1 to 25 of 42 Dynamic Application Security Testing Jobs in the UK

best work. Whether you're building on our platform, supporting our customers, or shaping our story: You can just ship things. About the Role: We are looking for aSenior Application Security Engineerto join our security team (reporting to the Head of Security). In this role, you will drive critical application security initiatives across … Vercel's products and platform. Your core focus will be onthreat modeling, open-source software security, secure code review, SDLC tooling, andbug bounty program management. You will support both our internal product engineering teams and customer-facing security programs, ensuring that security is embedded throughout our development lifecycle and that our platform earns the trust of developers … is required. Security Tools & Automation: Hands-on experience with application security tooling such as static application security testing (SAST), dynamic testing (DAST), dependency vulnerability scanners, and CI/CD pipeline security integration. Familiarity withGitHub Advanced Securityor similar tools for code scanning and secret detection is a strong plus. Open Source and More ❯

Press space or enter keys to toggle section visibility Location London Job Type Full Time Posted Date 16-Jun-2025 Ref # 62659 We are seeking a Principal Security Engineer to lead and drive security engineering efforts across our cloud and application environments. This strategic, hands-on role requires expertise in cloud security, secure development practices … and the implementation of advanced security controls. You will serve as a leader within the Consumer Security Engineering team, driving security initiatives across cloud platforms, microservice architectures, digital products, application security, and enterprise security. You will define and build comprehensive security strategies in collaboration with developers, DevSecOps engineers, ensuring that security is seamlessly … plus. Strong background in DevSecOps, with experience in integrating security into CI/CD pipelines using tools like Jenkins, GitLab, or similar. Experience implementing and managing SAST/DAST tools and processes to secure application development. Deep understanding of application security, including secure coding practices, OWASP Top 10, and API security standards. Knowledge of Customer More ❯

Lead Test Engineer (Security) - Companies House - SEO Base salary is £41,571 - £45,784 with an additional DDaT allowance of £4,350 - £11,000 available Published on Full-time (Permanent) Base salary is £41,571 - £45,784 with an additional DDaT allowance of £4,350 - £11,000 available Published on 3 July 2025 Deadline 20 July 2025 Location Remote … least 5 of the following security tools and technologies: Burp Suite (including Burp Scanner) - for web application vulnerability scanning and manual security testing. OWASP ZAP - for DAST and automated security regression testing. Postman or SOAP UI - for API testing with a security focus (e.g. injection, authorisation, token misuse). OAuth2/OpenID Connect - for … secure code handling and integration with secrets scanners. Static Application Security Testing (SAST) tools - e.g. SonarQube, Checkmarx, Semgrep. Dynamic Application Security Testing (DAST) tools - e.g. OWASP ZAP, Burp Suite Pro. Infrastructure-as-Code (IaC) scanning tools - e.g. tfsec, Checkov. Threat modelling methodologies - e.g. STRIDE, PASTA, or creating risk-based test charters. Familiarity with More ❯

Role overview: Working for a security vendor, the Security team are accountable for the company's Information Security, Security Architecture, Security Compliance, Security Awareness, Security Operations and Information Security Risk Management Activities. You'll work closely with development and operational teams to design, implement/recommend application security controls. This … is a new role for the company requiring a passion for cyber security and a hands-on development background to create and develop the application security capabilities as part of the SDLC. Ideally you will have a background in software development. Main tasks and responsibilities: Assess and identify gaps in current application security controls and … of OWASP Top 10, SANS Top 25 etc Experience working in AWS/Azure/GCP would be beneficial Knowledge of Ci/CD pipelines Thorough understanding of SAST, DAST (including fuzzing), endpoint and perimeter scanning etc. Familiarity with industry security standards (ISO27001, NIST, CCM etc) Network and infrastructure experience. API gateway security, WAF and IDS, SSO, SAML More ❯

