1 to 25 of 39 Permanent Dynamic Application Security Testing Jobs in England

Senior Application Security Engineer Location: Hybrid working or homeworking with view to attend office occasionally Salary: £60,000 – £70,000 per annum Bonus: Discretionary bonus of up to 10% Are you passionate about securing modern applications and cloud environments? We’re looking for a Senior Application Security Engineer to join my client's growing team and … play a key role in shaping the security posture of our organisation. About the Role As a Senior Application Security Engineer, you’ll bring deep expertise in application security testing, cloud security, and secure development practices. You’ll work closely with IT, development, and project teams to embed security into every stage … engineering. Strong knowledge of security tools and technologies (e.g. WAFs, AV, email/web gateways, ACLs). Expertise in secure coding practices and security testing (SAST, DAST, SCA, Pen Testing). Familiarity with OWASP Top 10, CWE, and remediation strategies. Hands-on experience with security testing tools and techniques. Excellent communication and documentation skills. More ❯

Job Title: Senior Application Security EngineerSalary: £70,000Location: Reading/remote About the Organisation Join a fast-growing UK technology and consulting firm that's investing heavily in cutting-edge cyber security. With a strong focus on innovation, collaboration, and professional development, this company empowers its people to shape the future of secure digital transformation across a wide … be part of a business that values expertise, agility, and doing the right thing - where everyone has the opportunity to make a genuine impact. About the Role The Senior Application Security Engineer will play a key role in protecting the organisation's infrastructure, cloud platforms, and applications. Working within a highly technical and collaborative cyber team - supported by … initiatives, ensuring systems and software are secure by design. Drive vulnerability management and implement a risk-based approach across the technology stack. Perform security testing (SAST, DAST, SCA) and work with developers to remediate findings. Support cloud security controls (primarily Azure, including cloud-native apps). Champion secure development, threat modelling, and DevSecOps integration. Research emerging More ❯

Job Title: Senior Application Security Engineer Salary: £70,000 Location: Reading/remote About the Organisation Join a fast-growing UK technology and consulting firm that's investing heavily in cutting-edge cyber security. With a strong focus on innovation, collaboration, and professional development, this company empowers its people to shape the future of secure digital transformation across … be part of a business that values expertise, agility, and doing the right thing - where everyone has the opportunity to make a genuine impact. About the Role The Senior Application Security Engineer will play a key role in protecting the organisation's infrastructure, cloud platforms, and applications. Working within a highly technical and collaborative cyber team - supported by … initiatives, ensuring systems and software are secure by design. Drive vulnerability management and implement a risk-based approach across the technology stack. Perform security testing (SAST, DAST, SCA) and work with developers to remediate findings. Support cloud security controls (primarily Azure, including cloud-native apps). Champion secure development, threat modelling, and DevSecOps integration. Research emerging More ❯

Job Title: Senior Application Security Engineer Salary: £70,000 Location: Reading/remote About the Organisation Join a fast-growing UK technology and consulting firm that's investing heavily in cutting-edge cyber security. With a strong focus on innovation, collaboration, and professional development, this company empowers its people to shape the future of secure digital transformation across … be part of a business that values expertise, agility, and doing the right thing - where everyone has the opportunity to make a genuine impact. About the Role The Senior Application Security Engineer will play a key role in protecting the organisation's infrastructure, cloud platforms, and applications. Working within a highly technical and collaborative cyber team - supported by … initiatives, ensuring systems and software are secure by design. Drive vulnerability management and implement a risk-based approach across the technology stack. Perform security testing (SAST, DAST, SCA) and work with developers to remediate findings. Support cloud security controls (primarily Azure, including cloud-native apps). Champion secure development, threat modelling, and DevSecOps integration. Research emerging More ❯

Job Title: Mobile Application Security Specialist Location: London/Hybrid Employment: Contract (3 months) Rate : £600 Inside IR35 THE ROLE The Azure Code Security Specialist is responsible for securing application code and cloud-native workloads across the Microsoft Azure ecosystem. This role combines deep expertise in secure software development and Azure cloud security to ensure … code, pipelines and infrastructure are built with security embedded from design to deployment. KEY RESPONSIBILITIES Lead secure coding initiatives across Azure-based applications and microservices. Collaborate with developers, DevOps and security teams to design, implement and maintain best-in-class security controls for Azure-hosted applications and CI/CD pipelines. Design … and enforce code security standards aligned with OWASP, CIS and Microsoft Secure Development Lifecycle (SDL). Perform static and dynamic application security testing (SAST, DAST, SCA) using tools integrated into Azure DevOps pipelines. Review Azure Resource Manager (ARM) templates Bicep and Terraform for misconfigurations and security risks. Conduct threat modelling, code reviews and secure More ❯

