Senior Application Security Specialist

1 week ago


London, Greater London, United Kingdom Zego Full time

About Zego

We are a forward-thinking insurance company that's changing the game. At Zego, we believe that traditional motor insurance holds good drivers back. It's too complicated, too expensive, and it doesn't reflect how well you actually drive.

We've been on a mission to change that since 2016, by offering the lowest priced insurance for good drivers. Our customers are the driving force behind everything we do. We've sold tens of millions of policies and raised over $200 million in funding.

**Overview of our Engineering Team**

Our team is responsible for building the flexible and sustainable insurance products and services that our customers deserve. We empower a diverse, resourceful, and creative team of engineers that thrive on challenge and innovation.

**Overview of the role**

  • You will play a key role in shaping the future of Security at Zego.
  • You will be part of the team ultimately responsible for the security of the Zego services.
  • You will collaborate closely with Product Engineering, Technical Operations, DPO, Information Security and Compliance to help build secure products and services.
  • You will champion agile methodologies, metrics and tooling to support the teams in incrementally improving our security posture.

**Key Responsibilities**

  • Collaborate closely with product and technical operations teams to identify and mitigate vulnerabilities across our technology stack.
  • Partner with product engineers to explore innovative ways to safeguard customer data.
  • Influence the development of security tools, processes, and culture to enhance our overall security posture.
  • Streamline developer workflows by optimising security remediation processes, driving efficiency, and improving resolution times.
  • Champion secure coding practices through code reviews, mentoring, and active collaboration with development teams.
  • Develop and maintain security-related documentation, including policies, procedures, and guidelines for both application and infrastructure security.
  • Respond to security incidents, working with the engineering team to ensure timely and effective resolution.
  • Cultivate a security-first mindset through knowledge sharing, internal guilds, and external engagement at meet-ups and conferences.
  • Support external security audits, assessments, certifications, and penetration testing initiatives.

**Requirements**

  • Strong knowledge of secure coding practices, secure software design principles, and secure software supply chain best practices in production environments.
  • Proven experience collaborating with software development teams, with an understanding of their workflows and challenges.
  • Proficiency in at least two programming languages such as Python, Scala, Node, Swift, or Kotlin.
  • Deep understanding of web application vulnerabilities, with practical experience applying OWASP guidelines and best practices.
  • Hands-on experience in managing application vulnerabilities, including identification, triaging, qualification, reporting, performing code reviews, and conducting remediation validation tests.
  • Expertise in performing root cause analysis for discovered vulnerabilities.
  • Experience integrating SAST/DAST/IAST/SCA toolchains into development workflows, along with maintaining these tools.
  • Skilled in using security testing tools such as Burp Suite or ZAP.
  • Experience coordinating and facilitating external web application penetration testing.
  • Ability to clearly communicate complex technical concepts to non-technical audiences.

The salary range for this position is approximately $120,000 - $160,000 per year, depending on experience and qualifications. Benefits include private medical insurance, company share options, generous holiday allowance, and wellbeing benefits.



  • London, Greater London, United Kingdom LT Harper - Cyber Security Recruitment Full time

    Senior Application Security TesterA highly innovative security provider is seeking an experienced Application Security Tester to join their offensive security function. The successful candidate will have the opportunity to work across various industry sectors, conducting a wide range of security assessments while collaborating with the wider team. A...


  • London, Greater London, United Kingdom undisclosed Full time

    Role Overview:We are seeking a skilled Senior Application Security Specialist to join our team at undisclosed. The successful candidate will be responsible for ensuring the security of software applications throughout their development lifecycle and in production environments.Key Responsibilities:Perform security assessments on applications, including code...


  • London, Greater London, United Kingdom Iceberg Cyber Security Full time

    Iceberg Cyber Security is seeking an Information Security Specialist to join its security assurance team. The role will focus on achieving information security, accreditation such as NIST, ISO-27001, JSP 440. To be successful in this role the candidate must have a familiarity working with a secure by design approach and experience communicating with senior...


  • London, Greater London, United Kingdom Molten Ventures plc Full time

    We are seeking an experienced Application Security Specialist to join our team at Molten Ventures plc in London.As an Application Security Specialist, you will be responsible for ensuring the security of software applications throughout their lifecycle for our Web and Mobile apps. This includes identifying and mitigating security vulnerabilities, guiding...


  • London, Greater London, United Kingdom Phoenix Security Full time

    About the RoleWe are seeking an experienced Backend Developer to join our team at Phoenix Security, a cybersecurity start-up working on an exciting new product.As a key member of our team, you will be responsible for implementing functional changes and improvements to our application security platform using Kotlin and Spring Boot.You will work...


  • London, Greater London, United Kingdom Freetrade Full time

    Job DescriptionAbout FreetradeFreetrade is a company that believes investing should be accessible to everyone. We're building a team with diverse and unique perspectives to help us on our mission to demystify investing.Job RoleWe're looking for an Application Security Engineer to ensure the security of software applications throughout their lifecycle for...


