Application Security Engineer

TL;DR

Application Security Engineer: Designing, building, and maintaining automated security controls and guardrails across the SDLC with an accent on developer-friendly integrations and tooling. Focus on embedding security-as-code into CI/CD pipelines, evaluating security technologies, and fostering a Secure-by-Design culture across engineering teams.

Location: Must be based in or able to commute to Bristol, UK (flexible/hybrid working pattern with approximately once-a-month office attendance).

Company

hirify.global is the UK's leading investment platform, dedicated to helping private investors save time, tax, and money on their investments.

What you will do

• Design and maintain automated security checks embedded directly into developer workflows.
• Develop API-based integrations to connect security tooling with CI/CD and source code management platforms.
• Implement security tools across engineering platforms to ensure low-friction adoption.
• Embed secure development practices and testing into delivery pipelines and shared templates.
• Measure tool effectiveness through dashboards and metrics to demonstrate security impact.
• Partner with engineering and CISO teams to streamline processes and support the Security Champions program.

Requirements

• Must have the legal right to work in the UK (no sponsorship provided).
• Strong experience integrating security tooling into CI/CD pipelines and engineering platforms.
• Proficiency in automation and API-based development using Python or JavaScript.
• Hands-on experience with cloud platforms (AWS/Azure) and containerized workloads.
• Familiarity with SAST, DAST, SCA tools and vulnerability aggregation platforms.
• Ability to communicate security risks effectively to engineering teams and maintain common engineering standards.

Culture & Benefits

• Flexible hybrid working model with occasional office visits.
• Competitive pension scheme with up to 11% employer contribution.
• Private medical insurance and healthcare cash plans.
• Comprehensive health and wellness support, including remote GP and mental health counselling.
• 25 days of holiday plus bank holidays, with the option to purchase additional days.
• Discretionary annual bonus and structured annual pay reviews.

Hiring process

• Introductory conversation.
• Technical competency-based interview and a task.