London, South East, England, United Kingdom Hybrid / WFH Options
FOUNDATIONS EXECUTIVE SEARCH
65k - £78K + bonus, benefits) We are working with a globally renowned and industry leading UK brand who are going through an exciting phase of growth across their wider Security function, resulting in the need for a DevSecOps Engineer. As a DevSecOps Engineer, you will work within a newly established team in a role that sees you provide hands … on ApplicationSecurity and DevSecOps responsibilities, as well as being involved in various strategic activities. Your duties would include setting-up, securing and enhancing pipelines, scripting and automation, as well as looking at how things are done, what improvements can be made, supporting cyber change initiatives and driving security awareness/practices as necessary. This role will … companies of a similar size, who also offer some of the best perks & benefits available! Key skills and experience required: · DevSecOps experience · ApplicationSecurity expertise across SAST, DAST & SCA · Background and experience in Software Development/Scripting/Automation · Ability to work in a fast-paced environment · Ability to work on-site for key strategic/important meetings More ❯
Bournemouth, Dorset, United Kingdom Hybrid / WFH Options
Nourish Care
Job Title: Head of Information Security Reporting To: Chief Technology Officer Location: Bournemouth/Hybrid Working Salary: Competitive Job Type: Full Time 37.5 hours a week Our Purpose Nourish Care is the UK market leader in digital social care planning. Our SaaS platform empowers care providers to deliver more transparent, coordinated, and person-centred care. With thousands of care … product, we are scaling fast and aiming even higher - our mission is simple: better care for all. About the Job We're looking for an experienced Head of Information Security to lead and scale Nourish's security strategy in a fast-paced, cloud-native, multi-product SaaS environment. You'll be responsible for safeguarding the confidentiality, integrity, and … vulnerability scanning Collaborate with Product and Engineering teams on threat modelling, penetration testing, and remediation efforts Select, implement, and manage key SaaS security tooling (e.g. SAST/DAST, SIEM, CSPM, endpoint protection, IAM) Ensure alignment with cloud-native architecture and tooling (we primarily use AWS, GitHub Actions, and Terraform) Compliance & Assurance Lead ongoing readiness and evidence for ISO More ❯
opportunity to join a large-scale digital transformation programme aimed at uniting multiple internal business units under a new, secure, cloud-native digital platform. Ideal for a hands-on Security Engineer who enjoys embedding security into the development lifecycle and working with modern tooling and cloud environments. The successful Security Engineer's responsibilities will include: Analysing new … subnets, zones) Experience with API security and integration-related platforms such as Auth0 or API Gateways Proficiency with security tools including SAST (e.g. Snyk, Checkmarx), SCA, and DAST (e.g. OpenZAP, Qualys DAST) Ability to manage secure operations of large-scale software estates, including deployment pipelines, rollback strategies, and uptime monitoring Practical experience building automated security test suites … Engineering, Cybersecurity Engineer, Information Security Specialist, Salesforce, Azure, OWASP CI/CD, DSOMM, SAMM, Cloud Security Posture Management, Prisma Cloud, Azure Defender, Snyk, Checkmarx, OpenZAP, Qualys, DAST, SAST, CI/CD, Infrastructure Security, Auth0, Secure APIs, Networking Protocols, DevSecOps, Secure Development, CRM Security Next Steps Please click "Apply now" and submit your up-to-date More ❯
future states of the organisation and make faster, more informed decisions. The company is headquartered in London, with offices in Philadelphia, The Hague, Toronto, and Sydney. Role The Principal Security Engineer is a strategic, hands-on leader responsible for evaluating, evolving, and executing Orgvue's security engineering strategy across our entire application development and cloud-hosting estate. … Partnering closely with Information Security, Engineering, and Product teams, you will embed secure-by-design principles throughout the software-development lifecycle (SDLC), champion modern DevSecOps practices, and ensure that security is a first-class citizen in everything we build and operate. This role reports directly to the Chief Technology Officer (CTO) and maintains a dotted-line relationship with … Modeling & Risk Assessment - Conduct regular architecture and code-level reviews, drive remediation plans, and present risk posture to leadership. Tooling & Automation - Evaluate, select, and integrate security tooling (SAST, DAST, SCA, container scanners, CSPM, CWPP) and champion IaC/Terraform modules for reusable controls. Collaboration & Mentorship - Act as a trusted advisor to engineering squads, provide security training, and mentor More ❯
