1 to 25 of 71 Static Application Security Testing Jobs in the UK

London, United Kingdom Posted on 24/02/2025 Job Description: Security Testing Engineer Location: Remote with occasional travel as required Employment Type: Permanent About the Role Scrumconnect Consulting is looking for a Security Testing Engineer to ensure the security, resilience, and compliance of … GOV.UK digital services . This role involves identifying vulnerabilities, mitigating security risks, and ensuring adherence to government security policies and DDAT frameworks . You will work closely with developers, security architects, and business stakeholders to embed security testing into Agile development workflows and DevSecOps pipelines. … comprehensive security test plans for GOV.UK digital services. Identify security vulnerabilities through static and dynamic application security testing (SAST & DAST) . Ensure security testing is seamlessly integrated into CI/CD pipelines and DevSecOps processes. Define security requirements and best practices More ❯

SOFTWARE APPLICATION SECURITY ENGINEER £90,000 + 15% Bonus + Excellent Staff Benefits including Strong Pension, Life Assurance Hybrid Working ( 2 Days per Week Onsite ) An interesting opportunity has presented itself within one of the UKs largest Independent Software Based Organisations who are one of a major driving … forces behind Innovative Development of Enterprise-Led Internet Technology. They are now looking for an Application Security Engineer to join their existing & high performing In - House Security Team of 35 Staff including SOC & Cyber Analysts through to Experienced Cyber Security Engineers & Security Architects. As an … AppSec Engineer you will focus on the technical side of IT Security, specifically looking at Application Security & Code Analysis, ensuring their Applications are Built Securely. The Information & Cyber Security Team deal with the Security of Closed-Sourced, Open-Source & In-House Developed Applications ensuring that More ❯

We are seeking a Principal Security Engineer to lead and drive security engineering efforts across our cloud and application environments. This strategic, hands-on role requires expertise in cloud security, secure development practices, and the implementation of advanced security controls. You will serve as a … leader within the Consumer Security Engineering team, driving security initiatives across cloud platforms, microservice architectures, digital products, application security, and enterprise security. You will define and build comprehensive security strategies in collaboration with developers, DevSecOps engineers, ensuring that security is seamlessly integrated into our … in DevSecOps, with experience in integrating security into CI/CD pipelines using tools like Jenkins, GitLab, or similar. Experience implementing and managing SAST/DAST tools and processes to secure application development. Deep understanding of application security, including secure coding practices, OWASP Top 10, and More ❯

You will need to login before you can apply for a job. We are seeking a Principal Security Engineer to lead and drive security engineering efforts across our cloud and application environments. This strategic, hands-on role requires expertise in cloud security, secure development practices, and … the implementation of advanced security controls. You will serve as a leader within the Consumer Security Engineering team, driving security initiatives across cloud platforms, microservice architectures, digital products, application security, and enterprise security. You will define and build comprehensive security strategies in collaboration with … in DevSecOps, with experience in integrating security into CI/CD pipelines using tools like Jenkins, GitLab, or similar. Experience implementing and managing SAST/DAST tools and processes to secure application development. Deep understanding of application security, including secure coding practices, OWASP Top 10, and More ❯

Job Title: Application Security Engineer Job Type: Permanent Location: UK or Europe (Remote) Salary: $150,000 - $180000 About the Role My client is seeking an Application Security Engineer to strengthen our security posture by identifying vulnerabilities, integrating best practices into CI/CD pipelines , and … ensuring compliance with PCI DSS, SOC 2, GDPR, and CCPA . You'll work closely with development teams to embed security into the Software Development Lifecycle (SDLC) from the ground up. If you're passionate about securing applications and solving complex security challenges, we want to hear from … Conduct security reviews and threat modeling during the application design phase. Perform static and dynamic application security testing (SAST/DAST) on internal and third-party applications. Define and maintain security standards for software development. Integrate security tools and processes into CI More ❯

Experience in the following types of Security Testing: - Security Analysis and Consulting - Static Application Security Testing (SAST) - Dynamic Application Security Testing (DAST) - Infrastructure Vulnerability Assessment - Mobile Application Penetration testing OWASP More ❯

Senior Security Engineer We are seeking an experienced Senior Security Engineer to join our dynamic Security Team. In this key role, you will be a key contributor to Funding Circle's cloud and application security posture. You will leverage your deep expertise in AWS security, secure software development lifecycle (SSDLC) practices, and CI/CD security to implement and champion robust security solutions. You will act as a subject matter expert and mentor, collaborating closely with engineering and product teams to embed security seamlessly into our cloud infrastructure and development processes … designing, implementing, securing, and managing a wide range of AWS security services. Proven, hands-on experience architecting, building, and integrating security tooling (SAST, DAST, SCA, secrets management, IAST) and automated security controls within CI/CD pipelines (e.g., GitLab CI, Jenkins, GitHub Actions). Strong track record More ❯

