Job Description

About the role:
At Holland & Barrett, we're over a century old - and building like a startup. We've transformed into a fully cloud-native organisation, using Kubernetes, containers, serverless, and event-driven architectures. Now we're embedding security directly into how we build software, and we're looking for an Application Security Engineer to help lead that journey.
This is a role for someone who loves working with developers, not around them. Our ambition is simple: make the secure path the easy path. You'll help build an AppSec model that's automated, developer-friendly, and built into every stage of the SDLC.
The Role
As an Application Security Engineer, you'll be a trusted partner to our engineering teams. You'll work hands-on to integrate security into CI/CD pipelines, identify and fix vulnerabilities early, and help teams design and ship secure applications by default.
What You'll Do
Embed SAST, DAST, and SCA tooling into CI/CD pipelines
Perform code reviews, threat modelling, and application security testing
Work directly with engineers to remediate vulnerabilities and improve designs
Develop and promote secure coding standards and best practices
Deliver security training and workshops to engineering teams
Champion a culture of shared responsibility for application security
Key requirements:
*]:pointer-events-auto scroll-mt-[calc(var(--header-height)+min(200px,max(70px,20svh)))]" dir="auto" tabindex="-1" data-turn-id="request-WEB:c6d68547-df40-47a9-be8e-5739a5936684-8" data-testid="conversation-turn-12" data-scroll-anchor="true" data-turn="assistant">
Experience as an Application Security Engineer or similar role
Strong understanding of OWASP Top 10 and modern application threats
Hands-on experience with tools like Snyk, Checkmarx, Veracode, Burp Suite
Proficiency in at least one modern programming language (e.g. Python, Java, JavaScript)
Experience integrating security into CI/CD pipelines
Great communication skills and a collaborative, developer-first mindset
Why Holland & Barrett?
Help shape AppSec from the ground up in a modern engineering organisation
Work with cloud-native technologies and forward-thinking teams
A purpose-led business focused on helping people live healthier lives
If you're passionate about building secure software and making security a natural part of development, we'd love to hear from you.
What we offer:
What we offer:
Wellbeing & Lifestyle Benefits

• Health Cash Plan
• Life Assurance
• Incentive Scheme - Based on company & personal performance
• Virtual GP
• Private Medical care
• FREE at-home blood test kit
• Holiday Purchase option
• Pension Contribution scheme
• Access to 'Wellhub' with gyms, studios and wellbeing apps

Discounts & Savings

• 25% Colleague Discount with FREE Standard Delivery
• Exclusive Discounts from a wide range of partners
• /EUR50 Annual Product Allowance to spend in store

Learning & Development

• Access to a variety of learning opportunities, including Level 2-5 Apprenticeships, Workshops and our Digital Learning Library
• AND MORE!

Holland and Barrett is an equal opportunity employer. We welcome diverse perspectives and are committed to creating an inclusive environment for all colleagues. We understand that when our colleagues are listened to, respected and valued for who they are, we build an organisation with belonging at its heart - making health and wellness a way of life for everyone.
Holland & Barrett does not accept unsolicited resumes from search firms/recruiters. Please do not forward resumes to our job alias, employees, or any other company location. Holland & Barrett is not and will not be responsible for any fees if a candidate submitted by a search firm/recruiter unless otherwise agreed with respect to specific open position(s).

Skills Required