17 of 17 Static Application Security Testing Jobs in England

first dedicated Staff Application Security Engineer, you will own the design and implementation of our application security program, from SAST and DAST tooling to secure SDLC practices, threat modeling, dependency security, and penetration testing coordination. You will work directly with engineering teams across … risk profile of a company operating in the digital asset space. Primary Responsibilities: Static & Dynamic Application Security Testing (SAST/DAST) Own the full implementation of SAST tooling across all codebases and CI/CD pipelines Own the full implementation of DAST tooling across all customer ...

Application Security Engineer Manchester - Hybrid, 3 days a week in the office. Commutable from Stockport, Wigan, Bolton, Rochdale, Bury, Sale, Liverpool, Warrington, and Runcorn. Up to £75,000 + benefits We're partnered exclusively with a Fintech business in Manchester who've been building their own SaaS platform … right in here. Key skills needed: Strong background in application security, ideally in a SaaS or Fintech environment Experience with SAST, DAST, and SCA tooling - Snyk, Checkmarx, Semgrep, Burp Suite, or similar Threat modelling - comfortable running sessions with engineering and product teams Solid understanding of OWASP ...

Statera Talent is working on a senior Cyber Security leadership role with a well respect global financial organisation. This is a high-visibility position focused on leading a global vulnerability risk programme across a complex technology environment. It would suit someone who can combine technical security knowledge with … following: Vulnerability management across infrastructure, cloud and applications Risk-based prioritisation beyond basic severity scoring Security testing outputs such as SAST, DAST, SCA, infrastructure scanning, CSPM or penetration testing Working with engineering, infrastructure, application and security teams to drive remediation Executive-level reporting, dashboards, metrics ...

looking for a Staff Application Security Engineer to establish and lead the application security program. This role involves implementing SAST and DAST tooling, secure SDLC practices, threat modeling, and managing third-party penetration testing. The ideal candidate will have 7+ years of experience in application security and will report directly to the Head of Security, contributing to a growing engineering organization across cloud environments. #J-18808-Ljbffr ...

Location: Europe remote or London hybrid About the role: As our engineering and research organisation grows, so does the complexity of securing it. Our Application Security team is at the forefront of that challenge — building AI-native security tooling, embedding security into the development lifecycle … have a strong engineering background in application security, with hands‐on experience in areas such as threat modelling, secure design review, (AI‐)SAST/SCA tooling, vulnerability management, and/or security automation. You are very comfortable with Python and JavaScript. You have experience with ...

services that help shipowners, operators, and maritime professionals streamline operations, reduce costs, and stay compliant. With a strong focus on innovation, data integrity, and security,Marcura’sproducts support critical workflows such as port cost management, payments, and data intelligence. The company is committed tomaintainingrobust information security practices … into the software development lifecycle by performing code reviews, supporting secure coding practices, and implementing automated security testing tools such as SAST and dependency scanning. Assess third-party systems and integrations from a technical security perspective, identifying risks in APIs, data flows, and external dependencies. Conduct ...

Retail Hybrid: either London or Welwyn Garden City (whichever is closest) 3 days per week 6 months £850 per day In short: Our Application Security team require a strong Python generalist to run, deploy and maintain purpose-built applications. You'll need solid experience across Python development, DevOps … collaborate with cross-functional teams to integrate security practices. Experience working in an agile environment, such as Scrum. Nice to have Experience with SAST/DAST tooling and security automation Familiarity with API security patterns (JWT, OAuth, rate limiting) Comfortable working with AI-assisted development tools Experience ...

Retail Hybrid: either London or Welwyn Garden City (whichever is closest) 3 days per week 6 months £850 per day In short: Our Application Security team require a strong Python generalist to run, deploy and maintain purpose-built applications. You'll need solid experience across Python development, DevOps … collaborate with cross-functional teams to integrate security practices. Experience working in an agile environment, such as Scrum. Nice to have Experience with SAST/DAST tooling and security automation Familiarity with API security patterns (JWT, OAuth, rate limiting) Comfortable working with AI-assisted development tools Experience ...

Security Architect 2-3 days Bristol then rest remote 6 months likely extension £600pd outside IR35 Active DV or SC clearance required Key Responsibilities Architecture & Design Develop secure architecture designs for container platforms (e.g., Kubernetes, OpenShift, Docker). Architect and strengthen security controls across virtualisation technologies , including VMware … Classifications Policy Desirable Skills Experience with OpenShift or enterprise Kubernetes distributions. Hands on security tooling (Falco, Istio, Calico, etc.). Experience with SAST/DAST, SBOMs, and software supply chain security. Familiarity with automation tooling (Terraform, Ansible, Helm). Certifications such as: CCSK/CCSP CISSP CISM Kubernetes ...

requirements: • Seeking a strong application security expert with deep penetration testing exposure. • Must have knowledge of various AppSec tools and have a wider appreciation of cyber security in general. • Secure code review, managing SAST, DAST and VM tools across the firm globally • Knowledge of mobile pen testing is highly advantageous • Linux is a key component for the role ...

