1 to 25 of 68 Security Testing Jobs in London

London, United Kingdom Posted on 24/02/2025 Job Description: Security Testing Engineer Location: Remote with occasional travel as required Employment Type: Permanent About the Role Scrumconnect Consulting is looking for a Security Testing Engineer to ensure the security, resilience, and compliance of … GOV.UK digital services . This role involves identifying vulnerabilities, mitigating security risks, and ensuring adherence to government security policies and DDAT frameworks . You will work closely with developers, security architects, and business stakeholders to embed security testing into Agile development workflows and DevSecOps pipelines. … As a Security Testing Engineer , you will conduct static and dynamic security assessments, penetration testing, and vulnerability analysis , ensuring that applications meet the highest security standards. Key Responsibilities 1. Security Test Planning & Execution Develop, implement, and execute comprehensive security test plans for GOV.UK More ❯

Principal Security Engineer, AWS Security Job ID: Amazon Web Services Australia Pty Ltd This position can also be based in Sydney, Australia. We are looking for an experienced Principal Security Engineer to join the Security team in Australia. You will be on a team responsible for … conducting both pre and post launch testing, offensive campaigns, emergent threat testing, creating/maintaining automated threat emulation solutions, and helping security and service teams add offensive insight to their development, deployment, monitoring, and response processes. This team partners with the larger Security organization and Service … teams to continuously validate security throughout the service/system lifecycle. You will be an expert across multiple domains such as cyber security; threat, vulnerability and risk assessments (TVRA), security tools (e.g. Splunk, Crowstrike, etc.), application of security frameworks (e.g. ISM, NIST, etc.) and/or More ❯

an experienced Quality Assurance Lead who is passionate about our mission and capable of supporting our rapid growth. You will be leading the Software Testing function within the Engineering team, you will lead a small team of QA testers and you will have the opportunity to ensure the Quality … of our Product by hands-on testing while leading by example. About MediShout The world's first platform aggregating all operational departments and suppliers in hospitals Staff at over 100 Hospitals reporting their operational issues using our apps or QR codes Working with global medical device companies and facilities … and experienced QA Lead to build and lead our growing QA team. This hands-on role involves leading by example in manual and automated testing (using Cypress), mentoring QA engineers, and shaping the QA function from the ground up within our dynamic startup. You will be reporting to the More ❯

vulnerability assessments across a diverse portfolio of applications. This is a hands-on, technical role where you'll actively identify, exploit, and help remediate security weaknesses in web, mobile, and cloud-based applications. You'll be at the forefront of defending against cyber threats by implementing cutting-edge security tools, collaborating with development teams to integrate security into the SDLC, and playing a critical role in protecting the organisation's digital assets. The successful candidate will play a hands-on role in testing the security of applications, networks, and systems, while ensuring that security standards are integrated into the development process. Key Responsibilities: Penetration Testing & Vulnerability Assessment: Conduct and oversee regular penetration tests and vulnerability assessments on applications, networks, systems, and infrastructures. Identify, exploit, and document vulnerabilities, including demonstrating the business impact of potential exploits. Analyse and prioritise vulnerabilities based on risk More ❯

Principal Security Engineer, AWS Security Job ID: Amazon Web Services Australia Pty Ltd This position can also be based in Sydney, Australia. We are looking for an experienced Principal Security Engineer to join the Security team in Australia. You will be on a team responsible for … conducting both pre and post launch testing, offensive campaigns, emergent threat testing, creating/maintaining automated threat emulation solutions, and helping security and service teams add offensive insight to their development, deployment, monitoring, and response processes. This team partners with the larger Security organization and Service … teams to continuously validate security throughout the service/system lifecycle. You will be an expert across multiple domains such as cyber security; threat, vulnerability and risk assessments (TVRA), security tools (e.g. Splunk, Crowstrike, etc.), application of security frameworks (e.g. ISM, NIST, etc.) and/or More ❯

and commercial applications. We are trusted by our customers to protect their mission-critical information in the face of advanced persistent threats. Our offensive security engineers emulate these real-world threats and provide critical signal on attack vectors to help improve our security posture. This role will be … hands-on and requires a deep understanding of micro-service architecture, multi-tenancy vulnerabilities, cloud security, and web application security. In this role you'll dive deep into the security of our products and more: Conduct security assessments. You'll learn how our products work at the … then try to break them. This includes everything in our current and future product and service portfolio from Apollo to Foundry. You'll document security findings and work with AppSec and product engineers to develop mitigations. Build offensive testing tooling and automation. Scale offensive security testing More ❯

