1 to 25 of 41 Static Application Security Testing Jobs in the UK excluding London

SOFTWARE APPLICATION SECURITY ENGINEER £90,000 + 15% Bonus + Excellent Staff Benefits including Strong Pension, Life Assurance Hybrid Working ( 2 Days per Week Onsite ) An interesting opportunity has presented itself within one of the UKs largest Independent Software Based Organisations who are one of a major driving … forces behind Innovative Development of Enterprise-Led Internet Technology. They are now looking for an Application Security Engineer to join their existing & high performing In - House Security Team of 35 Staff including SOC & Cyber Analysts through to Experienced Cyber Security Engineers & Security Architects. As an … AppSec Engineer you will focus on the technical side of IT Security, specifically looking at Application Security & Code Analysis, ensuring their Applications are Built Securely. The Information & Cyber Security Team deal with the Security of Closed-Sourced, Open-Source & In-House Developed Applications ensuring that More ❯

Experience in the following types of Security Testing: - Security Analysis and Consulting - Static Application Security Testing (SAST) - Dynamic Application Security Testing (DAST) - Infrastructure Vulnerability Assessment - Mobile Application Penetration testing OWASP More ❯

growth has landed Smarsh in the annual Inc. 5000 list of fastest-growing American companies since 2008. We are looking for an experienced Product Security Engineer to partner with engineering teams and proactively identify, assess, and remediate security risks across our product portfolio. This role will focus on … secure development practices, vulnerability management, threat modelling, and driving a shift-left security culture. The ideal candidate is a pragmatic problem solver with strong technical expertise in application security, cloud security, and DevSecOps. You will work closely with product owners, software engineers, and platform teams to … and security assessments for new features, architectures, and services. Vulnerability Management & Remediation: Work closely with engineering teams to identify and remediate vulnerabilities from SAST, DAST, SCA, container security, and cloud security scans. Code & Architecture Review: Conduct secure code reviews and architectural security assessments to identify risks More ❯

treasury solutions, empowering investment firms with cutting-edge technology to optimize financial performance, enhance liquidity, and mitigate risk. As part of our commitment to security and innovation, we are expanding our Information Security Team and seeking a DevSecOps Engineer to drive security automation and best practices across … our cloud infrastructure and IT operations. Job Overview As a DevSecOps Engineer , you will play a pivotal role in integrating security practices into our DevOps pipeline and IT operations . Working at the intersection of operations, security, and development , you will collaborate closely with internal teams to safeguard … alerts across Infosec, servers, firewalls, and applications. Conduct continuous monitoring of internal and third-party information security controls. Threat & Vulnerability Management: Assess SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) scans. Implement remediation and mitigation strategies in collaboration More ❯

A Senior Information Security Specialist, who will focus on the technical side of IT Security, specifically looking at application security and code analysis to ensure applications are built securely. The application security team deals with the security of closed source, open source, and … that is secure and compliant with the Company's regulatory obligations. You will be working closely with the software development function to ensure that application-based vulnerabilities are understood and mitigated. It is therefore important that you possess an understanding of the Secure Software Development Lifecycles and the assessment … of code. This role is part of the broader Information Security department, which is comprised of engineers and analysts with varying backgrounds. Collectively, the team utilises enterprise and bespoke tooling to identify and mitigate threats to safeguard the Business. This role is eligible for inclusion in the Company's More ❯

Who we are looking for A Senior Information Security Specialist, who will focus on the technical side of IT Security, specifically looking at application security and code analysis to ensure applications are built securely. The application security team deal with the security of … that is secure and compliant with the Company’s regulatory obligations. You will be working closely with the software development function, to ensure that application based vulnerabilities are understood and mitigated. It is therefore important that you possess an understanding of the Secure Software Development Lifecycles and the assessment … of code. This role is part of the broader Information Security department, which is comprised of engineers and analysts with varying backgrounds. Collectively, the team utilises enterprise and bespoke tooling to identify and mitigate threats to safeguard the Business. This role is eligible for inclusion in the Company’s More ❯

