1 to 25 of 27 Dynamic Application Security Testing Jobs in the UK excluding London

Senior Application Security Engineer Location: Hybrid working or homeworking with view to attend office occasionally Salary: £60,000 – £70,000 per annum Bonus: Discretionary bonus of up to 10% Are you passionate about securing modern applications and cloud environments? We’re looking for a Senior Application Security Engineer to join my client's growing team and … play a key role in shaping the security posture of our organisation. About the Role As a Senior Application Security Engineer, you’ll bring deep expertise in application security testing, cloud security, and secure development practices. You’ll work closely with IT, development, and project teams to embed security into every stage … engineering. Strong knowledge of security tools and technologies (e.g. WAFs, AV, email/web gateways, ACLs). Expertise in secure coding practices and security testing (SAST, DAST, SCA, Pen Testing). Familiarity with OWASP Top 10, CWE, and remediation strategies. Hands-on experience with security testing tools and techniques. Excellent communication and documentation skills. More ❯

Job Title: Senior Application Security EngineerSalary: £70,000Location: Reading/remote About the Organisation Join a fast-growing UK technology and consulting firm that's investing heavily in cutting-edge cyber security. With a strong focus on innovation, collaboration, and professional development, this company empowers its people to shape the future of secure digital transformation across a wide … be part of a business that values expertise, agility, and doing the right thing - where everyone has the opportunity to make a genuine impact. About the Role The Senior Application Security Engineer will play a key role in protecting the organisation's infrastructure, cloud platforms, and applications. Working within a highly technical and collaborative cyber team - supported by … initiatives, ensuring systems and software are secure by design. Drive vulnerability management and implement a risk-based approach across the technology stack. Perform security testing (SAST, DAST, SCA) and work with developers to remediate findings. Support cloud security controls (primarily Azure, including cloud-native apps). Champion secure development, threat modelling, and DevSecOps integration. Research emerging More ❯

Job Title: Senior Application Security Engineer Salary: £70,000 Location: Reading/remote About the Organisation Join a fast-growing UK technology and consulting firm that's investing heavily in cutting-edge cyber security. With a strong focus on innovation, collaboration, and professional development, this company empowers its people to shape the future of secure digital transformation across … be part of a business that values expertise, agility, and doing the right thing - where everyone has the opportunity to make a genuine impact. About the Role The Senior Application Security Engineer will play a key role in protecting the organisation's infrastructure, cloud platforms, and applications. Working within a highly technical and collaborative cyber team - supported by … initiatives, ensuring systems and software are secure by design. Drive vulnerability management and implement a risk-based approach across the technology stack. Perform security testing (SAST, DAST, SCA) and work with developers to remediate findings. Support cloud security controls (primarily Azure, including cloud-native apps). Champion secure development, threat modelling, and DevSecOps integration. Research emerging More ❯

Application Security Engineer Salary - £70-75k + 10% Bonus + Benefits Location – Cambridge (1 day per week) Newly created Application Security Engineer role with a Major Tech organization undergoing a really exciting security transformation to a truly cloud-native infrastructure estate. Working alongside the wider Engineering departments, you’ll be responsible for championing the … Secure Development Lifecycle across the wider Engineering departments, ensuring security and privacy are built in and incorporated to everything at the design stage; leading in the integration of SAST tooling into the pipeline and secure developer training, as well as developing security architecture design patterns and standards. This is a crucial hire where they need someone who can … Security Engineer in cloud-native (AWS) environments with an in-depth knowledge of Infrastructure as Code, Containers and CI/CD concepts. In-depth knowledge of SAST/DAST tooling and concepts and how best to utilize it to enhance the Vulnerability Management and wider IAC capabilities. Significant knowledge of AWS environments and implementing AWS Well Architected Security More ❯

