1 to 25 of 31 Static Application Security Testing Jobs in the UK

passionate Senior Application Security Engineer to lead our Software Composition Analysis (SCA) and Static Application Security Testing (SAST) initiatives, with a primary focus on driving the strategic implementation and optimization of our SCA tool. This is a pivotal, corporate-level role for an individual … that benefit the vast majority of our engineering teams, ensuring scalable and effective security measures before addressing niche requirements. Key Responsibilities SCA and SAST Leadership & Global Strategy: Serve as the primary technical lead and subject matter expert for SCA across Trimble, including SAST (if applicable); Drive the strategic vision ...

scope to infrastructure and cloud environments as maturity grows. Continuously simulate attacker techniques to validate product resilience. Ø Tooling & Automation Drive adoption of SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) solutions, with emphasis on Java and web application … continuous improvement. Knowledge, Skills and Abilities : Ø Strong knowledge of secure development practices, threat modeling, and vulnerability management. Ø Hands-on experience with SAST/DAST tools and CI/CD integration. Ø Excellent communication skills to engage developers, auditors, and executives. Ø Proven experience leading teams in agile/ ...

scope to infrastructure and cloud environments as maturity grows. Continuously simulate attacker techniques to validate product resilience. Ø Tooling & Automation Drive adoption of SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) solutions, with emphasis on Java and web application … continuous improvement. Knowledge, Skills and Abilities : Ø Strong knowledge of secure development practices, threat modeling, and vulnerability management. Ø Hands-on experience with SAST/DAST tools and CI/CD integration. Ø Excellent communication skills to engage developers, auditors, and executives. Ø Proven experience leading teams in agile/ ...

About the role The position will be based at our Tesco Technology offices in London. About the Security Partners team We are the trusted security advisors for Tesco Technology. Our purpose is to collaborate seamlessly with the product and engineering stakeholders, leveraging our deep expertise in cyber security … designing security/privacy controls to mitigate risks. Experience in application security, supply chain security, and using tools such as SAST, DAST, SCA, and IAC. • Experience in reviewing code to spot weaknesses and suggesting mitigations. Experience applying industry standards like OWASP ASVS (Application Security ...

About the role The position will be based at our Tesco Technology offices in London. About the Security Partners team We are the trusted security advisors for Tesco Technology. Our purpose is to collaborate seamlessly with the product and engineering stakeholders, leveraging our deep expertise in cyber security … designing security/privacy controls to mitigate risks. Experience in application security, supply chain security, and using tools such as SAST, DAST, SCA, and IAC. • Experience in reviewing code to spot weaknesses and suggesting mitigations. Experience applying industry standards like OWASP ASVS (Application Security ...

About the role An exciting opportunity to join a leading company and play an influential part in their continued dedication to Application Security. At Tesco, the application security team's strategy is to provide security tooling that fits seamlessly into software engineering teams ways of working … application security (Web, API, Mobile) • An understanding of microservices and container orchestration • Solid grasp of Application Security Tooling (SCA/SAST/DAST/IaC Security) • Knowledge of OWASP Top 10, Mitre Top 25 and CVSS frameworks, mapping to business risk • Experience in implementing security ...

About the role An exciting opportunity to join a leading company and play an influential part in their continued dedication to Application Security. At Tesco, the application security team's strategy is to provide security tooling that fits seamlessly into software engineering teams ways of working … application security (Web, API, Mobile) • An understanding of microservices and container orchestration • Solid grasp of Application Security Tooling (SCA/SAST/DAST/IaC Security) • Knowledge of OWASP Top 10, Mitre Top 25 and CVSS frameworks, mapping to business risk • Experience in implementing security ...

INFORMATION SECURITY SPECIALIST KEY POINTS * Hybrid working model (Stoke-on-Trent) - up to £55,000 p/a* Focus on application security, code analysis, threat modelling and penetration testing* Work closely with Software Development teams across a large technical environment* Opportunity to influence secure development practices … client in conjunction with this vacancy only. KEY SKILLS Application Security, AppSec, OWASP, Threat Modelling, Secure Development Lifecycle, Code Review, DAST, SAST, CI/CD, Penetration Testing, Supply Chain Security, Risk Assessment, Software Security, Automation ...

security standards such as OWASP Top 10, SANS Top 25, NIST, and ASVS. Hands-on experience with security tools like SAST, SCA, and container scanning, plus familiarity with programming languages such as Java, C#, and Python. Knowledge of modern development practices, including Agile, DevOps, and SecDevOps, enabling … clearly explain the rationale behind security fixes to ensure understanding and impact. Strong analytical skills to interpret and correlate data from sources like SAST, SCA, and penetration tests, identifying trends and prioritizing remediation efforts. The capability to link issues across multiple layers—code, infrastructure, identity, cloud environments, and third ...

