Application Security Engineer
Role details
Job location
Tech stack
Job description
As an Application Security Engineer at HL, you will play a key role in strengthening the security of our products and services. Partnering with Engineering and other security functions, you'll embed and enhance security across the SDLC. You will help shape our security tooling strategy, drive automation to scale assurance across the business, and create reusable components and support integrations that help reduce friction for engineering teams.
This role is an opportunity to enable HL to build secure products at pace by embedding scalable, automated security controls into our SDLC whilst supporting a culture of Secure by Design.
What you'll be doing
- Design, build and maintain automated security checks and guardrails (including policy as code where appropriate) embedded into developer workflows.
- Develop automation and API-based integrations to connect security tooling with CI/CD and Source Code Management platforms, and internal systems.
- Implement and operationalise selected security tooling across engineering platforms, ensuring low friction adoption across teams.
- Embed secure development practices and security testing into delivery pipelines, shared templates and engineering standards, supporting Shift Left and Secure by Design principles.
- Maintain, optimise and measure the effectiveness of security tools, producing dashboards and providing metrics to demonstrate impact.
- Evaluate new security tools, assessing integration, scalability and developer experience.
- Support the Application Security Lead in defining the strategy, tools and technologies.
- Build strong partnerships with Engineering teams and the CISO function to streamline and improve security processes.
- Supporting the Security Champions program at HL through developer enablement and training.
- Prioritise work effectively, meet agreed deadlines and provide clear progress updates.
Requirements
Do you have experience in Software development?, * Strong experience integrating security tooling into CI/CD pipelines and engineering platforms.
- Ability to develop automation and API-based integrations using at least one programming or scripting language (e.g. Python, JavaScript).
- Broad knowledge of software development languages, frameworks, source code build/deploy tools (e.g. Github, Gitlab CI/CD, Harness, Jenkins).
- Experience with common application security tooling (SAST, DAST, SCA) and vulnerability aggregation or ASPM Platforms to consolidate and prioritise findings across multiple sources.
- Hands-on experience of cloud platforms (AWS, Azure), including deploying containerised workloads (e.g. Docker) or lightweight services (e.g., Lambda, ECS) to support security automation and integrations.
- Practical understanding of vulnerability scoring frameworks such as CVSS and EPSS.
- Strong understanding of common security vulnerabilities, with the ability to keep pace with emerging threats.
- Ability to communicate security risk and support engineering teams in understanding and remediating vulnerabilities.
- Experience working in Agile environments, with strong organisational skills and attention to detail.
- Experience improving workflows and processes based on feedback.
- Awareness of and/or experience with developer-focused Security Champion programs.
Benefits & conditions
We are based in Bristol, BS1 5HL. This role is permanent, full time, 37.5 hours per week, Monday to Friday. We have returned to the office, however for this role we offer a flexible working pattern to enable you the option of working from home and coming into the office around once a month., * Discretionary annual bonus* and annual pay review
- 25 days* holiday plus bank holidays and 1-day additional Christmas closure
- Option to purchase an additional 5 days holiday**
- Flexible working options available, including hybrid working
- Enhanced parental leave
- Pension scheme up to 11% employer contribution
- Income Protection and Life insurance (4 x salary core level of cover)
- Private medical insurance*
- Health care cash plans - including optical, dental, and outpatient care
- Health screening programme
- Help@hand - confidential support including mental health counselling and remote GP
- Wellhub - unlimited access to fitness providers and wellness coach sessions
- Variety of travel to work schemes with bike storage and shower facilities
- Inhouse barista and deli serving subsidised coffee and sandwiches
- Two paid volunteering days per year
- dependant on role level
** only available to select during our annual benefits window, in November each year
