Senior Application Developer (Security)

Employment type: Full time

Hey there, we’re really sorry but this job is no longer available. Please take a look at our other roles, and check back again soon as we’re adding new roles all the time!

Job Description

About Us

Leighton: 32 years and counting. Experienced and agile. Trusted by some of the world’s biggest brands. We develop and deliver custom software. We use technology to make money, save money, create efficiencies, integrate systems, solve problems. To help our customers thrive. We have a pool of talent. To manage projects. Test to high standards. Create user experiences for every type of user. We include, include, include. Our service is personal. We know your name. We can do amazing things with tech. We’ve got the talent. We decide what’s best for our customer together.

Our Values

The Leighton culture defines how we do business and how we interact with our colleagues and customers. It makes us unique and provides us with a competitive advantage

We act with honesty and truth, always!
We collaborate to bring our purpose to life in a caring and supportive way
We nurture our amazing people to be the best version of themselves
Passionate about what we do, proud of what we achieve
Our curiosity inspires the amazing

Key Responsibilities:

Code Security Analysis: Review backend code to identify security flaws, misconfigurations, or vulnerabilities.
Threat Modelling: Lead and contribute to threat modeling sessions — analyse how our products handle data, map potential attack vectors (especially OWASP Top 10), and design mitigation strategies.
Secure Development Practices: Help the development team adopt secure coding practices, identify systematic security issues, and uplift the overall engineering team's security awareness.
Security Tooling Integration: Use tools like Snyk (for third-party dependency scanning) to monitor for vulnerabilities. Translate scan results into actionable tickets in Jira.
Collaboration & Enablement: Work closely with engineering teams to triage issues, build secure-by-design features, and guide developers in resolving security concerns.
Security Champion: Act as an internal advocate for security, promoting a culture of shared responsibility and continuous improvement.

Mandatory Experience:

Solid experience as a developer having utilised (JavaScript/Python)
Ability to read and understand code quickly, including unfamiliar codebases
Familiarity with modern security tools (e.g., Snyk, OWASP ZAP, Burp Suite)
Strong understanding of common web vulnerabilities (OWASP Top 10)
Experience with threat modeling and secure design principles
Comfortable translating technical findings into prioritised improvements for the engineering team

Behaviours

An open and genuine communicator
Able to take responsibility for your actions
Always learning and wanting to improve
Takes responsibility for own development
Love what you do
Value and support your team
Embrace who you are
Open minded and willing to explore new ideas

What We Offer

We value our team and to attract exceptional people, we offer an excellent package! In 2023 we were recognised as one of the Best Workplaces in Tech by Great Place To Work UK, the global authority on workplace culture.

As a Leighton employee you can look forward to:

A competitive salary this will be dependent on experience.
A contributory pension scheme
25 days annual leave, plus bank holidays and the opportunity to buy or sell holiday
A flexible approach to working hours
Continuous personal development, career path and training
And more....