1 to 25 of 182 Static Application Security Testing Jobs in the UK excluding London

designing, developing, and maintaining large-scale, secure, and high-performing solutions. This role involves mentoring and coaching junior team members, translating stakeholder requirements into actionable user stories, and embedding security throughout the software development life cycle. The position calls for strong technical expertise, collaborative mindset, and an ability to deliver innovative solutions that align with business objectives. Experience Requirements … Software Development & Principles Programming Languages: Proficiency in one or more of: Java, Spring Boot, Python, JavaScript, TypeScript, ReactJS SOLID Principles: Familiarity with object-oriented and clean coding practices Testing & BDD Unit Testing Frameworks: Experience with Cypress, Cucumber, Behave, Selenium, or similar tools Domain-Specific Languages: Knowledge of BDD approaches (e.g., Cucumber, Gherkin) for test automation Containerisation & Microservices Container … to build, configure, and secure cloud environments effectively Security & CI/CD Security Integration: Familiarity with embedding security checks at every phase of the SDLC (e.g., SAST, DAST) Automation Pipelines: Experience with Continuous Integration (CI), Continuous Delivery (CD), and continuous testing tools (e.g., Jenkins, GitHub Actions) Agile & Mentorship Agile Delivery: Background in Scrum or Kanban, assisting More ❯

designing, developing, and maintaining large-scale, secure, and high-performing solutions. This role involves mentoring and coaching junior team members, translating stakeholder requirements into actionable user stories, and embedding security throughout the software development life cycle. The position calls for strong technical expertise, collaborative mindset, and an ability to deliver innovative solutions that align with business objectives. Experience Requirements … Software Development & Principles SOLID Principles: Familiarity with object-oriented and clean coding practices Testing & BDD Unit Testing Frameworks: Experience with Cypress, Cucumber, Behave, Selenium, or similar tools Domain-Specific Languages: Knowledge of BDD approaches (e.g., Cucumber, Gherkin) for test automation Containerisation & Microservices Container Technologies: Practical understanding of Docker or equivalent solutions Microservice Patterns: Experience architecting microservice-based systems … to build, configure, and secure cloud environments effectively Security & CI/CD Security Integration: Familiarity with embedding security checks at every phase of the SDLC (e.g., SAST, DAST) Automation Pipelines: Experience with Continuous Integration (CI), Continuous Delivery (CD), and continuous testing tools (e.g., Jenkins, GitHub Actions) Agile Delivery: Background in Scrum or Kanban, assisting Product Owners More ❯

Role: Cyber Security Engineer Salary/Rate: up to £700 per day (inside IR35) Location: Hybrid LondonContract Duration: until October 2025 We are currently looking for a Cyber Security Engineer for our government client. This Cyber Security Engineer role is hybrid, based between 2-3 days per week on site in central London and the remainder of … the week working remotely. The contract for the Cyber Security Engineer position is until October 2025 with potential to extend, operating inside IR35. Security Clearance: Security Check ("SC Clearance") This role is inside IR35 - Due to the service of the role, it will now be based on an Umbrella solution. Essential skills/experience required: Certifications: OSCP … desirable Role/Responsibilities: Perform penetration testing and vulnerability assessments of web applications, APIs, and cloud infrastructure. Evaluate the automated security tooling into CI/CD pipelines (SAST, DAST, dependency checking, IaC etc), and make necessary recommendations. Collaborate with developers to remediate identified vulnerabilities and ensure secure code practices. Provide expert input on cloud security (AWS, Azure More ❯

Job Title: Cyber Security Engineer - MUST HAVE INSURANCE EXPERIENCE Department: Cyber Security Reports To: Head of Security Architecture & Engineering Salary: £600 Per Day Inside IR35 Location: Central London (3 days per week on site, 2 days per week remote) The Role We're looking for a hands-on Application Security Engineer with a strong engineering … mindset and a background in financial services, insurance, or fintech . You'll be embedded with product and engineering teams, driving secure development practices and owning security controls across our SDLC and cloud-native platforms. This is a technical role , not for architects or managers - you'll be writing code … integrating tools, running threat modelling sessions, and solving real-world security problems. What You'll Do Lead threat modelling , secure design reviews, and AppSec assessments. Integrate and automate SAST, DAST, SCA , and container scanning in CI/CD. Triage and drive remediation of vulnerabilities across cloud and app layers. Deliver security controls via code (Terraform, YAML, scripting). More ❯