Description We’re seeking a hands-on Security Architect to lead the design and assurance of security across our Financial Advice & Wealth Management SaaS platform. This is a pivotal role where you’ll own the security architecture across cloud infrastructure and networking, drive secure-by-design application architectures, and ensure robust security for integrations with … you'll do Design and maintain secure cloud environments, including network segmentation, WAFs, DDoS protection, secret and certificate management, and encryption. Embed secure SDLC practices such as SAST/DAST, dependency scanning, secure coding standards, threat modelling, and API security. Architect identity-centric controls across cloud infrastructure and within the platform’s IAM solution. Contribute to the design of fine … Azure services, containers). Knowledge of OWASP Top 10 and mitigation strategies. Experience with modern authentication and authorization protocols (OpenID Connect, OAuth2.0). Hands-on experience with SAST/DAST tools and integration into SDLC. Proficiency in coding or scripting languages (C#, Go, Python). Experience in: Azure services, security, and networking Networking protocols. Application Reverse Proxies System More ❯

My global service provider client is expanding their solutions team and is hiring a DevSecOps Director to lead secure software development, DevSecOps, and security testing. Drive high-impact initiatives, embed security across the organisation, shape secure solutions, mentor teams, and ensure resilience against evolving threats. About the job: Lead the secure software development lifecycle, security testing, and DevSecOps practices across strategic and operational levels. You will ensure security is embedded from design through deployment, oversee secure coding and testing, and drive operational maturity and resilience against evolving threats … What you'll do: Define and govern secure architecture standards, aligned with NIST, OWASP, ISO 27001, and enterprise policies Lead DevSecOps integration, embedding automated security testing (SAST, DAST, SCA, container security) into CI/CD pipelines Oversee large-scale secure development programs, ensuring SLA/KPI compliance and high-quality service delivery Support pre-sales & business development More ❯

As a Product Security Specialist (PSS) at HL, you will be a key member of a collaborative team of security professionals dedicated to safeguarding HL's products and services. In this role, you will serve as the primary security contact for assigned product teams/squads, providing expert guidance on security issues and requirements. You will … champion secure development practices throughout the software development lifecycle, with a strong emphasis on 'shift-left' principles to embed security early in the process. You will facilitate threat modelling workshops to help product teams identify, assess, and mitigate potential threats. You will also collaborate closely with other functions within the CISO organisation, including Application Security, Offensive Security … OSCP, or GSEC are preferred. Knowledge of security principles, practices, and frameworks, such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based question More ❯

As a Product Security Specialist (PSS) at HL, you will be a key member of a collaborative team of security professionals dedicated to safeguarding HL's products and services. In this role, you will serve as the primary security contact for assigned product teams/squads, providing expert guidance on security issues and requirements. You will … champion secure development practices throughout the software development lifecycle, with a strong emphasis on 'shift-left' principles to embed security early in the process. You will facilitate threat modelling workshops to help product teams identify, assess, and mitigate potential threats. You will also collaborate closely with other functions within the CISO organisation, including Application Security, Offensive Security … OSCP, or GSEC are preferred. Knowledge of security principles, practices, and frameworks, such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based question More ❯

As a Product Security Specialist (PSS) at HL, you will be a key member of a collaborative team of security professionals dedicated to safeguarding HL's products and services. In this role, you will serve as the primary security contact for assigned product teams/squads, providing expert guidance on security issues and requirements. You will … champion secure development practices throughout the software development lifecycle, with a strong emphasis on 'shift-left' principles to embed security early in the process. You will facilitate threat modelling workshops to help product teams identify, assess, and mitigate potential threats. You will also collaborate closely with other functions within the CISO organisation, including Application Security, Offensive Security … OSCP, or GSEC are preferred. Knowledge of security principles, practices, and frameworks, such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based question More ❯

