The Role
Are you passionate about building security into software from the ground up? We’re looking for a Senior Application Security Engineer to take charge of strengthening and evolving security.
In this role, you won’t just identify risks you’ll lead the charge in transforming how secure software is built, working side-by-side with engineering and product teams to make security an intrinsic part of everything we deliver.
What you’ll be doing
- Own and drive application security strategy, influencing key security metrics and outcomes
- Embed secure-by-design principles into every stage of the development lifecycle
- Partner with engineers and product teams to elevate security awareness and capability
- Introduce and optimise automated security controls within CI/CD pipelines
- Lead threat modelling and secure design discussions, shaping decisions around critical areas like authentication and data protection
- Ensure security tooling (SAST, DAST, SCA) is effective, scalable, and delivering real value
- Oversee and enhance testing initiatives including penetration testing, scanning, and bug bounty programmes
- Act as a trusted advisor to engineering teams triaging issues and guiding practical remediation
- Contribute to security standards, documentation, and audit readiness
- Champion a strong, proactive security culture across the organisation
-
A background in software engineering with a security-first mindset
- Strong knowledge of modern web and API vulnerabilities (OWASP Top 10 and beyond)
- Hands-on experience with automation, scripting, and integrating security into CI/CD workflows
- Familiarity with security tooling such as SAST, DAST, and SCA
- Experience working in cloud-native environments (AWS), microservices, and containerised systems
- Confidence in reviewing architecture, leading threat modelling, and influencing secure design decisions
- Excellent communication skills, ablility to engage, educate, and inspire engineering teams
-
An open and genuine communicator
- Able to take responsibility for your actions
- Always learning and wanting to improve
- Takes responsibility for own development
- Love what you do
- Value and support your team
- Embrace who you are
- Open minded and willing to explore new ideas
We value our team and to attract exceptional people, we offer an excellent package! In 2023, 2024 and 2025 we were recognised as one of the Best Workplaces in Tech by Great Place To Work UK, the global authority on workplace culture.
As a Leighton employee you can look forward to:
- A competitive salary this will be dependent on experience.
- A contributory pension scheme
- Private healthcare
- 25 days annual leave, plus bank holidays and the opportunity to buy or sell holiday
- A flexible approach to working hours
- Continuous personal development, career path and training
- And more....
Leighton: 33 years and counting. Experienced and agile. Trusted by some of the world’s biggest brands. We develop and deliver custom software. We use technology to make money, save money, create efficiencies, integrate systems, solve problems. To help our customers thrive. We have a pool of talent. To manage projects. Test to high standards. Create user experiences for every type of user. We include, include, include. Our service is personal. We know your name. We can do amazing things with tech. We’ve got the talent. We decide what’s best for our customer together.
Our Values
The Leighton culture defines how we do business and how we interact with our colleagues and customers. It makes us unique and provides us with a competitive advantage
- We act with honesty and truth, always!
- We collaborate to bring our purpose to life in a caring and supportive way
- We nurture our amazing people to be the best version of themselves
- Passionate about what we do, proud of what we achieve
- Our curiosity inspires the amazing