25 of 25 Permanent Dynamic Application Security Testing Jobs in the UK excluding London

Testing: - Security Analysis and Consulting - Static Application Security Testing (SAST) - Dynamic Application Security Testing (DAST) - Infrastructure Vulnerability Assessment - Mobile Application Penetration testing OWASP More ❯

Testing: - Security Analysis and Consulting - Static Application Security Testing (SAST) - Dynamic Application Security Testing (DAST) - Infrastructure Vulnerability Assessment - Mobile Application Penetration testing OWASP JBG81_UKTJ click apply for full job details More ❯

growth has landed Smarsh in the annual Inc. 5000 list of fastest-growing American companies since 2008. We are looking for an experienced Product Security Engineer to partner with engineering teams and proactively identify, assess, and remediate security risks across our product portfolio. This role will focus on … secure development practices, vulnerability management, threat modelling, and driving a shift-left security culture. The ideal candidate is a pragmatic problem solver with strong technical expertise in application security, cloud security, and DevSecOps. You will work closely with product owners, software engineers, and platform teams to … security assessments for new features, architectures, and services. Vulnerability Management & Remediation: Work closely with engineering teams to identify and remediate vulnerabilities from SAST, DAST, SCA, container security, and cloud security scans. Code & Architecture Review: Conduct secure code reviews and architectural security assessments to identify risks early More ❯

treasury solutions, empowering investment firms with cutting-edge technology to optimize financial performance, enhance liquidity, and mitigate risk. As part of our commitment to security and innovation, we are expanding our Information Security Team and seeking a DevSecOps Engineer to drive security automation and best practices across … our cloud infrastructure and IT operations. Job Overview As a DevSecOps Engineer , you will play a pivotal role in integrating security practices into our DevOps pipeline and IT operations . Working at the intersection of operations, security, and development , you will collaborate closely with internal teams to safeguard … continuous monitoring of internal and third-party information security controls. Threat & Vulnerability Management: Assess SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) scans. Implement remediation and mitigation strategies in collaboration with development teams. Maintain network security protocols, firewalls More ❯

We support organisations across a variety of sectors including finance, retail, telecommunications, utilities, gaming, government and insurance. We’re looking for a Senior Information Security Consultant to join our growing team. The Senior Security Consultant is responsible for maintaining end-to-end security through compliance with global … policy, standards, regulations and industry best practices. This person works with Information Security management to implement a cloud first programme for enabling security standards across people, process and technology within the TransUnion Monevo portfolio. Day to Day You’ll Be: Guides and advises technology teams on infrastructure vulnerability … internal standards, best practices and architectures based on this information Assists Engineering teams with adoption to changes in application security tooling (SAST, DAST, etc.) and interpretation of its results to ensure vulnerabilities are addressed on a timely basis and prevented from deployment into production Builds relationships and partners More ❯

Application Security Consultant – Remote CSSLP, CISSP, OSWE, GWAPT, CREST CRT/CCT App A leading Technology consultancy is looking for an Application Security Consultant to play a key role in embedding security into the heart of modern software development practices. The role: You’ll work … especially focused on cloud-native development in AWS environments. Key responsibilities include: Embedding secure coding practices and supporting design/code reviews Implementing SAST, DAST, SCA, and other security checks into DevOps workflows Supporting secure API design and cloud-native architecture Acting as a key escalation point for vulnerability … triage and remediation Delivering developer enablement through workshops and hands-on threat modelling What you’ll bring: 3+ years in application or product security roles Strong grasp of application-level threats, secure design, and remediation strategies Experience with IaC security (Terraform, CloudFormation), container security, and More ❯

My growing defence client is seeking a Security Engineer. You'll join a leading organisation that develops cutting edge products and technology. Role Purpose You'll own the security posture across our client's product portfolio—encompassing software, hardware, and services—by embedding robust security controls throughout … validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI/CD integration, SAST/DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience (5+ years) in product or application … series) and Defence Standards (JSPs, Def Stan 05-138/139). Hands-on experience with security testing tools and techniques (SAST, DAST, penetration testing). Eligible for UK SC clearance; right to work in the UK. Why Join? You'll Gain exposure to cutting-edge defence More ❯