As a Product Security Specialist (PSS) at HL, you will be a key member of a collaborative team of security professionals dedicated to safeguarding HL's products and services. In this role, you will serve as the primary security contact for assigned product teams/squads, providing expert guidance on security issues and requirements. You will … champion secure development practices throughout the software development lifecycle, with a strong emphasis on 'shift-left' principles to embed security early in the process. You will facilitate threat modelling workshops to help product teams identify, assess, and mitigate potential threats. You will also collaborate closely with other functions within the CISO organisation, including Application Security, Offensive Security … OSCP, or GSEC are preferred. Knowledge of security principles, practices, and frameworks, such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based question More ❯

As a Product Security Specialist (PSS) at HL, you will be a key member of a collaborative team of security professionals dedicated to safeguarding HL's products and services. In this role, you will serve as the primary security contact for assigned product teams/squads, providing expert guidance on security issues and requirements. You will … champion secure development practices throughout the software development lifecycle, with a strong emphasis on 'shift-left' principles to embed security early in the process. You will facilitate threat modelling workshops to help product teams identify, assess, and mitigate potential threats. You will also collaborate closely with other functions within the CISO organisation, including Application Security, Offensive Security … OSCP, or GSEC are preferred. Knowledge of security principles, practices, and frameworks, such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based question More ❯

Who We Are: Invicti is an application security leader protecting over 3,500 organizations worldwide through our DAST first Application Security Platform. Our flagship products, Netsparker and Acunetix, enable security and development teams to continuously secure web applications through proprietary proof based scanning and predictive risk scoring. Location: Candidates to be already based in the … renewals and upsells Strong presentation, meeting facilitation, and written communication skills Excellent time management and organizational skills with the ability to track numerous details Desire to work in a dynamic start up in which your input is encouraged in order to help craft offerings and interaction with clients This role requires in office presence at our Malta office on More ❯

About the Role We are seeking multiple Security Consultants (Contract positions) to support a variety of transformation and security initiatives across different platforms including Private Cloud, Economic Crime Prevention (ECP), Payments, and Innovation Programs . You will join a high-performing Security Consultancy and Design team , working with product and engineering teams to embed security-by … design principles across cloud, DevSecOps, and enterprise technology landscapes. General Responsibilities (Applicable to All Roles) Perform threat modelling , risk assessments, and design reviews across infrastructure and applications. Provide security guidance and governance during project design and delivery phases. Define and document security requirements, controls, and testing approaches in line with enterprise and regulatory standards. Collaborate with engineering … Skills Required: Strong experience in assessing and designing Private Cloud environments (VMware, Containers, etc.) Hands-on experience with DevSecOps tools and processes – Kubernetes (K8s), Harness, Terraform, GitHub, SAST/DAST, and SDLC integration Proven capability in embedding security within engineering pipelines 2. Security Consultant – Economic Crime Prevention (ECP) Platform (Start Date: 17th November) Key Skills Required: Experience in More ❯

About the Role We are seeking multiple Security Consultants (Contract positions) to support a variety of transformation and security initiatives across different platforms including Private Cloud, Economic Crime Prevention (ECP), Payments, and Innovation Programs . You will join a high-performing Security Consultancy and Design team , working with product and engineering teams to embed security-by … design principles across cloud, DevSecOps, and enterprise technology landscapes. General Responsibilities (Applicable to All Roles) Perform threat modelling , risk assessments, and design reviews across infrastructure and applications. Provide security guidance and governance during project design and delivery phases. Define and document security requirements, controls, and testing approaches in line with enterprise and regulatory standards. Collaborate with engineering … Skills Required: Strong experience in assessing and designing Private Cloud environments (VMware, Containers, etc.) Hands-on experience with DevSecOps tools and processes – Kubernetes (K8s), Harness, Terraform, GitHub, SAST/DAST, and SDLC integration Proven capability in embedding security within engineering pipelines 2. Security Consultant – Economic Crime Prevention (ECP) Platform (Start Date: 17th November) Key Skills Required: Experience in More ❯

