1 to 25 of 48 Permanent Dynamic Application Security Testing Jobs in England

London, United Kingdom Posted on 24/02/2025 Job Description: Security Testing Engineer Location: Remote with occasional travel as required Employment Type: Permanent About the Role Scrumconnect Consulting is looking for a Security Testing Engineer to ensure the security, resilience, and compliance of … GOV.UK digital services . This role involves identifying vulnerabilities, mitigating security risks, and ensuring adherence to government security policies and DDAT frameworks . You will work closely with developers, security architects, and business stakeholders to embed security testing into Agile development workflows and DevSecOps pipelines. … security test plans for GOV.UK digital services. Identify security vulnerabilities through static and dynamic application security testing (SAST & DAST) . Ensure security testing is seamlessly integrated into CI/CD pipelines and DevSecOps processes. Define security requirements and best practices, aligning More ❯

Description: The position is a cross-functional role that will be responsible for various Application Security program initiatives. The position reports directly to the Application Security Program Director. The successful candidate must be an individual who understands modern software development trends, understands engineering-led software security practices, and keeps up with the evolving cyber security threat landscape. The successful candidate will liaise with internal groups and our regional partners to ensure that program deliverables are met. Success in the role requires an innovative mind, a proven track record of delivering solutions that meet security … lifecycle. The primary focus will address testing needs within development organizations striving for continuous deployment and using automated security tooling including SAST, DAST, SCA, ASPM, Secrets Scanning, etc Within his/her leadership role, this individual is expected to mentor team members, set direction and lead execution of More ❯

We are seeking a Principal Security Engineer to lead and drive security engineering efforts across our cloud and application environments. This strategic, hands-on role requires expertise in cloud security, secure development practices, and the implementation of advanced security controls. You will serve as a … leader within the Consumer Security Engineering team, driving security initiatives across cloud platforms, microservice architectures, digital products, application security, and enterprise security. You will define and build comprehensive security strategies in collaboration with developers, DevSecOps engineers, ensuring that security is seamlessly integrated into our … with experience in integrating security into CI/CD pipelines using tools like Jenkins, GitLab, or similar. Experience implementing and managing SAST/DAST tools and processes to secure application development. Deep understanding of application security, including secure coding practices, OWASP Top 10, and API security More ❯

You will need to login before you can apply for a job. We are seeking a Principal Security Engineer to lead and drive security engineering efforts across our cloud and application environments. This strategic, hands-on role requires expertise in cloud security, secure development practices, and … the implementation of advanced security controls. You will serve as a leader within the Consumer Security Engineering team, driving security initiatives across cloud platforms, microservice architectures, digital products, application security, and enterprise security. You will define and build comprehensive security strategies in collaboration with … with experience in integrating security into CI/CD pipelines using tools like Jenkins, GitLab, or similar. Experience implementing and managing SAST/DAST tools and processes to secure application development. Deep understanding of application security, including secure coding practices, OWASP Top 10, and API security More ❯

Testing: - Security Analysis and Consulting - Static Application Security Testing (SAST) - Dynamic Application Security Testing (DAST) - Infrastructure Vulnerability Assessment - Mobile Application Penetration testing OWASP More ❯

Testing: - Security Analysis and Consulting - Static Application Security Testing (SAST) - Dynamic Application Security Testing (DAST) - Infrastructure Vulnerability Assessment - Mobile Application Penetration testing OWASP JBG81_UKTJ click apply for full job details More ❯

a job. View more categories View less categories Sector Engineering Role Specialist Contract Type Permanent Hours Full Time All the details Summary The Specialist Application Security Engineer will play a pivotal role in ensuring the integrity and security of our applications across various platforms. You will lead … and on-premises environments, employing a diverse suite of tools including Semgrep for SAST, Snyk for SCA, GHAS for secret scanning, Burp Suite for DAST, and scripting for automation. Forge partnerships with external vendors to optimize and seamlessly integrate security tools into our application security workflow, ensuring … record of leadership or significant contributions in similar roles. Proficiency in Semgrep for SAST, Snyk for SCA, GHAS for secret scanning, Burp Suite for DAST, and automation scripting. Understanding of application security principles and best practices. Experience integrating and optimizing security tools within development workflows, particularly within More ❯

