DevSecOps Engineer
🚨 Contract Opportunity – Application Security Engineer / DevSecOps (DAST / API Security) 🚨
📍 Leeds (Hybrid – 2 days onsite)
📄 Initial 3-month contract (likely extension)
⚡ Start: ASAP
I’m currently looking to connect with Application Security / DevSecOps Engineers who have strong experience building and scaling DAST capabilities within CI/CD pipelines.
We’re supporting a consultancy delivering into a well-respected organisation in Leeds, where there’s an established engineering team in place – but a clear gap around hands-on DevSecOps expertise, specifically across DAST pipelines and ZAP.
This is a great opportunity to own and shape DevSecOps capability within a large-scale engineering environment — moving from siloed testing to fully embedded, modern security practices.
🔧 What you’ll be doing:
Designing and scaling DAST capabilities across API & UI layers
Implementing Checkmarx ZAP-based security pipelines
Embedding security into Azure DevOps (ADO) CI/CD workflows (YAML)
Acting as the technical owner for AppSec tooling and practices
Partnering with engineering squads to drive adoption and best practice
Supporting teams hands-on during build/release cycles
Championing shift-left security across the platform
✅ What we’re looking for:
Strong background in DevSecOps / Application Security
Proven experience with DAST tooling (ZAP ideally) in pipelines
Hands-on with Azure DevOps (YAML pipelines)
Solid understanding of API & web application security
Ability to influence and work across multiple engineering teams
A pragmatic, delivery-focused mindset
➕ Nice to have:
Experience in Power Platform / D365 environments
Broader AppSec exposure (SAST, SCA, etc.)
Experience enabling teams vs. operating purely centrally
Ensure security testing is fully embedded as we move into early and full E2E testing
Act as the central point of ownership for tooling stability, upgrades, and continuous improvement
Hand over the knowledge to the squad testers and NFT tester
If this sounds like you and you’d like to discuss this role further or explore next steps, please get in contact with Charlie at WRK digital.