Principal Security Consultant (Online) is a senior, hands‐on security specialist supporting the secure design and delivery of online and digital platforms. The role provides expert security assurance, design review, and DevSecOps guidance across web, mobile, API, and cloud‐native services hosted primarily on Microsoft Azure. … party integrations Provide clear, proportionate security recommendations aligned to enterprise standards Advise on embedding security controls into CI/CD pipelines (e.g. SAST, SCA, secrets scanning, IaC scanning) Support secure engineering practices across build, deploy, and operate phases Who you are Senior experience in security consulting, product ...

Senior Product Security Engineer London (Hybrid) Salary: £80,000 - £100,000 This is an opportunity to join a forward-thinking technology-driven business where security is embedded from day one. You will play a key role in shaping how products are built securely, working closely with engineering teams … modelling activities for new features and systems Collaborate closely with engineering teams to design secure architectures Integrate and optimise security tooling such as SAST, SCA, DAST and vulnerability scanning Help drive secure development lifecycle practices across teams Deliver secure engineering training and guidance to developers Support triage and remediation ...

security automation Establish governance for CI/CD, IaC, and cloud delivery Define observability standards (SLOs, tracing, dashboards) Embed security into pipelines (SAST, SCA, DAST, secrets, IaC scanning) Govern "Golden Path" templates and adoption Operational Oversight & Risk Management Oversee reliability, performance, and security of platforms and pipelines … knowledge Proven ability to improve DORA and engineering performance metrics Experience with observability and monitoring frameworks Strong background in security tooling (SAST, SCA, DAST, scanning tools) Solid understanding of cloud security, IAM, and zero-trust principles Experience working in complex or regulated environments Excellent communication and stakeholder management ...

platform for 10 years. As the business has scaled, so has the complexity of their engineering environment - and they've reached the point where security needs to be built into every stage of delivery, not bolted on at the end. They're hiring a DevSecOps Engineer … cloud-native environment Strong CI/CD experience - GitHub Actions, GitLab CI, Jenkins, or similar - and the ability to integrate security gates properly SAST, DAST, and SCA tooling - Snyk, Checkov, Trivy, Semgrep, or similar Infrastructure as Code - Terraform, CloudFormation - and identifying misconfigs before they hit production Container and Kubernetes ...

first and microservices design principles. Contribute to CI/CD pipelines in Azure DevOps - build, test, and deployment automation. Apply DevSecOps practices including SAST/DAST scanning, dependency management, and environment segregation. Participate in code reviews, uphold coding standards, and implement secure development practices. Support Legacy system modernisation - migrating from … Terraform and/or Bicep Containerisation - Docker and/or Kubernetes Development Practices - Mandatory RESTful API design, development, and life cycle management Secure development - SAST/DAST tooling, code review, OWASP awareness Technical documentation to a high standard On-site in Taunton, Somerset - 2 days per week minimum Desirable Skills ...

first and microservices design principles. Contribute to CI/CD pipelines in Azure DevOps - build, test, and deployment automation. Apply DevSecOps practices including SAST/DAST scanning, dependency management, and environment segregation. Participate in code reviews, uphold coding standards, and implement secure development practices. Support Legacy system modernisation - migrating from … Terraform and/or Bicep Containerisation - Docker and/or Kubernetes Development Practices - Mandatory RESTful API design, development, and life cycle management Secure development - SAST/DAST tooling, code review, OWASP awareness Technical documentation to a high standard On-site in Taunton, Somerset - 2 days per week minimum Desirable Skills ...

infrastructure as code Core services: Lambda, API Gateway, DynamoDB, VPC, IAM, KMS, Secrets Manager, SSM Parameter Store, SNS VPC networking - Lambda in VPC, security groups, egress configuration Lambda provisioned concurrency and auto-scaling Understanding of WAF and ingress routing patterns Testing Vitest for unit and integration testing … Testcontainers experience is a plus CI/CD & DevOps GitLab CI pipelines; multi-stage, environment-specific deployments Automated security scanning (Snyk or similar SAST/DAST) Environment promotion strategies (dev staging production) General Monorepo experience (pnpm workspaces, npm workspaces) Feature flagging (LaunchDarkly or similar) OAuth/token-based authentication ...