London, England, United Kingdom Hybrid / WFH Options
Funding Circle
and remediation efforts. Nice to have Advanced security certifications (e.g., AWS Certified Security - Specialty, CISSP, CCSP, OSCP/OSWE). Experience with security platforms/tools (e.g., Wiz, Snyk, Checkmarx, Veracode). Scripting skills in Python or similar for automation. Experience working in FinTech or regulated environments. Knowledge of mobile application security principles. We are committed to building diverse teams. More ❯
London, England, United Kingdom Hybrid / WFH Options
Funding Circle
efforts. Nice to have Relevant advanced security certifications (e.g., AWS Certified Security - Specialty, CISSP, CCSP, OSCP/OSWE). Experience with specific security platforms/tools (e.g., Wiz, Snyk, Checkmarx, Veracode). Proficiency in security automation using scripting languages (e.g., Python). Experience working in FinTech or other highly regulated environments. Experience with mobile application security principles and testing. At More ❯
Assured - for automating security-focused API tests. Version control systems (e.g. Git) - for secure code handling and integration with secrets scanners. Static Application Security Testing (SAST) tools - e.g. SonarQube, Checkmarx, Semgrep. Dynamic Application Security Testing (DAST) tools - e.g. OWASP ZAP, Burp Suite Pro. Infrastructure-as-Code (IaC) scanning tools - e.g. tfsec, Checkov. Secrets detection tools - e.g. GitLeaks, truffleHog, detect-secrets. More ❯
Remote working (anywhere in the UK) Hybrid / WFH Options
Government Digital & Data
Assured - for automating security-focused API tests. Version control systems (e.g. Git) - for secure code handling and integration with secrets scanners. Static Application Security Testing (SAST) tools - e.g. SonarQube, Checkmarx, Semgrep. Dynamic Application Security Testing (DAST) tools - e.g. OWASP ZAP, Burp Suite Pro. Infrastructure-as-Code (IaC) scanning tools - e.g. tfsec, Checkov. Secrets detection tools - e.g. GitLeaks, truffleHog, detect-secrets. More ❯
for automating security-focused API tests. Git or other version control systems - for secure code handling and integration with security scanners. Static Application Security Testing (SAST) tools - e.g. SonarQube, Checkmarx, Semgrep. Dynamic Application Security Testing (DAST) tools - e.g. OWASP ZAP, Burp Suite Pro. Infrastructure-as-Code (IaC) scanning tools - e.g. tfsec, Checkov. Secrets detection tools - e.g. GitLeaks, truffleHog, detect-secrets. More ❯
London, England, United Kingdom Hybrid / WFH Options
Veeva Systems, Inc
tools across our multiple platforms. You will be working as a security expert supporting our product development teams on code quality issues and findings. What You'll Do Support Checkmarx SAST & SCA platform, tuning and supporting product development Assist application product teams with scan automation via pipeline build such as Jenkins or CI/CD Automation of security tools into … Java or Python and React Understanding of OWASP Top 10, SANS Top 20, NIST 800-53, CIS, CSC, or other security standards Utilize Static Application Security Testing tools (i.e. Checkmarx) to identify and remediate code vulnerabilities 1+ years as a security engineer or application developer Knowledge and understanding in various disciplines such as security engineering, infrastructure and network security, authentication More ❯
and vulnerability management expertise. Hands-on experience with threat modelling and secure code reviews. Experience with Mobile Application Security and API Security. Familiarity with security tools (Burp Suite, Fortify, Checkmarx, Veracode, ZAP, etc.). Experience with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Ability to conduct maturity assessments and gap analysis. Familiarity with RASP technology as More ❯
Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI More ❯
Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI More ❯
Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI More ❯
Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI More ❯
Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI More ❯
Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI More ❯
Remote working (anywhere in the UK) Hybrid / WFH Options
Government Digital & Data
for automating security-focused API tests. Git or other version control systems - for secure code handling and integration with security scanners. Static Application Security Testing (SAST) tools - e.g. SonarQube, Checkmarx, Semgrep. Dynamic Application Security Testing (DAST) tools - e.g. OWASP ZAP, Burp Suite Pro. Infrastructure-as-Code (IaC) scanning tools - e.g. tfsec, Checkov. Secrets detection tools - e.g. GitLeaks, truffleHog, detect-secrets. More ❯
Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI More ❯
Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI More ❯
Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI More ❯
the following technologies (providing cert details where applicable): Issue and Project Management tools such as JIRA, Confluence Hashicorp Terraform Hashicorp Vault SAST Security Testing such as such as GitLab, Checkmarx or Veracode DAST Security Testing such as OWASP ZAP or Veracode SCA Security Testing such as Checkmarx, Trivy, or Veracode IAST Security Testing such as Checkmarx Vulnerability Management such as More ❯
management. Strong understanding of web application security concepts, including secure coding practices, authentication mechanisms, and common vulnerabilities. Proficiency in security testing tools and techniques, such as Burp Suite, SonarQube, Checkmarx, Veracode, etc... Excellent analytical and problem-solving skills, with the ability to think critically and creatively to address complex security challenges. Strong communication and interpersonal skills, with the ability to More ❯
/priorities while maintaining sound development practices to ensure the quality delivery of enterprise solutions Preferred Skills: Experience with MuleSoft, Heroku, Einstein Analytics Experience with GitLab, GitHub, Jenkins, SonarQube, Checkmarx Unique combination of being business-minded and highly analytical while also having a strong and deep technical background in Salesforce.com Able and willing to work independently and in a fast More ❯
JourneyBlazers is a boutique Salesforce implementation partner with a proven track record and a perfect 5.0 CSAT score. We are a global team with operations in the US, UK, and India. Description : As a JourneyBlazers Salesforce Application Architect, you will More ❯
Strong knowledge of secure coding practices, common vulnerabilities (e.g., OWASP Top 10), and application security testing tools ️ Experience with SAST, DAST, and security code review tools (e.g., Fortify, Veracode, Checkmarx) ️ Familiarity with secure software development frameworks (e.g., OWASP, NIST) ️ Relevant certifications such as CSSLP, CEH, or CISSP are highly desirable More ❯
Application Security , AppSec consulting , or Secure Code Review roles. Deep understanding of secure coding practices in web frameworks (e.g., JavaScript, Python, PHP, Node.js). Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development principles. Strong technical writing and communication skills. Preferred certifications: OSCP , CSSLP , GWAPT , CEH , or More ❯
professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development principles. Strong technical writing and communication skills. Preferred certifications: OSCP , CSSLP , GWAPT , CEH , or More ❯
professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development principles. Strong technical writing and communication skills. Preferred certifications: OSCP , CSSLP , GWAPT , CEH , or More ❯
