11 Static Application Security Testing Jobs with Hybrid or WFH Options

DevSecOps Engineer Engineering, Software Development, DevOps, DevSecOps, Security Hybrid working - 1 day London, 4 day's work from home @mecscomms is recruiting for a DevSecOps Engineer, on behalf a major telecommunications service provider. The role is crucial in the operational efficiency & security of software development & deployment processes, through … the following; Multi cloud environments, AWS, Azure, managing Splunk, defining data streams, indices, ingests & dashboards, adding security tooling to CI/CD pipelines, SAST, code security, SonarCloud, AWS Security Hub, Source code, Github, Github Actions, IaC tooling, Automation, AWS CLI, Python, PowerShell, Azure CLI, Docker, Kubernetes etc … environments AWS & Azure etc. * Using & managing Splunk including defining data streams, indices & ingests & dashboards * CI/CD pipelines & adding security tooling to these * SAST & other techniques to improve code security * SonarCloud, AWS Security Hub, etc. to improve security position * Source code systems & branching strategies; Github & Github more »

Who we are looking for A Junior Information Security Specialist who will focus on the technical side of IT Security, specifically looking at application security and code analysis to ensure applications are built securely. The Information Security team deal with the security of closed … source, open source and in house written applications. Their objective is to ensure that systems and services are built with privacy and security by design. You will be working closely with the Software Development team, confirming that application based vulnerabilities are understood and mitigated. This is done from … a security assessment point of view rather than code QA, therefore code reading skills are desirable. The team comprises of a variety of individuals, ranging from graduates to time served engineers with backgrounds in systems admin, networks, service operation as well as security. We use first class, enterprise level more »

Who we are looking for A Junior Information Security Specialist who will focus on the technical side of IT Security, specifically looking at application security and code analysis to ensure applications are built securely. The Information Security team deal with the security of closed … source, open source and in house written applications. Their objective is to ensure that systems and services are built with privacy and security by design. You will be working closely with the Software Development team, confirming that application based vulnerabilities are understood and mitigated. This is done from … a security assessment point of view rather than code QA, therefore code reading skills are desirable. The team comprises of a variety of individuals, ranging from graduates to time served engineers with backgrounds in systems admin, networks, service operation as well as security. We use first class, enterprise level more »

Security Development Analyst Fully Remote - £35-45k Join a successful organisation as a Security Development Analyst. You'll review code, conduct security tests, and collaborate with key stakeholders within Software development. Candidates must be able to review code written in Java & C#. Key responsibilities for this … and addressing security vulnerabilities Working with stakeholders to enhance processes. Core skills & experience for this Security Analyst role: Security review methodologies: SAST, DAST, SBOM, SCA Implementing security tooling in CI/CD pipelines Threat modeling Code review (Java or C#) Familiarity with security frameworks like … more details, call 0161 438 1177 or follow us on Twitter @erinassociates for similar roles. Key words: Security Reviews, ISO Standards, SBOM, SCA, SAST, DAST, Threat Modelling, Security Tooling, Code Review, Manchester, North West, Java C#, Infosec, IT Security analyst Please get in touch on more »

As an Azure SecOps Engineer, you will play a vital role in managing and deploying environments securely and optimally. Responsibilities include overseeing logging and Security Information and Event Management (SIEM) aspects of infrastructure, collaborating with application development teams to resolve issues, and enhancing security measures within the … CI/CD pipeline and hold advanced Terraform experience. Skills and Experience Required: Significant commercial experience in security operations management. Proficiency with Azure. Terraform AKS … Azure Kubernetes Service) Familiarity with CI/CD pipelines and integrating security tooling. Knowledge of Static Application Security Testing (SAST) and other techniques for enhancing code security. more »

