8 of 8 Contract Static Application Security Testing Jobs in England

Senior Cyber Security Analyst (OWASP/SAST/DAST - Banking Client Application Security | Secure Design | Threat Modelling | DevSecOps Locations: London | Paris | Brussels | Amsterdam Rate: Flexible Duration: 12 months We are looking for a Cyber Security Analyst specialising in Application Security and Secure Architecture … implementing secure coding practices aligned with OWASP guidelines . Security Testing & DevSecOps Define and review security testing activities including SAST, DAST and software composition analysis (SCA) . Work with engineering teams to integrate security scanning into CI/CD pipelines . Analyse vulnerability scan results ...

Role Title: Application Security Specialist Duration: contract to run until 30/11/2026 Location: Knutsford, Hybrid 3 days per week onsite Rate: up to 517.78 p/d Umbrella inside IR35 Role purpose/summary We are looking for an Application Security Specialist … Conduct security reviews, threat modelling, and vulnerability assessments. Support secure coding practices and provide guidance to development teams. Operate security scanning tools (SAST/DAST/IAST). Validate remediation of vulnerabilities and track risk reductions. Contribute to secure design standards and best practices. Work with DevOps ...

Role Title: Application Security Specialist Duration: contract to run until 30/11/2026 Location: Knutsford, Hybrid 3 days per week onsite Rate: up to £517.78 p/d Umbrella inside IR35 Role purpose/summary We are looking for an Application Security Specialist … Conduct security reviews, threat modelling, and vulnerability assessments. Support secure coding practices and provide guidance to development teams. Operate security scanning tools (SAST/DAST/IAST). Validate remediation of vulnerabilities and track risk reductions. Contribute to secure design standards and best practices. Work with DevOps ...

best practices. # Expertise in Test Driven Development (TDD) and Behaviour Driven Development (BDD) methodologies for backend services. # Strong appreciation and practical application of architectural standards and processes essential in large-scale organisations. # Extensive experience or deep exposure to the following technologies: o Java o Spring Boot … e.g., IntelliJ IDEA) o Fossa (or similar open-source licence compliance tools) o SonarQube (or similar code quality analysis tools) o Checkmarx (or similar static application security testing tools) o Cycode (or similar software supply chain security platforms) Desirable (not essential) Skills: Software Engineer Back ...

feel at home here. Key Responsibilities Design, build, and maintain enterprise-scale CI/CD pipelines across multi-service environments Integrate build, test, security scanning, and deployment workflows Automate cloud infrastructure using Infrastructure as Code (Terraform preferred) Build and manage container platforms using Docker and Kubernetes (AKS/… Deep Infrastructure as Code expertise (Terraform highly preferred) Kubernetes and container orchestration experience Strong scripting skills (Python, Bash, PowerShell) Good understanding of DevSecOps practices (SAST, DAST, secrets management, code scanning) Excellent troubleshooting and systems integration skills Nice to Have Cloud/DevOps certifications (Azure DevOps Engineer, AWS DevOps ...

maintain CI/CD pipelines and automate build, deployment and environment provisioning. - Monitoring and alerting implementation (Azure Monitoring, App Insights, Log Analytics) - Plan testing and release readiness with engineering team, business and external partners - Work closely with Engineering leads and security team to ensure solutions delivered is aligned … Proven hands-on experience with BICEP and ARM - Experience building and securing CI/CD pipelines in Azure DevOps - Integration of security tooling (SAST, DSAT, dependency scanning, secret scanning) and security remediation planning and execution - Identity and access management - Experience of DevSecOps framework design - Experience of incident response ...

observability and incident readiness. Day to day, you can expect to be shipping small, frequent changes using trunk-based development and feature flags, embedding security and quality gates directly into CI, and working with colleagues across Release, QE, and Environments to ensure every deployment is traceable, auditable, and safe. … experience, including progressive delivery techniques such as canary releases, blue/green deployments, and automated rollback Solid grasp of secure-by-design practices: SAST, SCA, DAST, IaC scanning, SBOM, WAF configuration, and pipeline attestations Experience building and managing ephemeral, production-like environments with data-on-demand capability Strong observability skills ...

audit-ready evidence. - Design for ephemeral/data-ready environments (idempotent data, test hooks, parity enforcement). - Embed contract/performance/resilience/security tests in CI; elevate squad testability patterns. - Partner with … Release on SLO/error-budget readiness for go/no-go. Secure by design & compliance as code - Ensure every pipeline has push protection, SAST/SCA/DAST, IaC scanning, and secure defaults; implement WAF requirements for external endpoints; maintain SBOM/pipeline attestations where applicable. Release linked observability ...