2 of 2 Contract Static Application Security Testing Jobs in England

scale Modernisation Programme. The role requires deep expertise in modern quality engineering practices, with the ability to guide delivery teams, implement QA standards, and ensure compliance with the full testing lifecycle. Technology Environment Cloud & Platform: HCP (Kubernetes-based) on AWS, with potential migration to Azure Monitoring: Kibana, Grafana, Splunk, PagerDuty (transitioning to … Dynatrace) CI/CD: GitLab pipelines Databases: Oracle RDS, SQL, MongoDB (limited use) Languages & Frameworks: Java 21, Spring Boot/Spring Batch Testing & Automation: Playwright, WireMock, OWASP ZAP (SAST, DAST, SCA), Gatling Key Responsibilities Define and implement QA principles within the workstream, aligned with programme strategy Collaborate with stakeholders to establish automation patterns and repeatable testing approaches Direct … (SIT) End-to-End Business Testing: Business Process Testing (BPT) Specialist Testing: Performance, Security, Accessibility, and Operational Acceptance Testing Secure Development: Oversight of SAST/DAST in CI/CD pipelines to ensure "Secure by Design More ❯

Security Vulnerability Engineer Contract - Inside IR35 London - Hybrid (2 - 3 days a week in office) 6 months Are you a skilled software engineer with a passion for cybersecurity? This company is seeking a talented individual to join their team as a Security vulnerability engineer. This is an excellent opportunity to make a real impact and contribute to the … company's security initiatives. Key Responsibilities: Manage and enhance the company's Bug Bounty Programme (HackerOne), including working with researchers to identify and report vulnerabilities Oversee bounty payouts and conduct risk landscape analysis Track vulnerabilities and define mitigation strategies Collaborate closely with developers to identify, understand, test, and validate fixes for vulnerabilities Required Skills and Qualifications: Expertise in Bug … familiarity with development technologies Skills include automation, MFA implementation, and experience with HackerOne or Similar Bug Bounty technology Desirable Good scripting experience (e.g. Python). Hands-on use of SAST, SCA, secrets scanning, and DAST tools, especially in CI/CD pipelines. Awareness of CI/CD and infrastructure security patterns (GitHub Actions, Terraform, Kubernetes, least-privilege IAM). More ❯