an outsized impact, you'll thrive here at Zopa, so join us, and make it count.Want to see us in action? Follow us on The team: Zopa's Product Security team ensures security is baked into our products from the very start of their lifecycles, all the way to the end. We provide the more pre-emptive, design … thinking led, less response-based side of securing the bank. If we do our job right, security becomes inherent in the design of our products, rather than something grafted on after. With you, we'll be a Product Security team of 4, sitting within a larger InfoSec team of 18. Our current projects include ongoing security assessments … security tooling, stitching together CI steps, scripts, and small tools to automate security controls and visualise their results in a helpful manner. This could include SAST, SCA, DAST, secrets scanning, vulnerability scanning, or other tooling Being guardians of our Secure Development Lifecycle, ensuring security controls are baked in and "pushed left" as much as reasonably possible Triaging More ❯
where you will be making an impact on the financial lives of thousands of savers. We're regulated by the Financial Conduct Authority in the UK. As a Senior Security Engineer, you will play a key role in protecting our systems, networks, and data while ensuring compliance with industry leading security standards such as ISO 27001. Your contributions … will be essential in maintaining customer trust and safeguarding critical information assets. This role sits within thePlatform Engineering Teamand requires a strong technical background, hands-on experience with security tools, and a collaborative mindset to work effectively across teams. The role will involveplatform engineering activities, contributing to the design, implementation, and optimisation of scalable infrastructure. If you're motivated … technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools. Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP). Relevant security certifications, such as Security+, IAT II/III level, or equivalent. Strong capability in risk assessment, vulnerability management, and data informed decision-making. Solid More ❯
The Product Security Team's mission is to Left-shift SDLC (Security Development Lifecycle) processes for ALL code written in Databricks (for Customer Use or Supporting Customer internally) to reduce the likelihood of introducing new vulnerabilities in production and minimize the count and effect of externally identified vulnerabilities on Databricks Services. You will be an individual contributor on … the product security team at Databricks, managing SDLC functions for features and products within Databricks. This would include, but is not limited to, security design reviews, threat models, manual code reviews, exploit writing and exploit chain creation. You will also support IR and VRP programs when there is a vulnerability report or a product security incident. You … and Vulnerability Response as and when needed. Work with the results of SAST tools to help evaluate and identify false positives and file defects for real issues. Work on DAST tools and related automation for auto-assessment and defect filing. Maintain the automation framework and add new features as needed to support different security compliances that Databricks may want More ❯
the firm managed approximately US$122 billion on behalf of major pension funds, endowments, foundations, governments and other investors based in the U.S. and abroad.Position Overview:The Senior Security Engineer, reporting to the Director of Information Assurance, is responsible for cloud platform and DevOps security. This senior role will call upon the candidate's DevSecOps experience to help Acadian … Shift Left, injecting security directly into our Software Development Lifecycle … and consistently governing our AWS Platform-as-a-Service (PaaS) infrastructure. We are looking for candidates with deep experience and understanding of continuous delivery, container security, SAST/DAST, secrets management, Identity and Access Management (IAM) governance, privilege management, encryption and key management, threat detection, logging, cloud infrastructure security and policy-as-code.What You'll Do: Assess Acadian More ❯
Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯
Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯
Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯
Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯
Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯
Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯
within the squad to define and deliver scalable, secure data features aligned with business goals. Architect high-performance data retrieval solutions (APIs, web scrapers, SFTP) with a focus on security, efficiency, and best practices. Oversee client data onboarding, ensuring swift, compliant, and secure integration processes. Provide expert support for complex issues, acting as a technical authority and ensuring secure … coding standards through code reviews. Mentor junior engineers, promoting best practices in clean code, testing, and CI/CD. Drive continuous improvement in data feature development and stay updated on industry trends, implementing innovative tools and solutions. Proficient in Microsoft Azure (DevOps, Data Factory, Data Lake, Functions … Azure Container Instances, RBAC and Entra) and DevOps CI/CD. Proficient in Infrastructure as Code (Terraform), secure FTP configurations (SFTP/FTPS), and remediation of security vulnerabilities (DAST, Azure Defender). Expertise in Python for writing efficient code and maintaining reusable libraries. Experienced with microservice design patterns, and Databricks/Spark for big data processing. Strong knowledge of More ❯