Job Title: Mobile Application Security Specialist Location: London/Hybrid Employment: Contract (3 months) Rate : £600 Inside IR35 THE ROLE The Azure Code Security Specialist is responsible for securing application code and cloud-native workloads across the Microsoft Azure ecosystem. This role combines deep expertise in secure software development and Azure cloud security to ensure … code, pipelines and infrastructure are built with security embedded from design to deployment. KEY RESPONSIBILITIES Lead secure coding initiatives across Azure-based applications and microservices. Collaborate with developers, DevOps and security teams to design, implement and maintain best-in-class security controls for Azure-hosted applications and CI/CD pipelines. Design … and enforce code security standards aligned with OWASP, CIS and Microsoft Secure Development Lifecycle (SDL). Perform static and dynamic application security testing (SAST, DAST, SCA) using tools integrated into Azure DevOps pipelines. Review Azure Resource Manager (ARM) templates Bicep and Terraform for misconfigurations and security risks. Conduct threat modelling, code reviews and secure More ❯

places! This is where you come in. The Opportunity As IAG Loyalty evolves into a Platform as a Service business, we're looking for a talented and passionate Senior Application Security Engineer to join our security engineering team. You'll have a background in software engineering and a deep interest in application and API security. You … CI/CD pipelines, facilitate threat modelling sessions, and review security-sensitive design decisions around authentication, cryptography, and logging. You'll also ensure that tools such as SAST, DAST, and SCA are effective and efficient, and that testing programmes - including pen testing, vulnerability scanning, and bug bounty - are delivering value. You'll triage vulnerabilities, support engineering teams … including the OWASP Top 10 Proficient in coding, scripting (e.g. Python, Bash), and automating security in CI/CD Hands-on experience with security tools like SAST, DAST, and SCA Familiar with cloud environments (especially AWS), containers, and microservices Comfortable reviewing technical designs, performing threat modelling, and advising on secure architecture Strong communicator who collaborates well with engineers More ❯

Application Security Engineer Salary - £70-75k + 10% Bonus + Benefits Location – Cambridge (1 day per week) Newly created Application Security Engineer role with a Major Tech organization undergoing a really exciting security transformation to a truly cloud-native infrastructure estate. Working alongside the wider Engineering departments, you’ll be responsible for championing the … Secure Development Lifecycle across the wider Engineering departments, ensuring security and privacy are built in and incorporated to everything at the design stage; leading in the integration of SAST tooling into the pipeline and secure developer training, as well as developing security architecture design patterns and standards. This is a crucial hire where they need someone who can … Security Engineer in cloud-native (AWS) environments with an in-depth knowledge of Infrastructure as Code, Containers and CI/CD concepts. In-depth knowledge of SAST/DAST tooling and concepts and how best to utilize it to enhance the Vulnerability Management and wider IAC capabilities. Significant knowledge of AWS environments and implementing AWS Well Architected Security More ❯

We are the Intelligent Internet Platform. We connect People, Places and Things anywhere, managing Internet Performance better than anyone else, while providing One Global Experience, giving Visibility, Control and Security through expereoOne. Expereo believes in the power of Internet connectivity. As the world's largest provider of managed internet, SD-WAN/SASE, and Cloud connectivity solutions, we power … As a trusted partner of Fortune 500 enterprises, our continued aim and success in helping our customers and partners depends solely on the talented individuals who make Expereo a dynamic, effective, multicultural, and equitable environment. About the role Reports to: Chief Digital Officer (with quarterly Audit/Risk committee updates) The Enterprise & Network Security Director (ENS) is responsible … and DORA regulations, with experience leading audits and closing compliance gaps. Security Architecture & Engineering : Proficiency in secure SDLC practices, application security tooling (SAST/SCA/DAST), cloud security (CSPM/CIEM/CNAPP), and infrastructure hardening. Incident Detection & Response : Strong skills in threat detection, SIEM/SOAR, incident response, and achieving low MTTD/MTTR More ❯

Hi All, I’m helping a growing FS business find a talented Application Security Engineer to join their cyber function! This is your opportunity to lead on application security … and help to ingrain secure by design principles into a FTSE 250 environment! To be successful in this role you will have experience with: Security Engineering SAST/DAST OWASP Principles Security Testing Salary is up to £70,000 base + bonus REMOTE working If you are interested in finding out more please send your CV to More ❯