Security Engineer II, Industry Products - Fixed Job ID: AWS EMEA SARL (UK Branch) As part of the AWS Solutions organization, we have a vision to provide business applications, leveraging Amazon's unique experience and expertise, that are used by millions of companies worldwide to manage day-to-day operations. … to bring great ideas to life in ways that aren't possible in traditional IT environments. With AWS you can flexibly harness compute, storage, security, and other services from across the globe as your business demands them. AWS Security is on the cutting edge of security for … hardware, all operating at massive scale. Similarly, our highly collaborative team is committed to each team member's growth as our business grows. AWS Security is looking for a Security Engineer to design security controls and help validate that our services, applications, and emerging technologies are designed More ❯

Security Engineer - Hardware, Firmware, Virtualization, Secure Hardware And Foundational Technologies Team Job ID: Amazon Development Centre (London) Limited At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all … of Amazon's products and services. Help us protect not only the Amazon Security (AmSec) cloud computing environment but all of our customers as well! Since 2006, our great team at AmSec has been enabling our customers to bring great ideas to life in ways that aren't possible … in traditional IT environments. With AmSec you can flexibly harness compute, storage, security, and other services from across the globe as your business demands them. Amazon Security is working on security issues for a wide variety of platforms and technologies including cloud services, Internet of Things (IoT More ❯

Description: The position is a cross-functional role that will be responsible for various Application Security program initiatives. The position reports directly to the Application Security Program Director. The successful candidate must be an individual who understands modern software development trends, understands engineering-led software security practices … and keeps up with the evolving cyber security threat landscape. The successful candidate will liaise with internal groups and our regional partners to ensure that program deliverables are met. Success in the role requires an innovative mind, a proven track record of delivering solutions that meet security needs … integrate application security into our DevOps pipeline, automate security as code and enable successful detection and response to any and all threats in our environment. The individual will work closely with SDLC program to contribute to defining application security testing standards and policies. Responsibilities include defining More ❯

UK based, primarily remote working with some travel required to our London Office. Sponsorship is not available for this role. What you will do: Security Integration in CI/CD Pipelines: Implement security controls within CI/CD pipelines using automation and best practices, ensuring vulnerabilities are caught … early in the development cycle. Infrastructure as Code (IaC) Security: Secure the infrastructure by applying security measures to IaC tools such as Terraform and Ansible. Container Security: Ensure that containers (Docker, Kubernetes) are secured by configuring appropriate policies, scanning for vulnerabilities, and managing runtime security. Cloud Security: Design, implement, and manage security across Azure, focusing on identity management, data protection, and network security. Vulnerability Management: Identify and prioritize vulnerabilities across infrastructure and applications, and collaborate with teams to remediate them in a timely manner. Threat Modelling and Risk Assessment: Perform threat modelling to identify security More ❯

Job Purpose The Data Security Manager will partner with multiple divisions and technical managers to enhance security aspects of the data security program. Extensive oversight and control of CLS information assets, mitigating the risks of data loss at CLS in all aspects of day-to-day business. … The individual will be accountable for the Data Security Program, setting strategic direction and driving operational excellence while leveraging resources distributed across several functional teams. The Data Security Manager will be responsible for analyzing potential weaknesses and identifying a roadmap to improve the security of information assets … must have excellent verbal, written, analytical and interpersonal communication skills. Essential Functions/Major Duties and Responsibilities Strategic Provide strategic direction specific to data security management. Build and maintain a robust data security program while aligning closely with CLS's mission. Improve and manage the data security More ❯

the world's most highly regulated firms, giving them greater visibility and control over their information and ensuring compliance with stringent regulations. The Software Security Analyst L1 is responsible for facilitating and conducting automated and manual security testing of Global Relay software. This position identifies, assesses, and … follows up on remediation activities associated with application vulnerabilities. Your responsibilities: Identify and document security vulnerabilities. Investigate security issues in order to determine specific steps for reproduction and scope. Create, maintain, and execute manual security test cases. Execute and analyze security scans using appropriate scanning tools … e.g. HP WebInspect). Provide reporting on the outcome of security testing. Document verification of security fixes. Develop competency in the OWASP Top 10 and derive new test methodologies based on Global Relay applications. Learn appropriate security tools (e.g. ZAP) that allow for manual and automated testing. More ❯

