1 to 11 of 11 Static Application Security Testing Jobs in England

tools and infrastructure Understanding the needs of stakeholders and conveying this to developers Working on ways to automate and improve development and release processes Testing and examining code written by others and analysing results Ensuring that systems are safe and secure against cybersecurity threats Familiar with the NCSC secure … design principles Familiar with managing security of cloud platforms, including administration of secrets, tokens and certificates. Working with Architects, Data and Software Engineers to ensure that development follows established processes and works as intended Planning out projects and being involved in project management decisions Responsible for the design, security … with Azure DevOps and GitHub Actions to automate the build and deploy of containerised applications Experience implementing effective instrumentation to monitor applications Experience implementing SAST and DAST tooling in deployment pipelines like Trivvy and SonarQube Experience of both AWS and Azure Dev Ops tooling. This role will require you to more »

As a Product Security Specialist (PSS) at HL, you will join a team of security experts who work with various modern technologies to ensure the security of HL's products. You will be the main point of contact for security issues and requirements for each assigned … development life-cycle. You will also facilitate threat modeling workshops assisting product teams in identifying and mitigating threats. What you will be doing Oversee security related issues across multiple product teams/squads. Working within Product teams, you will be the single point of contact for security related … required. Knowledge of security principles, practices, and frameworks, such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modeling and risk assessments. Interview process The interview process for this role is two stages more »

As the Lead Security Specialist at HL, you will join a team of security experts working with various modern technologies to ensure the security of HL's products. You will oversee security issues and requirements for all product teams, dealing with complex projects daily and serving … as the escalation point for the Product Security Specialist (PSS). You will lead threat modelling workshops and engage with key stakeholders to identify threats and recommend countermeasures. Additionally, you will lead a team of Product Security Specialists, providing leadership, technical guidance, and support in tailoring their development … preferrable. Knowledge of security principles, practices, and frameworks, such as OWASP, NIST, and ISO Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages more »

Application Security and DevSecOps Engineer, AXA DCP London London – UK , Wroclaw – Poland, Paris – France, Milan – Italy, Barcelona or Madrid – Spain AXA’s Management Committee is driving a unique strategic initiative - Digital Commercial Platform (DCP) – designed to transform AXA’s value proposition. Through DCP, AXA will serve existing and … commercial lines book of business of AXA Group Create a platform for risk management and prevention services Build an ecosystem of business partners As Application security and DevSecOps engineer, your main mission will be to ensure the security and integrity of our applications and infrastructure. You will … such as ISO 27001, GDPR, OWASP, and common web application vulnerabilities. Experience with DevSecOps practices and tools (CI/CD, Infrastructure as code, SAST, DAST) and Agile development methodologies Experience with cloud platforms (e.g., AWS) , containerization technologies and security best practices (API Security, Container Security, and more »

in an inclusive environment that helps them thrive. An exciting opportunity within UK's largest retail bank and household name are looking Data Resilience Security Engineer based in Bristol, Manchester, Leeds, Edinburgh, Halifax & Birmingham Role : Data Resilience Security Engineer Location : Bristol, Manchester, Leeds, Edinburgh, Halifax & Birmingham (2 days … Technical Lead and requires ambitious individuals with a proactive, can-do attitude and solution-oriented mindset to deliver at pace. As the Data Resilience Security Engineer, you will focus on Data Security; assuring the group safeguards data and associated assets from vulnerabilities and threats that could lead to … compromise of the integrity and availability leading to customer harm. Experience and skills Required: Security scanning and testing, including Qualys, Ethical Hacking, SAST & DAST Vulnerability management (CVSS) Hands on experience of modern security architecture along with diagnostic and monitoring tooling. Proficient in Cryptographic key management and encryption more »

Who we are looking for An Information Security Specialist who will focus on the technical side of IT Security, specifically looking at application security and code analysis, ensuring applications are built securely. The Information Security team deal with the security of closed-sourced, open … source and in-house written applications. The objective is to ensure that systems and services are built with privacy and security by design. You will be working closely with the Software Development team, to confirm that application based vulnerabilities are understood and mitigated. This is done from a … security assessment point of view rather than code QA, therefore code reading skills are desirable. The team comprises of a variety of individuals, ranging from graduates to time served engineers with backgrounds as sys-admin, networks, service operation as well as security. We use first class, enterprise level tools more »