Job Title: Cyber Security - (DevSecOps Consultant) Location: London/Hybrid - (Mainly remote with infrequent travel) Employment: Contract Duration : (3 months rolling contract) Rate: £650/Day inside IR35 KEY RESPONSIBILITIES Security by Design: Embed cloud, mobile and application security controls early across solution design, build and deployment. Cloud Security Oversight: Review Azure configurations, network boundaries … identity setup and data protection measures for loyalty platforms. Application & API Security: Conduct security reviews on web and mobile applications, focusing on authentication, authorisation, data handling and API exposure. Risk & Threat Assessment: Identify, document and track security risks across the loyalty ecosystem, ensuring timely mitigation. Tooling & Integration: Leverage Wiz, GHAS, Snyk and other InfoSec tools to … SKILLS Proven expertise in cloud security (Azure preferred), including network segmentation, identity and key management. Strong background in application and API security, including OWASP, SAST/DAST and CI/CD integration. Knowledge of mobile application security principles (Android/iOS) and secure SDK/API usage. Familiarity with security tools: Wiz (cloud posture More ❯

Job Title: Cyber Security - (DevSecOps Consultant) Location: London/Hybrid - (Mainly remote with infrequent travel) Employment: Contract Duration : (3 months rolling contract) Rate: £650/Day inside IR35 KEY RESPONSIBILITIES Security by Design: Embed cloud, mobile and application security controls early across solution design, build and deployment. Cloud Security Oversight: Review Azure configurations, network boundaries … identity setup and data protection measures for loyalty platforms. Application & API Security: Conduct security reviews on web and mobile applications, focusing on authentication, authorisation, data handling and API exposure. Risk & Threat Assessment: Identify, document and track security risks across the loyalty ecosystem, ensuring timely mitigation. Tooling & Integration: Leverage Wiz, GHAS, Snyk and other InfoSec tools to … SKILLS Proven expertise in cloud security (Azure preferred), including network segmentation, identity and key management. Strong background in application and API security, including OWASP, SAST/DAST and CI/CD integration. Knowledge of mobile application security principles (Android/iOS) and secure SDK/API usage. Familiarity with security tools: Wiz (cloud posture More ❯

Description We’re seeking a hands-on Security Architect to lead the design and assurance of security across our Financial Advice & Wealth Management SaaS platform. This is a pivotal role where you’ll own the security architecture across cloud infrastructure and networking, drive secure-by-design application architectures, and ensure robust security for integrations with … you'll do Design and maintain secure cloud environments, including network segmentation, WAFs, DDoS protection, secret and certificate management, and encryption. Embed secure SDLC practices such as SAST/DAST, dependency scanning, secure coding standards, threat modelling, and API security. Architect identity-centric controls across cloud infrastructure and within the platform’s IAM solution. Contribute to the design of fine … Azure services, containers). Knowledge of OWASP Top 10 and mitigation strategies. Experience with modern authentication and authorization protocols (OpenID Connect, OAuth2.0). Hands-on experience with SAST/DAST tools and integration into SDLC. Proficiency in coding or scripting languages (C#, Go, Python). Experience in: Azure services, security, and networking Networking protocols. Application Reverse Proxies System More ❯

My global service provider client is expanding their solutions team and is hiring a DevSecOps Director to lead secure software development, DevSecOps, and security testing. Drive high-impact initiatives, embed security across the organisation, shape secure solutions, mentor teams, and ensure resilience against evolving threats. About the job: Lead the secure software development lifecycle, security testing, and DevSecOps practices across strategic and operational levels. You will ensure security is embedded from design through deployment, oversee secure coding and testing, and drive operational maturity and resilience against evolving threats … What you'll do: Define and govern secure architecture standards, aligned with NIST, OWASP, ISO 27001, and enterprise policies Lead DevSecOps integration, embedding automated security testing (SAST, DAST, SCA, container security) into CI/CD pipelines Oversee large-scale secure development programs, ensuring SLA/KPI compliance and high-quality service delivery Support pre-sales & business development More ❯

A leading fintech company is seeking a Lead AppSec Engineer to join their established team. Youll be instrumental in embedding security into every stage of the software development lifecycleguiding engineers, shaping best practices, and driving secure, scalable solutions across our platform. Key Responsibilities: Security Advisory : Serve as the go-to expert for application security across engineering … teamsproviding hands-on guidance, resolving concerns, and fostering a security-first mindset. DevSecOps Enablement : Promote and implement secure development practices across CI/CD pipelines, secrets and key management, dependency management … and secure design. Vulnerability Management : Lead vulnerability remediation effortstriaging findings, prioritizing risks, and partnering with teams to deliver effective, pragmatic fixes. Tooling & Automation : Integrate security tools (e.g., SAST, DAST, SCA, secrets scanning) into developer workflows, ensuring automation is both scalable and developer-friendly. Cloud Security Collaboration : Work alongside infrastructure teams to ensure secure configuration of AWS and Azure More ❯