global, market-leading insurance organisation that's shaping the future of digital health and technology. This is your opportunity to be part of an innovative, forward-thinking environment where security, engineering excellence, and customer impact are at the heart of everything we do! What you'll do: Provide hands-on technical expertise in secure software development within a product … secure CI/CD pipelines and modern security practices. Ensure risk management, security, and quality are embedded in software delivery. Implement and manage security tooling (SAST, DAST) to support development and testing. Adhere to best practices in architecture, design, coding standards, and SDLC. Managing risk and security in our software estate through implementation of technology tooling … Demonstrate expert understanding of modern security practices and standards. What you'll bring: Technical leadership with strong decision-making and prioritisation skills. Expertise in secure systems design and infrastructure. Experience securing CI/CD pipelines and using security tools. Expertise in key technologies such as .NET/C#, Azure PaaS, Javascript, and Salesforce APEX, and in frameworks such More ❯

designing, developing, and maintaining large-scale, secure, and high-performing solutions. This role involves mentoring and coaching junior team members, translating stakeholder requirements into actionable user stories, and embedding security throughout the software development life cycle. The position calls for strong technical expertise, collaborative mindset, and an ability to deliver innovative solutions that align with business objectives. Experience Requirements … Software Development & Principles Programming Languages: Proficiency in one or more of: Java, Spring Boot, Python, JavaScript, TypeScript, ReactJS SOLID Principles: Familiarity with object-oriented and clean coding practices Testing & BDD Unit Testing Frameworks: Experience with Cypress, Cucumber, Behave, Selenium, or similar tools Domain-Specific Languages: Knowledge of BDD approaches (e.g., Cucumber, Gherkin) for test automation Containerisation & Microservices Container … build, configure, and secure cloud environments effectively Security & CI/CD Security Integration: Familiarity with embedding security checks at every phase of the SDLC (e.g., SAST, DAST) Automation Pipelines: Experience with Continuous Integration (CI), Continuous Delivery (CD), and continuous testing tools (e.g., Jenkins, GitHub Actions) Agile & Mentorship Agile Delivery: Background in Scrum or Kanban, assisting Product More ❯

designing, developing, and maintaining large-scale, secure, and high-performing solutions. This role involves mentoring and coaching junior team members, translating stakeholder requirements into actionable user stories, and embedding security throughout the software development life cycle. The position calls for strong technical expertise, collaborative mindset, and an ability to deliver innovative solutions that align with business objectives. Experience Requirements … Software Development & Principles Programming Languages: Proficiency in one or more of: Java, Spring Boot, Python, JavaScript, TypeScript, ReactJS SOLID Principles: Familiarity with object-oriented and clean coding practices Testing & BDD Unit Testing Frameworks: Experience with Cypress, Cucumber, Behave, Selenium, or similar tools Domain-Specific Languages: Knowledge of BDD approaches (e.g., Cucumber, Gherkin) for test automation Containerisation & Microservices Container … build, configure, and secure cloud environments effectively Security & CI/CD Security Integration: Familiarity with embedding security checks at every phase of the SDLC (e.g., SAST, DAST) Automation Pipelines: Experience with Continuous Integration (CI), Continuous Delivery (CD), and continuous testing tools (e.g., Jenkins, GitHub Actions) Agile & Mentorship Agile Delivery: Background in Scrum or Kanban, assisting Product More ❯

designing, developing, and maintaining large-scale, secure, and high-performing solutions. This role involves mentoring and coaching junior team members, translating stakeholder requirements into actionable user stories, and embedding security throughout the software development life cycle. The position calls for strong technical expertise, collaborative mindset, and an ability to deliver innovative solutions that align with business objectives. Experience Requirements … Software Development & Principles Programming Languages: Proficiency in one or more of: Java, Spring Boot, Python, JavaScript, TypeScript, ReactJS SOLID Principles: Familiarity with object-oriented and clean coding practices Testing & BDD Unit Testing Frameworks: Experience with Cypress, Cucumber, Behave, Selenium, or similar tools Domain-Specific Languages: Knowledge of BDD approaches (e.g., Cucumber, Gherkin) for test automation Containerisation & Microservices Container … build, configure, and secure cloud environments effectively Security & CI/CD Security Integration: Familiarity with embedding security checks at every phase of the SDLC (e.g., SAST, DAST) Automation Pipelines: Experience with Continuous Integration (CI), Continuous Delivery (CD), and continuous testing tools (e.g., Jenkins, GitHub Actions) Agile & Mentorship Agile Delivery: Background in Scrum or Kanban, assisting Product More ❯

