6 of 6 Permanent Dynamic Application Security Testing Jobs in the Thames Valley

Senior Application Security Engineer Location: Hybrid working or homeworking with view to attend office occasionally Salary: £60,000 – £70,000 per annum Bonus: Discretionary bonus of up to 10% Are you passionate about securing modern applications and cloud environments? We’re looking for a Senior Application Security Engineer to join my client's growing team and … play a key role in shaping the security posture of our organisation. About the Role As a Senior Application Security Engineer, you’ll bring deep expertise in application security testing, cloud security, and secure development practices. You’ll work closely with IT, development, and project teams to embed security into every stage … engineering. Strong knowledge of security tools and technologies (e.g. WAFs, AV, email/web gateways, ACLs). Expertise in secure coding practices and security testing (SAST, DAST, SCA, Pen Testing). Familiarity with OWASP Top 10, CWE, and remediation strategies. Hands-on experience with security testing tools and techniques. Excellent communication and documentation skills. More ❯

Job Title: Mobile Application Security Specialist Location: London/Hybrid Employment: Contract (3 months) Rate : £600 Inside IR35 THE ROLE The Azure Code Security Specialist is responsible for securing application code and cloud-native workloads across the Microsoft Azure ecosystem. This role combines deep expertise in secure software development and Azure cloud security to ensure … code, pipelines and infrastructure are built with security embedded from design to deployment. KEY RESPONSIBILITIES Lead secure coding initiatives across Azure-based applications and microservices. Collaborate with developers, DevOps and security teams to design, implement and maintain best-in-class security controls for Azure-hosted applications and CI/CD pipelines. Design … and enforce code security standards aligned with OWASP, CIS and Microsoft Secure Development Lifecycle (SDL). Perform static and dynamic application security testing (SAST, DAST, SCA) using tools integrated into Azure DevOps pipelines. Review Azure Resource Manager (ARM) templates Bicep and Terraform for misconfigurations and security risks. Conduct threat modelling, code reviews and secure More ❯

Job Title: Cyber Security - (DevSecOps Consultant) Location: London/Hybrid - (Mainly remote with infrequent travel) Employment: Contract Duration : (3 months rolling contract) Rate: £650/Day inside IR35 KEY RESPONSIBILITIES Security by Design: Embed cloud, mobile and application security controls early across solution design, build and deployment. Cloud Security Oversight: Review Azure configurations, network boundaries … identity setup and data protection measures for loyalty platforms. Application & API Security: Conduct security reviews on web and mobile applications, focusing on authentication, authorisation, data handling and API exposure. Risk & Threat Assessment: Identify, document and track security risks across the loyalty ecosystem, ensuring timely mitigation. Tooling & Integration: Leverage Wiz, GHAS, Snyk and other InfoSec tools to … SKILLS Proven expertise in cloud security (Azure preferred), including network segmentation, identity and key management. Strong background in application and API security, including OWASP, SAST/DAST and CI/CD integration. Knowledge of mobile application security principles (Android/iOS) and secure SDK/API usage. Familiarity with security tools: Wiz (cloud posture More ❯

designing, developing, and maintaining large-scale, secure, and high-performing solutions. This role involves mentoring and coaching junior team members, translating stakeholder requirements into actionable user stories, and embedding security throughout the software development life cycle. The position calls for strong technical expertise, collaborative mindset, and an ability to deliver innovative solutions that align with business objectives. Experience Requirements … Software Development & Principles Programming Languages: Proficiency in one or more of: Java, Spring Boot, Python, JavaScript, TypeScript, ReactJS SOLID Principles: Familiarity with object-oriented and clean coding practices Testing & BDD Unit Testing Frameworks: Experience with Cypress, Cucumber, Behave, Selenium, or similar tools Domain-Specific Languages: Knowledge of BDD approaches (e.g., Cucumber, Gherkin) for test automation Containerisation & Microservices Container … build, configure, and secure cloud environments effectively Security & CI/CD Security Integration: Familiarity with embedding security checks at every phase of the SDLC (e.g., SAST, DAST) Automation Pipelines: Experience with Continuous Integration (CI), Continuous Delivery (CD), and continuous testing tools (e.g., Jenkins, GitHub Actions) Agile & Mentorship Agile Delivery: Background in Scrum or Kanban, assisting Product More ❯

range: £75,000–£84,000 + benefits Tech: AWS (EC2, Lambda, RDS, Route53, ELBs, EKS), Terraform, Kubernetes, Docker, CI/CD (Jenkins, GitHub Actions, CodePipeline), Python/Bash, Ansible, Security frameworks (CIS, OWASP), ** Sponsorship and offshore remote are not available for this position** Immersum continue to support one of the leading media businesses in the UK. They own and … responsibilities include: Designing and maintaining secure, scalable AWS infrastructure with Terraform, Kubernetes and Docker. Embedding security into CI/CD pipelines (Jenkins, GitHub Actions, CodePipeline) through SAST/DAST and dependency scanning. Collaborating with developers and product teams to promote DevSecOps practices, threat modelling and secure coding. Conducting security assessments, monitoring for vulnerabilities and leading remediation efforts. Operating … Infrastructure as Code: Terraform, Ansible Containers & Orchestration: Kubernetes, Docker CI/CD: Jenkins, GitHub Actions, AWS CodePipeline Monitoring: Prometheus, Grafana, ELK, CloudWatch Security: CIS, OWASP frameworks, SAST/DAST tools, dependency scanning Web & Systems: LAMP stack (Varnish, Nginx, Apache), MySQL/Postgres, MongoDB Networking & Security: SSL/TLS, TCP/IP, Firewalls, WAFs, DNS, Load Balancers If you More ❯

Security Platform Engineer Up to £100,000 + benefits Hybrid - London (1 day per week in office) We are supporting a leading brand looking for a hands-on DevOps Engineer with a security mindset. This is not a pure AppSec role, it is about building and owning CI/CD with GitHub Actions and embedding security tooling … to help engineering teams ship safely at pace. What you will be working on: Designing and optimising CI/CD with GitHub Actions and Azure DevOps Embedding SAST, SCA, DAST and secret scanning (tools such as Semgrep, Snyk, GHAS, Burp) into pipelines Automating with Python and creating reusable workflows and guardrails Collaborating with product and platform squads to deliver secure … bonus and 18% pension Flexible hybrid working with London office attendance only one day per week Work with a modern engineering organisation at scale Opportunity to shape how security is embedded into DevOps If this sound like you, click apply or reach out to matthew@infosecpeople.co.uk Please note: Unfortunately, we are unable to provide any form of sponsorship for More ❯