Ventures, as well as the founders of Zoopla, Funding Circle, Comply Advantage, Tessian, Fenergo and Fidel. The Role: You will be responsible for information security at Thirdfort, leveraging your expertise to help us live our Build on Trust company value. By improving the coverage and efficiency of our security controls, you will help reduce our security risk whilst also allowing us to give best in class answers to clients, regulators and auditors about our security practices. You will report directly to the Head of Engineering. You will oversee critical security infrastructure and operations, automate security workflows, and work closely with technical and business stakeholders to ensure effective, efficient and appropriate security controls are in place across all parts of the business. This is a great opportunity to across all aspects of security, and help shape how security is done at Thirdfort. More ❯

treasury solutions, empowering investment firms with cutting-edge technology to optimize financial performance, enhance liquidity, and mitigate risk. As part of our commitment to security and innovation, we are expanding our Information Security Team and seeking a DevSecOps Engineer to drive security automation and best practices across … our cloud infrastructure and IT operations. Job Overview As a DevSecOps Engineer , you will play a pivotal role in integrating security practices into our DevOps pipeline and IT operations . Working at the intersection of operations, security, and development , you will collaborate closely with internal teams to safeguard … critical business operations by design and default. You will be responsible for security automation, CI/CD pipeline enhancements , and cloud security management , ensuring compliance with industry standards. Key Responsibilities Security & DevOps Integration: Support and extend the secured CI/CD pipeline to enhance development security. Work More ❯

treasury solutions, empowering investment firms with cutting-edge technology to optimize financial performance, enhance liquidity, and mitigate risk. As part of our commitment to security and innovation, we are expanding our Information Security Team and seeking a DevSecOps Engineer to drive security automation and best practices across … our cloud infrastructure and IT operations. Job Overview As a DevSecOps Engineer , you will play a pivotal role in integrating security practices into our DevOps pipeline and IT operations . Working at the intersection of operations, security, and development , you will collaborate closely with internal teams to safeguard … critical business operations by design and default. You will be responsible for security automation, CI/CD pipeline enhancements , and cloud security management , ensuring compliance with industry standards. Key Responsibilities Security & DevOps Integration: Support and extend the secured CI/CD pipeline to enhance development security. Work More ❯

Description The Offensive Security Manager is responsible for the provision of penetration & red team testing services to the business, including leading teams, creating processes, and management of technologies & 3rd parties that make up the service. The role reports to the Director of Offensive Security. The position does not … as organizational, leadership, relationship and supplier management skills are the key focuses of the role but will need to have a good understanding of security vulnerabilities and testing methodology to be able to understand the subject matter of the service and manage quality. The role will work closely … alongside the rest of the Cyber Team (e.g. Vulnerability Management), the wider Information & Cyber Security function (e.g. Project Assurance) and leaders in operational IT teams to ensure accurate detection, and the prioritized, timely and appropriate resolution of security vulnerabilities. We are looking for a collaborative team player, with More ❯

us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an … opportunities for enhancing our delivery and providing additional services to organisations we work with. We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support … the Digital Product Management team in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build the right security controls and quality state gates across the product lifecycle. More ❯

Location(s):UK, Europe & Africa : UK : Guildford Job Title: Information Security Classified Networks Technical Assurance Lead Location: Guildford, with some option for hybrid working. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role What you'll … into the IT team, Accreditor and affected business units. Maintain accreditation and compliance with frameworks such as Secure by Design, NIST-800-53, STRAP; Security Testing - Scope and oversee penetration testing, vulnerability scanning, and other security validation activities, to ensure effectiveness of security controls; Design … and Architecture Review - Assess the Information Security of IT architecture and system designs during project lifecycles, and provide recommendations to ensure secure design principles are applied and within standards and compliance; Policy and Standards - Develop and enforce technical security policy, procedures, standards and guidance, to ensure policies are More ❯

Principal Product Security Engineer Apply locations CZ - Prague UK - London time type Full time posted on Posted 6 Days Ago job requisition id JR103958 Our Product Security team is seeking a Principal Product Security Engineer to define and lead a secure development strategy and approach in a … fast-paced, agile development environment. You will be responsible for defining and driving security-related initiatives in collaboration with internal stakeholders. You will bring a wealth of technical expertise and industry experience spanning application security, cloud security, DevSecOps and CI/CD. The ideal candidate for this … has extensive industry experience with a strong technical background, is self-driven, with the ability to translate business objectives into technical requirements. Responsibilities: Drive security roadmap for SSDLC adoption across product portfolio, designing security practices in alignment with DevSecOps principles. Establish guidelines and architectural principles based on industry More ❯