Story Behind the Need • Business group: Application Security - deploying application security vulnerability testing tools used by the Bank for vulnerability testing; currently doing a lot of modernization projects updating portfolio for statis dynamic and mobile testing • Project: Resource will be playing a key role in deploying components of the strategic solution for Application … CD pipelines and automation (e.g. Jenkins) Nice-To-Have Skills: • Cloud solution and containerization deployment experience - GCP(1st), AWS(2nd), Azure(3rd), • Experience with security testing tools (SAST, SCA, DAST) • Experience/knowledge of security best practices around connectivity (MTLS, SAML, OAuth Client and Credentials IP Allow Listing) • Cybersecurity experience • Experience from large highly matrixed enterprise organizations … initiative, strong problem solver and is a strategic thinker and can identify solution; experience using vulnerability and security testing tools to help with understanding of software composition (SAST, SCA, DAST), best will have used the tools themselves and have an understanding of how they work, strong independent developer, with programming and automation expertise Feedback from previous supplier calls More ❯

you will: Lead DevSecOps practices and processes within the organization. Develop and implement DevSecOps strategies. Mentor engineers in cybersecurity best practices. Collaborate with development and operations teams to automate security principles. Identify and implement tools to improve software development and delivery. Communicate trends and innovative solutions to leadership. Monitor and evaluate the performance of solutions, recommending enhancements. Assist in … or related field, or significant work experience emphasizing cybersecurity. 5+ years as a DevSecOps Engineer. Strong knowledge of Network Architecture in AWS and/or Azure. Cybersecurity expertise in SAST, DAST, SIEM, SSO, penetration testing, and cybersecurity controls. Experience with Cybersecurity Incident Response protocols. Cryptographic controls experience, including SSH key handling, logging, and auditing. Competence with Key Management Service … key rotation, and automation. Certifications such as AWS Certified Security, AWS Certified Advanced Networking, CCNA, CCNP are highly desirable. Experience designing solutions with a focus on AWS Security and Network services, including GuardDuty, Config, Security Hub, etc. Proficiency with Infrastructure as Code tools like Terraform. Solid understanding of DevOps practices with hands-on experience. Programming skills in More ❯

helping the team manage and deploy the environment in a secure and optimised manner. This will include managing the logging and SIEM aspects of the infrastructure and coordinating with application development teams to resolve issues. You will also work with the rest of the squad to incorporate more security checks into the CI/CD pipeline. The role … will include validation of planned changes to ensure that they comply with best practice and will also involve working with the Tesco Mobile Cyber Security Team. About the role The Tesco Mobile Engineering team is a truly cross functional team responsible for both the functional software development as well as the running and operation of tailored and product/… setting using and managing Splunk including defining data streams, indices and ingests and dashboards. Experience of CI/CD pipelines and adding security tooling to these. Experience using SAST and other techniques to improve code security. Automation experience using a variety of tools and languages including AWS CLI, python, etc. Containerisation technologies; Docker and Kubernetes. Exposure to Continuous Integration More ❯

Join to apply for the Principal Cloud Security Engineer role at Social Security Scotland Continue with Google Continue with Google 3 days ago Be among the first 25 applicants Join to apply for the Principal Cloud Security Engineer role at Social Security Scotland Social Security Scotland provided pay range This range is provided by Social … industry-standard frameworks like AWS Well-Architected or Azure Security Centre. Develop and enforce security controls within Infrastructure as Code (IaC) pipelines, integrating security testing (SAST, DAST, SCA) and automated compliance checks into CI/CD processes. Provide expert guidance on cloud security architecture, articulating security postures, and implementing mitigating controls to reduce risk. … solutions, including native security services (IAM, WAFs, threat detection), with a strong focus on embedding security within CI/CD pipelines using tools like Terraform, AWS CloudFormation, SAST, DAST, and SCA. Demonstrable experience leading DevSecOps initiatives, integrating security controls seamlessly into development and operational workflows, and collaborating effectively with Developers, Architects, and DevOps teams to promote security More ❯

