e.g., Prometheus, Grafana, Azure Monitor). DevSecOps Practices & Toolchains: Understanding of secure software development lifecycle (SSDLC) and toolsets that integrate security into DevOps (e.g., Snyk, Aqua, SonarQube). Security Scanning & Vulnerability Assessment: Knowledge of static and dynamic analysis tools, and the ability to integrate them into pipelines. Incident Response: Familiarity More ❯
ARM templates Expertise in containerization technologies (Docker, Kubernetes) and container security Experience implementing CI/CD pipelines using GitHub Actions with integrated security scanning (Snyk, SonarQube) Experience of Azure Web Apps and Azure Functions Deep understanding of cloud security best practices and implementing Zero Trust architecture Experience with healthcare compliance More ❯
recent .Net Framework. Project management tools such as Jira. SonarQube, GitLab, or similar for code quality analysis. Security practices and tools like OWASP and Snyk, or similar. Typescript. CI/CD tools e.g. Jenkins, Azure pipelines, GitHub actions. ELK stack, Prometheus, or Grafana. Benefits: Annual bonus scheme. 25 days holiday More ❯
recent .Net Framework. Project management tools such as Jira. SonarQube, GitLab, or similar for code quality analysis. Security practices and tools like OWASP and Snyk, or similar. Typescript. CI/CD tools e.g. Jenkins, Azure pipelines, GitHub actions. ELK stack, Prometheus, or Grafana. Benefits: Annual bonus scheme. 25 days holiday More ❯
recent .Net Framework. Project management tools such as Jira. SonarQube, GitLab, or similar for code quality analysis. Security practices and tools like OWASP and Snyk, or similar. Typescript. CI/CD tools e.g. Jenkins, Azure pipelines, GitHub actions. ELK stack, Prometheus, or Grafana. Benefits: Annual bonus scheme. 25 days holiday More ❯
Exposure to cloud platforms (AWS, Azure, GCP) in a QA/testing capacity. Knowledge of static code analysis tools and vulnerability scanners (e.g., SonarQube, Snyk). ISTQB certification or equivalent is a plus. Due to the timescales of the project and organisation it sits within, the successful candidate will need More ❯
Java, or C++ Deep understanding of cloud security, network/system hardening, and cryptographic concepts Experience with modern security tooling (e.g., GitHub Advanced Security, Snyk, Veracode, Burp Suite, etc.) Proven ability to partner with engineering teams to drive secure design and implementation at scale Comfortable navigating fast-paced, high-stakes More ❯
access management (IAM), encryption, and security monitoring in the cloud. You have experience integrating security into the CI/CD pipeline using tools like Snyk, Aqua Security, or HashiCorp Vault for secret management You should have experience in setting up monitoring, logging, and alerting for improved system observability. Tech Stack More ❯
access management (IAM), encryption, and security monitoring in the cloud. You have experience integrating security into the CI/CD pipeline using tools like Snyk, Aqua Security, or HashiCorp Vault for secret management You should have experience in setting up monitoring, logging, and alerting for improved system observability. Tech Stack More ❯
london, south east england, United Kingdom Hybrid / WFH Options
Container Solutions
Crossplane) Container orchestration, networking, and automation (Kubernetes, Docker) Scripting (Bash, Powershell, Python) Programming languages (Golang, Java, Ruby, Python) Vulnerability remediation and mitigation tools (BlackDuck, Snyk) We value your ability to adapt over deep specialization. In addition, we're currently seeking folks with strong experience in security and compliance to strengthen More ❯
CD Pipelines, ideally Azure DevOps IaC code tooling, including Terraform, Ansible, Harbor SCA/IAST/DAST tooling, e.g. Black Duck, Coverity, Codesight, JFrog, Snyk Automated Test tooling, ideally Selenium/Robot Framework Test Management Tooling ideally Azure Test Plans Secure Secrets Management, ideally Azure DevOps and Hashicorp Vault If More ❯
