22 of 22 Permanent Static Application Security Testing Jobs in the UK excluding London

Story Behind the Need • Business group: Application Security - deploying application security vulnerability testing tools used by the Bank for vulnerability testing; currently doing a lot of modernization projects updating portfolio for statis dynamic and mobile testing • Project: Resource will be playing a key role in deploying components of the strategic solution for Application … CD pipelines and automation (e.g. Jenkins) Nice-To-Have Skills: • Cloud solution and containerization deployment experience - GCP(1st), AWS(2nd), Azure(3rd), • Experience with security testing tools (SAST, SCA, DAST) • Experience/knowledge of security best practices around connectivity (MTLS, SAML, OAuth Client and Credentials IP Allow Listing) • Cybersecurity experience • Experience from large highly matrixed enterprise organizations … initiative, strong problem solver and is a strategic thinker and can identify solution; experience using vulnerability and security testing tools to help with understanding of software composition (SAST, SCA, DAST), best will have used the tools themselves and have an understanding of how they work, strong independent developer, with programming and automation expertise Feedback from previous supplier calls More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

in at least one of the following: JavaScript, Typescript, C# Strong experience in one or more of the following frameworks: Angular, NodeJS, Express.JS, .NET, Less(Sass) Experience with Unit Testing and Integration Testing is also essential Experience with container technologies such as Docker and Kubernetes Experience of middleware such as Kafka, NServiceBus, Camunda, Dremio, RabbitMQ Practiced experience refactoring … implementing design patterns, design-driven development, continuous integration, system and application design, application security Strong experience working with an ORM Framework including the use of TSQL and NoSQL databases such as MSSQL and Mongodb Strong knowledge of SDLC processes and practices and experience with some or all of Confluence, JIRA, ADO, Github etc. Experience designing and deploying … cloud infrastructure with providers such as AWS and Microsoft Azure Experience working with the MEAN or MERN stack Experience in Security-driven design practices and the remediation of SAST/DAST findings Why join our team: We help you be your best through professional development opportunities, interesting work, and supportive leaders; We foster a vibrant and inclusive culture where More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with More ❯

skills Experience with Spring Boot and Hibernate Experience with JavaScript or other front-end technologies Building microservice architectures and event-driven systems Test automation: BDD, mocking, contract testing, SAST Knowledge of web technologies, data tooling, infrastructure, and networking About working for us We value diversity and inclusivity, ensuring our organization reflects modern society. We have initiatives supporting under-represented More ❯

ideally an additional OOP language e.g. Go or Python; Developing of RESTful API services & understanding of API Gateways (e.g. APIGEE). Building applications utilising container technologies e.g. Docker. Managing application deployed to Kubernetes clusters, Istio & Helm. Cloud: GCP, GKE, IaC (Terraform). Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube. SQL/NoSQL database, Basic … in Spring Boot and Hibernate. Experience in JavaScript or other front-end technologies. Experience of building microservice architecture and event driven systems. Experience in Test automation: BDD, mocking, contract testing, Sast. Exposure to web technologies, data tooling & infrastructure/networking. About working for us Our focus is to ensure we're inclusive every day, building an organisation that reflects More ❯

ESO's teams are growing, and our software is in demand globally by firefighters, paramedics, hospitals and governments. To meet this demand, we are building an industry-leading cyber security team in Belfast to protect our customers and data from a variety of fast moving and constantly evolving threats. We are looking for an Application Security Engineer … across our estate, and lead remediation activities prioritization. Enhance Secure Development by contributing to threat modelling, risk assessment, evolving Secure Coding Guidelines, and maintaining core security controls like SAST and DAST deployments. Provide technical support with risk assessments on PHI, and steering improvements to our environment in line with common standards such as NIST. Support External Penetration Testing … and cloud native deployments Working with toolsets such as: vulnerability management, firewalls, SIEM, PAM, IDS/IPS, EDR/XDR, WAF Working with code security controls such as SAST/DAST/IAST/RASP You should also: Have some knowledge in securing Continuous Integration/Continuous Deployment and associated practices Understand current attack tactics, techniques and procedures along More ❯

RMM Service Automation Platform and has a proven track record of helping MSPs standardize and automate the setup and delivery of IT services to achieve true scalability. The Senior Application Security Engineer plays a critical role in enhancing our application security posture by conducting advanced security assessments, leading security initiatives, and collaborating with development … teams to integrate security into the software development lifecycle. The position plays a key role in identifying and mitigating security vulnerabilities to protect our applications and data. This role is based in our Edinburgh hub. What You'll Do Assist in maturing organizational processes that drive complex security efforts for internal teams and external partners. Develop and … is preferred Thorough understanding of OWASP Top 10 and Secure Development Expertise in automating security tools and integrations, including simple scripting Experience with application security tools (SAST, DAST, IAST and SCA) Strong technical knowledge of development and production release process, including CI/CD Experience with the application of threat modeling and other risk identification techniques More ❯

