1 to 25 of 30 DemandTrendPermanent Static Application Security Testing Jobs in the UK excluding London

RMM Service Automation Platform and has a proven track record of helping MSPs standardize and automate the setup and delivery of IT services to achieve true scalability. The Senior Application Security Engineer plays a critical role in enhancing our application security posture by conducting advanced security assessments, leading security initiatives, and collaborating with development … teams to integrate security into the software development lifecycle. The position plays a key role in identifying and mitigating security vulnerabilities to protect our applications and data. This role is based in our Edinburgh hub. What You'll Do Assist in maturing organizational processes that drive complex security efforts for internal teams and external partners. Develop and … is preferred Thorough understanding of OWASP Top 10 and Secure Development Expertise in automating security tools and integrations, including simple scripting Experience with application security tools (SAST, DAST, IAST and SCA) Strong technical knowledge of development and production release process, including CI/CD Experience with the application of threat modeling and other risk identification techniques More ❯

Join us at Barclays as an Application Security Engineering Lead, where you'll design and deliver tools that help developers build secure software from the start. Your work will enhance security across the bank, protecting critical systems … and sensitive information. To be successful as an Application Security Engineering Lead, you should have experience with: Advanced knowledge of application security testing methodologies (SAST, DAST, IAST, SCA). Experience with cloud security architectures, DevSecOps integration, and pipelines. Advanced knowledge of security principles and guardrails. Coding proficiency in at least one major language. … Some other highly valued skills may include: Proven ability to build and scale application security programs from the ground up. Cross-functional collaboration skills with development, operations, and product teams. Vendor management and security tool evaluation expertise. You may be assessed on key critical skills relevant for success in the role, such as risk and controls, change More ❯

Product Security Architect page is loaded Product Security Architect Apply locations Leeds, UK Dublin, Ireland posted on Posted 14 Days Ago job requisition id JR129906 Product Security Architect Product Security Architect Location - Leeds/Dublin Hybrid - 2 days per week At Flutter, Product Security encompasses not just application code, but also infrastructure as code … the enterprise embed security into the product development lifecycles. This role is the key advisor on AppSec standards, secure development practices, threat modelling, and security tooling (e.g. SAST, DAST, SCA, IaC scanning, container security, etc.), ensuring consistency and maturity in how applications are built and maintained. By aligning teams with modern DevSecOps principles, developer enablement, and security … the development of a global secure development policy, including approved tools, practices, and coding standards. Technology & Tooling Strategy: Evaluate, recommend, and support the rollout of AppSec tools such as SAST, DAST, SCA, container and IaC scanners, runtime protections, and CI/CD pipeline integrations. Collaborate with platform and DevOps teams to ensure tool integration and automation into developer workflows across More ❯

Junior Product Security Engineer Assist in embedding security best practices into Sonos product development lifecycle Location: Glasgow, Scotland, United Kingdom Job Tags: Operations About The Role Junior Product Security Engineer At Sonos we want to create the ultimate listening experience for our customers and know that it starts by listening to each other. As part of the … applicants must live within commuting distance of our Glasgow office location and should expect to be in office a minimum of 4 days per week. At Sonos, our Product Security Vision is to protect our products by implementing proven security practices and leveraging expertise to create experiences that both delight our customers and safeguard them and their information … identify potential security risks in system designs. Operational Product Security Support: Gain hands-on experience with common security tools and technologies such as static analysis (SAST), dynamic scanning (DAST), and security testing frameworks. Assist in streamlining vulnerability remediation processes, tracking defect status, and facilitating vulnerability information flow to development teams. Learn and support Product More ❯

