2 of 2 Remote Dynamic Application Security Testing Jobs in Central London

modelling exercises, and continually improve the organisations application security posture. Key Responsibilities Secure Development Lifecycle (SDLC) Experience working with static and dynamic code analysis tools (SAST, DAST) is essentialwhile you dont need to have set them up, you should have collaborated with developers to ensure code is scanned and critical vulnerabilities are blocked in the pipeline. Integrate … security controls into CI/CD pipelines and development workflows. Manage and monitor SAST, DAST, and SCA tools to detect vulnerabilities early in the lifecycle. Conduct secure code reviews and support remediation efforts. Threat Modelling & Architecture Review Requirements (Primarily Essential) 2+ years of experience in application security or secure software development. Strong knowledge of OWASP Top … secure coding principles, and threat modelling. Hands-on experience with SAST, DAST, SCA, and vulnerability management tools. Familiarity with cloud platforms (Azure or AWS), CI/CD pipelines, and DevOps processes. Strong communication skills and the ability to collaborate effectively across teams. Understanding of regulatory and security standards (ISO 27001, FCA, NIST). (Nice to have) Youll need to More ❯

A leading fintech company is seeking a Lead AppSec Engineer to join their established team. Youll be instrumental in embedding security into every stage of the software development lifecycleguiding engineers, shaping best practices, and driving secure, scalable solutions across our platform. Key Responsibilities: Security Advisory : Serve as the go-to expert for application security across engineering … teamsproviding hands-on guidance, resolving concerns, and fostering a security-first mindset. DevSecOps Enablement : Promote and implement secure development practices across CI/CD pipelines, secrets and key management, dependency management … and secure design. Vulnerability Management : Lead vulnerability remediation effortstriaging findings, prioritizing risks, and partnering with teams to deliver effective, pragmatic fixes. Tooling & Automation : Integrate security tools (e.g., SAST, DAST, SCA, secrets scanning) into developer workflows, ensuring automation is both scalable and developer-friendly. Cloud Security Collaboration : Work alongside infrastructure teams to ensure secure configuration of AWS and Azure More ❯