1 to 25 of 26 Remote Permanent Dynamic Application Security Testing Jobs

London, United Kingdom Posted on 24/02/2025 Job Description: Security Testing Engineer Location: Remote with occasional travel as required Employment Type: Permanent About the Role Scrumconnect Consulting is looking for a Security Testing Engineer to ensure the security, resilience, and compliance of … GOV.UK digital services . This role involves identifying vulnerabilities, mitigating security risks, and ensuring adherence to government security policies and DDAT frameworks . You will work closely with developers, security architects, and business stakeholders to embed security testing into Agile development workflows and DevSecOps pipelines. … security test plans for GOV.UK digital services. Identify security vulnerabilities through static and dynamic application security testing (SAST & DAST) . Ensure security testing is seamlessly integrated into CI/CD pipelines and DevSecOps processes. Define security requirements and best practices, aligning More ❯

Job Title: Application Security Engineer Job Type: Permanent Location: UK or Europe (Remote) Salary: $150,000 - $180000 About the Role My client is seeking an Application Security Engineer to strengthen our security posture by identifying vulnerabilities, integrating best practices into CI/CD pipelines , and … ensuring compliance with PCI DSS, SOC 2, GDPR, and CCPA . You'll work closely with development teams to embed security into the Software Development Lifecycle (SDLC) from the ground up. If you're passionate about securing applications and solving complex security challenges, we want to hear from … reviews and threat modeling during the application design phase. Perform static and dynamic application security testing (SAST/DAST) on internal and third-party applications. Define and maintain security standards for software development. Integrate security tools and processes into CI/CD More ❯

Senior Security Engineer We are seeking an experienced Senior Security Engineer to join our dynamic Security Team. In this key role, you will be a key contributor to Funding Circle's cloud and application security posture. You will leverage your deep expertise in AWS … security, secure software development lifecycle (SSDLC) practices, and CI/CD security to implement and champion robust security solutions. You will act as a subject matter expert and mentor, collaborating closely with engineering and product teams to embed security seamlessly into our cloud infrastructure and development … implementing, securing, and managing a wide range of AWS security services. Proven, hands-on experience architecting, building, and integrating security tooling (SAST, DAST, SCA, secrets management, IAST) and automated security controls within CI/CD pipelines (e.g., GitLab CI, Jenkins, GitHub Actions). Strong track record of More ❯

Application Security Consultant (AppSec) Permanent Role Fully Remote Up to £80K per annum Are you a skilled application security professional with a strong grasp of cloud-native development and a passion for safeguarding software systems? Join an innovative cyber security consultancy working at the forefront … of resilience, supporting clients across the military, government, finance, and tech sectors. As an Application Security Consultant, you'll be the go-to expert on software-level threats and controls. You'll play a key role in embedding security within cloud-native development environments-particularly AWS-by … teams in secure coding best practices through workshops, threat modelling, and code reviews. Define and enforce security checkpoints across the DevOps lifecycle (SAST, DAST, SCA). Champion secure API design, including robust authentication, authorisation, and validation techniques. Identify and mitigate security vulnerabilities through reviews and penetration test support. More ❯

UK based, primarily remote working with some travel required to our London Office. Sponsorship is not available for this role. What you will do: Security Integration in CI/CD Pipelines: Implement security controls within CI/CD pipelines using automation and best practices, ensuring vulnerabilities are caught … Response: Develop and maintain monitoring systems and respond to security incidents quickly and effectively. Automated Security Testing: Integrate and manage SAST, DAST, and other security testing tools to identify security issues in code and applications. Compliance and Governance: Develop and manage Azure policies to … as vulnerability scanners, intrusion detection systems, & security information & event management (SIEM) solutions. Knowledge of container management with Azure Container Registry. Experience in SAST, DAST & other techniques to improve code security Desirable: Proficiency in scripting, preferably with PowerShell. Understanding of DotNet development and deployment pipelines. Experience working with PCI More ❯