If you need support in completing the application or if you require a different format of this document, please get in touch with at UKI.recruitment@tcs.com or call TCS London Office number 02031552100/+44 204 520 2575 with the subject line: “Application Support Request”. Role: Senior DevSecOps Developer Job Type : Permanent Location: Leamington/Gaydon, Hybrid … days on site) Are you ready to leverage your skills in automation and security ? We have a great opportunity for you - Senior DevSecOps Developer . Careers at TCS: It means more TCS is a purpose-led transformation company, built on belief. We do not just help businesses to transform through technology. We support them in making a meaningful difference … of networking concepts, technologies, and protocols (TCP/IP, IPSec, HTTP, FTP, DHCP, and DNS). Previous involvement in all stages of the software delivery lifecycle. Experience on SCA, SAST, and DAST tools. Skilled on IAC automation (Terraform). Desirable skills: An individual who is result driven demonstrates tenacity, drive and perseverance. Resilience, energy, and enthusiasm to deliver results under More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

least one object oriented language, e.g. Java, Go or Python Developing of RESTful API services & understanding of API Gateways (e.g. APIGEE) Building applications utilising container technologies e.g. Docker Managing application deployed to Kubernetes clusters, Istio & Helm Cloud: GCP, GKE, IaC (Terraform) Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube It would be … great if you also had... Experience in Spring Boot and Hibernate Experience of building microservice architecture and event driven systems Experience in Test automation: BDD, mocking, contract testing, Sast Exposure to web technologies, data tooling & infrastructure/networking About working for us Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society More ❯

least one object oriented language, e.g. Java, Go or Python Developing of RESTful API services & understanding of API Gateways (e.g. APIGEE) Building applications utilising container technologies e.g. Docker Managing application deployed to Kubernetes clusters, Istio & Helm Cloud: GCP, GKE, IaC (Terraform) Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube It would be … great if you also had... Experience in Spring Boot and Hibernate Experience of building microservice architecture and event driven systems Experience in Test automation: BDD, mocking, contract testing, Sast Exposure to web technologies, data tooling & infrastructure/networking About working for us Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society More ❯

least one object oriented language, e.g. Java, Go or Python Developing of RESTful API services & understanding of API Gateways (e.g. APIGEE) Building applications utilising container technologies e.g. Docker Managing application deployed to Kubernetes clusters, Istio & Helm Cloud: GCP, GKE, IaC (Terraform) Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube It would be … great if you also had... Experience in Spring Boot and Hibernate Experience of building microservice architecture and event driven systems Experience in Test automation: BDD, mocking, contract testing, Sast Exposure to web technologies, data tooling & infrastructure/networking About working for us Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society More ❯

least one object oriented language, e.g. Java, Go or Python Developing of RESTful API services & understanding of API Gateways (e.g. APIGEE) Building applications utilising container technologies e.g. Docker Managing application deployed to Kubernetes clusters, Istio & Helm Cloud: GCP, GKE, IaC (Terraform) Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube It would be … great if you also had... Experience in Spring Boot and Hibernate Experience of building microservice architecture and event driven systems Experience in Test automation: BDD, mocking, contract testing, Sast Exposure to web technologies, data tooling & infrastructure/networking About working for us Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society More ❯

SRE, with recent focus on AWS cloud engineering. Expert in AWS core services (EC2, VPC, IAM, S3, ALB/ELB, CloudFront, ECR/ECS, Elastic Beanstalk, Control Tower) and security tooling (GuardDuty, IAM Identity Center, CloudWatch). Strong Kubernetes (EKS/OpenShift) administration, Helm packaging and service-mesh … know-how. Proficient in IaC (Terraform, Terraform Cloud, CloudFormation), containerisation (Docker, Docker Compose) and Linux systems. Solid CI/CD engineering with GitHub Actions and Argo CD. Experience integrating SAST and DAST best practices. Scripting in Bash and Python or Go for automation. Demonstrated success delivering cloud cost-optimisation and high-security solutions for enterprise clients. Expertise in implementing … next position, then please send your CV and call for more information. This role is a hybrid role with 2 days a week onsite and the role also requires security clearance, so please only apply if you are eligible for security clearance or have current security clearance. More ❯

clients locally based skills and technical expertise to drive innovation and adoption of new technology. Your role and responsibilities As a Cybersecurity Architect, you will specialize in DevSecOps, integrating security into the software development lifecycle, automating security practices, and ensuring robust threat modeling and vulnerability management. Your primary focus will be on cloud-native and on-premises environments … governance across data access. Responsibilities: Integrate security into the software development lifecycle, automating security practices into CI/CD pipelines. Implement automated security testing (SCA, SAST, DAST) to identify and remediate vulnerabilities at every stage of development. Secure IaC configurations, ensuring secure provisioning, configuration management, and continuous monitoring of infrastructure. Utilize CNAPP and CSPM tools to … Cloud and Palo Alto security tools. Proficiency in DLP, CASB, and DAG technologies. Familiarity with DSPM tools, data classification tools, and CI/CD tools. Knowledge of SCA, SAST, and DAST tools. Experience with IaC security tools, container security tools, and Kubernetes security. ABOUT BUSINESS UNIT IBM Consulting is IBM's consulting and global professional services business More ❯