DevOps Engineer £55,000 - £60,000 and Bonus Scheme South Wales We're looking for a skilled DevOps Engineer to support the deployment, configuration, and optimisation of our application environments and CI/CD pipelines. You'll work closely with development, QA, platform, and support teams to ensure reliable and secure software delivery, with a focus on automation, standardisation … governance, standards, and training. Participate in monthly DevOps Community of Practice forums. What You'll Bring Essential Skills: Experience in deploying and configuring enterprise applications Background in software development, testing, or support Strong problem-solving and stakeholder communication skills Proficiency with: Windows Server and SQL Server Management Studio IIS, Apache Tomcat Virtualisation (VMware … Git, Azure DevOps, GitHub Actions, AWS CI/CD tools TeamCity, OctopusDeploy, Terraform, Ansible Docker, Kubernetes, Minikube PowerShell scripting Cloud fundamentals (Azure and AWS) CI/CD pipelines, including SAST/SCA code analysis Desirable: Experience with third-party software vendors and support Familiarity with the insurance sector Knowledge of: Microsoft Dynamics, PowerApps, Salesforce Guidewire (PC/BC/CC More ❯

Windows Server/SSMS * IIS and Apache Tomcat (Web services)* Virtualisation software* Package management tools (CloudSmith/JFrog Artifactory)* Container management (docker or Kubernetes)* CICD process with ideally with SAST and SCA code analysis* DevOps tools: Git repo, Azure DevOps, Azure, GitHub, TeamCity, OctopusDeploy, Terraform, Ansible, PowerShell* Strong stakeholder management and communication skills.Contact: David Southwood - CPS GroupBy applying to this More ❯

Security Engineer Permanent Hybrid - 2 or 3 days p/w on-site Tunbridge Wells area FPSG have a fantastic opportunity to join a large-scale digital transformation programme aimed at uniting multiple internal business units under a new, secure, cloud-native digital platform. Ideal for a hands-on Security Engineer who enjoys embedding security into the … and cloud network architecture (VPNs, subnets, zones) Experience with API security and integration-related platforms such as Auth0 or API Gateways Proficiency with security tools including SAST (e.g. Snyk, Checkmarx), SCA, and DAST (e.g. OpenZAP, Qualys DAST) Ability to manage secure operations of large-scale software estates, including deployment pipelines, rollback strategies, and uptime monitoring Practical experience building … Engineering, Cybersecurity Engineer, Information Security Specialist, Salesforce, Azure, OWASP CI/CD, DSOMM, SAMM, Cloud Security Posture Management, Prisma Cloud, Azure Defender, Snyk, Checkmarx, OpenZAP, Qualys, DAST, SAST, CI/CD, Infrastructure Security, Auth0, Secure APIs, Networking Protocols, DevSecOps, Secure Development, CRM Security Next Steps Please click "Apply now" and submit your up-to-date CV More ❯

Security Engineer/Cloud/DSOMM/OWASP/Salesforce Permanent Hybrid - 2 or 3 days p/w on-site Leeds FPSG have a fantastic opportunity to join a large-scale digital transformation programme aimed at uniting multiple internal business units under a new, secure, cloud digital platform. Ideal for a hands-on Security Engineer who enjoys … and cloud network architecture (VPNs, subnets, zones) Experience with API security and integration-related platforms such as Auth0 or API Gateways Proficiency with security tools including SAST (e.g. Snyk, Checkmarx), SCA, and DAST (e.g. OpenZAP, Qualys DAST) Ability to manage secure operations of large-scale software estates, including deployment pipelines, rollback strategies, and uptime monitoring Practical experience building … Engineering, Cybersecurity Engineer, Information Security Specialist, Salesforce, Azure, OWASP CI/CD, DSOMM, SAMM, Cloud Security Posture Management, Prisma Cloud, Azure Defender, Snyk, Checkmarx, OpenZAP, Qualys, DAST, SAST, CI/CD, Infrastructure Security, Auth0, Secure APIs, Networking Protocols, DevSecOps, Secure Development, CRM Security Next Steps Please click "Apply now" and submit your up-to-date CV More ❯

The Cyber Security Architect will work closely with the solution architects and enterprise architects to improve and maintain the cyber security of NAVBLUE'S products, services and infrastructure. The ideal candidate will play a critical role in designing and implementing cybersecurity frameworks to align with the business objectives and mitigate potential threats. Main Responsibilities: Perform Security Risk … and Threat analysis during the initial design and the Software Development Life Cycle planning, analysis, and design phases. Providing recommendations and requirements for mitigating any security weaknesses identified while defining Non-Functional Requirements in coordination with Solutions Architects. Ensure Security by Design is embedded within the Software Development Life Cycle, while ensuring that all security requirements have … Working knowledge of the SDLC and AWS network architecture Knowledge of the SAFe Agile method would be an asset Understanding of security testing in the software pipeline (SAST, DAST, SCA, RASP) Knowledge of STRIDE, DICE and other threat and risk frameworks Knowledge of AWS tools Proven experience managing multiple projects simultaneously Practical interpersonal skills; adaptable to all levels More ❯