Principal Product Security Engineer Apply locations CZ - Prague UK - London time type Full time posted on Posted 6 Days Ago job requisition id JR103958 Our Product Security team is seeking a Principal Product Security Engineer to define and lead a secure development strategy and approach in a … fast-paced, agile development environment. You will be responsible for defining and driving security-related initiatives in collaboration with internal stakeholders. You will bring a wealth of technical expertise and industry experience spanning application security, cloud security, DevSecOps and CI/CD. The ideal candidate for … with secure software development lifecycle, security testing, vulnerability management. Experience with cloud technologies (AWS, Azure), security testing and automation (SAST, DAST, SCA), and AI/ML technologies. Deep understanding of DevSecOps principles and agile development. Knowledge of secure architecture and design principles, industry standards (NIST SSDF More ❯

to help shape the new flagship development center and contribute to high-impact projects in a thriving tech environment. Position Overview: Were expanding our application security team and are looking for someone with Java and Python experience. Youll focus on a subset of our products to understand them … development teams build products that are secure by design. What you will do: Youll support product teams through activities such as: Defining requirements for security features Proactively identifying and controlling risks using techniques like threat modeling Designing and implementing automated security tests Performing manual security assessments including … JavaScript framework Test design Unit tests and end-to-end tests both automated and manual A proven history of turning SCA/SAST/DAST results into teachable moments Application penetration testing experience is a bonus. Fluency in English What you'll gain at Intapp: Our culture at More ❯

to help shape the new flagship development center and contribute to high-impact projects in a thriving tech environment. Position Overview: Were expanding our application security team and are looking for someone with Java and Python experience. Youll focus on a subset of our products to understand them … development teams build products that are secure by design. What you will do: Youll support product teams through activities such as: Defining requirements for security features Proactively identifying and controlling risks using techniques like threat modeling Designing and implementing automated security tests Performing manual security assessments including … JavaScript framework Test design Unit tests and end-to-end tests both automated and manual A proven history of turning SCA/SAST/DAST results into teachable moments Application penetration testing experience is a bonus. Fluency in English What you'll gain at Intapp: Our culture at More ❯

to help shape the new flagship development center and contribute to high-impact projects in a thriving tech environment. Position Overview: Were expanding our application security team and are looking for someone with Java and Python experience. Youll focus on a subset of our products to understand them … development teams build products that are secure by design. What you will do: Youll support product teams through activities such as: Defining requirements for security features Proactively identifying and controlling risks using techniques like threat modeling Designing and implementing automated security tests Performing manual security assessments including … JavaScript framework Test design Unit tests and end-to-end tests both automated and manual A proven history of turning SCA/SAST/DAST results into teachable moments Application penetration testing experience is a bonus. Fluency in English What you'll gain at Intapp: Our culture at More ❯

to help shape the new flagship development center and contribute to high-impact projects in a thriving tech environment. Position Overview: Were expanding our application security team and are looking for someone with Java and Python experience. Youll focus on a subset of our products to understand them … development teams build products that are secure by design. What you will do: Youll support product teams through activities such as: Defining requirements for security features Proactively identifying and controlling risks using techniques like threat modeling Designing and implementing automated security tests Performing manual security assessments including … JavaScript framework Test design Unit tests and end-to-end tests both automated and manual A proven history of turning SCA/SAST/DAST results into teachable moments Application penetration testing experience is a bonus. Fluency in English What you'll gain at Intapp: Our culture at More ❯

Job Title: Application Security (AppSec) Consultant Location: Remote (UK-based only) Salary: Up to £80,000 Type: Full-time, Permanent Are you passionate about building secure software and driving real impact in the world of cybersecurity? Our client, a cutting-edge cyber consultancy, is seeking an Application Security Consultant to strengthen their growing technical team. This is a fully remote role, offering the chance to work alongside experts from diverse industries including defence, finance, and tech— while making a real difference. What You’ll Be Doing … Partnering with developers and engineers to bake security into every stage of the software development lifecycle. Enhancing DevSecOps practices with tools like SAST, DAST, and SCA—making sure security isn’t just an afterthought. Leading secure code reviews, threat modelling sessions, and providing practical guidance on secure design. More ❯

consistently updating our job descriptions to ensure we continue to lead in banking innovation. How you will contribute and key responsibilities: As a Senior Security Engineer, you will be instrumental in designing and implementing security measures for our mobile applications, services, and websites to meet the highest security standards. Your expertise will help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems … monitoring, networks, firewalls, load balancers, DNS, CDNs Working knowledge of agile DevSecOps environments, and CI/CD (Git, Concourse, Terraform) Working knowledge of SAST, DAST, RASP, and IAST tools and building security into existing SDLC processes Knowledge of cloud Security Architecture of public clouds (such as AWS or More ❯