You'll Be Working On: ️ Implementing secure development practices and conducting threat modeling for software applications ️ Performing static and dynamic application security testing (SAST/DAST) to identify vulnerabilities in code ️ Collaborating with DevOps and development teams to integrate security into the CI/CD pipeline ️ Conducting regular application security assessments, including penetration … testing and vulnerability scanning ️ Providing guidance and training to development teams on secure coding practices and security tools What We're Looking For: ️ Proven experience as an Application Security Specialist or in a … similar application security role ️ Strong knowledge of secure coding practices, common vulnerabilities (e.g., OWASP Top 10), and application security testing tools ️ Experience with SAST, DAST, and security code review tools (e.g., Fortify, Veracode, Checkmarx) ️ Familiarity with secure software development frameworks (e.g., OWASP, NIST) ️ Relevant certifications such as CSSLP, CEH, or CISSP are highly desirable More ❯

RMM Service Automation Platform and has a proven track record of helping MSPs standardize and automate the setup and delivery of IT services to achieve true scalability. The Senior Application Security Engineer plays a critical role in enhancing our application security posture by conducting advanced security assessments, leading security initiatives, and collaborating with development … teams to integrate security into the software development lifecycle. The position plays a key role in identifying and mitigating security vulnerabilities to protect our applications and data. This role is based in our Edinburgh hub. What You'll Do Assist in maturing organizational processes that drive complex security efforts for internal teams and external partners. Develop and … preferred Thorough understanding of OWASP Top 10 and Secure Development Expertise in automating security tools and integrations, including simple scripting Experience with application security tools (SAST, DAST, IAST and SCA) Strong technical knowledge of development and production release process, including CI/CD Experience with the application of threat modeling and other risk identification techniques Scripting More ❯

Senior Test Engineer (Security) - Companies House - HEO Base salary is £40,398pa with an additional DDaT allowance of £4,350 - £11,000 available. Published on 3 July 2025. Deadline 20 July 2025. Location Remote working (anywhere in the UK) About the job Job summary This is an exciting opportunity in the Digital Services team! You'll be joining during … will help shape the future of our department. We use Agile methodologies and promote a culture of continuous improvement. We are seeking an enthusiastic Senior Test Engineer (Non-Functional Security) with strong technical skills to deliver and support security testing workstreams, including vulnerability assessments and penetration testing. You will guide other testers on security testing … OAuth2/OpenID Connect, Jenkins or Concourse, Unix/Linux systems, AWS or similar cloud providers, SQL/MongoDB/Oracle, Karate DSL or Rest Assured, Git, SAST/DAST tools, IaC scanning tools, threat modelling, OWASP Top 10 testing approaches. Behaviours Assessment will include: Making Effective Decisions Managing a Quality Service Working Together Seeing the Big Picture Technical More ❯

Salesforce Security Engineer Salary : £85,000 Locations: Leeds, Manchester, Redhill, Tunbridge Wells, Bournemouth, or Bristol (Hybrid/Flexible) We're looking for a Salesforce Security Engineer who brings strong engineering fundamentals and hands-on experience to the intersection of Salesforce development and security engineering . You'll play a critical role in enhancing the security posture … principles to assess and uplift Salesforce security maturity. Own and improve pipeline security including static code analysis (SAST), dynamic application security testing (DAST), dependency checks, and secure deployment patterns. Conduct threat modelling for Salesforce-based estates, identifying and mitigating risks early in the development lifecycle. Perform and refine security tests across APIs … Bring Hands-on experience with Salesforce development (particularly APEX) and a deep understanding of how engineering and security intersect. Strong grasp of secure coding practices and experience running DAST/SAST on Salesforce environments. Exposure to or working knowledge of DSOMM , OWASP, and threat modelling methodologies. Experience integrating security into CI/CD pipelines , especially in complex enterprise More ❯

Salesforce Security Engineer Salary : £85,000 Locations: Leeds, Manchester, Redhill, Tunbridge Wells, Bournemouth, or Bristol (Hybrid/Flexible) We're looking for a Salesforce Security Engineer who brings strong engineering fundamentals and hands-on experience to the intersection of Salesforce development and security engineering . You'll play a critical role in enhancing the security posture … principles to assess and uplift Salesforce security maturity. Own and improve pipeline security including static code analysis (SAST), dynamic application security testing (DAST), dependency checks, and secure deployment patterns. Conduct threat modelling for Salesforce-based estates, identifying and mitigating risks early in the development lifecycle. Perform and refine security tests across APIs … Bring Hands-on experience with Salesforce development (particularly APEX) and a deep understanding of how engineering and security intersect. Strong grasp of secure coding practices and experience running DAST/SAST on Salesforce environments. Exposure to or working knowledge of DSOMM , OWASP, and threat modelling methodologies. Experience integrating security into CI/CD pipelines , especially in complex enterprise More ❯

