IT Infrastructure

Application Security Engineer

IT Infrastructure
onsite senior full-time London, United Kingdom
Apply →

First indexed 18 Apr 2026

Description

We are seeking an experienced Application Security Engineer to join our team. As a subject matter expert with direct experience in a wide range of security technologies, tools, and methodologies, you will play a key role in building toolsets and processes to drive adoption of secure practices across the enterprise.

The successful candidate will have a proven understanding in enterprise security and AI security and will focus on defining and implementing security guardrails for Generative AI, LLMs, and Agentic frameworks, ensuring safe enterprise adoption.

Key responsibilities include:

  • Defining and implementing security guardrails for Generative AI, LLMs, and Agentic frameworks
  • Conducting specialized threat modeling, red teaming, and risk assessments for AI/ML models
  • Leading risk management activities, including application risk assessments, design reviews, and mitigation strategies for IT projects
  • Engaging throughout the SDLC to identify vulnerabilities, conduct code reviews/penetration testing, and enforce secure coding standards
  • Evangelizing AppSec and AI security best practices through developer education, training materials, and outreach

Qualifications include:

  • Bachelor's degree or higher in Computer Science, Computer Engineering, IT Security or related field
  • 5+ years' experience working as an Application Security Engineer, Software Engineer, or similar role
  • Deep understanding of AI-specific risks (OWASP Top 10 for LLMs) and experience securing applications utilizing LLMs
  • Experience working with AI models, Agentic frameworks and security risks associated with AI
  • Experience in working with global teams, collaborating on code and presentations

Preferred qualifications include:

  • Demonstrated work experience in hybrid on-premise and Public Cloud environments (AWS/GCP/Azure)
  • Strong understanding of security architectures, secure configuration principles/coding practices, cryptography fundamentals and encryption protocols
  • Experience with common SCM & CI/CD technologies like GitHub, Jenkins, Artifactory, etc. and integrating Security Scanning and Vulnerability Management into the CI/CD Pipelines
  • Familiarity with static and dynamic security analysis tools, and SCA/SBOM solutions
  • Hands on experience with Secrets Management & Password Vault technologies such as Delinea Secret Server and/or Hashicorp Vault, etc.
  • Strong experience in secure programming in languages such as Python, Java, C++, C#, or similar
  • Familiarity with Infrastructure as Code tools (CloudFormation, Terraform, Ansible, etc.)
  • Familiarity with web application security testing tools and methodologies
  • Knowledge of various security frameworks and standards such as ISO 27001, NIST, OWASP, etc.
  • Knowledge of Linux, OS internals and containers is a plus
  • Certifications like CISSP, CISM, CompTIA Security+, or CEH are advantageous

We offer a competitive salary and benefits package, as well as opportunities for professional growth and development.

This listing is enriched and indexed by YubHub. To apply, use the employer's original posting: https://mlp.eightfold.ai/careers/job/755955629908