.
• 9% Flex Pay (4% auto-enrolled into pension, 5% for flexible benefits or cash).
• Health benefits: healthcare cash plan or private medical insurance, critical illness cover, life assurance, health assessments.
• Wellbeing benefits: gym membership, travel insurance, workplace ISA, will writing services, dental insurance.
• Lifestyle benefits: extra holiday buying, discount dining, home & tech loans, give-as-you-earn donations.
• Home benefits: up to £400 towards hirify.global Energy plan, discounts on solar, smart thermostats, EV chargers.
• Commute benefits: ultra-low emission car leasing, cycle to work scheme, public transport season ticket loans.
• Access to 8 Belonging Networks.