Senior Test Engineer (Security) Location: Remote (UK-based) | Contract: PermanentSalary: £40,398 – £51,398 + excellent public sector benefitsWe’re proud to be working with a UK government organisation as they continue their digital transformation journey. They’re now looking to appoint a Senior Test Engineer (Security) to lead and enhance their non-functional testing capability.This is … a fantastic opportunity to work in a supportive, agile environment that prioritises innovation, collaboration and work-life balance. Key responsibilities: Deliver and support security testing workstreams, including vulnerability assessments and penetration testing. Lead on best practice in security testing and provide guidance to fellow testers. Collaborate closely with developers and delivery teams throughout the software development … lifecycle. Contribute to the design and implementation of automated security testing pipelines. Essential skills and experience: Proven experience in security testing. Certification in ethical hacking or penetration testing (e.g. 7Safe CSTA, GIAC), or currently working towards one. Working knowledge of at least five of the following: Burp Suite, OWASP ZAP, Postman, OAuth2/OpenID Jenkins or More ❯

see why Glassdoor and Comparably have recognized CaptivateIQ as a best place to work! About the role: Join our Cybersecurity Team and play a pivotal role in strengthening the security of our infrastructure, applications, and services. As a Security Engineer, you will apply your technical expertise across engineering, application security, and incident response to help scale … and mature our security posture. This is a hands-on role that requires a collaborative mindset, strong problem-solving skills, and the ability to identify and respond to security challenges across attack surfaces. You'll work closely with Engineering, Product, and IT teams to embed security across the product lifecycle, triage and mitigate vulnerabilities, and proactively respond … scans, and targeted penetration tests of applications and infrastructure using common security tooling (e.g., Burp Suite, ZAP, Amass, Nmap). Assess and mitigate static (SAST) and dynamic (DAST) vulnerabilities across services and components. Evaluate, implement, and maintain security tooling to support vulnerability management, secure development, and event detection workflows. Define and track metrics related to application More ❯

Lead Test Engineer (Security) Location: Remote (UK-based) | Contract: Permanent Salary: £41,571 – £56,784 We’re delighted to be supporting a UK government organisation as they continue to transform their digital services. They are now seeking a Lead Test Engineer (Security) to take ownership of the security testing strategy across their platforms.This is an opportunity … to lead, mentor, and influence security testing practices in an agile, forward-thinking digital department with a strong focus on public value, collaboration, and continuous improvement.Key responsibilities Lead the organisation’s approach to non-functional security testing across the full software development lifecycle. Manage and support a team of testers, providing coaching, mentoring, and oversight of … OWASP ZAP, Postman or SOAP UI, OAuth2/OpenID Jenkins/Concourse, Unix/Linux, AWS SQL/MongoDB/Oracle, Git, Karate DSL or Rest Assured SAST/DAST tools, IaC scanning, secrets detection tools Threat modelling (e.g. STRIDE, PASTA), OWASP Top 10 testing Salary & benefits Base salary: £41,571 – £45,784 DDaT allowance More ❯

The Role We are looking for an exceptionally seasoned Security Architect with over 15 years of progressive experience, including extensive leadership in designing and implementing robust security architectures, particularly within large-scale cloud environments and the highly regulated financial domain. This role demands a deep understanding of complex security challenges, a proven track record of strategic influence … and the ability to translate business requirements into secure, scalable, and compliant technical solutions. Your responsibilities: Strategic Security Leadership: Define, evangelize, and evolve the overall cloud security architecture strategy and roadmap, aligning with business objectives, relevant European regulatory requirements (e.g., GDPR, DORA, PSD2, NIS2 Directive), and industry best practices. Act as a trusted security advisor to senior … segmentation, private connectivity). Data Security (encryption at rest/in transit, KMS, data classification, DLP). Application Security (secure coding, API security, SAST/DAST, WAF integration). Container Security (Kubernetes, Docker, service mesh). Security Information and Event Management (SIEM) and logging strategies. Zero Trust Architecture principles. Proven experience with DevSecOps methodologies More ❯