Who we are looking for A Senior Information Security Specialist, who will focus on the technical side of IT Security, specifically looking at application security and code analysis to ensure applications are built securely. The application security team deal with the security of … that is secure and compliant with the Company’s regulatory obligations. You will be working closely with the software development function, to ensure that application based vulnerabilities are understood and mitigated. It is therefore important that you possess an understanding of the Secure Software Development Lifecycles and the assessment … of code. This role is part of the broader Information Security department, which is comprised of engineers and analysts with varying backgrounds. Collectively, the team utilises enterprise and bespoke tooling to identify and mitigate threats to safeguard the Business. This role is eligible for inclusion in the Company’s More ❯

We support organisations across a variety of sectors including finance, retail, telecommunications, utilities, gaming, government and insurance. We’re looking for a Senior Information Security Consultant to join our growing team. The Senior Security Consultant is responsible for maintaining end-to-end security through compliance with global … policy, standards, regulations and industry best practices. This person works with Information Security management to implement a cloud first programme for enabling security standards across people, process and technology within the TransUnion Monevo portfolio. Day to Day You’ll Be: Guides and advises technology teams on infrastructure vulnerability … update internal standards, best practices and architectures based on this information Assists Engineering teams with adoption to changes in application security tooling (SAST, DAST, etc.) and interpretation of its results to ensure vulnerabilities are addressed on a timely basis and prevented from deployment into production Builds relationships and More ❯

Cloud Security Architect, AWS ProServe India Job ID: AWS ProServe IN - Maharashtra AWS Sales, Marketing, and Global Services (SMGS) is responsible for driving revenue, adoption, and growth from the largest and fastest growing small- and mid-market accounts to enterprise-level customers including public sector. At Amazon, Security is Top Priority. We are looking for security architects who are passionate about Cloud Security. Ideal candidates are those who have working experience with AWS Cloud, Cloud Security, Infrastructure Security, Network Security, Cloud Security Assessment, Penetration testing, Application security assessment, Compliance … AWS Organisations, Web Application Firewall, AWS Network Firewall, GWLB based Security Appliances. Have implementation knowledge to deliver DevSecOps pipeline with IaC scanner, SAST, DAST tool in the SDLC. Hands-on experience in one of the following is mandatory: Identity and Access Management Data Encryption Network Security Incident More ❯

Application Security Consultant – Remote CSSLP, CISSP, OSWE, GWAPT, CREST CRT/CCT App A leading Technology consultancy is looking for an Application Security Consultant to play a key role in embedding security into the heart of modern software development practices. The role: You’ll work … is especially focused on cloud-native development in AWS environments. Key responsibilities include: Embedding secure coding practices and supporting design/code reviews Implementing SAST, DAST, SCA, and other security checks into DevOps workflows Supporting secure API design and cloud-native architecture Acting as a key escalation point for … vulnerability triage and remediation Delivering developer enablement through workshops and hands-on threat modelling What you’ll bring: 3+ years in application or product security roles Strong grasp of application-level threats, secure design, and remediation strategies Experience with IaC security (Terraform, CloudFormation), container security More ❯

to help shape the new flagship development center and contribute to high-impact projects in a thriving tech environment. Position Overview: Were expanding our application security team and are looking for someone with Java and Python experience. Youll focus on a subset of our products to understand them … development teams build products that are secure by design. What you will do: Youll support product teams through activities such as: Defining requirements for security features Proactively identifying and controlling risks using techniques like threat modeling Designing and implementing automated security tests Performing manual security assessments including … least one JavaScript framework Test design Unit tests and end-to-end tests both automated and manual A proven history of turning SCA/SAST/DAST results into teachable moments Application penetration testing experience is a bonus. Fluency in English What you'll gain at Intapp: Our More ❯

to help shape the new flagship development center and contribute to high-impact projects in a thriving tech environment. Position Overview: Were expanding our application security team and are looking for someone with Java and Python experience. Youll focus on a subset of our products to understand them … development teams build products that are secure by design. What you will do: Youll support product teams through activities such as: Defining requirements for security features Proactively identifying and controlling risks using techniques like threat modeling Designing and implementing automated security tests Performing manual security assessments including … least one JavaScript framework Test design Unit tests and end-to-end tests both automated and manual A proven history of turning SCA/SAST/DAST results into teachable moments Application penetration testing experience is a bonus. Fluency in English What you'll gain at Intapp: Our More ❯

to help shape the new flagship development center and contribute to high-impact projects in a thriving tech environment. Position Overview: Were expanding our application security team and are looking for someone with Java and Python experience. Youll focus on a subset of our products to understand them … development teams build products that are secure by design. What you will do: Youll support product teams through activities such as: Defining requirements for security features Proactively identifying and controlling risks using techniques like threat modeling Designing and implementing automated security tests Performing manual security assessments including … least one JavaScript framework Test design Unit tests and end-to-end tests both automated and manual A proven history of turning SCA/SAST/DAST results into teachable moments Application penetration testing experience is a bonus. Fluency in English What you'll gain at Intapp: Our More ❯