Junior Product Security Engineer page is loaded Junior Product Security Engineer Apply locations Glasgow - Sonos Scotland time type Full time posted on Posted Yesterday time left to apply End Date: September 30, 2025 (30+ days left to apply) job requisition id R2508 At Sonos we want to create the ultimate listening experience for our customers and know that … applicants must live within commuting distance of our Glasgow office location and should expect to be in office a minimum of 4 days per week. At Sonos, our Product Security Vision is to protect our products by implementing proven security practices and leveraging expertise to create experiences that both delight our customers and safeguard them and their information … identify potential security risks in system designs. Operational Product Security Support: Gain hands-on experience with common security tools and technologies such as static analysis (SAST), dynamic scanning (DAST), and security testing frameworks. Assist in streamlining vulnerability remediation processes, tracking defect status, and facilitating vulnerability information flow to development teams. Learn and support Product More ❯

wellbeing and family. Working Pattern: Permanent Full Time Flexible First options available The role We're looking for a SecDevOps Specialist to join our growing team and help embed security and compliance into every stage of our Azure cloud delivery lifecycle. In this role, you'll work at the intersection of IT, security, and data protection-collaborating with … and DevOps pipelines are secure, compliant, and future-ready. You'll play a key role in shaping how we build, test, and deploy software securely in Azure. You Will - Security & Compliance Leadership - Ensure all cloud-based IT projects comply with UK GDPR and emerging regulations like the EU AI Act. Complete and manage Data Privacy Screenings, DPIAs, and data … on secure data handling and privacy best practices. - DevOps Security Integration - Embed security controls into Azure DevOps pipelines, including: Static Application Security Testing (SAST) Software Composition Analysis (SCA) for dependency vulnerabilities, Maintain and improve reusable pipeline templates to meet evolving security needs. Administer and integrate tools like SonarCloud, Snyk, and other DevSecOps solutions. More ❯

The Cyber Security Architect will work closely with the solution architects and enterprise architects to improve and maintain the cyber security of NAVBLUE'S products, services and infrastructure. The ideal candidate will play a critical role in designing and implementing cybersecurity frameworks to align with the business objectives and mitigate potential threats. Main Responsibilities: Perform Security Risk … and Threat analysis during the initial design and the Software Development Life Cycle planning, analysis, and design phases. Providing recommendations and requirements for mitigating any security weaknesses identified while defining Non-Functional Requirements in coordination with Solutions Architects. Ensure Security by Design is embedded within the Software Development Life Cycle, while ensuring that all security requirements have … Working knowledge of the SDLC and AWS network architecture Knowledge of the SAFe Agile method would be an asset Understanding of security testing in the software pipeline (SAST, DAST, SCA, RASP) Knowledge of STRIDE, DICE and other threat and risk frameworks Knowledge of AWS tools Proven experience managing multiple projects simultaneously Practical interpersonal skills; adaptable to all levels More ❯

The Cyber Security Architect will work closely with the solution architects and enterprise architects to improve and maintain the cyber security of NAVBLUE'S products, services and infrastructure. The ideal candidate will play a critical role in designing and implementing cybersecurity frameworks to align with the business objectives and mitigate potential threats. Main Responsibilities: Perform Security Risk … and Threat analysis during the initial design and the Software Development Life Cycle planning, analysis, and design phases. Providing recommendations and requirements for mitigating any security weaknesses identified while defining Non-Functional Requirements in coordination with Solutions Architects. Ensure Security by Design is embedded within the Software Development Life Cycle, while ensuring that all security requirements have … Working knowledge of the SDLC and AWS network architecture Knowledge of the SAFe Agile method would be an asset Understanding of security testing in the software pipeline (SAST, DAST, SCA, RASP) Knowledge of STRIDE, DICE and other threat and risk frameworks Knowledge of AWS tools Proven experience managing multiple projects simultaneously Practical interpersonal skills; adaptable to all levels More ❯

and software management, anchored in a continuous innovation culture. What you'll be doing: As a DevOps Engineer at Ripjar you will be responsible for ensuring the reliability and security of the infrastructure that underpins our development and operational services. You will play an active role in supporting and continuously improving our core infrastructure offering, providing a solid foundation … and applications hosted on Linux-based systems. Design, deploy and maintain IP networks. Create robust automated solutions to allow development teams to self-serve routine infrastructure requests. Improve code security by integrating security testing tools into build and deployment pipelines. Implement effective monitoring of the reliability and security of applications and infrastructure services. The successful candidate … of automating tasks using languages and tools such as Bash, Python, JavaScript, and GitHub Actions. Knowledge of how to effectively use security testing and monitoring tooling, e.g. SAST and SIEM products. Candidates with the following background will be of particular interest: Experience contributing to incident response across a complex microservice-based application Application Security best More ❯