The Role We are looking for an exceptionally seasoned Security Architect with over 15 years of progressive experience, including extensive leadership in designing and implementing robust security architectures, particularly within large-scale cloud environments and the highly regulated financial domain. This role demands a deep understanding of complex security challenges, a proven track record of strategic influence … and the ability to translate business requirements into secure, scalable, and compliant technical solutions. Your responsibilities: Strategic Security Leadership: Define, evangelize, and evolve the overall cloud security architecture strategy and roadmap, aligning with business objectives, relevant European regulatory requirements (e.g., GDPR, DORA, PSD2, NIS2 Directive), and industry best practices. Act as a trusted security advisor to senior … segmentation, private connectivity). Data Security (encryption at rest/in transit, KMS, data classification, DLP). Application Security (secure coding, API security, SAST/DAST, WAF integration). Container Security (Kubernetes, Docker, service mesh). Security Information and Event Management (SIEM) and logging strategies. Zero Trust Architecture principles. Proven experience with DevSecOps methodologies More ❯

The Cyber Security Architect will work closely with the solution architects and enterprise architects to improve and maintain the cyber security of NAVBLUE'S products, services and infrastructure. The ideal candidate will play a critical role in designing and implementing cybersecurity frameworks to align with the business objectives and mitigate potential threats. Main Responsibilities: Perform Security Risk … and Threat analysis during the initial design and the Software Development Life Cycle planning, analysis, and design phases. Providing recommendations and requirements for mitigating any security weaknesses identified while defining Non-Functional Requirements in coordination with Solutions Architects. Ensure Security by Design is embedded within the Software Development Life Cycle, while ensuring that all security requirements have … knowledge of the SDLC and AWS network architecture Knowledge of the SAFe Agile method would be an asset Understanding of security testing in the software pipeline (SAST, DAST, SCA, RASP) Knowledge of STRIDE, DICE and other threat and risk frameworks Knowledge of AWS tools Proven experience managing multiple projects simultaneously Practical interpersonal skills; adaptable to all levels of More ❯

The Cyber Security Architect will work closely with the solution architects and enterprise architects to improve and maintain the cyber security of NAVBLUE'S products, services and infrastructure. The ideal candidate will play a critical role in designing and implementing cybersecurity frameworks to align with the business objectives and mitigate potential threats. Main Responsibilities: Perform Security Risk … and Threat analysis during the initial design and the Software Development Life Cycle planning, analysis, and design phases. Providing recommendations and requirements for mitigating any security weaknesses identified while defining Non-Functional Requirements in coordination with Solutions Architects. Ensure Security by Design is embedded within the Software Development Life Cycle, while ensuring that all security requirements have … knowledge of the SDLC and AWS network architecture Knowledge of the SAFe Agile method would be an asset Understanding of security testing in the software pipeline (SAST, DAST, SCA, RASP) Knowledge of STRIDE, DICE and other threat and risk frameworks Knowledge of AWS tools Proven experience managing multiple projects simultaneously Practical interpersonal skills; adaptable to all levels of More ❯

My growing defence client is seeking a Security Engineer. You'll join a leading organisation that develops cutting edge products and technology. Role Purpose You'll own the security posture across our client's product portfolio-encompassing software, hardware, and services-by embedding robust security controls throughout the development lifecycle, identifying and mitigating risks, and ensuring compliance … tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI/CD integration, SAST/DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience (5+ years) in product or application security within defence …/31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138/139). Hands-on experience with security testing tools and techniques (SAST, DAST, penetration testing). Eligible for UK SC clearance; right to work in the UK. Why Join? You'll Gain exposure to cutting-edge defence technology and intelligence insights. Good salary More ❯

challenges. We are dedicated to consistently updating our job descriptions to ensure we continue to lead in banking innovation. How you will contribute and key responsibilities: As a Senior Security Engineer, you will be instrumental in designing and implementing security measures for our mobile applications, services, and websites to meet the highest security standards. Your expertise will … help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices. Vulnerability … driven streaming technologies, Logging and monitoring, networks, firewalls, load balancers, DNS, CDNs, Working knowledge of agile DevSecOps environments, and CI/CD (Git, Concourse, Terraform), Working knowledge of SAST, DAST, RASP, and IAST tools and building security into existing SDLC processes, Knowledge of cloud Security Architecture of public clouds (such as AWS or GCP), Security certification such More ❯

