Application Security Engineer - Allwyn UK

Key Responsibilities

• Conduct comprehensive threat modeling and risk assessments for new and existing applications.
• Perform static and dynamic code reviews, ensuring adherence to secure coding standards and OWASP Top 10.
• Lead penetration testing engagements, identify vulnerabilities, and collaborate with development teams to remediate findings.
• Integrate security controls into CI/CD pipelines, automating scans and enforcing policy compliance.
• Provide guidance on secure architecture design for cloud (AWS) and on‑prem deployments.
• Develop and deliver security awareness training for engineering teams.

Requirements

• 5+ years of experience in application security, with a strong background in secure coding, threat modeling, and penetration testing.
• Proficiency with OWASP tools (ZAP, Burp Suite) and static analysis platforms.
• Hands‑on experience with AWS security services (IAM, KMS, GuardDuty) and CI/CD tools (Jenkins, GitHub Actions).
• Excellent communication skills, able to translate technical findings into actionable recommendations.
• Relevant certifications (e.g., OSCP, CISSP, or equivalent) preferred.