the sole expert in this position, you'll spearhead Cyber projects with plans to build your own team in 2025 The role combines two dynamic elements: Core IT Security: Leverage your deep technical expertise to maintain the security of our infrastructure, servers, and systems. From leading our … Managed Security Service Providers (MSSPs), building a best-in-class Cyber training and awareness programme, and performing security audits on critical systems. Cybersecurity Governance: Implement governance and frameworks to embed security across the business, across IT, Engineering, and other business verticals, ensuring best-practice configurations become the … application gateways, private and service endpoints, and firewalls. Secure Software Development: Deep experience implementing effective secure coding practices (e.g., OWASP Top 10, SAST, DAST, SonarCloud). You can seamlessly integrate security into the SDLC with a shift-left approach. Cloud Security Tools: Practical experience with Azure Sentinel More ❯

on offering a full range of architecture and planning, system implementation, integration, analytics and O&M for our customers. We are seeking a Senior Security Engineer to support our Federal customer's CIO Cyber Security organization and manage all vulnerability remediation activities, including Binding Operational Directive (BOD) compliance. … Responsibilities: Perform Security Impact Analyses on application releases and provide recommendations to federal leadership Perform software vulnerability scans, interpret the results, and provide vulnerability mitigation recommendations Support and develop analyses of alternatives and decisions on courses of action by providing security insights to project teams and federal … compliance with FISMA and NIST requirements, 508 compliance and other Federal IT security management guidelines. Experience with OWASP, Splunk, Java, SQL Experience with DAST and SAST Working Knowledge of CI/CD, APIs and WAF Working at ICF ICF is a global advisory and technology services provider, but we More ❯

London-based Quant Trading fund is looking for a Senior Security Architect to influence architecture and lead strategic security projects during a period of rapid expansion. The incoming Security Architect will work with IT, cloud, and engineering teams to implement security solutions for low-latency systems … and multi-cloud platforms (AWS and Azure). Whilst this is predominantly a security architecture role, the incoming architect will perform an advisor/consulting role, helping to guide and influence technology stakeholders to build secure and robust systems. Role and Responsibilities: Support the implementation of security controls … Perform vendor security reviews to assess third-party security practices and ensure compliance with standards Integration of security scanning tools (SAST, DAST, etc.) into CI/CD pipelines and runtime environments to ensure continuous security monitoring and threat detection across Cloud - AWS, Azure, and on-prem More ❯

London-based Quant Trading fund is looking for a Senior Security Architect to influence architecture and lead strategic security projects during a period of rapid expansion. The incoming Security Architect will work with IT, cloud, and engineering teams to implement security solutions for low-latency systems … and multi-cloud platforms (AWS and Azure). Whilst this is predominantly a security architecture role, the incoming architect will perform an advisor/consulting role, helping to guide and influence technology stakeholders to build secure and robust systems. Role and Responsibilities: Support the implementation of security controls … Perform vendor security reviews to assess third-party security practices and ensure compliance with standards Integration of security scanning tools (SAST, DAST, etc.) into CI/CD pipelines and runtime environments to ensure continuous security monitoring and threat detection across Cloud - AWS, Azure, and on-prem More ❯

About Us Sophos is a global leader and innovator of advanced security solutions for defeating cyberattacks. The company acquired Secureworks in February 2025, bringing together two pioneers that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure … supporting more than 28,000 organizations. In addition to MDR and other services, Sophos' complete portfolio includes industry-leading endpoint, network, email, and cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection … and other cybersecurity frameworks. Knowledge of cryptographic techniques and implementations. Familiarity with security tooling used to support a SSDLC (SCA/SAST/DAST/container scanning). A strong desire to stay current and understand emerging technologies and risks. Strong project management skills to drive and oversee the More ❯

Worked with defining data models and interacting with databases Built software that incorporates best practices in application security controls, such as SAST, DAST, Penetration Testing etc. Skills we'd love to see/Amazing Extras: Experience with Docker, Kubernetes or other serverless application delivery platforms Used … of the Business Disability Forum so please get in touch if you'd like to discuss any adjustments that you might need in the application process - and if you are successful beyond this. We don't accept speculative CVs from agencies - you can see our policy on agencies here More ❯

