CloudFormation, and enforce AWS security best practices (IAM, access control, encryption). Work with DevOps teams to integrate security testing tools (e.g., OWASP ZAP, Snyk) into CI/CD pipelines (Jenkins, GitLab). Ensure compliance with regulations (GDPR, PCI-DSS, HIPAA) through logging, auditing, and monitoring. Assist in security incidents More ❯
e.g., Prometheus, Grafana, Azure Monitor). DevSecOps Practices & Toolchains: Understanding of secure software development lifecycle (SSDLC) and toolsets that integrate security into DevOps (e.g., Snyk, Aqua, SonarQube). Security Scanning & Vulnerability Assessment: Knowledge of static and dynamic analysis tools, and the ability to integrate them into pipelines. Incident Response: Familiarity More ❯
e.g., Prometheus, Grafana, Azure Monitor). DevSecOps Practices & Toolchains: Understanding of secure software development lifecycle (SSDLC) and toolsets that integrate security into DevOps (e.g., Snyk, Aqua, SonarQube). Security Scanning & Vulnerability Assessment: Knowledge of static and dynamic analysis tools, and the ability to integrate them into pipelines. Incident Response: Familiarity More ❯
ARM templates Expertise in containerization technologies (Docker, Kubernetes) and container security Experience implementing CI/CD pipelines using GitHub Actions with integrated security scanning (Snyk, SonarQube) Experience of Azure Web Apps and Azure Functions Deep understanding of cloud security best practices and implementing Zero Trust architecture Experience with healthcare compliance More ❯
ARM templates Expertise in containerization technologies (Docker, Kubernetes) and container security Experience implementing CI/CD pipelines using GitHub Actions with integrated security scanning (Snyk, SonarQube) Experience of Azure Web Apps and Azure Functions Deep understanding of cloud security best practices and implementing Zero Trust architecture Experience with healthcare compliance More ❯
recent .Net Framework. Project management tools such as Jira. SonarQube, GitLab, or similar for code quality analysis. Security practices and tools like OWASP and Snyk, or similar. Typescript. CI/CD tools e.g. Jenkins, Azure pipelines, GitHub actions. ELK stack, Prometheus, or Grafana. Benefits: Annual bonus scheme. 25 days holiday More ❯
recent .Net Framework. Project management tools such as Jira. SonarQube, GitLab, or similar for code quality analysis. Security practices and tools like OWASP and Snyk, or similar. Typescript. CI/CD tools e.g. Jenkins, Azure pipelines, GitHub actions. ELK stack, Prometheus, or Grafana. Benefits: Annual bonus scheme. 25 days holiday More ❯
recent .Net Framework. Project management tools such as Jira. SonarQube, GitLab, or similar for code quality analysis. Security practices and tools like OWASP and Snyk, or similar. Typescript. CI/CD tools e.g. Jenkins, Azure pipelines, GitHub actions. ELK stack, Prometheus, or Grafana. Benefits: Annual bonus scheme. 25 days holiday More ❯
Exposure to cloud platforms (AWS, Azure, GCP) in a QA/testing capacity. Knowledge of static code analysis tools and vulnerability scanners (e.g., SonarQube, Snyk). ISTQB certification or equivalent is a plus. Due to the timescales of the project and organisation it sits within, the successful candidate will need More ❯
Java, or C++ Deep understanding of cloud security, network/system hardening, and cryptographic concepts Experience with modern security tooling (e.g., GitHub Advanced Security, Snyk, Veracode, Burp Suite, etc.) Proven ability to partner with engineering teams to drive secure design and implementation at scale Comfortable navigating fast-paced, high-stakes More ❯
Java, or C++ Deep understanding of cloud security, network/system hardening, and cryptographic concepts Experience with modern security tooling (e.g., GitHub Advanced Security, Snyk, Veracode, Burp Suite, etc.) Proven ability to partner with engineering teams to drive secure design and implementation at scale Comfortable navigating fast-paced, high-stakes More ❯
or scripting languages, especially Python, and a solid understanding of the web stack and its components. Experience with vulnerability management tools, security scanners (e.g. Snyk, Qualys, Trivy, Dependabot, etc.), and secure systems configuration (e.g., firewalls, VPNs, IDS/IPS, WAF). DevSecOps mindset, knowledge of CI/CD processes, security More ❯