The team you'll be working with: As a strategic and leadership role you will be instrumental in shaping and driving security and risk programs to align with internal business objectives as well as industry good practice (including Secure by Design aligned to UK Government principles) and regulatory requirements … and advise on how best to evidence alignment with regulatory requirements (such as NCSC CAF) and industry good practice (including Secure by Design) Providing security expertise across security standards and accreditations, measure and control the effectiveness of the security controls framework and maintain the Information Security Management System. Deriving and delivering documented Information Security Management Plans which incorporate Regulatory, Legal and Compliance in relation to applicable security policies, standards and guidelines Assisting with the identification of identified risks and emerging cyber security vulnerabilities and threats. The subsequent analysis to quantify and lead More ❯

Security Systems Engineer - DevSecOps - Remote - Amazing role - to £70,0000 + Bens Once in a life time opportunity to join a scaling up tech company who are disrupting the digital security sector. My customer are an incredibly innovative scaling up tech company who are looking to recruit a … Security Systems Engineer with experience of DevSecOps, AWS, and terraform who is looking for a new challenge. Excellent salary - Up to 70k + pension + health + share scheme + flexible working + 25 days holidays. Complete remote role with quarterly meet-ups and customer site visits. Position Overview … We are seeking a security systems engineer who combines strategic oversight with strong hands-on capabilities. This role is pivotal in shaping the overarching technical security posture of our organisation while actively integrating security into our development and operational workflows. The ideal candidate will bridge the gap More ❯

Our consultancy client are currently looking for a couple of experienced Security/DevSecOps engineers to join their business. They operate in the FS and energy space so experience in banking or insurance or energy is a must for these roles. Working across clients you will develop and execute … advanced security engineering strategies to fortify infrastructure, networks, and cloud environments. Lead security initiatives across the SDLC, integrating Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and Container scanning using tools such as CheckmarxOne, Prisma Cloud, or equivalents. … Collaborate with cross-functional teams to embed security-by-design principles in all engineering efforts and design and implement robust endpoint protection and cloud security solutions to defend against evolving threats. You will implement and monitor cloud configurations to align with compliance standards and best practices, focusing on More ❯

Confluence). Awareness of CI/CD tooling such as Jenkins, GitLab or similar. Knowledge of Hashicorp Terraform and Hashicorp Vault. Awareness of SAST Security Testing - GitLab, Checkmarx, Veracode. Awareness of DAST Security Testing - GitLab, Veracode. Awareness of SCA/IAST Security Testing - Checkmarx … GitLab, Veracode. Awareness of Vulnerability Management - PA Prisma. Awareness of QA Testing - Selenium. Certifications in Gitlab, Terraform and Vault would be preferable. About us With over 20,000 employees across the globe, we work at the heart of digitisation, advising organisations on IT strategy, implementing the most appropriate technology More ❯

Role Overview: We are looking for a DevOps Engineer to strengthen our clients security-first infrastructure and drive their technology platform forward. You will be responsible for implementing and maintaining robust Infrastructure as Code (IaaC) solutions while ensuring compliance with ISO27001 and medical device regulations. In this role, you … will architect and maintain our cloud infrastructure on Azure, focusing on security, scalability, and automation. This includes managing our CI/CD pipelines, implementing comprehensive monitoring solutions, and ensuring our infrastructure meets the highest security standards. You'll work closely with our engineering team to implement DevSecOps practices … and maintain our SaaS platform's reliability and performance. A key focus will be on strengthening our security posture through automated compliance checks, regular security audits, and infrastructure hardening. You'll also be responsible for implementing and maintaining disaster recovery solutions, managing access controls, and ensuring our infrastructure More ❯

Role Overview: We are looking for a DevOps Engineer to strengthen our clients security-first infrastructure and drive their technology platform forward. You will be responsible for implementing and maintaining robust Infrastructure as Code (IaaC) solutions while ensuring compliance with ISO27001 and medical device regulations. In this role, you … will architect and maintain our cloud infrastructure on Azure, focusing on security, scalability, and automation. This includes managing our CI/CD pipelines, implementing comprehensive monitoring solutions, and ensuring our infrastructure meets the highest security standards. You'll work closely with our engineering team to implement DevSecOps practices … and maintain our SaaS platform's reliability and performance. A key focus will be on strengthening our security posture through automated compliance checks, regular security audits, and infrastructure hardening. You'll also be responsible for implementing and maintaining disaster recovery solutions, managing access controls, and ensuring our infrastructure More ❯