Job Summary We are seeking a pragmatic and highly skilled DevSecOps Engineer to join our Platform team. In this role, you will be responsible for identifying, prioritising and remediating security issues as a security engineer and lead analyst to support the broader organisation. You will collaborate closely with Platform, Infrastructure, Development and Security teams to embed security … modelling, code and infrastructure reviews. Develop and execute incident response procedures, leveraging Sentinel playbooks and Logic Apps when required. CI/CD & Automation Integrate automated security testing (SAST, DAST, SCA) into Azure DevOps pipelines or GitHub Actions. Create Infrastructure as Code (IaC) with Terraform or ARM templates, embedding security checks. Automate security operations tasks using Azure … party tools). Ability to design and enforce patch windows and remediation SLAs. DevSecOps Toolchain Proficient with CI/CD tooling in Azure DevOps or GitHub Actions. Experience integrating SAST (e.g. SonarQube), DAST (e.g. OWASP ZAP) and SCA (e.g. Dependabot, Snyk) into pipelines. Infrastructure as Code: Terraform, ARM or Bicep. Container & Cloud Security Knowledge of containerisation (Docker, Kubernetes/ More ❯

Security Development & Test Director £140,000 GBP Onsite WORKING Location: Central London, Greater London - United Kingdom Type: Permanent Security Development & Test Director London (Hybrid, 2-3 days onsite) Up to £140,000 + Benefits + Bonus We're hiring a Security Development & Test Director to lead a rapidly growing security capability at a major global consultancy. … This is a leadership role where you'll shape strategic offerings around secure software development, DevSecOps, and security testing - while staying hands-on enough to influence tooling, architecture, and delivery standards across complex client environments. You'll be joining a high-performing cyber team with serious backing and a strong pipeline of transformation work across multiple sectors. … What you'll be doing: Leading the definition and implementation of secure architecture and DevSecOps practices across large-scale client programmes Overseeing security testing operations - including tooling (SAST, DAST, SCA), processes and coverage Driving service maturity and quality across delivery, with a focus on automation, governance, and continuous improvement Supporting business development and client engagement - from presales and More ❯

Security Development and test Director £100,000 to 135,000 GBP Bonus Hybrid WORKING Location: Central London, Greater London - United Kingdom Type: Permanent Security Development & Test Director Permanent | London or Birmingham (Hybrid) | £135,000 + 20% Bonus + £6,000 Car Allowance | Senior Director Level This is a rare opportunity for an accomplished leader in secure development to … shape and drive the future of secure architecture, DevSecOps integration, and software security testing across large-scale transformation programmes. You'll work at both strategic and operational levels, embedding secure-by-design principles across software pipelines while driving improvements in security architecture, tooling, and compliance. This senior role offers significant autonomy and impact-perfect for someone with … SDLC Define and govern secure architecture and ensure alignment with enterprise policies and industry frameworks (e.g. OWASP, NIST, ISO 27001) Drive DevSecOps integration into CI/CD pipelines, embedding SAST, DAST, SCA and container security tools Own the security testing process, improving automation, coverage, and remediation velocity Champion secure design, threat modelling and coding best practices across More ❯

