Skip to main contentA logo with &quat;the muse&quat; in dark blue text.
Newsletter
Bazaarvoice

Staff Application Security Engineer

7 days ago Belfast, United Kingdom
 
At Bazaarvoice, we create smart shopping experiences. Through our expansive global network, product-passionate community & enterprise technology, we connect thousands of brands and retailers with billions of consumers. Our solutions enable brands to connect with consumers and collect valuable user-generated content, at an unprecedented scale. This content achieves global reach by leveraging our extensive and ever-expanding retail, social & search syndication network. And we make it easy for brands & retailers to gain valuable business insights from real-time consumer feedback with intuitive tools and dashboards. The result is smarter shopping: loyal customers, increased sales, and improved products.
 
The problem we are trying to solve : Brands and retailers struggle to make real connections with consumers. It's a challenge to deliver trustworthy and inspiring content in the moments that matter most during the discovery and purchase cycle. The result? Time and money spent on content that doesn't attract new consumers, convert them, or earn their long-term loyalty.
 
Our brand promise : closing the gap between brands and consumers.
 
Founded in 2005, Bazaarvoice is headquartered in Austin, Texas with offices in North America, Europe, Asia and Australia.
 
It’s official: Bazaarvoice is a Great Place to Work in the US , Australia, India, Lithuania, France, Germany and the UK!

We are seeking a Staff Application Security Engineer to serve as a high-level technical leader and subject matter expert for our application security program. In this role, you will bridge the gap between security and engineering, driving the adoption of secure-by-default architectures and robust secrets management practices through a development-centric approach. As a technical expert, you are expected to bring proposals, code-driven solutions, and innovation to our security program.


You will carry significant influence across all of our engineering offices, tackling complex software security challenges by writing code to automate data correlation and tool integration, while collaborating closely with Offensive Security to validate and remediate systemic risks. As a Professional Level 7, you will operate with a high degree of autonomy, providing critical technical expertise during investigations, participating in technical whiteboard coding sessions, and mentoring engineers to foster a culture of security-first development.

Want more jobs like this?

Get Software Engineering jobs in Belfast, United Kingdom delivered to your inbox every week.

Job alert subscription

By signing up, you agree to our Terms of Service & Privacy Policy.

What You'll be Doing:




    • Lead Application Security Elements: Own the execution and technical oversight of application security components, ensuring robust security controls are integrated throughout the development process.




    • Automated Pipeline Guardrails: Design and write automated security guardrails directly inside the CI/CD pipeline using open-source and commercial tools to catch vulnerabilities early.




    • Vulnerability Data Orchestration: Write scripts and API tools to query, aggregate, and correlate data from vulnerability datasets, asset management systems, and scanners to drive automated Jira ticketing and data-driven risk decisions.




    • Secrets Management Leadership: Lead and manage the enterprise secrets management program, defining technical standards and implementing solutions to protect sensitive credentials across all environments, writing programmatic integrations to securely inject and rotate credentials.




    • Offensive Security Collaboration: Partner closely with the Offensive Security Engineer on complex projects to proactively identify, validate, and remediate deep-seated application vulnerabilities.




    • Incident Response & Forensic Support: Provide deep technical expertise and hands-on assistance during security events or investigations, helping engineering teams perform root-cause analysis in the codebase and mitigate impact.




    • Secure SDLC & Threat Modeling: Proactively engage with development teams early in the SDLC to conduct threat modeling exercises focused on logical application flaws and provide expert consultation on secure architecture.




    • Mentorship and Advocacy: Act as a security champion and trusted advisor, elevating security knowledge across the organization through training and the development of secure coding guidelines.


Required Skills & Experience:




    • Education & Experience: Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience with 7+ years of professional experience.




    • Software Engineering Background: Strong background in software development in a Software-as-a-Service (SaaS) environment, with a proven ability to write clean, maintainable code and pass a live/whiteboard coding session.




    • Application Security Expertise: 5+ years of hands-on experience in application security, including secure code review, threat modeling, and managing AppSec tooling.




    • API & Data Integration: Proven experience writing code to query APIs, parse datasets (JSON/XML), and integrate disparate tools (e.g., connecting scanner datasets with asset inventory).




    • Secrets Management Proficiency: Proven experience implementing and managing enterprise-grade secrets management solutions at scale.




    • Technical Remediation: Expert-level knowledge of OWASP Top 10 and advanced vulnerability classes, with a demonstrated ability to architect and implement scalable remediation solutions.




    • Scripting & Automation: Proficiency in languages such as Python, Go, or Bash to automate security workflows, query APIs, and build custom security integrations.




    • Influence & Communication: Exceptional communication skills with the ability to influence technical and non-technical stakeholders across multiple global offices.




    • Mentorship: A proven history of mentoring senior-level engineers and a passion for elevating the skills of those around you.


Desirable Skills & Experience:




    • Certifications: Professional certifications such as CSSLP, CASE, GWEB, or equivalent.




    • Cloud Operations: Expertise in AWS or GCP security operations, specifically relating to serverless and containerized application security.




    • DevSecOps: Experience in a Security Development Lifecycle (SDL) environment and a history of implementing DevSecOps principles.




    • Community Engagement: Published security research, conference presentations, or active contributions to the open-source security community.


#LI-EM1

Why join Bazaarvoice?
 
Customer is key
We see our own success through our customers’ outcomes.  
We approach every situation with a customer first mindset.
 
Transparency & Integrity Builds Trust
We believe in the power of authentic feedback because it’s in our DNA. 
We do the right thing when faced with hard choices. Transparency and trust accelerate our collective performance.
 
Passionate Pursuit of Performance
Our energy is contagious, because we hire for passion, drive & curiosity. 
We love what we do, and because we’re laser focused on our mission.
 
Innovation over Imitation
We seek to innovate as we are not content with the status quo. 
We embrace agility and experimentation as an advantage.
 
Stronger Together
We bring our whole selves to the mission and find value in diverse perspectives. 
We champion what’s best for Bazaarvoice before individuals or teams.  
As a stronger company we build a stronger community.
 
 
Want to see our culture in action? Explore our global Linkedin Life Page, Life at Bazaarvoice to see the bigger picture, or visit our EMEA Life Page to meet our regional teams and see what life is like in our local offices.  
 
 
 
Commitment to diversity and inclusion
 Bazaarvoice provides equal employment opportunities (EEO) to all team members and applicants according to their experience, talent, and qualifications for the job without regard to race, color, national origin, religion, age, disability, sex (including pregnancy, gender stereotyping, and marital status), sexual orientation, gender identity, genetic information, military/veteran status, or any other category protected by federal, state, or local law in every location in which the company has facilities. Bazaarvoice believes that diversity and an inclusive company culture are key drivers of creativity, innovation and performance. Furthermore, a diverse workforce and the maintenance of an atmosphere that welcomes versatile perspectives will enhance our ability to fulfill our vision of creating the world’s smartest network of consumers, brands, and retailers.
 
 
Please note: The successful candidate will be required to undergo a basic AccessNI check prior to starting. 
Client-provided location(s): Belfast, United Kingdom
Job ID: 2063a21a-567f-46a2-ac9b-fdcda4c0968a
Employment Type: OTHER
Posted: 2026-06-16T11:50:44

Perks and Benefits

  • Health and Wellness

    • Parental Benefits

      • Work Flexibility

        • Office Life and Perks

          • Vacation and Time Off

            • Financial and Retirement

              • Professional Development

                • Diversity and Inclusion