CD: TeamCity, Octopus, BitBucket Pipelines, GitHub Actions, Docker, Kubernetes. Software Architecture & Testing: Microservices, TDD, unit testing (xUnit, NUnit, Moq). Security Practices: OWASP, Wiz, Snyk for improving security posture. A Bit About Us When it comes to appliances and electricals, we've got the lot. Washing machines? Yep. TVs? Check. More ❯
security scanning 🔹 Build and maintain REST API microservices using Java 17 (and occasionally Go), deploying them on OpenShift/Kubernetes 🔹 Integrate security tools like Snyk, BlackDuck, OWASP DependencyTrack, and Artifactory into our CI/CD pipelines 🔹 Work with Jenkins, TeamCity, and Tekton to optimize and maintain our DevSecOps toolchain 🔹 Collaborate More ❯
access management (IAM), encryption, and security monitoring in the cloud. You have experience integrating security into the CI/CD pipeline using tools like Snyk, Aqua Security, or HashiCorp Vault for secret management. You should have strong collaboration skills to work across development and infrastructure teams on cloud infrastructure management. More ❯
Tunbridge Wells, Kent, South East, United Kingdom Hybrid / WFH Options
GMA Consulting
protocols etc), cloud network design (VPNs, subnets, regions/zones etc), and integration related technologies (Auth0, APIM) · Expertise with SAST & SCA systems such as Snyk, Checkmarx · Experience with DAST systems such as OpenZAP, Qualys DAST (preferred) ideally with HTTP APIs · Ability to manage large scale software estates from a operational More ❯
GKE). Knowledge of CI/CD tools , such as Bitbucket Pipelines or similar platforms. Familiarity with security and compliance standards (e.g., PCI-DSS, Snyk, SonarCloud). Experience with scripting and coding for automation. A proactive, problem-solving mindset , and the ability to work effectively in a team. A formal More ❯
Oxford, Oxfordshire, United Kingdom Hybrid / WFH Options
Nominet
mindset • Experience managing Endpoint Detection services such as SentinelOne, zScaler, or Crowdstrike • Experience in conducting security checks, such as SAST, DAST, and SCA with Snyk, OWASP ZAP, Burp Suite tools, vulnerability analysis in applications, and penetration testing skills. Familiarity with OWASP Testing Guide v3/4 and OWASP TOP 10. More ❯
Certified System Administrator certification Experience working in a consulting environment Experience working with industry-leading security operations tools (e.g., CyberXM, Rapid7, Qualys, Tenable, Prisma, Snyk, Veracode, Wiz, Orca, Tanium, Splunk, QRadar. Carbon Black, CrowdStrike, ProofPoint, Cisco, etc) Required Certifications: ServiceNow Certified Implementation Specialist certification in one or more of the More ❯
Glasgow, Glasgow City, City of Glasgow, United Kingdom Hybrid / WFH Options
Jarvis King
acceptable Postgres, SQL Excellent verbal and written communication skills (Stakeholder engagement and written standards such as DoD, coding standards and guidelines) DevSecOps experience e.g. Snyk vulnerabilities, Sentry exception monitoring Comfortable running workshops with the dev team e.g. new technology, brainstorming, DevSecOps sessions Desirable Microsoft Graph API Any previous PHP experience … green deploys, cloud functions, API manager, data factories, logic apps, Bitbucket pipelines, Yaml, Azure, DevOps, Postgres, SQL, Blazor, Business Central, BC, IAC, Oracle, DevSecOps, Snyk vulnerabilities, Sentry exception monitoring More ❯
Employment Type: Permanent
Salary: £60000 - £70000/annum 10% bonus. 4X life assurance
and service levels Minimum Requirements: 3-5 years' experience in DevSecOps or related roles Knowledge and working experience of security frameworks and tools - OWASP, Snyk, etc. Good team player and able to work on own initiative Proven experience in mentoring other team members Proven ability of establishing strong, effective working … methodologies Ability to receive and relay information through written and verbal communication Ability to think outside the box e.g. Edge cases Security tools: WIZ, Snyk, KICS, Qodana Linters and formatters: ESLint, dprint, Biome, semantic versioning, conventional commits Familiarity with DataDog or Site 24x7 is a bonus Familiarity with API Security More ❯