.Net Core, with frameworks like Blazor, Angular 2+, or React. Knowledge of software design patterns, clean code, REST APIs, and messaging. Experience in cloud application … development, particularly with Azure (preferred), AWS, or GCP. Defining data models and working with databases. Understanding application security best practices, including SAST, DAST, and penetration testing. Skills we'd love to see/Amazing Extras: Experience integrating AI technologies like Azure AI Services or ChatGPT. Containerizing applications and … divisions and specialisms within Tech and Engineering: Technology and Engineering at KPMG ITs Her Future Women in Tech KPMG Workability and Disability confidence Additional application support and resources: Applying to KPMG Interview tips KPMG Values KPMG Competencies Locations & FAQ The evolving nature of tax and legal services makes working More ❯

Container platforms (Docker, Kubernetes) Infrastructure-as-code (Terraform, Ansible, Pulumi, CloudFormation) Cloud platforms (AWS, Azure, GCP) Security engineering tools and practices: SAST/DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or … similar regulated industries. Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in consulting , solutions architecture , or technical coaching . Interest in technical sales and supporting go-to-market strategies. Excellent written and … the ability to translate complex technical topics to both technical and non-technical stakeholders. AWS/Azure/GCP certifications, CISSP, CISM, or other security certifications are a plus Perks & Benefits Competitive salary. Generous equity plan. Remote-first working environment with regular travel to customer sites across Europe (London More ❯

eliminating manual processes (Terraform, ArgoCD, no click-ops). DevSecOps integration expertise to build security automation throughout the software development lifecycle (SCA, SAST, DAST tools). Technical communication skills to engage with diverse stakeholders and manage vendor relationships while maintaining technical control. Genuine passion for platform engineering as a More ❯

Ensure security, prevent and detect fraud, and fix errors. Your data can be used to monitor for and prevent unusual and possibly fraudulent activity (for example, regarding advertising, ad clicks by bots), and ensure systems and processes work properly and securely. It can also be used to correct any … implement improvements to processes and tooling to ensure engineering excellence. You'll have a strong understanding of operational requirements, and ensure Scalability, Resiliency, Observability, Security, Cost and Maintainability are at the forefront of all engineering activities. What you'll bring Bachelor's or Master's in Computer Science is … tooling (ie GitHub Actions, Jenkins, ArgoCD, Artifact Repository). Knowledge of software engineering including testing frameworks, and secure code delivery (ie SCA, SAST, DAST). Scripting/Coding (Bash, Python). End to End Observability solutions (logging, monitoring, alerting). Strong problem solving skills including level 3 support (not More ❯

implement improvements to processes and tooling to ensure engineering excellence. You'll have a strong understanding of operational requirements, and ensure Scalability, Resiliency, Observability, Security, Cost and Maintainability are at the forefront of all engineering activities. What you'll bring Bachelor's or Master's in Computer Science is … tooling (ie GitHub Actions, Jenkins, ArgoCD, Artifact Repository). Knowledge of software engineering including testing frameworks, and secure code delivery (ie SCA, SAST, DAST). Scripting/Coding (Bash, Python). End to End Observability solutions (logging, monitoring, alerting). Strong problem solving skills including level 3 support (not More ❯

implement improvements to processes and tooling to ensure engineering excellence. You'll have a strong understanding of operational requirements, and ensure Scalability, Resiliency, Observability, Security, Cost and Maintainability are at the forefront of all engineering activities. What you'll bring Bachelor's or Master's in Computer Science is … tooling (ie GitHub Actions, Jenkins, ArgoCD, Artifact Repository). Knowledge of software engineering including testing frameworks, and secure code delivery (ie SCA, SAST, DAST). Scripting/Coding (Bash, Python). End to End Observability solutions (logging, monitoring, alerting). Strong problem solving skills including level 3 support (not More ❯

scrum processes Cost optimization design for solutions Experience with core technical integrations with security and change management tooling such as SNOW, SAST/DAST tooling Strong communicator and able to interact with a range of stakeholders such as engineering teams and senior management Key Skills/Experience: Essential Skills … we will reply as soon as possible. Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment More ❯