Security Engineer Permanent Hybrid - 2 or 3 days p/w on-site Tunbridge Wells area FPSG have a fantastic opportunity to join a large-scale digital transformation programme aimed at uniting multiple internal business units under a new, secure, cloud-native digital platform. Ideal for a hands-on Security Engineer who enjoys embedding security into the … subnets, zones) Experience with API security and integration-related platforms such as Auth0 or API Gateways Proficiency with security tools including SAST (e.g. Snyk, Checkmarx), SCA, and DAST (e.g. OpenZAP, Qualys DAST) Ability to manage secure operations of large-scale software estates, including deployment pipelines, rollback strategies, and uptime monitoring Practical experience building automated security test suites … Engineering, Cybersecurity Engineer, Information Security Specialist, Salesforce, Azure, OWASP CI/CD, DSOMM, SAMM, Cloud Security Posture Management, Prisma Cloud, Azure Defender, Snyk, Checkmarx, OpenZAP, Qualys, DAST, SAST, CI/CD, Infrastructure Security, Auth0, Secure APIs, Networking Protocols, DevSecOps, Secure Development, CRM Security Next Steps Please click "Apply now" and submit your up-to-date More ❯

Pre Sales Application Architect + Permanent opportunity + On-site in Bracknell/Basingstoke + SC cleared role + Salary: £75,000 + £6,000 Car allowance + 10% bonus This role involves creating design artefacts that enable the deployment of Applications using industry-standard methodologies. You will collaborate closely with Solution Owners and Project Managers to ensure solutions … Archimate (BizzDesign preferred) Requirements Modelling/Capture techniques such as User Stories and Use Cases AWS and Azure Cloud usage VMWare usage Technical Leadership & Design DevSecOps tooling and practices Application Security Testing SAFe (scaled agile) Processes Data Integration Focused: Data Pipeline Orchestration and ELT tooling such as Apache Airflow, Apache NiFi, Airbyte, and Singer Message Brokers and … Microservices Automated Test tooling, ideally Selenium or Robot Framework DevSecOps Key Skills: CI/CD Pipelines, ideally Azure DevOps IaC tooling, including Terraform, Ansible, Harbor SCA/IAST/DAST tooling, e.g., Black Duck, Coverity, JFrog, Snyk Automated Test tooling, ideally Selenium or Robot Framework Test Management Tools, ideally Azure Test Plans Secure Secrets Management, ideally with Azure DevOps and More ❯

Pre Sales Application Architect +Permanent opportunity +Hybrid 1 day on site in Bracknell/Basingstoke +SC cleared role + 65,000 - 90,000 You will be responsible for the creation of design artefacts that enable the provision of Applications using industry standard methodologies. You will work closely with Solution Owners and Project Managers to ensure that solutions are in … Capture techniques such as User Stories and Use Cases. AWS General/Usage Azure Cloud General/Usage VMWare General/Usage Technical Leadership & Design DevSecOps tooling and practices Application Security Testing SAFe (scaled agile) Processes Data Integration Focused Data Pipeline Orchestration, and ELT tooling such as Apache Airflow, Apark, NiFi, Airbyte and Singer. Message Brokers, streaming … Design/Configuration/Usage in a number of the following - CI/CD Pipelines, ideally Azure DevOps IaC code tooling, including Terraform, Ansible, Harbor SCA/IAST/DAST tooling, e.g. Black Duck, Coverity, Codesight, JFrog, Snyk Automated Test tooling, ideally Selenium/Robot Framework Test Management Tooling ideally Azure Test Plans Secure Secrets Management, ideally Azure DevOps and More ❯