Our consultancy client are currently looking for a couple of experienced Security/DevSecOps engineers to join their business. They operate in the FS and energy space so experience in banking or insurance or energy is a must for these roles. Working across clients you will develop and execute … Lead security initiatives across the SDLC, integrating Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and Container scanning using tools such as CheckmarxOne, Prisma Cloud, or equivalents. Collaborate with cross-functional teams to embed security … have strong knowledge of application security, secure coding practices, and tools like CheckmarxOne, Prisma Cloud, or similar platforms. With proficiency in SAST, DAST, SCA, and Container scanning, with hands-on experience integrating these tools into development pipelines. Extensive experience in endpoint security, cloud security, and network More ❯

treasury solutions, empowering investment firms with cutting-edge technology to optimize financial performance, enhance liquidity, and mitigate risk. As part of our commitment to security and innovation, we are expanding our Information Security Team and seeking a DevSecOps Engineer to drive security automation and best practices across … our cloud infrastructure and IT operations. Job Overview As a DevSecOps Engineer , you will play a pivotal role in integrating security practices into our DevOps pipeline and IT operations . Working at the intersection of operations, security, and development , you will collaborate closely with internal teams to safeguard … continuous monitoring of internal and third-party information security controls. Threat & Vulnerability Management: Assess SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) scans. Implement remediation and mitigation strategies in collaboration with development teams. Maintain network security protocols, firewalls More ❯

treasury solutions, empowering investment firms with cutting-edge technology to optimize financial performance, enhance liquidity, and mitigate risk. As part of our commitment to security and innovation, we are expanding our Information Security Team and seeking a DevSecOps Engineer to drive security automation and best practices across … our cloud infrastructure and IT operations. Job Overview As a DevSecOps Engineer , you will play a pivotal role in integrating security practices into our DevOps pipeline and IT operations . Working at the intersection of operations, security, and development , you will collaborate closely with internal teams to safeguard … continuous monitoring of internal and third-party information security controls. Threat & Vulnerability Management: Assess SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) scans. Implement remediation and mitigation strategies in collaboration with development teams. Maintain network security protocols, firewalls More ❯

create, and ultimately build an open, accessible and fair financial future, one piece of software at a time. We are looking for a Senior Application Security Engineer to join our Security team as we tackle some of the most interesting problems in the crypto space, like how … do we securely scale a distributed financial platform that touches millions of people a day. At Security is a mindset and a set of engineering approaches to better protect stakeholders, users and systems by building our creative engineering solutions to hard, sometimes previously unseen problems. The Security team … is responsible for the big picture of how systems are designed for Security, and we use a breadth of tools and approaches to solve a broad spectrum of problems. Practices aimed at achieving proactive identification of potential threat actors combined with in-depth investigation of security issues into More ❯

Responsibilities: The Security Architect reports to the Chief Information Security Officer. The Chief Information Security Officer determines the activities due by the Security Architect based on evolving needs to improve the company’s security posture and to secure CHAMP assets. Examples of the Security Architect’s responsibilities and duties include: Document and address information security, cybersecurity architecture, and systems security engineering requirements throughout the application acquisition or development life cycle. Employ secure configuration management processes Ensure that acquired or developed system(s) and architecture(s) are consistent with the security … data anonymization, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing) Ability to drive strategy to establish SAST and DAST framework Knowledge of the enterprise information technology (IT) architectural concepts and patterns Knowledge of installation, integration, and optimization of system components Knowledge of remote access More ❯

Application Security Consultant (AppSec) Permanent Role Fully Remote Up to £80K per annum Are you a skilled application security professional with a strong grasp of cloud-native development and a passion for safeguarding software systems? Join an innovative cyber security consultancy working at the forefront … of resilience, supporting clients across the military, government, finance, and tech sectors. As an Application Security Consultant, you'll be the go-to expert on software-level threats and controls. You'll play a key role in embedding security within cloud-native development environments-particularly AWS-by … teams in secure coding best practices through workshops, threat modelling, and code reviews. Define and enforce security checkpoints across the DevOps lifecycle (SAST, DAST, SCA). Champion secure API design, including robust authentication, authorisation, and validation techniques. Identify and mitigate security vulnerabilities through reviews and penetration test support. More ❯

