Job Title: Senior Application Security Engineer

Duration: Minimum 1 year

Workload: Full time hours

Setup: Freelance (Daily rate / Limited Company / Umbrella / Sole Trader)

Location: Remote

 

We’re looking for a senior-level security expert to lead proactive security design and validation across complex web application environments.

 

Key Responsibilities:

Lead security architecture reviews and conduct in-depth threat modelling for new products and infrastructure. Perform hands-on penetration testing and security assessments to uncover and validate vulnerabilities. Research emerging threats and develop mitigation strategies to stay ahead of evolving attack vectors. Collaborate with engineering teams to embed security into the development lifecycle (DevSecOps).

 

Must-Have Skills:

7+ years in offensive and defensive security roles, with long-term project experience. Proven expertise in penetration testing (especially web applications) and threat modelling. Strong programming/scripting skills, particularly in Python. Deep knowledge in at least one core security domain (e.g., cryptography, secure architecture, authentication). Excellent communication skills in English.

 

Nice-to-Have:

Experience with cloud-native security (AWS, GCP, Kubernetes). Familiarity with securing serverless or AI/ML platforms. Industry certifications such as OSCP, OSCE, or CISSP.