we are uniting several businesses internally to produce a stronger offering than ever before in our mission to empower people to be the best version of themselves. As a Security Engineer, you'll provide hands-on technical expertise to guide software development, delivery, and continuous improvement focusing on risk and security. You'll help evolve our new Digital Platform … so that it is secure and compliant with internal and industry regulations. You'll analyze new feature code to identify security risks and work with engineers to mitigate them, applying modern security standards such as OWASP CI/CD, DSOMM, SAMM, and Cloud Security Posture management systems like Azure Defender and Prisma Cloud. At AXA, we work … networking protocol knowledge (TCP/IP, UDP, HTTP/3, etc.), cloud network design, and integration technologies (Auth0, APIM) Expertise with SAST & SCA systems like Snyk, Checkmarx Experience with DAST systems such as OpenZAP, Qualys DAST (preferred) Ability to manage large-scale software estates (build, release, monitoring, rollbacks, high availability) Hands-on experience building automated security test suites As More ❯
we are uniting several businesses internally to produce a stronger offering than ever before in our mission to empower people to be the best version of themselves. As a Security Engineer, you'll provide hands-on technical expertise to guide software development, delivery, and continuous improvement focusing on risk and security. You'll help evolve our new Digital Platform … so that it is secure and compliant with internal and industry regulations. You'll analyze new feature code to identify security risks and work with engineers to mitigate them, applying modern security standards such as OWASP CI/CD, DSOMM, SAMM, and Cloud Security Posture management systems like Azure Defender and Prisma Cloud. At AXA, we work … networking protocol knowledge (TCP/IP, UDP, HTTP/3, etc.), cloud network design, and integration technologies (Auth0, APIM) Expertise with SAST & SCA systems like Snyk, Checkmarx Experience with DAST systems such as OpenZAP, Qualys DAST (preferred) Ability to manage large-scale software estates (build, release, monitoring, rollbacks, high availability) Hands-on experience building automated security test suites As More ❯
we are uniting several businesses internally to produce a stronger offering than ever before in our mission to empower people to be the best version of themselves. As a Security Engineer, you'll provide hands-on technical expertise to guide software development, delivery, and continuous improvement focusing on risk and security. You'll help evolve our new Digital Platform … so that it is secure and compliant with internal and industry regulations. You'll analyze new feature code to identify security risks and work with engineers to mitigate them, applying modern security standards such as OWASP CI/CD, DSOMM, SAMM, and Cloud Security Posture management systems like Azure Defender and Prisma Cloud. At AXA, we work … networking protocol knowledge (TCP/IP, UDP, HTTP/3, etc.), cloud network design, and integration technologies (Auth0, APIM) Expertise with SAST & SCA systems like Snyk, Checkmarx Experience with DAST systems such as OpenZAP, Qualys DAST (preferred) Ability to manage large-scale software estates (build, release, monitoring, rollbacks, high availability) Hands-on experience building automated security test suites As More ❯
Worthing, Sussex, United Kingdom Hybrid / WFH Options
Equiniti
the impact of new technologies and digital services. Apply innovative thinking to deliver customer value. Communicate effectively to broad audiences. Advance own skills and manage development opportunities. Contribute to security, privacy, and ethics practices. Provide line management, guidance, coaching, and mentoring. Develop and maintain software development standards and best practices. Promote engineering excellence and quality. Optimize engineering lifecycle through … knowledge management and learning. Build talent pipelines via hiring, internal movements, and succession planning. Evaluate emerging technologies for competitive advantage. Articulate technical roadmaps and oversee platform validation. Ensure platform security, scalability, and performance, monitoring KPIs and addressing issues. … Lead multiple Agile teams in platform development and technical excellence. Technical Skills REST/WCF Services Database Design Responsive web design Web accessibility and security principles SAST and DAST tools Message queuing systems Application architecture Source control (Azure DevOps, GIT, TFSVC) CI/CD, Blue/Green deployments Azure, AWS Identity Access (AADS, Oauth, Okta) ORM tools, Umbraco More ❯