Title: Senior Application Security EngineerSalary: £70,000Location: Reading/remote About the Organisation Join a fast-growing UK technology and consulting firm that's investing heavily in cutting-edge cyber security. With a strong focus on innovation, collaboration, and professional development, this company empowers its people to shape … software are secure by design. Drive vulnerability management and implement a risk-based approach across the technology stack. Perform security testing (SAST, DAST, SCA) and work with developers to remediate findings. Support cloud security controls (primarily Azure, including cloud-native apps). Champion secure development, threat modelling ...

Title: Senior Application Security EngineerSalary: £70,000Location: Reading/remote About the Organisation Join a fast-growing UK technology and consulting firm that's investing heavily in cutting-edge cyber security. With a strong focus on innovation, collaboration, and professional development, this company empowers its people to shape … software are secure by design. Drive vulnerability management and implement a risk-based approach across the technology stack. Perform security testing (SAST, DAST, SCA) and work with developers to remediate findings. Support cloud security controls (primarily Azure, including cloud-native apps). Champion secure development, threat modelling ...

Title: Senior Application Security Engineer Salary: £70,000 Location: Reading/remote About the Organisation Join a fast-growing UK technology and consulting firm that's investing heavily in cutting-edge cyber security. With a strong focus on innovation, collaboration, and professional development, this company empowers its people … software are secure by design. Drive vulnerability management and implement a risk-based approach across the technology stack. Perform security testing (SAST, DAST, SCA) and work with developers to remediate findings. Support cloud security controls (primarily Azure, including cloud-native apps). Champion secure development, threat modelling ...

show how much they can achieve. Our success is truly a collective effort - we succeed when all our people succeed. Softcat's Information Security team is seeking an Application Security Engineer with a strong emphasis on cloud security & secure development practice. This role … clear guidelines and best practices for secure coding and assist developers in implementing them across multiple languages (Java, C#, .NET, Python) Ensuring technologies like SAST, DAST and SCA are utilised effectively Establish and communicate metrics to help us understand effectiveness and measure improvement Support teams in developing, implementing and maintaining ...

Cyber Security Consultant £30,000 - £45,000 per annum Melton Mowbray Role Summary Our client is a growing MSP based in Melton Mowbray, helping organisations of all sizes strengthen their security posture and achieve recognised certifications. They are looking for a skilled Cyber Security Consultant specialising … CCRT/CCT or CHECK Team Member . OSCP/OSWE/OSEP/GPEN/eCPPT/similar. Experience with secure code review, SAST/DAST pipelines, or DevSecOps. Familiarity with ISO 27001 or wider GRC frameworks. What Our Client Offers: Competitive salary and annual performance bonus. Training budget ...

unrivalled - though this isn't for the feint of heart, an established Business in growth phase and a true Unicorn. The Role: The Senior Security Engineer will provide hands-on technical leadership within the UK, ensuring that cyber security strategy and architecture defined by Group are implemented effectively … have an initial teams/zoom with those selected. Keywords: Security Engineer, Senior Security Engineer, Palo Alto, SOC, SOC 2, ISO27001, CIS, SAST, DAST, VPN, Vulnerability, Pen Testing, InfoSec, CyberSec ...

About the role As a Cloud Security Engineer within the Run and Operate chapter at Tesco Mobile, you'll play a key role in securing and optimising our cloud platforms—primarily AWS and Azure. You'll help design, manage, and deploy secure solutions across a variety of environments, maintaining … Proven track record of delivering cloud and SaaS security improvement projects. Familiarity with CI/CD pipelines and integrating security tooling (e.g., SAST). Experience with infrastructure validation, threat identification, and risk mitigation. Nice to have: GitHub and GitHub Actions experience. Hands-on experience with Azure cloud security ...

