Job Description

About the role:

At

Holland & Barrett

, we're over a century old -- and building like a startup. We've transformed into a

fully cloud-native organisation

, using Kubernetes, containers, serverless, and event-driven architectures. Now we're embedding

security directly into how we build software

, and we're looking for an Application Security Engineer to help lead that journey.



This is a role for someone who loves working

with developers

, not around them. Our ambition is simple: make the secure path the easy path. You'll help build an AppSec model that's automated, developer-friendly, and built into every stage of the SDLC.



The Role



As an

Application Security Engineer

, you'll be a trusted partner to our engineering teams. You'll work hands-on to integrate security into CI/CD pipelines, identify and fix vulnerabilities early, and help teams design and ship secure applications by default.



What You'll Do


Embed

SAST, DAST, and SCA

tooling into CI/CD pipelines Perform code reviews, threat modelling, and application security testing Work directly with engineers to remediate vulnerabilities and improve designs Develop and promote secure coding standards and best practices Deliver security training and workshops to engineering teams Champion a culture of shared responsibility for application security

Key requirements:

Experience as an

Application Security Engineer

or similar role Strong understanding of

OWASP Top 10

and modern application threats Hands-on experience with tools like

Snyk, Checkmarx, Veracode, Burp Suite

Proficiency in at least one modern programming language (e.g.

Python, Java, JavaScript

) Experience integrating security into

CI/CD pipelines

Great communication skills and a collaborative, developer-first mindset
Why Holland & Barrett?


Help

shape AppSec from the ground up

in a modern engineering organisation Work with cloud-native technologies and forward-thinking teams A purpose-led business focused on helping people live healthier lives
If you're passionate about building secure software and making security a natural part of development, we'd love to hear from you.

What we offer:

What we offer:

Wellbeing & Lifestyle Benefits

Health Cash Plan Life Assurance Incentive Scheme - Based on company & personal performance Virtual GP Private Medical care FREE at-home blood test kit Holiday Purchase option Pension Contribution scheme Access to 'Wellhub' with gyms, studios and wellbeing apps

Discounts & Savings

25% Colleague Discount with FREE Standard Delivery Exclusive Discounts from a wide range of partners /EUR50 Annual Product Allowance to spend in store

Learning & Development

Access to a variety of learning opportunities, including Level 2-5 Apprenticeships, Workshops and our Digital Learning Library AND MORE! Holland and Barrett is an equal opportunity employer. We welcome diverse perspectives and are committed to creating an inclusive environment for all colleagues. We understand that when our colleagues are listened to, respected and valued for who they are, we build an organisation with belonging at its heart - making health and wellness a way of life for everyone.


Holland & Barrett does not accept unsolicited resumes from search firms/recruiters. Please do not forward resumes to our job alias, employees, or any other company location. Holland & Barrett is not and will not be responsible for any fees if a candidate submitted by a search firm/recruiter unless otherwise agreed with respect to specific open position(s).

Division:

Technology

City:

London

Country:

UK

Job Type:

Full Time

Number of Hours:

37.5

Contract Type:

Permanent

Closing Date:

25 January 2026