2 of 2 Permanent Static Application Security Testing Jobs in Cardiff

Lead Test Engineer (Security) Location: Remote (UK-based) | Contract: Permanent Salary: £41,571 – £56,784 We’re delighted to be supporting a UK government organisation as they continue to transform their digital services. They are now seeking a Lead Test Engineer (Security) to take ownership of the security testing strategy across their platforms.This is an opportunity … to lead, mentor, and influence security testing practices in an agile, forward-thinking digital department with a strong focus on public value, collaboration, and continuous improvement.Key responsibilities Lead the organisation’s approach to non-functional security testing across the full software development lifecycle. Manage and support a team of testers, providing coaching, mentoring, and oversight of … Burp Suite, OWASP ZAP, Postman or SOAP UI, OAuth2/OpenID Jenkins/Concourse, Unix/Linux, AWS SQL/MongoDB/Oracle, Git, Karate DSL or Rest Assured SAST/DAST tools, IaC scanning, secrets detection tools Threat modelling (e.g. STRIDE, PASTA), OWASP Top 10 testing Salary & benefits Base salary: £41,571 – £45,784 DDaT allowance More ❯

The Cyber Security Architect will work closely with the solution architects and enterprise architects to improve and maintain the cyber security of NAVBLUE'S products, services and infrastructure. The ideal candidate will play a critical role in designing and implementing cybersecurity frameworks to align with the business objectives and mitigate potential threats. Main Responsibilities: Perform Security Risk … and Threat analysis during the initial design and the Software Development Life Cycle planning, analysis, and design phases. Providing recommendations and requirements for mitigating any security weaknesses identified while defining Non-Functional Requirements in coordination with Solutions Architects. Ensure Security by Design is embedded within the Software Development Life Cycle, while ensuring that all security requirements have … Working knowledge of the SDLC and AWS network architecture Knowledge of the SAFe Agile method would be an asset Understanding of security testing in the software pipeline (SAST, DAST, SCA, RASP) Knowledge of STRIDE, DICE and other threat and risk frameworks Knowledge of AWS tools Proven experience managing multiple projects simultaneously Practical interpersonal skills; adaptable to all levels More ❯