London, United Kingdom Posted on 24/02/2025 Job Description: Security Testing Engineer Location: Remote with occasional travel as required Employment Type: Permanent About the Role Scrumconnect Consulting is looking for a Security Testing Engineer to ensure the security, resilience, and compliance of GOV.UK digital … services . This role involves identifying vulnerabilities, mitigating security risks, and ensuring adherence to government security policies and DDAT frameworks . You will work closely with developers, security architects, and business stakeholders to embed security testing into Agile development workflows and DevSecOps pipelines. As a Security Testing Engineer , you will conduct static and dynamic security assessments, penetration testing, and vulnerability analysis , ensuring that applications meet the highest security standards. Key Responsibilities 1. Security Test Planning & Execution Develop, implement, and execute comprehensive security test plans for GOV.UK digital services. Identify securityMore ❯
is pivotal in helping infrastructure and Release management teams to secure our networks, operating systems, containers, pipelines and code. We are part of the Security team with a mission of reducing the impact of threats to Parity and its products, bolstering their resilience against potential cyber threats. About the … position: This is a crucial role where your understanding of people, systems and security will allow you to advocate for and influence best practices in a diverse free thinking organisation while facilitating smooth development and implementation processes. It is a unique opportunity to help secure an innovative organisation where … is direct and honest and understands that a check box approach doesn't get results. It involves: Advising Infra Engineering and IT teams on security topics and supporting their work from the security standpoint - maintaining things practical using a risk-based approach with a focus on following areas More ❯
London, England, United Kingdom Hybrid / WFH Options
McGregor Boyall
depth experience with RedHat Ansible and AWX RedHat Satellite Python, Perl and Bash scripting DevOps mentality, CI/CD pipelines and other automation concepts Securityhardening principles in line with CIS industry benchmarks Project focussed, experience taking ownership of projects (end-to-end) Data security governance and More ❯
Migrate from custom auth to Auth0 (or similar), with social login + MFA Data governance: Apply labelling to Postgres, S3 and BigQuery data Web securityhardening: Audit React, GraphQL and FastAPI layers to eliminate XSS/CSRF and strengthen CSP Static analysis remediation: Triage and address SAST findings … access controls Audit logging: Structure and surface user action logs in the app Tech Stack Frontend: React, Apollo GraphQL Backend: FastAPI (Python) Infra/Security: GitHub Actions, SAST tools, Auth0 (or equivalent), RBAC, CSP ✅ What We’re Looking For Must-haves: 5+ years building production-grade web apps (React … a must Bonus points for: Experience migrating to managed auth Exposure to Kubernetes, Terraform or Helm Working in early-stage, high-growth startups under security constraints How We Work You’ll ship iteratively, demo weekly, and document your work for long-term sustainability. We value clean code, proactive ownership More ❯