UK based, primarily remote working with some travel required to our London Office. Sponsorship is not available for this role. What you will do: Security Integration in CI/CD Pipelines: Implement security controls within CI/CD pipelines using automation and best practices, ensuring vulnerabilities are caught … Response: Develop and maintain monitoring systems and respond to security incidents quickly and effectively. Automated Security Testing: Integrate and manage SAST, DAST, and other security testing tools to identify security issues in code and applications. Compliance and Governance: Develop and manage Azure policies to … as vulnerability scanners, intrusion detection systems, & security information & event management (SIEM) solutions. Knowledge of container management with Azure Container Registry. Experience in SAST, DAST & other techniques to improve code security Desirable: Proficiency in scripting, preferably with PowerShell. Understanding of DotNet development and deployment pipelines. Experience working with PCI More ❯

We support organisations across a variety of sectors including finance, retail, telecommunications, utilities, gaming, government and insurance. We’re looking for a Senior Information Security Consultant to join our growing team. The Senior Security Consultant is responsible for maintaining end-to-end security through compliance with global … policy, standards, regulations and industry best practices. This person works with Information Security management to implement a cloud first programme for enabling security standards across people, process and technology within the TransUnion Monevo portfolio. Day to Day You’ll Be: Guides and advises technology teams on infrastructure vulnerability … internal standards, best practices and architectures based on this information Assists Engineering teams with adoption to changes in application security tooling (SAST, DAST, etc.) and interpretation of its results to ensure vulnerabilities are addressed on a timely basis and prevented from deployment into production Builds relationships and partners More ❯

Principal Product Security Engineer Apply locations CZ - Prague UK - London time type Full time posted on Posted 6 Days Ago job requisition id JR103958 Our Product Security team is seeking a Principal Product Security Engineer to define and lead a secure development strategy and approach in a … fast-paced, agile development environment. You will be responsible for defining and driving security-related initiatives in collaboration with internal stakeholders. You will bring a wealth of technical expertise and industry experience spanning application security, cloud security, DevSecOps and CI/CD. The ideal candidate for … with secure software development lifecycle, security testing, vulnerability management. Experience with cloud technologies (AWS, Azure), security testing and automation (SAST, DAST, SCA), and AI/ML technologies. Deep understanding of DevSecOps principles and agile development. Knowledge of secure architecture and design principles, industry standards (NIST SSDF More ❯

Application Security Consultant – Remote CSSLP, CISSP, OSWE, GWAPT, CREST CRT/CCT App A leading Technology consultancy is looking for an Application Security Consultant to play a key role in embedding security into the heart of modern software development practices. The role: You’ll work … especially focused on cloud-native development in AWS environments. Key responsibilities include: Embedding secure coding practices and supporting design/code reviews Implementing SAST, DAST, SCA, and other security checks into DevOps workflows Supporting secure API design and cloud-native architecture Acting as a key escalation point for vulnerability … triage and remediation Delivering developer enablement through workshops and hands-on threat modelling What you’ll bring: 3+ years in application or product security roles Strong grasp of application-level threats, secure design, and remediation strategies Experience with IaC security (Terraform, CloudFormation), container security, and More ❯

Application Security Consultant – Remote CSSLP, CISSP, OSWE, GWAPT, CREST CRT/CCT App A leading Technology consultancy is looking for an Application Security Consultant to play a key role in embedding security into the heart of modern software development practices. The role: You’ll work … especially focused on cloud-native development in AWS environments. Key responsibilities include: Embedding secure coding practices and supporting design/code reviews Implementing SAST, DAST, SCA, and other security checks into DevOps workflows Supporting secure API design and cloud-native architecture Acting as a key escalation point for vulnerability … triage and remediation Delivering developer enablement through workshops and hands-on threat modelling What you’ll bring: 3+ years in application or product security roles Strong grasp of application-level threats, secure design, and remediation strategies Experience with IaC security (Terraform, CloudFormation), container security, and More ❯

My growing defence client is seeking a Security Engineer. You'll join a leading organisation that develops cutting edge products and technology. Role Purpose You'll own the security posture across our client's product portfolio—encompassing software, hardware, and services—by embedding robust security controls throughout … validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI/CD integration, SAST/DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience (5+ years) in product or application … series) and Defence Standards (JSPs, Def Stan 05-138/139). Hands-on experience with security testing tools and techniques (SAST, DAST, penetration testing). Eligible for UK SC clearance; right to work in the UK. Why Join? You'll Gain exposure to cutting-edge defence More ❯