designing, developing, and maintaining large-scale, secure, and high-performing solutions. This role involves mentoring and coaching junior team members, translating stakeholder requirements into actionable user stories, and embedding security throughout the software development life cycle. The position calls for strong technical expertise, collaborative mindset, and an ability to deliver innovative solutions that align with business objectives. Experience Requirements … Software Development & Principles Programming Languages: Proficiency in one or more of: Java, Spring Boot, Python, JavaScript, TypeScript, ReactJS SOLID Principles: Familiarity with object-oriented and clean coding practices Testing & BDD Unit Testing Frameworks: Experience with Cypress, Cucumber, Behave, Selenium, or similar tools Domain-Specific Languages: Knowledge of BDD approaches (e.g., Cucumber, Gherkin) for test automation Containerisation & Microservices Container … build, configure, and secure cloud environments effectively Security & CI/CD Security Integration: Familiarity with embedding security checks at every phase of the SDLC (e.g., SAST, DAST) Automation Pipelines: Experience with Continuous Integration (CI), Continuous Delivery (CD), and continuous testing tools (e.g., Jenkins, GitHub Actions) Agile & Mentorship Agile Delivery: Background in Scrum or Kanban, assisting Product More ❯

designing, developing, and maintaining large-scale, secure, and high-performing solutions. This role involves mentoring and coaching junior team members, translating stakeholder requirements into actionable user stories, and embedding security throughout the software development life cycle. The position calls for strong technical expertise, collaborative mindset, and an ability to deliver innovative solutions that align with business objectives. Experience Requirements … Software Development & Principles Programming Languages: Proficiency in one or more of: Java, Spring Boot, Python, JavaScript, TypeScript, ReactJS SOLID Principles: Familiarity with object-oriented and clean coding practices Testing & BDD Unit Testing Frameworks: Experience with Cypress, Cucumber, Behave, Selenium, or similar tools Domain-Specific Languages: Knowledge of BDD approaches (e.g., Cucumber, Gherkin) for test automation Containerisation & Microservices Container … build, configure, and secure cloud environments effectively Security & CI/CD Security Integration: Familiarity with embedding security checks at every phase of the SDLC (e.g., SAST, DAST) Automation Pipelines: Experience with Continuous Integration (CI), Continuous Delivery (CD), and continuous testing tools (e.g., Jenkins, GitHub Actions) Agile & Mentorship Agile Delivery: Background in Scrum or Kanban, assisting Product More ❯

Birmingham) Employment Type: Contract Visa: No for Student or PSW visa (no sponsorship available), Only UK citizen/ILR/dependent visa We’re looking for a DevSecOps/Security Consultant to enhance our secure delivery practices across a VMware-based platform. The ideal candidate will bring a strong understanding of DevSecOps principles, enabling secure CI/CD pipelines … and embedding cyber controls throughout the development lifecycle. Key Responsibilities: Conduct security reviews of the existing platform and pipelines. Define and deliver a DevSecOps roadmap with the engineering and architecture teams. Implement best practices for secrets management and code scanning capabilities. Collaborate with developers and stakeholders to ensure security is built-in, not bolted on. Provide guidance and … background in DevOps or development, with solid security appreciation. Knowledge of VMware platforms, CI/CD tooling, and automation pipelines. Experience with application security, SAST/DAST tools, and secrets management. Excellent communication and stakeholder management skills. Hands-on technical expertise preferred but not mandatory. More ❯