Summary The Specialist Application Security Engineer will play a pivotal role in ensuring the integrity and security of our applications across various platforms. You will lead the charge in implementing robust security measures, collaborating closely with cross-functional teams to fortify our defences against cyber threats. … ll do Focused on application security initiatives across cloud and on-premises environments, employing a diverse suite of tools including Semgrep for SAST, Snyk for SCA, GHAS for secret scanning, Burp Suite for DAST, and scripting for automation. Forge partnerships with external vendors to optimize and seamlessly integrate … hands-on experience in application security, with a track record of leadership or significant contributions in similar roles. Proficiency in Semgrep for SAST, Snyk for SCA, GHAS for secret scanning, Burp Suite for DAST, and automation scripting. Understanding of application security principles and best practices. Experience More ❯

growth has landed Smarsh in the annual Inc. 5000 list of fastest-growing American companies since 2008. We are looking for an experienced Product Security Engineer to partner with engineering teams and proactively identify, assess, and remediate security risks across our product portfolio. This role will focus on … secure development practices, vulnerability management, threat modelling, and driving a shift-left security culture. The ideal candidate is a pragmatic problem solver with strong technical expertise in application security, cloud security, and DevSecOps. You will work closely with product owners, software engineers, and platform teams to … and security assessments for new features, architectures, and services. Vulnerability Management & Remediation: Work closely with engineering teams to identify and remediate vulnerabilities from SAST, DAST, SCA, container security, and cloud security scans. Code & Architecture Review: Conduct secure code reviews and architectural security assessments to identify risks More ❯

Our consultancy client are currently looking for a couple of experienced Security/DevSecOps engineers to join their business. They operate in the FS and energy space so experience in banking or insurance or energy is a must for these roles. Working across clients you will develop and execute … strategies to fortify infrastructure, networks, and cloud environments. Lead security initiatives across the SDLC, integrating Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and Container scanning using tools such as CheckmarxOne, Prisma Cloud, or equivalents. Collaborate … will have strong knowledge of application security, secure coding practices, and tools like CheckmarxOne, Prisma Cloud, or similar platforms. With proficiency in SAST, DAST, SCA, and Container scanning, with hands-on experience integrating these tools into development pipelines. Extensive experience in endpoint security, cloud security, and More ❯

a job. View more categories View less categories Sector Engineering Role Specialist Contract Type Permanent Hours Full Time All the details Summary The Specialist Application Security Engineer will play a pivotal role in ensuring the integrity and security of our applications across various platforms. You will lead … ll do Focused on application security initiatives across cloud and on-premises environments, employing a diverse suite of tools including Semgrep for SAST, Snyk for SCA, GHAS for secret scanning, Burp Suite for DAST, and scripting for automation. Forge partnerships with external vendors to optimize and seamlessly integrate … hands-on experience in application security, with a track record of leadership or significant contributions in similar roles. Proficiency in Semgrep for SAST, Snyk for SCA, GHAS for secret scanning, Burp Suite for DAST, and automation scripting. Understanding of application security principles and best practices. Experience More ❯

treasury solutions, empowering investment firms with cutting-edge technology to optimize financial performance, enhance liquidity, and mitigate risk. As part of our commitment to security and innovation, we are expanding our Information Security Team and seeking a DevSecOps Engineer to drive security automation and best practices across … our cloud infrastructure and IT operations. Job Overview As a DevSecOps Engineer , you will play a pivotal role in integrating security practices into our DevOps pipeline and IT operations . Working at the intersection of operations, security, and development , you will collaborate closely with internal teams to safeguard … alerts across Infosec, servers, firewalls, and applications. Conduct continuous monitoring of internal and third-party information security controls. Threat & Vulnerability Management: Assess SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) scans. Implement remediation and mitigation strategies in collaboration More ❯

treasury solutions, empowering investment firms with cutting-edge technology to optimize financial performance, enhance liquidity, and mitigate risk. As part of our commitment to security and innovation, we are expanding our Information Security Team and seeking a DevSecOps Engineer to drive security automation and best practices across … our cloud infrastructure and IT operations. Job Overview As a DevSecOps Engineer , you will play a pivotal role in integrating security practices into our DevOps pipeline and IT operations . Working at the intersection of operations, security, and development , you will collaborate closely with internal teams to safeguard … alerts across Infosec, servers, firewalls, and applications. Conduct continuous monitoring of internal and third-party information security controls. Threat & Vulnerability Management: Assess SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) scans. Implement remediation and mitigation strategies in collaboration More ❯