Overview: Additional Information: Please note, this role requires working full-time onsite, five days per week. NON Negotiable We are seeking an experienced IT Security Engineer to become a vital part of a growing IT Department. This critical role will focus on protecting our information assets through robust cybersecurity … measures, ensuring adherence to best practices, international standards, and local regulations. Ideally suited to candidates who possess expert knowledge of security frameworks including NIST 800, ISO 27001, and cybersecurity guidelines from PRA, FCA, and ICO. Candidates with at least 3 years' relevant experience in finance or banking, particularly as … and disposal. Conduct security evaluations on network and firewall policies and manage application security in both development and testing phases (SAST, DAST). Liaise with internal audit teams and international cybersecurity operations centres to implement security policies and controls. Provide cybersecurity training to ensure staff More ❯

DevSecOps Engineer Location: Bury Job Type: Full-Time Job Description: We are seeking a skilled and motivated DevSecOps Engineer to join our growing Information Security team. The ideal candidate will have a strong background in both development and security operations, with a passion for integrating security practices … into the DevOps process. As a DevSecOps Engineer, you will play a critical role in ensuring the security and integrity of our software development lifecycle. Key Responsibilities: Implement and manage security tools and practices within the CI/CD pipeline. Collaborate with development, operations, and security teams … AWS CodeBuild, Jenkins, GitLab, Azure DevOps. Proficiency in scripting languages such as Python, PowerShell. Knowledge of security tools and frameworks (e.g., OWASP, SCA, SAST, DAST). Familiarity with one or more cloud platforms (AWS, Azure, GCP) and containerization technologies (Docker, Kubernetes). Excellent problem-solving skills and attention to More ❯

Senior Product Security Engineer Location: London Salary: £200,000+ A leading global quantitative investment firm is seeking a Senior Product Security Engineer to strengthen the security of its trading systems, cloud infrastructure, and business applications. This is a hands-on, high-impact role working across a modern … tech stack in a fast-paced environment. Key Responsibilities Implement and maintain security controls across low-latency systems and multi-cloud platforms (AWS, Azure, Alibaba Cloud) Collaborate with engineering teams to integrate … secure coding practices into the SDLC Conduct threat modeling, vulnerability assessments, and code reviews Automate security processes through CI/CD integration using SAST, DAST, and related tools Assess third-party vendors and enforce security standards Mentor teams on security architecture and best practices What We’re More ❯

London-based Quant Trading fund is looking for a Senior Security Architect to influence architecture and lead strategic security projects during a period of rapid expansion. The incoming Security Architect will work with IT, cloud, and engineering teams to implement security solutions for low-latency systems … and multi-cloud platforms (AWS and Azure). Whilst this is predominantly a security architecture role, the incoming architect will perform an advisor/consulting role, helping to guide and influence technology stakeholders to build secure and robust systems. Role and Responsibilities: Support the implementation of security controls … environments Perform vendor security reviews to assess third-party security practices and ensure compliance with standards Integration of security scanning tools (SAST, DAST, etc.) into CI/CD pipelines and runtime environments to ensure continuous security monitoring and threat detection across Cloud - AWS, Azure, and on More ❯

About Us Sophos is a global leader and innovator of advanced security solutions for defeating cyberattacks. The company acquired Secureworks in February 2025, bringing together two pioneers that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure … with internal product and engineering teams to identify potential issues in product designs. Assist in the adoption of shared cybersecurity services such as SCA, SAST, and DAST. Participate in the development and adoption of new standards and policies. Impart education to key stakeholders from both technology and business teams regarding … SSDF, ASVS, and other cybersecurity frameworks. Knowledge of cryptographic techniques and implementations. Familiarity with security tooling used to support a SSDLC (SCA/SAST/DAST/container scanning). A strong desire to stay current and understand emerging technologies and risks. Strong project management skills to drive and More ❯