Who we are looking for A Senior Information Security Specialist to focus on the technical side of IT Security, specifically looking at application security and code analysis to ensure applications are built securely. The Information Security team deal with the security of closed sourced … open source and in house written applications. The objective is to ensure that systems and services are built with privacy and security by design. You will work closely with the Software Development team to confirm that application based vulnerabilities are understood and mitigated. This is done from a … security assessment point of view rather than code QA, therefore code reading skills are desirable. The team comprises of graduates to time served engineers with backgrounds as sys-admin, networks, service operation as well as security. We use first-class, enterprise-level tools to identify threats to the systems more »

Security Engineer - Application Security, £70,000 - £90,000 base, 15% bonus, Great benefit package We're working with a FTSE 100 e-commerce firm that is looking for an experienced Application Security expert to enhance its secure software capabilities. This opportunity is ideal for a … DevSecOps/Application Security technical consultant or engineer with a proven track record in agile environments. The role involves providing expert guidance and driving improvements to bolster the client's Application Security posture. The role involves identifying and managing security toolsets, providing guidance to engineering … technical support for our products. Experience & Core Technical Skills: Proficiency in Python, JavaScript, or Java. Experience deploying Application Security Tooling (SCA/SAST/DAST/IaC Security) into DevOps environments. Deep understanding of application security across Web, API, and Mobile platforms. Knowledge of OWASP more »

DevSecOps Engineer Engineering, Software Development, DevOps, DevSecOps, Security Hybrid working - 1 day London, 4 day's work from home @mecscomms is recruiting for a DevSecOps Engineer, on behalf a major telecommunications service provider. The role is crucial in the operational efficiency & security of software development & deployment processes, through … the following; Multi cloud environments, AWS, Azure, managing Splunk, defining data streams, indices, ingests & dashboards, adding security tooling to CI/CD pipelines, SAST, code security, SonarCloud, AWS Security Hub, Source code, Github, Github Actions, IaC tooling, Automation, AWS CLI, Python, PowerShell, Azure CLI, Docker, Kubernetes etc … environments AWS & Azure etc. * Using & managing Splunk including defining data streams, indices & ingests & dashboards * CI/CD pipelines & adding security tooling to these * SAST & other techniques to improve code security * SonarCloud, AWS Security Hub, etc. to improve security position * Source code systems & branching strategies; Github & Github more »

more at iongroup.com . Your role Your duties and responsibilities Work with cloud platform teams to design, develop, debug and support platforms, services and application workspaces. Work with the application teams to design, develop, debug and support new cloud-native applications and migrate existing applications to the cloud. … practices to keep the ION Cloud up to date with the best of breed available in the industry. Maintain strong and continuous engagement with security SMEs internally and externally to ensure the ION Cloud architecture and operating model is up to the top security standards. Work with stakeholders … SANS CWE, OpenSAMM, BSIMM, etc. Penetration testing, vulnerability scanning Implementation of security monitoring tools. Implementing pipelines that make use of SCA, SAST, DAST, IAST and RASP solutions. Qualifications SANS/SEC-540: Cloud Security and DevSecOps Automation Systems Security Certified Practitioner (SSCP) Certified Information Systems Security more »

at Sky. What you'll do Working with the business to drive down the number of open vulnerabilities identified by pen testing, SCA, SAST and Secrets scanning and ASM platforms. Formalising internal processes and documentation in relation to the relevant internal services provided. Vendor liaison and management. Reporting and … metrics management. Provide mentorship and guidance to junior members of the team. What you'll bring Previous experience in Cyber Security/Information Security. Previous experience in analytical/technical role. Working Knowledge of Source Code Management systems, e.g. GitHub. Knowledge of the vulnerability management process. The ability to … manage and build relationships with different stakeholders. Excellent verbal and written communication skills. Team overview Cyber Security Our products, platforms and technologies are constantly evolving that’s why keeping Sky safe from cyber-attacks is one of our top priorities. Our Cyber Security team helps the business grow more »