Security Engineer & Application Security

We are seeking an experienced Security Design Engineer to join an existing team on a high‑profile transformation programme. This role is ideal for someone with expertise in application architecture, application security, and network security, particularly in the protection and segmentation of application components.

You will be responsible for security design, ensuring alignment with enterprise strategy, architectural standards, and regulatory obligations. This is a hands‑on role requiring strong technical credibility, exceptional communication skills, and the ability to influence stakeholders across technology and security functions.

• Deliver high‑quality security design documentation aligned to functional/non‑functional requirements and enterprise architecture.
• Produce and maintain high-level designs, architecture patterns, decision records, risk logs, and design deviations.
• Ensure all solutions are architected to provide robust protection of application components, with strong consideration for network segmentation, micro‑segmentation, and secure communication flows.
• Drive secure‑by‑design principles and provide expert consultation to engineering squads and programme teams.
• Publish and present reference architectures and technical solutions to design authorities and senior stakeholders.

• Champion architectural governance across reference architectures, HLDs, patterns, and architectural decisions.
• Present technical artefacts for approval at technical and security design authorities.
• Ensure appropriate peer review and documentation quality control.

• Identify, track, and communicate technical risks, design issues, and dependencies.
• Provide clear, actionable remediation strategies.
• Map design decisions to residual risks and articulate business/technical trade‑offs.

• Hands‑on experience securing modern application architectures (microservices, containerised/K8s environments, cloud‑native systems).
• Strong background in application security testing (AST) including SAST, DAST, IAST, MAST, and container/K8s scanning.
• Expertise with Software Composition Analysis (SCA) tools and supply‑chain security.
• Skilled in building and optimising CI/CD‑integrated security pipelines (GitHub Actions, GitLab, Jenkins, Azure DevOps, etc.).
• Strong threat‑modelling capability and deep understanding of secure SDLC.
• Ability to evaluate, design, and integrate enterprise AppSec platforms including SCA/AST tooling, SBOM solutions, and vulnerability workflows.
• Experience guiding engineering teams through vulnerability remediation and secure coding best practices.
• Familiarity with industry frameworks such as OWASP SAMM, ASVS, CSA, NIST SSDF, SLSA.

• A confident communicator capable of presenting deep technical content to both engineers and senior leadership.
• Someone who brings strong documentation discipline and architectural rigour.
• A collaborator with broad IT knowledge and the ability to work effectively with non‑security SMEs.
• A technical leader who can represent Cyber Services at governance boards and design authorities.
• Experience in both operational and transformation security environments is highly desirable.

This is an opportunity to influence and shape security architecture across one of the UK's largest retail banks. Working on major strategic programmes, you’ll have a significant platform to contribute technical leadership, improve enterprise security posture, and enable secure transformation at scale.