Job Title: Security Analyst/Security Consultant Location: Remote (actually remote. No “mandatory culture days”) Salary: £55,000 + 10% Bonus and Benefits Let’s skip the corporate fluff. This is a Security Analyst/Consultant role for someone who gets it. Someone who knows that “secure by design” isn't just something you write in a … person making sure what we build isn’t just functional - but secure, sustainable, and risk-aware. What you’ll actually be doing: Embedding yourself in engineering teams, making sure security is considered before, during and after development - not after someone clicks deploy. Leading the charge on application security - from secure coding principles to automated AppSec testing … but you should know your way around. DevSecOps practices – secure pipelines, IaC security, dependency scanning, GitHub/Jenkins integrations. Application security – OWASP Top 10, SAST/DAST tooling, secrets management, API security. Threat modelling – Ideally STRIDE, or something better. And you can do it with a dev team, not just in theory. Vulnerability and risk management – and More ❯

As a Product Security Specialist (PSS) at HL, you will be a key member of a collaborative team of security professionals dedicated to safeguarding HL's products and services. In this role, you will serve as the primary security contact for assigned product teams/squads, providing expert guidance on security issues and requirements. You will … champion secure development practices throughout the software development lifecycle, with a strong emphasis on 'shift-left' principles to embed security early in the process. You will facilitate threat modelling workshops to help product teams identify, assess, and mitigate potential threats. You will also collaborate closely with other functions within the CISO organisation, including Application Security, Offensive Security … OSCP, or GSEC are preferred. Knowledge of security principles, practices, and frameworks, such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based question More ❯

As a Product Security Specialist (PSS) at HL, you will be a key member of a collaborative team of security professionals dedicated to safeguarding HL's products and services. In this role, you will serve as the primary security contact for assigned product teams/squads, providing expert guidance on security issues and requirements. You will … champion secure development practices throughout the software development lifecycle, with a strong emphasis on 'shift-left' principles to embed security early in the process. You will facilitate threat modelling workshops to help product teams identify, assess, and mitigate potential threats. You will also collaborate closely with other functions within the CISO organisation, including Application Security, Offensive Security … OSCP, or GSEC are preferred. Knowledge of security principles, practices, and frameworks, such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based question More ❯

As a Product Security Specialist (PSS) at HL, you will be a key member of a collaborative team of security professionals dedicated to safeguarding HL's products and services. In this role, you will serve as the primary security contact for assigned product teams/squads, providing expert guidance on security issues and requirements. You will … champion secure development practices throughout the software development lifecycle, with a strong emphasis on 'shift-left' principles to embed security early in the process. You will facilitate threat modelling workshops to help product teams identify, assess, and mitigate potential threats. You will also collaborate closely with other functions within the CISO organisation, including Application Security, Offensive Security … OSCP, or GSEC are preferred. Knowledge of security principles, practices, and frameworks, such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based question More ❯

As a Product Security Specialist (PSS) at HL, you will be a key member of a collaborative team of security professionals dedicated to safeguarding HL's products and services. In this role, you will serve as the primary security contact for assigned product teams/squads, providing expert guidance on security issues and requirements. You will … champion secure development practices throughout the software development lifecycle, with a strong emphasis on 'shift-left' principles to embed security early in the process. You will facilitate threat modelling workshops to help product teams identify, assess, and mitigate potential threats. You will also collaborate closely with other functions within the CISO organisation, including Application Security, Offensive Security … OSCP, or GSEC are preferred. Knowledge of security principles, practices, and frameworks, such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based question More ❯

About the Role We are seeking multiple Security Consultants (Contract positions) to support a variety of transformation and security initiatives across different platforms including Private Cloud, Economic Crime Prevention (ECP), Payments, and Innovation Programs . You will join a high-performing Security Consultancy and Design team , working with product and engineering teams to embed security-by … design principles across cloud, DevSecOps, and enterprise technology landscapes. General Responsibilities (Applicable to All Roles) Perform threat modelling , risk assessments, and design reviews across infrastructure and applications. Provide security guidance and governance during project design and delivery phases. Define and document security requirements, controls, and testing approaches in line with enterprise and regulatory standards. Collaborate with engineering … Skills Required: Strong experience in assessing and designing Private Cloud environments (VMware, Containers, etc.) Hands-on experience with DevSecOps tools and processes – Kubernetes (K8s), Harness, Terraform, GitHub, SAST/DAST, and SDLC integration Proven capability in embedding security within engineering pipelines 2. Security Consultant – Economic Crime Prevention (ECP) Platform (Start Date: 17th November) Key Skills Required: Experience in More ❯