My growing defence client is seeking a Security Engineer. You'll join a leading organisation that develops cutting edge products and technology. Role Purpose You'll own the security posture across our client's product portfolio-encompassing software, hardware, and services-by embedding robust security controls throughout … validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI/CD integration, SAST/DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience (5+ years) in product or application … series) and Defence Standards (JSPs, Def Stan 05-138/139). Hands-on experience with security testing tools and techniques (SAST, DAST, penetration testing). Eligible for UK SC clearance; right to work in the UK. Why Join? You'll Gain exposure to cutting-edge defence More ❯

Overview: Additional Information: Please note, this role requires working full-time onsite, five days per week. NON Negotiable We are seeking an experienced IT Security Engineer to become a vital part of a growing IT Department. This critical role will focus on protecting our information assets through robust cybersecurity … measures, ensuring adherence to best practices, international standards, and local regulations. Ideally suited to candidates who possess expert knowledge of security frameworks including NIST 800, ISO 27001, and cybersecurity guidelines from PRA, FCA, and ICO. Candidates with at least 3 years' relevant experience in finance or banking, particularly as … disposal. Conduct security evaluations on network and firewall policies and manage application security in both development and testing phases (SAST, DAST). Liaise with internal audit teams and international cybersecurity operations centres to implement security policies and controls. Provide cybersecurity training to ensure staff awareness More ❯

DevSecOps Engineer Location: Bury Job Type: Full-Time Job Description: We are seeking a skilled and motivated DevSecOps Engineer to join our growing Information Security team. The ideal candidate will have a strong background in both development and security operations, with a passion for integrating security practices … into the DevOps process. As a DevSecOps Engineer, you will play a critical role in ensuring the security and integrity of our software development lifecycle. Key Responsibilities: Implement and manage security tools and practices within the CI/CD pipeline. Collaborate with development, operations, and security teams … CodeBuild, Jenkins, GitLab, Azure DevOps. Proficiency in scripting languages such as Python, PowerShell. Knowledge of security tools and frameworks (e.g., OWASP, SCA, SAST, DAST). Familiarity with one or more cloud platforms (AWS, Azure, GCP) and containerization technologies (Docker, Kubernetes). Excellent problem-solving skills and attention to detail. More ❯

company and we're committed to helping the UK reach Net Zero by 2050. About the role This role will support the delivery of security engineering across both internal and external infrastructure and services. Key responsibilities include: Implement security best practices across the application and infrastructure lifecycle … Define and maintain security testing processes for in-scope applications and services Manage identified vulnerabilities through to remediation, in collaboration with relevant teams Provide expert advice and guidance on secure software and infrastructure development to engineering teams About you and your experience • 5 years' experience working within a … and a DevOps mindset • Experience managing Endpoint Detection services such as SentinelOne, zScaler, or Crowdstrike • Experience in conducting security checks, such as SAST, DAST, and SCA with Snyk, OWASP ZAP, Burp Suite tools, vulnerability analysis in applications, and penetration testing skills. Familiarity with OWASP Testing Guide v3 More ❯

Senior Product Security Engineer Location: London Salary: £200,000+ A leading global quantitative investment firm is seeking a Senior Product Security Engineer to strengthen the security of its trading systems, cloud infrastructure, and business applications. This is a hands-on, high-impact role working across a modern … tech stack in a fast-paced environment. Key Responsibilities Implement and maintain security controls across low-latency systems and multi-cloud platforms (AWS, Azure, Alibaba Cloud) Collaborate with engineering teams to integrate secure … coding practices into the SDLC Conduct threat modeling, vulnerability assessments, and code reviews Automate security processes through CI/CD integration using SAST, DAST, and related tools Assess third-party vendors and enforce security standards Mentor teams on security architecture and best practices What We’re Looking More ❯

infrastructure that enables institutions to navigate and thrive in the crypto economy. As they continue to scale, the firm is seeking a Senior Product Security Engineer to help shape and secure the backbone of their platform. This is a high-impact role for someone who blends deep development expertise … with strong security instincts-someone who can partner across engineering, product, and infrastructure teams to embed security into everything they build. Responsibilities: Lead secure architecture and design reviews for critical products and digital finance infrastructure Conduct threat modeling, risk assessments … and security controls reviews across trading, custody, and DeFi platforms Build and implement security test plans and pipelines using modern tools (SAST, DAST, SCA, IaC scanning) Drive secure coding standards and perform hands-on code reviews for high-assurance systems Design and operationalize core security features: authentication More ❯