Security Engineer/Cloud/DSOMM/OWASP/Salesforce Permanent Hybrid - 2 or 3 days p/w on-site Leeds FPSG have a fantastic opportunity to join a large-scale digital transformation programme aimed at uniting multiple internal business units under a new, secure, cloud digital platform. Ideal for a hands-on Security Engineer who enjoys … subnets, zones) Experience with API security and integration-related platforms such as Auth0 or API Gateways Proficiency with security tools including SAST (e.g. Snyk, Checkmarx), SCA, and DAST (e.g. OpenZAP, Qualys DAST) Ability to manage secure operations of large-scale software estates, including deployment pipelines, rollback strategies, and uptime monitoring Practical experience building automated security test suites … Engineering, Cybersecurity Engineer, Information Security Specialist, Salesforce, Azure, OWASP CI/CD, DSOMM, SAMM, Cloud Security Posture Management, Prisma Cloud, Azure Defender, Snyk, Checkmarx, OpenZAP, Qualys, DAST, SAST, CI/CD, Infrastructure Security, Auth0, Secure APIs, Networking Protocols, DevSecOps, Secure Development, CRM Security Next Steps Please click "Apply now" and submit your up-to-date More ❯

65k - £78K + bonus, benefits) We are working with a globally renowned and industry leading UK brand who are going through an exciting phase of growth across their wider Security function, resulting in the need for a DevSecOps Engineer. As a DevSecOps Engineer, you will work within a newly established team in a role that sees you provide hands … on Application Security and DevSecOps responsibilities, as well as being involved in various strategic activities. Your duties would include setting-up, securing and enhancing pipelines, scripting and automation, as well as looking at how things are done, what improvements can be made, supporting cyber change initiatives and driving security awareness/practices as necessary. This role will … companies of a similar size, who also offer some of the best perks & benefits available! Key skills and experience required: · DevSecOps experience · Application Security expertise across SAST, DAST & SCA · Background and experience in Software Development/Scripting/Automation · Ability to work in a fast-paced environment · Ability to work on-site for key strategic/important meetings More ❯

Presales Application Architect Location: Basingstoke (circa 1 day a week onsite) Salary: £60,000 - £65,000 Basic + 15% Bonus + £6,000 Car Allowance + 10% Clearance Bonus (Total Comp circa £80K) Security Clearance: Eligibility to obtain and maintain UK Developed Vetting Clearance (DV) is essential for this role. Candidates may potentially start whilst clearance is in … progress. Keywords: Presales, Application Architect, Solution Design, AWS, Azure, VMWare, DevSecOps, CI/CD, Automation, Data Integration, API, Low-Code, Security Clearance, DV Cleared, DV Eligible, Basingstoke Are you a skilled Application Architect with a talent for presales and solution design? Do you want to architect innovative, sustainable technology solutions for a global leader committed to building … code Platforms (Power Platform, Appian, UiPath etc.), RPA solutions, Business Process Analysis. DevSecOps & Security: CI/CD Pipelines (Azure DevOps preferred), IaC (Terraform, Ansible), SCA/IAST/DAST tooling (Black Duck, Snyk etc.), Automated Testing (Selenium, Robot Framework), Secure Secrets Management (Vault). Methodologies: Experience with SAFe (Scaled Agile Framework) processes is beneficial. Don't meet every More ❯

opportunity to join a large-scale digital transformation programme aimed at uniting multiple internal business units under a new, secure, cloud-native digital platform. Ideal for a hands-on Security Engineer who enjoys embedding security into the development lifecycle and working with modern tooling and cloud environments. The successful Security Engineer's responsibilities will include: Analysing new … subnets, zones) Experience with API security and integration-related platforms such as Auth0 or API Gateways Proficiency with security tools including SAST (e.g. Snyk, Checkmarx), SCA, and DAST (e.g. OpenZAP, Qualys DAST) Ability to manage secure operations of large-scale software estates, including deployment pipelines, rollback strategies, and uptime monitoring Practical experience building automated security test suites … Engineering, Cybersecurity Engineer, Information Security Specialist, Salesforce, Azure, OWASP CI/CD, DSOMM, SAMM, Cloud Security Posture Management, Prisma Cloud, Azure Defender, Snyk, Checkmarx, OpenZAP, Qualys, DAST, SAST, CI/CD, Infrastructure Security, Auth0, Secure APIs, Networking Protocols, DevSecOps, Secure Development, CRM Security Next Steps Please click "Apply now" and submit your up-to-date More ❯