Security Engineer Permanent Hybrid - 2 or 3 days p/w on-site Tunbridge Wells area (Hands on recent career experience of Salesforce Industries/Vlocity is essential) FPSG have a fantastic opportunity to join a large-scale digital transformation programme aimed at uniting multiple internal business units under a new, secure, cloud-native digital platform. Ideal for a … and cloud network architecture (VPNs, subnets, zones) Experience with API security and integration-related platforms such as Auth0 or API Gateways Proficiency with security tools including SAST (e.g. Snyk, Checkmarx), SCA, and DAST (e.g. OpenZAP, Qualys DAST) Ability to manage secure operations of large-scale software estates, including deployment pipelines, rollback strategies, and uptime monitoring Practical experience building … Engineer, Information Security Specialist, Salesforce Industries, Vlocity, Azure, OWASP CI/CD, DSOMM, SAMM, Cloud Security Posture Management, Prisma Cloud, Azure Defender, Snyk, Checkmarx, OpenZAP, Qualys, DAST, SAST, CI/CD, Infrastructure Security, Auth0, Secure APIs, Networking Protocols, DevSecOps, Secure Development, CRM Security Next Steps Please click "Apply now" and submit your up-to-date CV More ❯

global, market-leading insurance organisation that's shaping the future of digital health and technology. This is your opportunity to be part of an innovative, forward-thinking environment where security, engineering excellence, and customer impact are at the heart of everything we do! What you'll do: Provide hands-on technical expertise in secure software development within a product … improve secure CI/CD pipelines and modern security practices. Ensure risk management, security, and quality are embedded in software delivery. Implement and manage security tooling (SAST, DAST) to support development and testing. Adhere to best practices in architecture, design, coding standards, and SDLC. Mentor and support continuous improvement within the engineering community. What you'll bring … Technical leadership with strong decision-making and prioritisation skills. Expertise in secure systems design and infrastructure. Experience securing CI/CD pipelines and using security tools. Expertise in key technologies such as .NET/C#, Azure PaaS, Javascript, and Salesforce APEX, and in frameworks such as React, Node, React-Native, Playwright, etc Holds the right to work in the More ❯

Security Development & Test Director ££140,000 - £155,000 GBP Hybrid WORKING Location: Central London, Greater London - United Kingdom Type: Permanent Security Development & Test Director Anson McCade England, United Kingdom (On-site) SaveApply Security Development & Test Director Hybrid - London or Birmingham | £140k-£155k base + 20% bonus + package Our client is a global security leader, operating … at the cutting edge of digital transformation, cloud integration, and enterprise security. With a workforce of 7500+ cybersecurity specialists and strategic partnerships with top-tier security tech providers, they're redefining how enterprise-grade security is built, deployed, and continuously improved. They're now seeking a Security Development and Test Director to lead their secure software engineering … in career development What you'll be doing: Leading secure architecture standards across engineering teams and embedding security within CI/CD workflows Owning security tooling strategy (SAST, DAST, SCA, container scanning) and driving adoption across development pipelines Building and mentoring high-performing teams in secure coding, DevSecOps, and threat modelling Leading engagements with major clients during pre More ❯

This is a huge opportunity for an experienced and driven Platform Security Engineer to join a rapidly growing fintech team! As a Platform Security Engineer, you will play a key role in protecting our clients systems, networks, and data while ensuring compliance with industry leading security standards such as ISO 27001. This role sits within the Platform … Engineering Team and requires a strong technical background, hands-on experience with security tools, and a collaborative mindset to work effectively across teams. What you'll do: Develop and implement proactive security strategies, policies, and procedures to protect our systems, networks, and data assets. Lead regular security assessments, including vulnerability scans and penetration tests, identifying risks and … technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools. Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP). Relevant security certifications, such as Security+, IAT II/III level, or equivalent. Strong capability in risk assessment, vulnerability management, and data informed decision -making. More ❯

Windows Server/SSMS* IIS and Apache Tomcat (Web services)* Virtualisation software* Package management tools (CloudSmith/JFrog Artifactory)* Container management (docker or Kubernetes)* CICD process with ideally with SAST and SCA code analysis* DevOps tools: Git repo, Azure DevOps, Azure, GitHub, TeamCity, OctopusDeploy, Terraform, Ansible, PowerShell* Strong stakeholder management and communication skills.Contact: David Southwood - CPS GroupBy applying to this More ❯

