Job description

Senior DevSecOps / Application Security Engineer Location: Remote - UK or EMEA based 6 months+ Contract Niche SaaS Tech company are seeking a Senior DevSecOps / Application Security Engineer to champion and drive their DevSecOps initiatives-shaping secure software delivery across a fast-moving, cloud-native environment. In this role, you'll own and evolve the security tooling and automation embedded in their SDLC and CI/CD pipelines, working closely with software engineers, DevOps, and data scientists. You'll help ensure security is not a final step-but an integral, continuous part of how they build and ship software. You will: • Embed and automate security controls across CI/CD workflows • Lead the integration of SAST, DAST, SCA, and threat modeling tools in DevSecOps pipelines • Collaborate with developers to enable secure coding and privacy by design • Drive adoption of secure development standards and practices across the org • Operate and evolve our software vulnerability management and bug bounty programs • Work cross-functionally to identify risks and improve security posture continuously • Support cloud-native app and ML security efforts across Azure and AWS • Own AppSec policies, incident response processes, and related KPIs/KRIs Key Skills Required: • 5+ years in AppSec or DevSecOps, with strong experience in secure SDLC and CI/CD • Hands-on knowledge of security tools like GitHub Advanced Security, Veracode, Snyk, ZAP, Burp • Familiarity with OWASP, MITRE, CWE, and modern dev frameworks (C#, Java, Python, React) • Knowledge of scripting languages (Python, Ruby, Rust) • Excellent communication skills to bridge tech and business stakeholders • Passion for building scalable security solutions that enable teams, not slow them down

Requirements