A Senior Information Security Specialist, who will focus on the technical side of IT Security, specifically looking at application security and code analysis to ensure applications are built securely. The application security team deals with the security of closed source, open source, and … that is secure and compliant with the Company's regulatory obligations. You will be working closely with the software development function to ensure that application-based vulnerabilities are understood and mitigated. It is therefore important that you possess an understanding of the Secure Software Development Lifecycles and the assessment … of code. This role is part of the broader Information Security department, which is comprised of engineers and analysts with varying backgrounds. Collectively, the team utilises enterprise and bespoke tooling to identify and mitigate threats to safeguard the Business. This role is eligible for inclusion in the Company's More ❯

Who we are looking for A Senior Information Security Specialist, who will focus on the technical side of IT Security, specifically looking at application security and code analysis to ensure applications are built securely. The application security team deal with the security of … that is secure and compliant with the Company’s regulatory obligations. You will be working closely with the software development function, to ensure that application based vulnerabilities are understood and mitigated. It is therefore important that you possess an understanding of the Secure Software Development Lifecycles and the assessment … of code. This role is part of the broader Information Security department, which is comprised of engineers and analysts with varying backgrounds. Collectively, the team utilises enterprise and bespoke tooling to identify and mitigate threats to safeguard the Business. This role is eligible for inclusion in the Company’s More ❯

Who we are looking for A Senior Information Security Specialist, who will focus on the technical side of IT Security, specifically looking at application security and code analysis to ensure applications are built securely. The application security team deal with the security of … that is secure and compliant with the Company’s regulatory obligations. You will be working closely with the software development function, to ensure that application based vulnerabilities are understood and mitigated. It is therefore important that you possess an understanding of the Secure Software Development Lifecycles and the assessment … of code. This role is part of the broader Information Security department, which is comprised of engineers and analysts with varying backgrounds. Collectively, the team utilises enterprise and bespoke tooling to identify and mitigate threats to safeguard the Business. This role is eligible for inclusion in the Company’s More ❯

Responsibilities: The Security Architect reports to the Chief Information Security Officer. The Chief Information Security Officer determines the activities due by the Security Architect based on evolving needs to improve the company’s security posture and to secure CHAMP assets. Examples of the Security Architect’s responsibilities and duties include: Document and address information security, cybersecurity architecture, and systems security engineering requirements throughout the application acquisition or development life cycle. Employ secure configuration management processes Ensure that acquired or developed system(s) and architecture(s) are consistent with the security … malicious content, data anonymization, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing) Ability to drive strategy to establish SAST and DAST framework Knowledge of the enterprise information technology (IT) architectural concepts and patterns Knowledge of installation, integration, and optimization of system components Knowledge of More ❯

Application Security Consultant (AppSec) Permanent Role Fully Remote Up to £80K per annum Are you a skilled application security professional with a strong grasp of cloud-native development and a passion for safeguarding software systems? Join an innovative cyber security consultancy working at the forefront … of resilience, supporting clients across the military, government, finance, and tech sectors. As an Application Security Consultant, you'll be the go-to expert on software-level threats and controls. You'll play a key role in embedding security within cloud-native development environments-particularly AWS-by … development teams in secure coding best practices through workshops, threat modelling, and code reviews. Define and enforce security checkpoints across the DevOps lifecycle (SAST, DAST, SCA). Champion secure API design, including robust authentication, authorisation, and validation techniques. Identify and mitigate security vulnerabilities through reviews and penetration test More ❯

We support organisations across a variety of sectors including finance, retail, telecommunications, utilities, gaming, government and insurance. We’re looking for a Senior Information Security Consultant to join our growing team. The Senior Security Consultant is responsible for maintaining end-to-end security through compliance with global … policy, standards, regulations and industry best practices. This person works with Information Security management to implement a cloud first programme for enabling security standards across people, process and technology within the TransUnion Monevo portfolio. Day to Day You’ll Be: Guides and advises technology teams on infrastructure vulnerability … update internal standards, best practices and architectures based on this information Assists Engineering teams with adoption to changes in application security tooling (SAST, DAST, etc.) and interpretation of its results to ensure vulnerabilities are addressed on a timely basis and prevented from deployment into production Builds relationships and More ❯

