12 of 12 Static Application Security Testing Jobs in the UK excluding London

practices, assess vulnerabilities, and strengthen our application security posture. Day-to-day of the role: Manage and optimise SCA (Software Composition Analysis), SAST (Static Application Security Testing), and DAST (Dynamic Application Security Testing) tooling to ensure effective scanning and remediation. Support … progress and highlight gaps. Required Skills & Qualifications: In-depth knowledge of web application security (OWASP Top 10) and experience with SCA, SAST, and DAST tools. A degree in Computer Science, Information Security, or a related discipline (STEM preferred) or demonstrable experience. Experience in software development ...

development practices to their processes, to assess vulnerabilities, and strengthen their application security posture. The role will involve: Managing and optimising SCA, SAST, and DAST tooling to ensure effective scanning and remediation. Supporting engineering teams with triage, vulnerability management, and secure coding best practices. Ensuring adherence … someone who has the following experience and knowledgebase: - In-depth knowledge of web application security ( OWASP Top 10 ) and experience with SCA, SAST, and DAST tools. A degree in Computer Science, Information Security, or a related discipline ( STEM preferred ) or demonstrable experience. Experience in software development ...

development practices to their processes, to assess vulnerabilities, and strengthen their application security posture. The role will involve: Managing and optimising SCA, SAST, and DAST tooling to ensure effective scanning and remediation. Supporting engineering teams with triage, vulnerability management, and secure coding best practices. Ensuring adherence … someone who has the following experience and knowledgebase: - In-depth knowledge of web application security ( OWASP Top 10 ) and experience with SCA, SAST, and DAST tools. A degree in Computer Science, Information Security, or a related discipline ( STEM preferred ) or demonstrable experience. Experience in software development ...

Role Title: Application Security Specialist Duration: contract to run until 30/11/2026 Location: Knutsford, Hybrid 3 days per week onsite Rate: up to 517.78 p/d Umbrella inside IR35 Role purpose/summary We are looking for an Application Security Specialist … Conduct security reviews, threat modelling, and vulnerability assessments. Support secure coding practices and provide guidance to development teams. Operate security scanning tools (SAST/DAST/IAST). Validate remediation of vulnerabilities and track risk reductions. Contribute to secure design standards and best practices. Work with DevOps ...

Role Title: Application Security Specialist Duration: contract to run until 30/11/2026 Location: Knutsford, Hybrid 3 days per week onsite Rate: up to £517.78 p/d Umbrella inside IR35 Role purpose/summary We are looking for an Application Security Specialist … Conduct security reviews, threat modelling, and vulnerability assessments. Support secure coding practices and provide guidance to development teams. Operate security scanning tools (SAST/DAST/IAST). Validate remediation of vulnerabilities and track risk reductions. Contribute to secure design standards and best practices. Work with DevOps ...

Cloud Security Pre-Sales Consultant - Cloud, Security, AWS, AzureSalary: £60,000 - £65,000 (Depending on Experience)Location: London/Hybrid (willingness to travel on-site required)Company OverviewA forward-thinking and entrepreneurial cloud security company, partnering with major organisations and continuing to grow rapidly, is offering … Zero Trust principles.Network & Infrastructure SecurityCloud-native firewalls, WAFs, VPN, ZTNA, API security fundamentals.Container & DevSecOps SecurityBasic exposure to Kubernetes (AKS, EKS, GKE), container scanning, SAST/DAST, IaC security.SIEM & Endpoint SecuritySplunk, Microsoft Sentinel, Elastic Security, CrowdStrike, Defender XDR.Certifications (Nice to Have, Not Essential)Security+, CySA+, CEH, CCSP, CISM, CISSP ...

best practices. # Expertise in Test Driven Development (TDD) and Behaviour Driven Development (BDD) methodologies for backend services. # Strong appreciation and practical application of architectural standards and processes essential in large-scale organisations. # Extensive experience or deep exposure to the following technologies: o Java o Spring Boot … e.g., IntelliJ IDEA) o Fossa (or similar open-source licence compliance tools) o SonarQube (or similar code quality analysis tools) o Checkmarx (or similar static application security testing tools) o Cycode (or similar software supply chain security platforms) Desirable (not essential) Skills: Software Engineer Back ...

feel at home here. Key Responsibilities Design, build, and maintain enterprise-scale CI/CD pipelines across multi-service environments Integrate build, test, security scanning, and deployment workflows Automate cloud infrastructure using Infrastructure as Code (Terraform preferred) Build and manage container platforms using Docker and Kubernetes (AKS/… Deep Infrastructure as Code expertise (Terraform highly preferred) Kubernetes and container orchestration experience Strong scripting skills (Python, Bash, PowerShell) Good understanding of DevSecOps practices (SAST, DAST, secrets management, code scanning) Excellent troubleshooting and systems integration skills Nice to Have Cloud/DevOps certifications (Azure DevOps Engineer, AWS DevOps ...

work done. What You'll Be Doing: Own the DevOps strategy - Design and implement scalable cloud infrastructure, CI/CD, observability, and security-by-default practices that let engineering ship fast and services accessed safely. Standardise how services are built, provisioned, administered, and managed - Provide clear ways of working … Containers and orchestration (Docker, ECS/EKS), frontend build/release familiarity (Vite, React/Vue), and API gateway patterns. Security tooling integration: SAST/DAST/SCA, dependency governance, SBOMs. Experience with GCP services (e.g., BigQuery, Maps, Vertex) and cross‐cloud identity/networking. Led AI governance ...

DevOps Technical Depth (essential): CI/CD pipeline architecture and integrations Git-based platforms (GitHub, GitLab, Bitbucket) DevSecOps tooling and security integrations SCA, SAST, SBOM management Container security Strong understanding of modern cloud and distributed systems Highly desirable: Background in software development Exposure to MLOps You must … equally credible in front of: Heads of DevOps Platform Engineering teams Security leaders C-level technical stakeholders Why This Role Stands Out Global enterprise exposure Complex, intellectually challenging sales cycles Cutting-edge DevSecOps and software supply chain technology High-calibre peer group Strong career progression potential This ...

observability and incident readiness. Day to day, you can expect to be shipping small, frequent changes using trunk-based development and feature flags, embedding security and quality gates directly into CI, and working with colleagues across Release, QE, and Environments to ensure every deployment is traceable, auditable, and safe. … experience, including progressive delivery techniques such as canary releases, blue/green deployments, and automated rollback Solid grasp of secure-by-design practices: SAST, SCA, DAST, IaC scanning, SBOM, WAF configuration, and pipeline attestations Experience building and managing ephemeral, production-like environments with data-on-demand capability Strong observability skills ...

audit-ready evidence. - Design for ephemeral/data-ready environments (idempotent data, test hooks, parity enforcement). - Embed contract/performance/resilience/security tests in CI; elevate squad testability patterns. - Partner with … Release on SLO/error-budget readiness for go/no-go. Secure by design & compliance as code - Ensure every pipeline has push protection, SAST/SCA/DAST, IaC scanning, and secure defaults; implement WAF requirements for external endpoints; maintain SBOM/pipeline attestations where applicable. Release linked observability ...