DevSecOps & Application Security Associate
Glocomms is supporting a leading investment management company dedicated to serving investors and supporting their long‑term financial success.
What You'll Do
- Support and secure the software development lifecycle by applying hands‑on experience in application development, deployment, and security.
- Operate, configure, and optimize application security tools, with particular emphasis on static code analysis and software composition analysis.
- Integrate security tooling into CI/CD pipelines, tuning policies to balance risk management with developer productivity.
- Identify, analyze, and triage application security findings, using a risk‑based approach to prioritize remediation efforts.
- Work directly with engineering teams to drive timely resolution of vulnerabilities and improve secure development practices.
- Collaborate with application security engineers and other security teams to ensure tools, standards, and processes are applied consistently across environments.
- Advocate for a low‑friction developer experience by reducing noise, improving scan accuracy, and delivering clear, actionable security guidance.
- Participate in support and on‑call rotations for application security tooling, assisting developers and responding to security events as needed.
- Identify opportunities to automate security processes to improve efficiency, scale, and coverage across the application landscape.
- Collect, analyze, and report metrics that track vulnerability trends, tooling effectiveness, and overall application security maturity.
- Develop and maintain documentation covering security technologies, workflows, and standards.
- Provide guidance, training, and education to development and cloud engineering teams on secure coding, dependency management, and deployment best practices.
- Stay informed on evolving application security trends, tools, and standards, contributing to continuous improvement initiatives.
- Support special projects and cross‑functional efforts as required.
What You Bring
- 3+ years of relevant professional experience in application security, DevSecOps, or software engineering.
- A bachelor's degree in a related field or equivalent practical experience.
FAQs
Congratulations, we understand that taking the time to apply is a big step. When you apply, your details go directly to the consultant who is sourcing talent. Due to demand, we may not get back to all applicants that have applied. However, we always keep your CV and details on file so when we see similar roles or see skillsets that drive growth in organisations, we will always reach out to discuss opportunities.
Yes. Even if this role isn’t a perfect match, applying allows us to understand your expertise and ambitions, ensuring you're on our radar for the right opportunity when it arises.
We also work in several ways, firstly we advertise our roles available on our site, however, often due to confidentiality we may not post all. We also work with clients who are more focused on skills and understanding what is required to future-proof their business.
That's why we recommend registering your CV so you can be considered for roles that have yet to be created.
Yes, we help with CV and interview preparation. From customised support on how to optimise your CV to interview preparation and compensation negotiations, we advocate for you throughout your next career move.