GCP Worked with defining data models and interacting with databases Built software that incorporates best practices in application security controls, such as SAST, DAST, Penetration Testing etc. Skills we'd love to see/Amazing Extras: Experience with Docker, Kubernetes or other serverless application delivery platforms … of the Business Disability Forum so please get in touch if you'd like to discuss any adjustments that you might need in the application process - and if you are successful beyond this. We don't accept speculative CVs from agencies - you can see our policy on agencies here More ❯

You will need to login before you can apply for a job. DevSecOps Security Engineer - Tesco Mobile Sector: Technology Role: Professional Contract Type: Permanent Hours: Full Time About the role: As one of our DevSecOps Security Engineers, you will be helping the team manage and deploy solutions on … platforms in a secure and optimised manner. This will include all aspects of security, maintaining an evolving programme of work to address prioritised concerns, helping to identify threats and risks, and working to implement solutions and mitigations. You will also work with the rest of the squad to incorporate … projects. Significant experience with cloud providers AWS and Azure. Experience of CI/CD pipelines and adding security tooling to these. Experience using SAST and other techniques to improve code security. Experience using AWS Security Hub, Azure Security Center, etc. to improve cloud security position. Willingness More ❯

development, particularly with Azure (preferred), AWS, or GCP. Defining data models and working with databases. Understanding application security best practices, including SAST, DAST, and penetration testing. Skills we'd love to see/Amazing Extras: Experience integrating AI technologies like Azure AI Services or ChatGPT. Containerizing applications … divisions and specialisms within Tech and Engineering: Technology and Engineering at KPMG ITs Her Future Women in Tech KPMG Workability and Disability confidence Additional application support and resources: Applying to KPMG Interview tips KPMG Values KPMG Competencies Locations & FAQ The evolving nature of tax and legal services makes working More ❯

e.g. Java, Go or Python Developing of RESTful API services & understanding of API Gateways (e.g. APIGEE) Building applications utilising container technologies e.g. Docker Managing application deployed to Kubernetes clusters, Istio & Helm Cloud: GCP, GKE, IaC (Terraform) Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube It … Experience in Spring Boot and Hibernate Experience of building microservice architecture and event driven systems Experience in Test automation: BDD, mocking, contract testing, Sast Exposure to web technologies, data tooling & infrastructure/networking About working for us Our focus is to ensure we're inclusive every day, building an More ❯

e.g. Java, Go or Python Developing of RESTful API services & understanding of API Gateways (e.g. APIGEE) Building applications utilising container technologies e.g. Docker Managing application deployed to Kubernetes clusters, Istio & Helm Cloud: GCP, GKE, IaC (Terraform) Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube It … Experience in Spring Boot and Hibernate Experience of building microservice architecture and event driven systems Experience in Test automation: BDD, mocking, contract testing, Sast Exposure to web technologies, data tooling & infrastructure/networking About working for us Our focus is to ensure we're inclusive every day, building an More ❯

e.g. Java, Go or Python Developing of RESTful API services & understanding of API Gateways (e.g. APIGEE) Building applications utilising container technologies e.g. Docker Managing application deployed to Kubernetes clusters, Istio & Helm Cloud: GCP, GKE, IaC (Terraform) Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube It … Experience in Spring Boot and Hibernate Experience of building microservice architecture and event driven systems Experience in Test automation: BDD, mocking, contract testing, Sast Exposure to web technologies, data tooling & infrastructure/networking About working for us Our focus is to ensure we're inclusive every day, building an More ❯

e.g. Java, Go or Python Developing of RESTful API services & understanding of API Gateways (e.g. APIGEE) Building applications utilising container technologies e.g. Docker Managing application deployed to Kubernetes clusters, Istio & Helm Cloud: GCP, GKE, IaC (Terraform) Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube It … Experience in Spring Boot and Hibernate Experience of building microservice architecture and event driven systems Experience in Test automation: BDD, mocking, contract testing, Sast Exposure to web technologies, data tooling & infrastructure/networking About working for us Our focus is to ensure we're inclusive every day, building an More ❯