maintained strong employee satisfaction - over 94% of our employees approve of the CEO, and 89% would recommend working at Persistent to a friend. Role: Application Security Lead Location: Cardiff, UK - 3 Harbour Drive, Capital Waterside, Cardiff CF10 4WZ Job Type: Full-time/Contractor Mid-Senior Level Joining … Immediate or max within 3Weeks Hybrid (work from office on Tuesday, Wednesday and Thursday) About the role: Candidate should have a good experience in Application security with ability to Lead and drive the work with the offshore team. Candidate should have effective communication skills with excellent customer handling … Experience on Infrastructure & Application Vulnerability Assessments and Management. Validate and triage identified vulnerabilities. 2. Experience in vulnerability remediation. 3. Hands-on experience on SAST, DAST, SCA, Container scanning tools. 4. Advance GitHub Security experience. 5. Demonstrated scripting or other automation capabilities. 6. Ability to understand CVSSV3 risk rating more »

As the Lead Security Specialist at HL, you will join a team of security experts working with various modern technologies to ensure the security of HL's products. You will oversee security issues and requirements for all product teams, dealing with complex projects daily and serving … as the escalation point for the Product Security Specialist (PSS). You will lead threat modelling workshops and engage with key stakeholders to identify threats and recommend countermeasures. Additionally, you will lead a team of Product Security Specialists, providing leadership, technical guidance, and support in tailoring their development … preferrable. Knowledge of security principles, practices, and frameworks, such as OWASP, NIST, and ISO Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages more »

new permanent opportunity for an experienced Dev SecOps Engineer with fast growing specialist Fintech business. This is a great opportunity to join a new security focussed squad within their forward-thinking engineering team you will have a unique opportunity to shape what security means to the business. As … a passionate security advocate, you will navigate complex challenges and approach platform design pragmatically. Leverage modern tools, languages, and platforms to contribute to efficient, secure, and scalable delivery of high-performance products. Main responsibilities: Work within a newly formed Security squad to continuously improve security posture within … Mongo Atlas. Exposure to Audits/Compliance/Security frameworks (ISO27001, SOC2, OWASP, SAMM, DSOMM). Knowledge of embedded security (IDE plugins, SAST, DAST, SCA). Experience performing vulnerability scanning/penetration testing. Threat detection and prevention (IDS, IPS, SOC, Threat list blocking, WAF/SIEM). Cloud more »

As a Product Security Specialist (PSS) at HL, you will join a team of security experts who work with various modern technologies to ensure the security of HL's products. You will be the main point of contact for security issues and requirements for each assigned … development life-cycle. You will also facilitate threat modeling workshops assisting product teams in identifying and mitigating threats. What you will be doing Oversee security related issues across multiple product teams/squads. Working within Product teams, you will be the single point of contact for security related … required. Knowledge of security principles, practices, and frameworks, such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modeling and risk assessments. Interview process The interview process for this role is two stages more »

to contribute throughout the software development lifecycle, including design, development, and testing. Collaborate closely with DevOps engineers to optimize the development process for efficiency, security, and quality. Responsibilities: Develop high-quality, testable code and promote a collaborative team environment. Collaborate across teams to understand requirements and deliver system features. … Investigate and propose solutions for development challenges. Adhere to architecture, design, and security standards. Conduct code reviews and implement best practices. Develop reusable services and improve software performance. Streamline the software development lifecycle and recommend process improvements. Collaborate with DevOps engineers to enhance build and release processes. Partner with … and understanding RESTful architecture. Proficient with version control tools like GIT and infrastructure as code (Terraform). Knowledge of CI/CD tools and SAST/DAST tooling. Understanding of networking principles and cloud security frameworks. Experience with identity and access management tools. Familiarity with relational and NoSQL databases. more »

capabilities Investigate and propose solutions to development and design problems. Participate in work estimation, sprint planning and forecasting. Adhere to architecture, design, implementation, and security standards Experience and skills required: Experience of an agile software development environment and a working knowledge of DevOps and CI/CD principles. Proficiency … control tools, e.g., GIT Exposure to infrastructure as code i.e., Terraform Awareness of CI/CD tools i.e., Azure DevOps, YAML pipelines Experience with SAST/DAST tooling Awareness of networking principles within AWS, as well as HTTP, TLS, VPN, LAN/WAN etc Must have the right to work more »