Crossplane) Container orchestration, networking, and automation (Kubernetes, Docker) Scripting (Bash, Powershell, Python) Programming languages (Golang, Java, Ruby, Python) Vulnerability remediation and mitigation tools (BlackDuck, Snyk) We value your ability to adapt over deep specialization. In addition, we're currently seeking folks with strong experience in security and compliance to strengthen More ❯
london, south east england, United Kingdom Hybrid / WFH Options
Container Solutions
Crossplane) Container orchestration, networking, and automation (Kubernetes, Docker) Scripting (Bash, Powershell, Python) Programming languages (Golang, Java, Ruby, Python) Vulnerability remediation and mitigation tools (BlackDuck, Snyk) We value your ability to adapt over deep specialization. In addition, we're currently seeking folks with strong experience in security and compliance to strengthen More ❯
future faster than ever. But with exponential growth comes exponential risk, as outnumbered security teams struggle to secure mountains of code. This is where Snyk (pronounced "sneak") comes in. Snyk is a developer security platform that makes it easy for development teams to find, prioritize, and fix security vulnerabilities in … code, dependencies, containers, and cloud infrastructure - and do it all right from the start. Snyk is on a mission to make the world a more secure place by empowering developers to develop fast and stay secure. Joining Snyk means embracing our core values: One Team, Care Deeply, Customer Centric, and … with empathy, driving business impact, and inspiring trust are at the heart of everything we do. Our Opportunity As a Senior Software Engineer at Snyk you will play a significant role in shaping the technology of Snyk. You will drive consensus with other engineers to build foundational infrastructure at scale More ❯
ideally with platform ownership responsibilities. Comfortable with installations, upgrades, HA setups , and platform performance monitoring. Experience with JFrog Xray or similar artifact security tooling (Snyk, Nexus IQ, etc.). Strong stakeholder and communication skills — able to act as an SME and trusted advisor. Background in DevOps, Platform Engineering, or Infrastructure More ❯
CD: TeamCity, Octopus, BitBucket Pipelines, GitHub Actions, Docker, Kubernetes. Software Architecture & Testing: Microservices, TDD, unit testing (xUnit, NUnit, Moq). Security Practices: OWASP, Wiz, Snyk for improving security posture. A Bit About Us When it comes to appliances and electricals, we've got the lot. Washing machines? Yep. TVs? Check. More ❯
security scanning 🔹 Build and maintain REST API microservices using Java 17 (and occasionally Go), deploying them on OpenShift/Kubernetes 🔹 Integrate security tools like Snyk, BlackDuck, OWASP DependencyTrack, and Artifactory into our CI/CD pipelines 🔹 Work with Jenkins, TeamCity, and Tekton to optimize and maintain our DevSecOps toolchain 🔹 Collaborate More ❯
CD Pipelines, ideally Azure DevOps IaC code tooling, including Terraform, Ansible, Harbor SCA/IAST/DAST tooling, e.g. Black Duck, Coverity, Codesight, JFrog, Snyk Automated Test tooling, ideally Selenium/Robot Framework Test Management Tooling ideally Azure Test Plans Secure Secrets Management, ideally Azure DevOps and Hashicorp Vault If More ❯
security scanning 🔹 Build and maintain REST API microservices using Java 17 (and occasionally Go), deploying them on OpenShift/Kubernetes 🔹 Integrate security tools like Snyk, BlackDuck, OWASP DependencyTrack, and Artifactory into our CI/CD pipelines 🔹 Work with Jenkins, TeamCity, and Tekton to optimize and maintain our DevSecOps toolchain 🔹 Collaborate More ❯
access management (IAM), encryption, and security monitoring in the cloud. You have experience integrating security into the CI/CD pipeline using tools like Snyk, Aqua Security, or HashiCorp Vault for secret management. You should have strong collaboration skills to work across development and infrastructure teams on cloud infrastructure management. More ❯