  • London, Greater London, United Kingdom FNZ Group Full time

    Job SummaryFNZ Group is seeking a highly skilled Application Security Specialist to join our Global Cyber & Information Security team. As a key member of our team, you will be responsible for ensuring the security of software platforms throughout their lifecycle, from design and development through to deployment and maintenance.Key ResponsibilitiesCoordinate...


  • London, Greater London, United Kingdom Insight Global Full time

    At Insight Global, we are seeking a skilled Application Security Specialist to join our team in London, UK. The successful candidate will work closely within a team of 5 individuals conducting source code review and penetration testing to identify security concerns or vulnerabilities within mobile applications. Key responsibilities include testing security...


  • London, Greater London, United Kingdom Hamilton Barnes Associates Limited Full time

    Role Overview:We are seeking an experienced Senior Application Security Consultant to join our team at Hamilton Barnes Associates Limited. The ideal candidate will have a strong understanding of application security principles and be able to identify and mitigate security risks in software applications.About the Role:In this role, you will work closely with...


  • London, Greater London, United Kingdom Vigilant Security Full time

    Job DescriptionVigilant Security, a leading provider of security services, is seeking a highly skilled and experienced Senior Corporate Protection Specialist to join its expanding team in Central London.This is a permanent contract with a competitive salary of £35,000 - £45,000 per annum, depending on experience. The successful candidate will be required...


  • London, Greater London, United Kingdom Sportradar Full time

    Sportradar is looking for a talented Cloud Security Specialist to join our team as a Senior Cloud Application Security Engineer. In this role, you'll be responsible for ensuring the confidentiality, integrity, and availability of information and systems owned by Sportradar and its subsidiaries.You'll work closely with our Engineering group to develop...


  • London, Greater London, United Kingdom NTT DATA Full time

    Job Title: Cloud Application Security SpecialistAbout the Role:We are seeking a skilled Cloud Application Security Specialist to join our team at NTT DATA. This is an exciting opportunity for an experienced security professional to help shape and direct our clients' security transformation journeys in the public cloud.The ideal candidate will have a strong...


  • London, Greater London, United Kingdom Xcede Recruitment Solutions Full time

    This is an exciting opportunity to contribute to the security of mobile applications at a leading company in the industry. As a seasoned Application Security Penetration Tester, you will play a key role in securing applications and shaping their security posture by performing rigorous security assessments.Responsibilities:Lead the security testing of...


  • London, Greater London, United Kingdom Vigilant Security Full time

    Job OverviewWe are seeking a highly skilled Site Security Specialist to join our team in London and the surrounding areas.Estimated SalaryThe estimated annual salary for this position is £30,000 - £40,000 based on industry standards and market conditions.Key ResponsibilitiesMaintain high standards of professionalism while ensuring the security requirements...


  • London, Greater London, United Kingdom CFH Is Now Finalto Full time

    Security Position DescriptionCFH Is Now Finalto is looking for an accomplished Application Security Expert. In this role, you will be responsible for the security of software applications from development to production. This includes identifying vulnerabilities, implementing security measures, and ensuring adherence to industry standards and regulations.Your...


  • London, Greater London, United Kingdom acre security Full time

    Job OverviewWe are seeking an experienced Security Solutions Specialist to join our dynamic UK HOP Team. In this role, you will be responsible for designing, implementing, and maintaining cutting-edge security systems that safeguard customer assets, information, and infrastructure.Your primary focus will be on access control, network security, and CCTV...


  • London, Greater London, United Kingdom First Point Group Full time

    Job Description:A Cybersecurity Expert position is available at First Point Group. This role focuses on Application Security and requires a skilled individual to join the team in London.The ideal candidate will have a degree in Computer Science or Software Engineering, as well as 3-5 years of experience in application security testing and source code review....


  • London, Greater London, United Kingdom Securitas Security Services Full time

    About the RoleAs a Security Protection Specialist with Securitas Security Services, you will play a vital role in ensuring the safety and security of contractors, property, and assets. Your responsibilities will include escorting contractors safely and securely at all times, monitoring and accounting for contractor tools and items, and inspecting and...


  • London, Greater London, United Kingdom Bumble Inc. Full time

    Protecting Customer Data with PassionBumble Inc. is a pioneering company that has revolutionized the way people connect. As a trusted equal opportunity employer, we welcome applicants from diverse backgrounds and abilities.We are seeking an experienced Application Security Specialist Lead to join our team. This critical role requires a deep understanding of...


  • London, Greater London, United Kingdom Tbwa ChiatDay Inc Full time

    Tbwa Chiat/Day Inc is seeking a skilled Cloud Application Security Governance Specialist to join our team in London. As a Cloud Application Security Governance Specialist, you will play a critical role in ensuring the security of our applications and data hosted on Google Cloud Platform (GCP).The salary for this position is £110,000 - £130,000 per year,...