CD tools (Jenkins, GitHub Actions, GitLab etc.) Container platforms (Docker, Kubernetes) Infrastructure-as-code (Terraform, Ansible, Pulumi, CloudFormation) Cloud platforms (AWS, Azure, GCP) Security engineering tools and practices: SAST/DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. … Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in consulting , solutions architecture , or technical coaching . Interest in technical sales and supporting go-to-market strategies. Excellent written and verbal communication skills, with the ability to translate complex technical topics to both … technical and non-technical stakeholders. AWS/Azure/GCP certifications, CISSP, CISM, or other security certifications are a plus Perks & Benefits Competitive salary. Generous equity plan. Remote-first working environment with regular travel to customer sites across Europe (London, Zurich, and more). Opportunity to work on innovative solutions with a passionate and driven team. If you are More ❯

CD tools (Jenkins, GitHub Actions, GitLab etc.) Container platforms (Docker, Kubernetes) Infrastructure-as-code (Terraform, Ansible, Pulumi, CloudFormation) Cloud platforms (AWS, Azure, GCP) Security engineering tools and practices: SAST/DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. … Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in consulting , solutions architecture , or technical coaching . Interest in technical sales and supporting go-to-market strategies. Excellent written and verbal communication skills, with the ability to translate complex technical topics to both … technical and non-technical stakeholders. AWS/Azure/GCP certifications, CISSP, CISM, or other security certifications are a plus Perks & Benefits Competitive salary. Generous equity plan. Remote-first working environment with regular travel to customer sites across Europe (London, Zurich, and more). Opportunity to work on innovative solutions with a passionate and driven team. If you are More ❯

CD tools (Jenkins, GitHub Actions, GitLab etc.) Container platforms (Docker, Kubernetes) Infrastructure-as-code (Terraform, Ansible, Pulumi, CloudFormation) Cloud platforms (AWS, Azure, GCP) Security engineering tools and practices: SAST/DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. … Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in consulting , solutions architecture , or technical coaching . Interest in technical sales and supporting go-to-market strategies. Excellent written and verbal communication skills, with the ability to translate complex technical topics to both … technical and non-technical stakeholders. AWS/Azure/GCP certifications, CISSP, CISM, or other security certifications are a plus Perks & Benefits Competitive salary. Generous equity plan. Remote-first working environment with regular travel to customer sites across Europe (London, Zurich, and more). Opportunity to work on innovative solutions with a passionate and driven team. If you are More ❯

CD tools (Jenkins, GitHub Actions, GitLab etc.) Container platforms (Docker, Kubernetes) Infrastructure-as-code (Terraform, Ansible, Pulumi, CloudFormation) Cloud platforms (AWS, Azure, GCP) Security engineering tools and practices: SAST/DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. … Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in consulting , solutions architecture , or technical coaching . Interest in technical sales and supporting go-to-market strategies. Excellent written and verbal communication skills, with the ability to translate complex technical topics to both … technical and non-technical stakeholders. AWS/Azure/GCP certifications, CISSP, CISM, or other security certifications are a plus Perks & Benefits Competitive salary. Generous equity plan. Remote-first working environment with regular travel to customer sites across Europe (London, Zurich, and more). Opportunity to work on innovative solutions with a passionate and driven team. If you are More ❯

We're looking for a Software Engineer to build the internal platform that powers our security development lifecycle. You will design and maintain a backend-focused service that ingests, normalizes, and correlates security artifacts … enabling centralized risk visibility, audit readiness and automated compliance workflows. Key Responsibilities Design & implement a backend platformthat schedules ingestion, normalization, storage, and historical tracking of security artifacts (BOMs, SAST/SCA findings, fuzzing results) in a scalable, tool-agnostic fashion. Develop and maintain ETL pipelinesand database schemas for high-throughput ingestion and historical trend analysis. Expose data via well … and querying relational databases. Clear technical writing todocumentdata schemas, APIs, and dashboard usage. "Nice to Have" Skills and Experience Experience with Grafana, Prometheus, or similar observability platforms. Familiarity with SAST and SCA tools (e.g., Coverity, Black Duck) and experience understanding their findings. Experience defining and visualizing key security and performance metrics within dashboard solutions. Experience with security data More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