Cloud & Security Engineer Hybrid - Belfast | Full-time About the Role: Our client is a leading organisation in the digital asset space, supporting institutional partners with secure, innovative technology solutions. They are seeking a Cloud & Security Engineer to help design, implement, and maintain secure multi-cloud environments while strengthening … Policy). Build security automation and IaC-driven deployments using Terraform or CloudFormation. Integrate security testing into CI/CD pipelines (SAST, DAST, IaC scanning). Ensure cloud infrastructure meets internal policies and regulatory standards. Configure cloud-native logging, monitoring, and incident response workflows. Collaborate with DevOps ...

immediately available Test Manager with experience in connected vehicle ecosystems, IoT, or automotive software testing? This role provides leadership and oversight across all test activities, from planning through execution to sign-off, with accountability for ensuring that solutions are robust, reliable, and fit for purpose. The Test Manager will … distributed systems and microservices architectures. Working knowledge of OWASP standards, common security vulnerabilities, and experience conducting or coordinating security testing including SAST, DAST, and penetration testing. Understanding of authentication and authorization frameworks (OAuth, JWT, SAML) and familiarity with secure coding practices and threat modelling Experience in test ...

join our Risk Technology function. In this role, you will architect and implement advanced DevOps solutions across a complex technology landscape, driving automation, security, and scalability for mission-critical applications. This is an exceptional opportunity to influence DevOps strategy and play a key role in enabling innovation within … domain expertise in: Cloud application development (IaaS, Serverless, API Management) Container orchestration (Docker, Kubernetes) Storage, compute, and networking components. Experience configuring and supporting SAST and DAST tools in enterprise environments. Excellent oral and written communication skills, with the ability to: Clearly articulate technical concepts to non-technical stakeholders Collaborate ...

Agile Scrum and design meetings Governance of web application CI/CD pipelines Governance of web application software quality (e.g. unit tests, SAST, SCA) Design and development of web application security Technical mentorship of frontend engineers What you'll need: At least 6 years of experience … similar modern JS framework) Experience mentoring and leading engineering team Experience with test libraries, such as Jest Practical knowledge of modern web application deployment infrastructures Fluency in English, written and verbal Strong knowledge of SDLC Benefits: Competitive salary Company Pension & Life Assurance Schemes On-site parking Hybrid Working Subsidised ...

Agile Scrum and design meetings Governance of web application CI/CD pipelines Governance of web application software quality (e.g. unit tests, SAST, SCA) Design and development of web application security Technical mentorship of frontend engineers What you'll need: At least 6 years of experience … similar modern JS framework) Experience mentoring and leading engineering team Experience with test libraries, such as Jest Practical knowledge of modern web application deployment infrastructures Fluency in English, written and verbal Strong knowledge of SDLC Benefits: Competitive salary Company Pension & Life Assurance Schemes On-site parking Hybrid Working Subsidised ...

client within Investment Banking are looking for a DevSecOps SME to join their team.The role will be working on the integration of security … practices into our DevOps pipelinesRequirements Design, implement, and maintaining secure CI/CD pipelines. Integrate security tools and practices into DevOps workflows (e.g., SAST, DAST, SCA, secrets management). Collaborate with development, operations, and security teams to implement and ensure secure coding and deployment practices. Advise on threat ...

client within Investment Banking are looking for a DevSecOps SME to join their team. The role will be working on the integration of security practices … into our DevOps pipelines Requirements Design, implement, and maintaining secure CI/CD pipelines. Integrate security tools and practices into DevOps workflows (e.g., SAST, DAST, SCA, secrets management). Collaborate with development, operations, and security teams to implement and ensure secure coding and deployment practices. Advise on threat ...

client within Investment Banking are looking for a DevSecOps SME to join their team. The role will be working on the integration of security practices … into our DevOps pipelines Requirements Design, implement, and maintaining secure CI/CD pipelines. Integrate security tools and practices into DevOps workflows (e.g., SAST, DAST, SCA, secrets management). Collaborate with development, operations, and security teams to implement and ensure secure coding and deployment practices. Advise on threat ...

client is a fast-growing cyber-defence and threat-intelligence company committed to protecting organisations from sophisticated cyber threats. They combine advanced security analytics, automation and human expertise to deliver real-time defence across modern cloud and on-prem environments. They are expanding their engineering team and looking … across cloud and on-prem environments. +Build and manage Infrastructure-as-Code (Terraform, Ansible, CloudFormation, etc.). +Integrate security tooling into development workflows: SAST, DAST, dependency scanning, secrets management, etc. +Collaborate with engineering teams to perform threat modelling and ensure secure system design. Key Skills and Experience: +Strong experience ...