industry-standard frameworks like AWS Well-Architected or Azure Security Centre. Develop and enforce security controls within Infrastructure as Code (IaC) pipelines, integrating security testing (SAST, DAST, SCA) and automated compliance checks into CI/CD processes. Provide expert guidance on cloud security architecture, articulating security postures, and implementing mitigating controls to reduce risk. … industry-standard frameworks like AWS Well-Architected or Azure Security Centre. Develop and enforce security controls within Infrastructure as Code (IaC) pipelines, integrating security testing (SAST, DAST, SCA) and automated compliance checks into CI/CD processes. Provide expert guidance on cloud security architecture, articulating security postures, and implementing mitigating controls to reduce risk. … solutions, including native security services (IAM, WAFs, threat detection), with a strong focus on embedding security within CI/CD pipelines using tools like Terraform, AWS CloudFormation, SAST, DAST, and SCA. Demonstrable experience leading DevSecOps initiatives, integrating security controls seamlessly into development and operational workflows, and collaborating effectively with Developers, Architects, and DevOps teams to promote security More ❯

Principal Cloud Security Engineer (Closing date - 07/17/2025) hackajob Glasgow, Scotland, United Kingdom Join or sign in to find your next job Join to apply for the Principal Cloud Security Engineer (Closing date - 07/17/2025) role at hackajob Continue with Google Continue with Google Principal Cloud Security Engineer (Closing date … industry-standard frameworks like AWS Well-Architected or Azure Security Centre. Develop and enforce security controls within Infrastructure as Code (IaC) pipelines, integrating security testing (SAST, DAST, SCA) and automated compliance checks into CI/CD processes. Provide expert guidance on cloud security architecture, articulating security postures, and implementing mitigating controls to reduce risk. … solutions, including native security services (IAM, WAFs, threat detection), with a strong focus on embedding security within CI/CD pipelines using tools like Terraform, AWS CloudFormation, SAST, DAST, and SCA. Demonstrable experience leading DevSecOps initiatives, integrating security controls seamlessly into development and operational workflows, and collaborating effectively with Developers, Architects, and DevOps teams to promote security More ❯

Engineers across multiple cross-functional squads Champion quality engineering standards, automation, and BDD practices across the SDLC Define and implement test strategies across UI, API, Back End, performance, and security Embed automated testing into CI/CD pipelines and cloud- environments Collaborate with engineering, product and delivery teams to ensure solutions meet business and user needs Drive continuous … Strong background in cloud- testing (AWS/Azure), microservices, and infrastructure-as-code environments Knowledge of performance (eg, JMeter, Gatling) and security testing tools (eg, ZAP, SAST/DAST) Ability to drive BDD adoption and facilitate collaboration across tech and business Data-driven mindset with experience in defining and tracking quality KPIs Nice to Have: Background in … insurance or financial services Familiarity with FCA and regulatory testing frameworks Relevant certifications (eg, ISTQB, AWS Cloud Practitioner, Certified Agile Tester) If this sounds like the role for you, hit APPLY & a consultant will be in touch. #J-18808-Ljbffr More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with More ❯

skills Experience with Spring Boot and Hibernate Experience with JavaScript or other front-end technologies Building microservice architectures and event-driven systems Test automation: BDD, mocking, contract testing, SAST Knowledge of web technologies, data tooling, infrastructure, and networking About working for us We value diversity and inclusivity, ensuring our organization reflects modern society. We have initiatives supporting under-represented More ❯

one object oriented language, e.g. Java, Go or Python Developing of RESTful API services & understanding of API Gateways (e.g. APIGEE). Building applications utilising container technologies e.g. Docker. Managing application deployed to Kubernetes clusters, Istio & Helm. Cloud: GCP, GKE, IaC (Terraform). Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube. SQL/NoSQL database, Basic … in Spring Boot and Hibernate. Experience in JavaScript or other front-end technologies. Experience of building microservice architecture and event driven systems. Experience in Test automation: BDD, mocking, contract testing, Sast. Exposure to web technologies, data tooling & infrastructure/networking. About working for us Our focus is to ensure we're inclusive every day, building an organisation that reflects More ❯