Gloucester, Gloucestershire, South West Hybrid / WFH Options
BAE Systems
following: Programming in one or more of JavaScript, Java, .Net, Python Collaboratively designing and building Proof of Concept or Production systems Source controlling your code with Version Control Systems, for example Git, Mercurial, Perforce Utilising CI/CD tools, such as Bamboo, Jenkins, TeamCity, Bitbucket, in order to streamline … delivery of new features and fixes Continual testing of code using Automated Testing Frameworks Ensuring code consistency and quality by utilising staticcodeanalysis tools e.g. SonarQube Team working inside an agile environment e.g. Scrum, Lean, Kanban Common software design patterns Using precedent and your More ❯
Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required. You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence … based security audit report . Key Responsibilities Perform staticcodeanalysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known … issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development More ❯
Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required. You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence … based security audit report . Key Responsibilities Perform staticcodeanalysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known … issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development More ❯
Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required. You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence … based security audit report . Key Responsibilities Perform staticcodeanalysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known … issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development More ❯
Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required. You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence … based security audit report . Key Responsibilities Perform staticcodeanalysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known … issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development More ❯
Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required. You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence … based security audit report . Key Responsibilities Perform staticcodeanalysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known … issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development More ❯
Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required. You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence … based security audit report . Key Responsibilities Perform staticcodeanalysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known … issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development More ❯
Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required. You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence … based security audit report . Key Responsibilities Perform staticcodeanalysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known … issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development More ❯
Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required. You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence … based security audit report . Key Responsibilities Perform staticcodeanalysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known … issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development More ❯
attention to fault management, fault reporting and health status of applications Produce, maintain related supporting documentations (interface control documentation, input to user manuals, fault code lists and actions) Work with customers to assist integration, commissioning, and problem resolution activities, sometimes on-site Understand the customer’s technical needs and … control, particularly SVN and GIT Use of Jira and Confluence for software requirements and task capture Experience of using unit testing tools and technologies Staticcodeanalysis Windows/User Interfaces Visual Studio C/C++ and C# Low latency programming techniques Networking (TCP/UDP) Personal More ❯
the development and evolution of CI/CD pipelines for all GIDS products using GitHub Actions, ArgoCD, TeamCity, Octopus Deploy, and GitOps principles. Integrate static and dynamic codeanalysis, vulnerability scanning, artifact promotion, and release gating into the SDLC. Ensure pipeline scalability and governance while maintaining developer … Grafana, Splunk, Datadog). Establish SLOs, SLIs, and error budgets with product and engineering teams. Drive root cause identification using distributed tracing, advanced log analysis, and anomaly detection. Security, Audit & Compliance Partner with security and compliance teams to embed controls into infrastructure and software delivery. Automate audit evidence collection … HashiCorp Vault, OPA, AWS IAM). Ensure all systems meet internal and regulatory audit requirements (SOC2, GDPR, etc.). Infrastructure & Automation Champion infrastructure-as-code (IaC) using Terraform, Helm, and Kubernetes for scalable cloud and hybrid deployments. Optimise infrastructure cost, elasticity, and resilience through autoscaling, canary deployments, and chaos More ❯
the development and evolution of CI/CD pipelines for all GIDS products using GitHub Actions, ArgoCD, TeamCity, Octopus Deploy, and GitOps principles. Integrate static and dynamic codeanalysis, vulnerability scanning, artifact promotion, and release gating into the SDLC. Ensure pipeline scalability and governance while maintaining developer … Grafana, Splunk, Datadog). Establish SLOs, SLIs, and error budgets with product and engineering teams. Drive root cause identification using distributed tracing, advanced log analysis, and anomaly detection. Security, Audit & Compliance Partner with security and compliance teams to embed controls into infrastructure and software delivery. Automate audit evidence collection … HashiCorp Vault, OPA, AWS IAM). Ensure all systems meet internal and regulatory audit requirements (SOC2, GDPR, etc.). Infrastructure & Automation Champion infrastructure-as-code (IaC) using Terraform, Helm, and Kubernetes for scalable cloud and hybrid deployments. Optimise infrastructure cost, elasticity, and resilience through autoscaling, canary deployments, and chaos More ❯
the development and evolution of CI/CD pipelines for all GIDS products using GitHub Actions, ArgoCD, TeamCity, Octopus Deploy, and GitOps principles. Integrate static and dynamic codeanalysis, vulnerability scanning, artifact promotion, and release gating into the SDLC. Ensure pipeline scalability and governance while maintaining developer … Grafana, Splunk, Datadog). Establish SLOs, SLIs, and error budgets with product and engineering teams. Drive root cause identification using distributed tracing, advanced log analysis, and anomaly detection. Security, Audit & Compliance Partner with security and compliance teams to embed controls into infrastructure and software delivery. Automate audit evidence collection … HashiCorp Vault, OPA, AWS IAM). Ensure all systems meet internal and regulatory audit requirements (SOC2, GDPR, etc.). Infrastructure & Automation Champion infrastructure-as-code (IaC) using Terraform, Helm, and Kubernetes for scalable cloud and hybrid deployments. Optimise infrastructure cost, elasticity, and resilience through autoscaling, canary deployments, and chaos More ❯
the development and evolution of CI/CD pipelines for all GIDS products using GitHub Actions, ArgoCD, TeamCity, Octopus Deploy, and GitOps principles. Integrate static and dynamic codeanalysis, vulnerability scanning, artifact promotion, and release gating into the SDLC. Ensure pipeline scalability and governance while maintaining developer … Grafana, Splunk, Datadog). Establish SLOs, SLIs, and error budgets with product and engineering teams. Drive root cause identification using distributed tracing, advanced log analysis, and anomaly detection. Security, Audit & Compliance Partner with security and compliance teams to embed controls into infrastructure and software delivery. Automate audit evidence collection … HashiCorp Vault, OPA, AWS IAM). Ensure all systems meet internal and regulatory audit requirements (SOC2, GDPR, etc.). Infrastructure & Automation Champion infrastructure-as-code (IaC) using Terraform, Helm, and Kubernetes for scalable cloud and hybrid deployments. Optimise infrastructure cost, elasticity, and resilience through autoscaling, canary deployments, and chaos More ❯
and experience: Proven experience in Quality Assurance and Test automation of product quality system software, preferably for server ecosystem. Hands on experience of test code development and automation for firmware or system software. Excellent programming skills in C, Python and Bash scripts are required. System validation experience of platforms … concepts – ideally for the Arm architecture. “nice to have” skills and experience: Experience in validation of production quality firmware in server segment. Exposure to static and dynamic codeanalysis tools. Familiarity with Arm SystemReady SR Compliance Program Experience with Security Development Lifecycle (SDL) practices. Mentoring and line More ❯
