Application Security Specialist (DevOps)

Location: Cambridge, UK – Applicants should be based (or willing to relocate) within a comfortable commuting distance of our office to attend onsite as required.

We are looking for an experienced Application security specialist to join our Cyber team with a hyper focus on supporting our application security and risk management programme.  You will help us build out a world class security automations and remediation plans by working closely with our key stakeholders in the Games teams to provide a clear plan and support with risk remediation. This is to be achieved by data driven analysis and practical engagement to support with suggested fixes.

What you'll be doing:

• Provide guidance on security best practices and compliance and undertake security testing

• Collaborate with the architecture and development teams to review the design and code for security vulnerabilities

• Embed/improve security threat modelling and secure coding in the development lifecycle

• Provide technical specialist advice to ensure that security standards are understood and can be complied with

• Develop security testing plans and integrate into the software development lifecycle

• Perform and oversee security testing and manage remediation of identified vulnerabilities

• End-to-end work on reported vulnerabilities as part of the bug bounty program

• Take part in the security incident response team

• Monitor and proactively report on current threats and vulnerabilities to application security

• Prepare and monitor application security metrics and KPIs

• Initiate and automate processes for detecting and monitoring the platform security and integrate security tools into the S-SDLC

Note: This position will require participation in an on-call rotation 

What we're looking for:

• At least 3 years of experience in software engineering.

• At least 2 years of experience in application security.

• In-depth knowledge of application security vulnerabilities, testing techniques, and the OWASP framework.

• Team player able to build relationships across the organization.

• In-depth understanding of secure web application development.

• Experience in web application and Agile development methodologies.

• Comprehensive knowledge of IT and information security subject matter.

• Exposure to methods of promoting security awareness.

• Strong communication (verbal/written) and influencing skills, with an ability to manage internal and external relationships up to senior levels of management.

• Anticipates problems and identifies long-term implications of decisions and actions.

• Ability to work and learn alone.

• Able to prioritize workload and drive work to set deadlines.

• Experience working with the hacker/pen-testing community.

What we offer:

When you join Jagex you can look forward to a generous Perks & Benefits package including:

• Private Healthcare, including Dental Plan.
• Discretionary annual performance bonus.
• Minimum 6% Pension contributions.
• Life Insurance.
• Enhanced family leave policies from day 1.
• Flexible working hours.
• 25 days annual leave + Bank holidays & the option to buy/sell holidays + so much more!

About Jagex

We are Jagex: The RuneScape Company. Home to one of gaming’s most enduring success stories. We create deep, community-powered games with worlds that evolve, inspire, and endure. Our flagship MMORPG franchise, RuneScape, has welcomed over 300 million player accounts, inspiring generations of players across PC and mobile for 25 years.

As we begin our 26th year, we are accelerating our strategy to expand RuneScape into a broader ecosystem of forever games and connected experiences, grounded in a renewed commitment to integrity and fair play. This includes the reduction of monetisation mechanics, as well as the launch of RuneScape: DragonWilds into Steam Early Access in 2025, representing a major step in building a multi-genre future for the RuneScape universe. We remain focused on building enduring worlds, empowering player-led innovation, and laying the foundations for the boldest era in RuneScape’s history. For more information, visit www.jagex.com.

Headquartered in Cambridge, United Kingdom, we are home to passionate creators, storytellers, engineers, and even a few dreamers, all united by a single mission to shape the future of online worlds and empower players to make them their own. We’re looking for people to join us who share our ambitions and values. We foster an inclusive workplace built on trust, autonomy, and a shared passion for creating experiences that inspire our communities.

Our values guide everything we do: We Embrace Fellowship by collaborating and sharing openly. We Hone our Craft by always learning and improving; We Honour our Vows by being honest and transparent; We are our Customers’ Heroes by striving to understand our team & player needs, and We Seize The Day by making the most of every opportunity.

Join us. The next era of RuneScape and the next chapter of Jagex: The RuneScape Company starts now.

We are committed to providing equal opportunities and creating an environment where everyone can thrive. We welcome applications from all backgrounds, and we recruit, develop, and promote based on merit and ability.

If you require any reasonable adjustments to support you during the recruitment process, please let us know when you’re invited to interview.