The Cyber Security Architect will work closely with the solution architects and enterprise architects to improve and maintain the cyber security of NAVBLUE'S products, services and infrastructure. The ideal candidate will play a critical role in designing and implementing cybersecurity frameworks to align with the business objectives and mitigate potential threats. Main Responsibilities: Perform Security Risk … and Threat analysis during the initial design and the Software Development Life Cycle planning, analysis, and design phases. Providing recommendations and requirements for mitigating any security weaknesses identified while defining Non-Functional Requirements in coordination with Solutions Architects. Ensure Security by Design is embedded within the Software Development Life Cycle, while ensuring that all security requirements have … Working knowledge of the SDLC and AWS network architecture Knowledge of the SAFe Agile method would be an asset Understanding of security testing in the software pipeline (SAST, DAST, SCA, RASP) Knowledge of STRIDE, DICE and other threat and risk frameworks Knowledge of AWS tools Proven experience managing multiple projects simultaneously Practical interpersonal skills; adaptable to all levels More ❯

and backend layers Contribute to the design of test frameworks and CI/CD pipelines Collaborate with engineers, product managers, and UX to define and validate features Perform exploratory testing and champion quality throughout the SDLC Support secure deployment and testing practices in containerised environments Tech You’ll … Work With: Automation tools: Playwright, Cypress, JUnit, Jasmine Languages: JavaScript/TypeScript, Java or Kotlin DevOps & Infra: Docker, Kubernetes, GitLab CI, Bitbucket Testing tools: Postman, browser dev tools, SAST/DAST integrations Environments: Unix and Windows What You Bring: Hands-on experience building test automation from scratch Strong debugging and analytical skills Comfortable reviewing code and contributing to testable More ❯

My growing defence client is seeking a Security Engineer. You'll join a leading organisation that develops cutting edge products and technology. Role Purpose You'll own the security posture across our client's product portfolio-encompassing software, hardware, and services-by embedding robust security controls throughout the development lifecycle, identifying and mitigating risks, and ensuring compliance … execute penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI/CD integration, SAST/DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience (5+ years) in product or application security …/5/31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138/139). Hands-on experience with security testing tools and techniques (SAST, DAST, penetration testing). Eligible for UK SC clearance; right to work in the UK. Why Join? You'll Gain exposure to cutting-edge defence technology and intelligence insights. More ❯

for a Senior Cyber Engineer to become part of our growing Cyber Engineering Services. A successful candidate for the Cyber Engineer role will possess a solid foundation as a security engineer, responsible for ensuring the security of complex global environments and designing security solutions at scale. This includes extensive expertise in application, cloud, and infrastructure domains. … will design and implement highly secure technical solutions to protect against cyber threats and potential cyber-attacks. The role will be focused on detection engineering within the strategic Element security tooling. Responsibilities Assist in the design and implementation of technical solutions and security toolsets to address security vulnerabilities, mitigate cyber threats, and automate tasks. Contribute to the … ideally including multinational connectivity; Experience with various security technologies such as NDR/content filtering/FW/IPS/IDS/DDOS, EDR/MDR, DAST/SAST, Identity Access Management, SIEM & SOAR, log management. Preferable experience in Azure, AWS, Defender, Darktrace. Experience and technical knowledge in multiple areas of cyber defence operations. Experience as a Cyber Security More ❯

Title: Security Design Specialist (Finance and Banking) Location: Edinburgh, UK Duration: 6 Months Overview: Work with Security architects and application development teams to ensure Threat models designs are secure. Job Description Facilitating Security Architecture run threat modelling workshops assisting the development teams … in identifying and mitigating threats. Oversee security related issues across multiple product teams/squads. Help ensure development teams adopt frictionless shift left security, through engagement with SAST/DAST, automation and CSPM. You will have the ability to work with and understand complex architectures and modern development methods. Ensure that security architecture standards and patterns are … by development teams but also being the conduit for feedback and enhancements to the standards and patterns framework. Being the point of contact for development teams with Global Information Security to help them meet global security policy requirements. More ❯

65k - £78K + bonus, benefits) We are working with a globally renowned and industry leading UK brand who are going through an exciting phase of growth across their wider Security function, resulting in the need for a DevSecOps Engineer. As a DevSecOps Engineer, you will work within a newly established team in a role that sees you provide hands … on Application Security and DevSecOps responsibilities, as well as being involved in various strategic activities. Your duties would include setting-up, securing and enhancing pipelines, scripting and automation, as well as looking at how things are done, what improvements can be made, supporting cyber change initiatives and driving security awareness/practices as necessary. This role will … most companies of a similar size, who also offer some of the best perks & benefits available! Key skills and experience required: · DevSecOps experience · Application Security expertise across SAST, DAST & SCA · Background and experience in Software Development/Scripting/Automation · Ability to work in a fast-paced environment · Ability to work on-site for key strategic/important More ❯