Key skills
AWSCloudJavaScriptMicroservicesNode.jsSDLCTypeScriptGoIAMCI/CDCommunication
About this role
Role Overview
- Design, implement, and continuously improve a Secure SDLC integrated from design through production
- Embed security into planning and delivery via threat modelling, security requirements, and automated controls
- Lead application security reviews for new systems, major features, and high-risk changes across web, API, mobile, and backend services
- Define and maintain secure architecture patterns for authentication, authorisation, APIs, data protection, and multi-tenant isolation
- Own the application security tooling stack (SAST, DAST, SCA), integrating it into CI/CD with high-signal, low-noise outputs
- Partner with engineers to triage and remediate vulnerabilities based on exploitability, impact, and regulatory risk
- Work with Security Operations to improve application-level logging, telemetry, and incident response readiness
- Act as a trusted advisor to engineering teams, raising the bar through practical guidance, documentation, and targeted training
Requirements
- 6+ years’ experience in application security, security engineering, or software engineering with a strong AppSec focus
- Demonstrated experience designing or operating Secure SDLC practices in fast-moving product teams
- Hands-on expertise in web and API security, including authentication, authorisation, data flows, and common vulnerability classes
- Proven experience integrating SAST, DAST, and SCA into CI/CD pipelines
- Strong threat modelling and secure design skills for complex, cloud-native systems
- Experience with modern backend and frontend or mobile stacks (e.g. JVM, Node.js, Go, TypeScript)
- Familiarity with AWS and cloud-native architectures (IAM, KMS, containers, microservices)
- Clear, pragmatic communication skills and the ability to influence through partnership rather than mandate.
Tech Stack
- AWS
- Cloud
- JavaScript
- Microservices
- Node.js
- SDLC
- TypeScript
- Go
Benefits
- We trust you, so we offer flexible working hours, as long it suits both you and your team;
- Health Insurance;
- Physical and mental health support through our partnership with MyFitness;
- 25 days of Annual leave (+ Bank Holidays);
- Possibility to visit other Teya offices to meet colleagues in instances when travel is safe and appropriate;
- Friday lunch in the office;
- Friendly, comfortable and high-end work equipment and informal office environment;
- Hybrid work mode policy.