productivity of development teams and ensure seamless integration and deployment of applications. Responsibilities: • Tool Development: Design, develop, and maintain tools that support software development, testing, and deployment processes. • Automation: Implement automation solutions to streamline workflows and reduce manual intervention. • Integration: Ensure seamless integration of tools with existing systems and … processes to ensure clear communication and knowledge sharing. • Innovation: Stay updated with the latest technologies and best practices in platform engineering and tool development. • Security: Implement security measures to protect tools and systems from potential threats. • Training and Support: Provide training and support to team members on the … GitLab, Ansible. • Cloud Platforms: Knowledge of cloud services like AWS, Azure, or Google Cloud Platform. • Security: Experience with tools for delivering SCA, SAST, DAST capabilities. • Monitoring and Logging: Proficiency with tools like Splunk, Dynatrace, Datadog, Prometheus, Grafana. • Version Control: Strong understanding of Git and version control practices. • Scripting: Skills More ❯

/CD for Azure DevOps or GitHub Enterprise Trailblazing experience with microservices or cloud-based architectures for web or mobile applications Knowledgeable in SAST, DAST, SCA and Gen AI in the Software Development Lifecycle About You Characteristics that can spell success for this role: Champion core DevOps behaviours like collaboration More ❯

CD for Azure DevOps or GitHub Enterprise · T railblazing experience with microservices or cloud-based architectures for web or mobile applications · Knowledgeable in SAST, DAST, SCA and Gen AI in the Software Development Lifecycle About you Characteristics that can spell success for this role: · Champion core DevOps behaviours like collaboration More ❯

internally to produce a stronger offering than ever before in our mission to empower people to be the best version of themselves. As a Security Engineer, you'll provide hands-on technical expertise to guide software development, delivery and continuous improvement focusing on risk and security. You'll help … new Digital Platform so that it is secure and compliant with both internal and industry regulations. You'll analyze new feature code to identify security risks and work with engineers to mitigate them, applying modern security standards such as OWASP CI/CD, DSOMM, SAMM, and Cloud Security … VPNs, subnets, regions/zones), as well as integration technologies (Auth0, APIM). Expertise with SAST & SCA systems like Snyk and Checkmarx. Experience with DAST systems such as OpenZAP and Qualys DAST, preferably with HTTP APIs. Ability to manage large-scale software estates operationally (build, release, monitoring, rollbacks, high availability More ❯

scrum processes Cost optimization design for solutions Experience with core technical integrations with security and change management tooling such as SNOW, SAST/DAST tooling Strong communicator and able to interact with a range of stakeholders such as engineering teams and senior management Key Skills/Experience: Essential Skills … we will reply as soon as possible. Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment More ❯

with stakeholders to ensure delivery alignment with the wider roadmap. Be diligent and cognizant of non-functional requirements – specially those related to code quality, security, performance, and extensibility. In alignment with our IT architect, you are responsible to you take care of the continuous improvement of our wealth platform. … and any NoSQL DB like OpenSearch/Elastic DB etc) and must be aware of DevSecOps processes, paradigms and tools. Good hands experience of testing frameworks and libraries (Spring Boot integration tests, Unit testing with Junit/AssertJ/Mockito, Test Containers, E2E testing tools like Selenium … Angular/React and associated tooling etc). Hands on experience with any CI/CD tool (such as Jenkins), SAST/IAST/DAST tools. Bachelor\\\'s degree in an IT-related field is desirable. Additional Information We realize that managing work life balance is a challenge we all More ❯

impact how and where it matters most. Connect to your opportunity As a Technical Analyst, you will provide support to Cybersecurity Risk Management team, Security Operations Centre (SOC), Global Event Monitoring Service (GEMS), Deloitte firms and cybersecurity service teams like Firewall Management, IDS/IPS, Email protection amongst others. … In this role you will: Focus on the analysis of Security Incident Event Management (SIEM) data, which includes: Provide Deloitte firms with cybersecurity data. Assist Deloitte Global and Deloitte firms with data extraction for ISO and PCI audit requirements. Support eDiscovery teams by providing data relating to insider threats … Azure, Microsoft Windows, Microsoft SQL.) Qualified to ICS2 CC, CISM, CISSP or relevant Cybersecurity related qualification. Working knowledge of source code analytical tools (SAST, DAST code analysis.) Strong experience in Python; detailed ability to write and review code in Python. Information technology background; high level knowledge of internal systems and More ❯