UK based, primarily remote working with some travel required to our London Office. Sponsorship is not available for this role. What you will do: Security Integration in CI/CD Pipelines: Implement security controls within CI/CD pipelines using automation and best practices, ensuring vulnerabilities are caught … Incident Response: Develop and maintain monitoring systems and respond to security incidents quickly and effectively. Automated Security Testing: Integrate and manage SAST, DAST, and other security testing tools to identify security issues in code and applications. Compliance and Governance: Develop and manage Azure policies … such as vulnerability scanners, intrusion detection systems, & security information & event management (SIEM) solutions. Knowledge of container management with Azure Container Registry. Experience in SAST, DAST & other techniques to improve code security Desirable: Proficiency in scripting, preferably with PowerShell. Understanding of DotNet development and deployment pipelines. Experience working with More ❯

Principal Product Security Engineer Apply locations CZ - Prague UK - London time type Full time posted on Posted 6 Days Ago job requisition id JR103958 Our Product Security team is seeking a Principal Product Security Engineer to define and lead a secure development strategy and approach in a … fast-paced, agile development environment. You will be responsible for defining and driving security-related initiatives in collaboration with internal stakeholders. You will bring a wealth of technical expertise and industry experience spanning application security, cloud security, DevSecOps and CI/CD. The ideal candidate for … experience with secure software development lifecycle, security testing, vulnerability management. Experience with cloud technologies (AWS, Azure), security testing and automation (SAST, DAST, SCA), and AI/ML technologies. Deep understanding of DevSecOps principles and agile development. Knowledge of secure architecture and design principles, industry standards (NIST More ❯

Cloud Security Architect, AWS ProServe India Job ID: AWS ProServe IN - Maharashtra AWS Sales, Marketing, and Global Services (SMGS) is responsible for driving revenue, adoption, and growth from the largest and fastest growing small- and mid-market accounts to enterprise-level customers including public sector. At Amazon, Security is Top Priority. We are looking for security architects who are passionate about Cloud Security. Ideal candidates are those who have working experience with AWS Cloud, Cloud Security, Infrastructure Security, Network Security, Cloud Security Assessment, Penetration testing, Application security assessment, Compliance … AWS Organisations, Web Application Firewall, AWS Network Firewall, GWLB based Security Appliances. Have implementation knowledge to deliver DevSecOps pipeline with IaC scanner, SAST, DAST tool in the SDLC. Hands-on experience in one of the following is mandatory: Identity and Access Management Data Encryption Network Security Incident More ❯

This is a leading product role within the GitLab Sec Section. The Sec section provides GitLab Ultimate customers with comprehensive coverage for all their Security needs across the SDLC, from development to production, including risk assessment, compliance frameworks, application security posture, and vulnerability management. Enable AppSec and … the software supply chain. All these capabilities are driven not only by GitLab's broad set of application security testing scanners (SAST, SCA, Secret Scanning, DAST, etc.) but also by GitLab's AI-powered vulnerability resolution and explanation engine. As our new Sr. Product Manager, you will … detailed roadmap for our Vulnerability Management & Insights solution, ensuring they align with both our company's objectives and evolving market demands within our broader Application Security platform. You will collaborate closely with the relevant engineering teams and Product team members of the different scanners and adjacent areas like More ❯

Application Security Consultant – Remote CSSLP, CISSP, OSWE, GWAPT, CREST CRT/CCT App A leading Technology consultancy is looking for an Application Security Consultant to play a key role in embedding security into the heart of modern software development practices. The role: You’ll work … is especially focused on cloud-native development in AWS environments. Key responsibilities include: Embedding secure coding practices and supporting design/code reviews Implementing SAST, DAST, SCA, and other security checks into DevOps workflows Supporting secure API design and cloud-native architecture Acting as a key escalation point for … vulnerability triage and remediation Delivering developer enablement through workshops and hands-on threat modelling What you’ll bring: 3+ years in application or product security roles Strong grasp of application-level threats, secure design, and remediation strategies Experience with IaC security (Terraform, CloudFormation), container security More ❯

Application Security Consultant – Remote CSSLP, CISSP, OSWE, GWAPT, CREST CRT/CCT App A leading Technology consultancy is looking for an Application Security Consultant to play a key role in embedding security into the heart of modern software development practices. The role: You’ll work … is especially focused on cloud-native development in AWS environments. Key responsibilities include: Embedding secure coding practices and supporting design/code reviews Implementing SAST, DAST, SCA, and other security checks into DevOps workflows Supporting secure API design and cloud-native architecture Acting as a key escalation point for … vulnerability triage and remediation Delivering developer enablement through workshops and hands-on threat modelling What you’ll bring: 3+ years in application or product security roles Strong grasp of application-level threats, secure design, and remediation strategies Experience with IaC security (Terraform, CloudFormation), container security More ❯