My growing defence client is seeking a Security Engineer. You'll join a leading organisation that develops cutting edge products and technology. Role Purpose You'll own the security posture across our client's product portfolio-encompassing software, hardware, and services-by embedding robust security controls throughout … validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI/CD integration, SAST/DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience (5+ years) in product or application … series) and Defence Standards (JSPs, Def Stan 05-138/139). Hands-on experience with security testing tools and techniques (SAST, DAST, penetration testing). Eligible for UK SC clearance; right to work in the UK. Why Join? You'll Gain exposure to cutting-edge defence More ❯

on, delivery-focused role where you will embed DevSecOps principles into engineering pipelines, guide secure software development lifecycle (SSDLC) practices, and advise on adopting security tooling across cloud and hybrid environments. You will work closely with development, DevOps, and platform teams to uplift security maturity, enabling secure and … scalable software delivery aligned with industry standards and compliance requirements. Responsibilities Embed security practices into software development pipelines by integrating DevSecOps principles, automation tools, and governance controls. Support the definition, implementation, and continuous improvement of secure software development lifecycle (SSDLC) processes across internal and client delivery teams. Advise on … Experience collaborating with developers, DevOps, architects, and platform teams to design and implement secure software solutions. Exposure to application security tooling (SAST, DAST, SCA), cloud security services, and infrastructure-as-code security practices. Familiarity with agile or DevOps-based delivery models and working across multiple stakeholders More ❯

as Jenkins, GitLab or similar. Knowledge of Hashicorp Terraform and Hashicorp Vault. Awareness of SAST Security Testing - GitLab, Checkmarx, Veracode. Awareness of DAST Security Testing - GitLab, Veracode. Awareness of SCA/IAST Security Testing - Checkmarx, GitLab, Veracode. Awareness of Vulnerability Management - PA Prisma. Awareness … of QA Testing - Selenium. Certifications in Gitlab, Terraform and Vault would be preferable. About us With over 20,000 employees across the globe, we work at the heart of digitisation, advising organisations on IT strategy, implementing the most appropriate technology, and helping our customers to source, transform and manage More ❯

Security Systems Engineer - DevSecOps - Remote - Amazing role - to £70,0000 + Bens Once in a life time opportunity to join a scaling up tech company who are disrupting the digital security sector. My customer are an incredibly innovative scaling up tech company who are looking to recruit a … Security Systems Engineer with experience of DevSecOps, AWS, and terraform who is looking for a new challenge. Excellent salary - Up to 70k + pension + health + share scheme + flexible working + 25 days holidays. Complete remote role with quarterly meet-ups and customer site visits. Position Overview … with development and operations teams to ensure secure coding practices and configurations. Implement and manage security tools within the DevOps toolchain (e.g., SAST, DAST, SCA tools). Infrastructure Security Oversight: Design and oversee the implementation of secure infrastructure solutions, both on-premises and in the cloud. Ensure that More ❯

consistently updating our job descriptions to ensure we continue to lead in banking innovation. How you will contribute and key responsibilities: As a Senior Security Engineer, you will be instrumental in designing and implementing security measures for our mobile applications, services, and websites to meet the highest security standards. Your expertise will help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems … monitoring, networks, firewalls, load balancers, DNS, CDNs Working knowledge of agile DevSecOps environments, and CI/CD (Git, Concourse, Terraform) Working knowledge of SAST, DAST, RASP, and IAST tools and building security into existing SDLC processes Knowledge of cloud Security Architecture of public clouds (such as AWS or More ❯

the sole expert in this position, you'll spearhead Cyber projects with plans to build your own team in 2025 The role combines two dynamic elements: Core IT Security: Leverage your deep technical expertise to maintain the security of our infrastructure, servers, and systems. From leading our … Managed Security Service Providers (MSSPs), building a best-in-class Cyber training and awareness programme, and performing security audits on critical systems. Cybersecurity Governance: Implement governance and frameworks to embed security across the business, across IT, Engineering, and other business verticals, ensuring best-practice configurations become the … application gateways, private and service endpoints, and firewalls. Secure Software Development: Deep experience implementing effective secure coding practices (e.g., OWASP Top 10, SAST, DAST, SonarCloud). You can seamlessly integrate security into the SDLC with a shift-left approach. Cloud Security Tools: Practical experience with Azure Sentinel More ❯