About the Role We are seeking multiple Security Consultants (Contract positions) to support a variety of transformation and security initiatives across different platforms including Private Cloud, Economic Crime Prevention (ECP), Payments, and Innovation Programs . You will join a high-performing Security Consultancy and Design team , working with product and engineering teams to embed security-by … design principles across cloud, DevSecOps, and enterprise technology landscapes. General Responsibilities (Applicable to All Roles) Perform threat modelling , risk assessments, and design reviews across infrastructure and applications. Provide security guidance and governance during project design and delivery phases. Define and document security requirements, controls, and testing approaches in line with enterprise and regulatory standards. Collaborate with engineering … Skills Required: Strong experience in assessing and designing Private Cloud environments (VMware, Containers, etc.) Hands-on experience with DevSecOps tools and processes – Kubernetes (K8s), Harness, Terraform, GitHub, SAST/DAST, and SDLC integration Proven capability in embedding security within engineering pipelines 2. Security Consultant – Economic Crime Prevention (ECP) Platform (Start Date: 17th November) Key Skills Required: Experience in More ❯

global, market-leading insurance organisation that's shaping the future of digital health and technology. This is your opportunity to be part of an innovative, forward-thinking environment where security, engineering excellence, and customer impact are at the heart of everything we do! What you'll do: Provide hands-on technical expertise in secure software development within a product … secure CI/CD pipelines and modern security practices. Ensure risk management, security, and quality are embedded in software delivery. Implement and manage security tooling (SAST, DAST) to support development and testing. Adhere to best practices in architecture, design, coding standards, and SDLC. Managing risk and security in our software estate through implementation of technology tooling … Demonstrate expert understanding of modern security practices and standards. What you'll bring: Technical leadership with strong decision-making and prioritisation skills. Expertise in secure systems design and infrastructure. Experience securing CI/CD pipelines and using security tools. Expertise in key technologies such as .NET/C#, Azure PaaS, Javascript, and Salesforce APEX, and in frameworks such More ❯

designing, developing, and maintaining large-scale, secure, and high-performing solutions. This role involves mentoring and coaching junior team members, translating stakeholder requirements into actionable user stories, and embedding security throughout the software development life cycle. The position calls for strong technical expertise, collaborative mindset, and an ability to deliver innovative solutions that align with business objectives. Experience Requirements … Software Development & Principles Programming Languages: Proficiency in one or more of: Java, Spring Boot, Python, JavaScript, TypeScript, ReactJS SOLID Principles: Familiarity with object-oriented and clean coding practices Testing & BDD Unit Testing Frameworks: Experience with Cypress, Cucumber, Behave, Selenium, or similar tools Domain-Specific Languages: Knowledge of BDD approaches (e.g., Cucumber, Gherkin) for test automation Containerisation & Microservices Container … build, configure, and secure cloud environments effectively Security & CI/CD Security Integration: Familiarity with embedding security checks at every phase of the SDLC (e.g., SAST, DAST) Automation Pipelines: Experience with Continuous Integration (CI), Continuous Delivery (CD), and continuous testing tools (e.g., Jenkins, GitHub Actions) Agile & Mentorship Agile Delivery: Background in Scrum or Kanban, assisting Product More ❯

designing, developing, and maintaining large-scale, secure, and high-performing solutions. This role involves mentoring and coaching junior team members, translating stakeholder requirements into actionable user stories, and embedding security throughout the software development life cycle. The position calls for strong technical expertise, collaborative mindset, and an ability to deliver innovative solutions that align with business objectives. Experience Requirements … Software Development & Principles Programming Languages: Proficiency in one or more of: Java, Spring Boot, Python, JavaScript, TypeScript, ReactJS SOLID Principles: Familiarity with object-oriented and clean coding practices Testing & BDD Unit Testing Frameworks: Experience with Cypress, Cucumber, Behave, Selenium, or similar tools Domain-Specific Languages: Knowledge of BDD approaches (e.g., Cucumber, Gherkin) for test automation Containerisation & Microservices Container … build, configure, and secure cloud environments effectively Security & CI/CD Security Integration: Familiarity with embedding security checks at every phase of the SDLC (e.g., SAST, DAST) Automation Pipelines: Experience with Continuous Integration (CI), Continuous Delivery (CD), and continuous testing tools (e.g., Jenkins, GitHub Actions) Agile & Mentorship Agile Delivery: Background in Scrum or Kanban, assisting Product More ❯