impact how and where it matters most. Connect to your opportunity As a Technical Analyst, you will provide support to Cybersecurity Risk Management team, Security Operations Centre (SOC), Global Event Monitoring Service (GEMS), Deloitte firms and cybersecurity service teams like Firewall Management, IDS/IPS, Email protection amongst others. … In this role you will: Focus on the analysis of Security Incident Event Management (SIEM) data, which includes: Provide Deloitte firms with cybersecurity data. Assist Deloitte Global and Deloitte firms with data extraction for ISO and PCI audit requirements. Support eDiscovery teams by providing data relating to insider threats … Azure, Microsoft Windows, Microsoft SQL.) Qualified to ICS2 CC, CISM, CISSP or relevant Cybersecurity related qualification. Working knowledge of source code analytical tools (SAST, DAST code analysis.) Strong experience in Python; detailed ability to write and review code in Python. Information technology background; high level knowledge of internal systems and More ❯

impact how and where it matters most. Connect to your opportunity As a Technical Analyst, you will provide support to Cybersecurity Risk Management team, Security Operations Centre (SOC), Global Event Monitoring Service (GEMS), Deloitte firms and cybersecurity service teams like Firewall Management, IDS/IPS, Email protection amongst others. … In this role you will: Focus on the analysis of Security Incident Event Management (SIEM) data, which includes: Provide Deloitte firms with cybersecurity data. Assist Deloitte Global and Deloitte firms with data extraction for ISO and PCI audit requirements. Support eDiscovery teams by providing data relating to insider threats … Azure, Microsoft Windows, Microsoft SQL.) Qualified to ICS2 CC, CISM, CISSP or relevant Cybersecurity related qualification. Working knowledge of source code analytical tools (SAST, DAST code analysis.) Strong experience in Python; detailed ability to write and review code in Python. Information technology background; high level knowledge of internal systems and More ❯

impact how and where it matters most. Connect to your opportunity As a Technical Analyst, you will provide support to Cybersecurity Risk Management team, Security Operations Centre (SOC), Global Event Monitoring Service (GEMS), Deloitte firms and cybersecurity service teams like Firewall Management, IDS/IPS, Email protection amongst others. … In this role you will: Focus on the analysis of Security Incident Event Management (SIEM) data, which includes: Provide Deloitte firms with cybersecurity data. Assist Deloitte Global and Deloitte firms with data extraction for ISO and PCI audit requirements. Support eDiscovery teams by providing data relating to insider threats … Azure, Microsoft Windows, Microsoft SQL.) Qualified to ICS2 CC, CISM, CISSP or relevant Cybersecurity related qualification. Working knowledge of source code analytical tools (SAST, DAST code analysis.) Strong experience in Python; detailed ability to write and review code in Python. Information technology background; high level knowledge of internal systems and More ❯

impact how and where it matters most. Connect to your opportunity As a Technical Analyst, you will provide support to Cybersecurity Risk Management team, Security Operations Centre (SOC), Global Event Monitoring Service (GEMS), Deloitte firms and cybersecurity service teams like Firewall Management, IDS/IPS, Email protection amongst others. … In this role you will: Focus on the analysis of Security Incident Event Management (SIEM) data, which includes: Provide Deloitte firms with cybersecurity data. Assist Deloitte Global and Deloitte firms with data extraction for ISO and PCI audit requirements. Support eDiscovery teams by providing data relating to insider threats … Azure, Microsoft Windows, Microsoft SQL.) Qualified to ICS2 CC, CISM, CISSP or relevant Cybersecurity related qualification. Working knowledge of source code analytical tools (SAST, DAST code analysis.) Strong experience in Python; detailed ability to write and review code in Python. Information technology background; high level knowledge of internal systems and More ❯

Senior Infrastructure Engineer – Security 📍 Location: Coventry, Hybrid 🕓 Hybrid | Fixed Term contract About the Role We’re looking for a Senior Infrastructure Engineer – Security to lead on the delivery, management, and optimisation of critical security tooling across the enterprise. You’ll act as a Subject Matter Expert (SME … you’ll champion continuous improvement, contribute to documentation standards, and mentor colleagues across the team. Key Responsibilities: Act as SME for a suite of security tools, ensuring performance, resilience, and compliance. Lead on solution implementation, transition into support, and day-to-day operations. Produce and maintain technical documentation and … expertise in at least one of the following security domains/tools: SIEM EDR/SOAR/AV CNAPP/CSPM SAST/DAST WAFs/Firewalls Vulnerability Scanners Email & Web Gateways Other Information: This role includes participation in an out-of-hours support rota . Candidates must be More ❯