12 of 12 Static Code Analysis Jobs in the East Midlands

Job Description: We are seeking a motivated Application Security Code Reviewer to join our team. The ideal candidate will be responsible for ensuring the security and integrity of our software applications using comprehensive code review tools and security testing. This role involves performing static code analysis, dynamic code analysis, and software composition analysis to identify and mitigate security vulnerabilities. The role could also include other tasks such as penetration tests and retests, automations, pipeline configurations, and more. Contract Duration: 12 MONTH CONTRACT Key Responsibilities: Configure and manage automated security testing tools to … perform regular scans of the codebase in static code analysis, dynamic, and API tests. Analyze the results of security scans and identify true positive findings. Collaborate with the development team to provide detailed feedback and recommendations for remediation of identified security issues. Document and report security findings More ❯

Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required. You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence … based security audit report . Key Responsibilities Perform static code analysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known … issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development More ❯

Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required. You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence … based security audit report . Key Responsibilities Perform static code analysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known … issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development More ❯

Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required. You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence … based security audit report . Key Responsibilities Perform static code analysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known … issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development More ❯

Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required. You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence … based security audit report . Key Responsibilities Perform static code analysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known … issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development More ❯

Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required. You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence … based security audit report . Key Responsibilities Perform static code analysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known … issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development More ❯

Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required. You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence … based security audit report . Key Responsibilities Perform static code analysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known … issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development More ❯

the development and evolution of CI/CD pipelines for all GIDS products using GitHub Actions, ArgoCD, TeamCity, Octopus Deploy, and GitOps principles. Integrate static and dynamic code analysis, vulnerability scanning, artifact promotion, and release gating into the SDLC. Ensure pipeline scalability and governance while maintaining developer … Grafana, Splunk, Datadog). Establish SLOs, SLIs, and error budgets with product and engineering teams. Drive root cause identification using distributed tracing, advanced log analysis, and anomaly detection. Security, Audit & Compliance Partner with security and compliance teams to embed controls into infrastructure and software delivery. Automate audit evidence collection … HashiCorp Vault, OPA, AWS IAM). Ensure all systems meet internal and regulatory audit requirements (SOC2, GDPR, etc.). Infrastructure & Automation Champion infrastructure-as-code (IaC) using Terraform, Helm, and Kubernetes for scalable cloud and hybrid deployments. Optimise infrastructure cost, elasticity, and resilience through autoscaling, canary deployments, and chaos More ❯

the development and evolution of CI/CD pipelines for all GIDS products using GitHub Actions, ArgoCD, TeamCity, Octopus Deploy, and GitOps principles. Integrate static and dynamic code analysis, vulnerability scanning, artifact promotion, and release gating into the SDLC. Ensure pipeline scalability and governance while maintaining developer … Grafana, Splunk, Datadog). Establish SLOs, SLIs, and error budgets with product and engineering teams. Drive root cause identification using distributed tracing, advanced log analysis, and anomaly detection. Security, Audit & Compliance Partner with security and compliance teams to embed controls into infrastructure and software delivery. Automate audit evidence collection … HashiCorp Vault, OPA, AWS IAM). Ensure all systems meet internal and regulatory audit requirements (SOC2, GDPR, etc.). Infrastructure & Automation Champion infrastructure-as-code (IaC) using Terraform, Helm, and Kubernetes for scalable cloud and hybrid deployments. Optimise infrastructure cost, elasticity, and resilience through autoscaling, canary deployments, and chaos More ❯

the development and evolution of CI/CD pipelines for all GIDS products using GitHub Actions, ArgoCD, TeamCity, Octopus Deploy, and GitOps principles. Integrate static and dynamic code analysis, vulnerability scanning, artifact promotion, and release gating into the SDLC. Ensure pipeline scalability and governance while maintaining developer … Grafana, Splunk, Datadog). Establish SLOs, SLIs, and error budgets with product and engineering teams. Drive root cause identification using distributed tracing, advanced log analysis, and anomaly detection. Security, Audit & Compliance Partner with security and compliance teams to embed controls into infrastructure and software delivery. Automate audit evidence collection … HashiCorp Vault, OPA, AWS IAM). Ensure all systems meet internal and regulatory audit requirements (SOC2, GDPR, etc.). Infrastructure & Automation Champion infrastructure-as-code (IaC) using Terraform, Helm, and Kubernetes for scalable cloud and hybrid deployments. Optimise infrastructure cost, elasticity, and resilience through autoscaling, canary deployments, and chaos More ❯

the development and evolution of CI/CD pipelines for all GIDS products using GitHub Actions, ArgoCD, TeamCity, Octopus Deploy, and GitOps principles. Integrate static and dynamic code analysis, vulnerability scanning, artifact promotion, and release gating into the SDLC. Ensure pipeline scalability and governance while maintaining developer … Grafana, Splunk, Datadog). Establish SLOs, SLIs, and error budgets with product and engineering teams. Drive root cause identification using distributed tracing, advanced log analysis, and anomaly detection. Security, Audit & Compliance Partner with security and compliance teams to embed controls into infrastructure and software delivery. Automate audit evidence collection … HashiCorp Vault, OPA, AWS IAM). Ensure all systems meet internal and regulatory audit requirements (SOC2, GDPR, etc.). Infrastructure & Automation Champion infrastructure-as-code (IaC) using Terraform, Helm, and Kubernetes for scalable cloud and hybrid deployments. Optimise infrastructure cost, elasticity, and resilience through autoscaling, canary deployments, and chaos More ❯

the development and evolution of CI/CD pipelines for all GIDS products using GitHub Actions, ArgoCD, TeamCity, Octopus Deploy, and GitOps principles. Integrate static and dynamic code analysis, vulnerability scanning, artifact promotion, and release gating into the SDLC. Ensure pipeline scalability and governance while maintaining developer … Grafana, Splunk, Datadog). Establish SLOs, SLIs, and error budgets with product and engineering teams. Drive root cause identification using distributed tracing, advanced log analysis, and anomaly detection. Security, Audit & Compliance Partner with security and compliance teams to embed controls into infrastructure and software delivery. Automate audit evidence collection … HashiCorp Vault, OPA, AWS IAM). Ensure all systems meet internal and regulatory audit requirements (SOC2, GDPR, etc.). Infrastructure & Automation Champion infrastructure-as-code (IaC) using Terraform, Helm, and Kubernetes for scalable cloud and hybrid deployments. Optimise infrastructure cost, elasticity, and resilience through autoscaling, canary deployments, and chaos More ❯