2 of 2 Dynamic Application Security Testing Jobs in Gloucestershire

have most of the skills or experience we're looking for, please go ahead and apply. We'd love to hear from you!About the role# The Head of Application and Product Security is a strategic leadership role responsible for safeguarding the application landscape and digital products within HL. This pivotal position ensures that security is … assurance to clients, regulators, and stakeholders during a period of significant digital transformation and on an ongoing basis. The role will champion secure-by-default/design principles, drive security best practices, and lead a high-performing team in the context of ambitious cloud adoption, agile delivery, and regulatory evolution. The role balances strategic vision with operational oversight, ensuring … application security architecture, reference models, and automation in line with cloud-first and hybrid environments (AWS, Azure, etc). Commission and manage security testing (SAST, DAST, pen testing, Interactive testing, Mobile testing, bug bounties), triage vulnerabilities, and drive remediation efforts with development teams. Report to executive leadership and the board on application More ❯

and have most of the skills or experience we're looking for, please go ahead and apply. We'd love to hear from you! About the role As an Application Security Engineer at HL, you will play a key role in strengthening the security of our products and services. Partnering with Engineering and other security functions … you'll embed and enhance security across the SDLC. You will help shape our security tooling strategy, drive automation to scale assurance across the business and provide expert guidance to engineers on vulnerabilities, threats and risk mitigation. This role is an opportunity to influence how HL builds secure products at pace, while supporting a culture of 'Secure by … prioritising work, and providing progress updates against plan. Supporting the Security Champions program at HL through developer enablement and training. About you Experience of SAST/SCA/DAST toolsets (e.g. Snyk, Gitlab Ultimate Application Security, Rapid7). Experience of API scanning tools (e.g. Salt, 42Crunch). Strong understanding of vulnerability scoring frameworks such as CVSS and More ❯