3 of 3 Dynamic Application Security Testing Jobs in Gloucestershire

The Cyber Security Architect will work closely with the solution architects and enterprise architects to improve and maintain the cyber security of NAVBLUE'S products, services and infrastructure. The ideal candidate will play a critical role in designing and implementing cybersecurity frameworks to align with the business objectives and mitigate potential threats. Main Responsibilities: Perform Security Risk … and Threat analysis during the initial design and the Software Development Life Cycle planning, analysis, and design phases. Providing recommendations and requirements for mitigating any security weaknesses identified while defining Non-Functional Requirements in coordination with Solutions Architects. Ensure Security by Design is embedded within the Software Development Life Cycle, while ensuring that all security requirements have … knowledge of the SDLC and AWS network architecture Knowledge of the SAFe Agile method would be an asset Understanding of security testing in the software pipeline (SAST, DAST, SCA, RASP) Knowledge of STRIDE, DICE and other threat and risk frameworks Knowledge of AWS tools Proven experience managing multiple projects simultaneously Practical interpersonal skills; adaptable to all levels of More ❯

Job Summary We are seeking a pragmatic and highly skilled DevSecOps Engineer to join our Platform team. In this role, you will be responsible for identifying, prioritising and remediating security issues as a security engineer and lead analyst to support the broader organisation. You will collaborate closely with Platform, Infrastructure, Development and Security teams to embed security … code and infrastructure reviews. Develop and execute incident response procedures, leveraging Sentinel playbooks and Logic Apps when required. CI/CD & Automation Integrate automated security testing (SAST, DAST, SCA) into Azure DevOps pipelines or GitHub Actions. Create Infrastructure as Code (IaC) with Terraform or ARM templates, embedding security checks. Automate security operations tasks using Azure Functions … Ability to design and enforce patch windows and remediation SLAs. DevSecOps Toolchain Proficient with CI/CD tooling in Azure DevOps or GitHub Actions. Experience integrating SAST (e.g. SonarQube), DAST (e.g. OWASP ZAP) and SCA (e.g. Dependabot, Snyk) into pipelines. Infrastructure as Code: Terraform, ARM or Bicep. Container & Cloud Security Knowledge of containerisation (Docker, Kubernetes/AKS) and container More ❯

RDS, EC2, Lambda, etc.) Improve monitoring, resilience, and security configurations Support migration from Azure DevOps to GitHub Actions Onboard applications into internal platforms (Sentry, Dependency Track, Bug Bounty, DAST) Develop disaster recovery plans and apply Infrastructure-as-Code policies Provide operational AWS support and respond to infrastructure alerts Must-Have Skills: 3+ years of hands-on AWS experience Strong More ❯