and clients on truly impactful projects. What you'll do: Embed security across the SDLC, promoting secure coding (OWASP) Automate security in CI/CD workflows (SAST, DAST, IAST, SCA, IaC) Perform appsec testing, code reviews, and vulnerability remediation Drive secure DevOps culture through training, playbooks, and developer champions Strengthen cloud & container security (AWS, Azure, GCP … OWASP ZAP Strong coding skills (Java, Python, JavaScript, Go, .NET) Familiar with CI/CD (Jenkins, GitHub Actions, Azure DevOps) and IaC (Terraform) Knowledge of OWASP Top 10, API security, and compliance (ISO 27001, SOC 2) Eligibility for SC clearance is mandatory (UK nationals only) Robert Walters Operations Limited is an employment business and employment agency and welcomes applications More ❯

R&D Senior Software Engineer Are you looking for more in life than just building another web app? Does upending cyber security resonate with you? We're a rapidly expanding cybersecurity startup revolutionizing vulnerability management for organizations of all sizes. For our customers, vulnerability management has always been a game of catch-up, with limited asset coverage and manual … processes. Nucleus Security's primary mission is to create a fast, scalable platform that not only addresses these challenges but also makes vulnerability management simple, fun, and effortless. Currently, we're looking for a passionate Senior Python Software Engineer to join our growing team of engineers. About Nucleus Security Nucleus Security is transforming how security and … with big data analytical systems such as BigQuery, Redshift, Snowflake, Databricks, SingleStore, etc. Experience working with vulnerability scanning technologies on any part of the tech stack (e.g., SCA, SAST, DAST, IAST, VM Scanning, Container, etc.) Experience maintaining applications on Linux platforms in cloud environments. Why You Should Be Excited Nucleus is a truly unique solution that's defining a market More ❯

an experienced Lead DevSecOps Engineer to play a key role in delivering secure, automated solutions for critical defence sector programmes. This is a fully on-site role supporting high-security defence projects, requiring candidates to be eligible and willing to undergo DV (Developed Vetting) clearance. As a Lead DevSecOps Engineer, you will drive the technical implementation of secure CI …/CD pipelines, Infrastructure as Code (IaC), and automated testing frameworks. Working closely with the DevSecOps Tech Lead, engineering teams, and customer stakeholders, you will help shape and maintain secure delivery processes, champion DevOps best practices, and lead a team of engineers through agile delivery. Key Responsibilities: Design … implement and support DevSecOps pipelines and tooling. Develop automation scripts (Ansible) and Infrastructure as Code using Terraform. Integrate and advise on security tools including SCA/IAST/DAST platforms such as Black Duck, Coverity, Snyk, and JFrog. Implement and manage automated testing (Selenium, Robot Framework) and test management systems. Guide the secure management of secrets using tools More ❯

CI/CD pipelines using Azure DevOps. Write and manage Infrastructure as Code using Terraform and Ansible. Integrate and advise on the use of security tools (SCA/DAST/IAST), such as Black Duck, Coverity, Snyk, and JFrog. Implement automated testing frameworks (e.g., Selenium, Robot Framework). Support the configuration of secure secrets management using Azure DevOps … and HashiCorp Vault. Work across both Linux and Windows environments. Support technical design decisions and ensure DevSecOps practices align with business and security objectives. Collaborate closely with scrum teams, DevSecOps leads, and other technical stakeholders. Contribute to re-usable IaC and automation artifacts and help other teams adopt best practices. Key Skills & Experience: Experience with DevOps tooling and automation … in secure environments. Proficient with CI/CD pipelines, Git, Terraform, Ansible, and security integration tools. Background in software development with strong problem-solving skills. Knowledge of agile delivery and secure software engineering practices. Strong communication and teamwork abilities. Please note: This role is in support of sensitive defence projects. UK nationality and eligibility for DV clearance are mandatory. More ❯