1 to 25 of 93 Static Application Security Testing Jobs in London

Cyber Security Engineer – London (Hybrid) – 700 per day inside IR35 – 4 months+ All applicants must hold an active SC clearance. My client is on the hunt for a Cyber Security Engineer to join a central government client of theirs. You will be joining an AppSec team focused on building security automation into delivery pipelines and conducting security … digital services. Key Responsibilities Perform penetration testing and vulnerability assessments of web applications, APIs, and cloud infrastructure. Evaluate the automated security tooling into CI/CD pipelines (SAST, DAST, dependency checking, IaC etc), and make necessary recommendations. Collaborate with developers to remediate identified vulnerabilities and ensure secure code practices. Provide expert input on cloud security (AWS, Azure … or GCP) and DevSecOps tooling. Assist in maintaining security assurance across the SDLC in line with MoJ and NCSC guidelines. Essential Criteria Penetration testing, ethical hacking, or vulnerability assessments. Security testing tools (e.g., Burp Suite, OWASP ZAP, Nikto, Nmap, Metasploit, etc.). DevSecOps principles and tools (e.g., Veracode, SonarQube, GitHub Advanced Security, IaC scanning, etc. More ❯

Social network you want to login/join with: Contract Cyber Security Engineer, London col-narrow-left Client: WA Consultants Location: London, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Reference: ed0a08aed99c Job Views: 4 Posted: 02.07.2025 Expiry Date: 16.08.2025 col-wide Job Description: WA Consultants is currently recruiting for a Cyber Security Engineer for an initial 5-month contract. The successful candidate will support a Public Sector client of ours within their Application Security Team and will be … responsible for the following: * Perform penetration testing and vulnerability assessments of web applications, APIs, and cloud infrastructure. * Evaluate the automated security tooling into CI/CD pipelines (SAST, DAST, dependency checking, IaC etc), and make necessary recommendations. * Collaborate with developers to remediate identified vulnerabilities and ensure secure code practices. * Provide expert input on cloud security (AWS, Azure More ❯

Role: Cyber Security Engineer Salary/Rate: up to £700 per day (inside IR35) Location: Hybrid LondonContract Duration: until October 2025 We are currently looking for a Cyber Security Engineer for our government client. This Cyber Security Engineer role is hybrid, based between 2-3 days per week on site in central London and the remainder of … the week working remotely. The contract for the Cyber Security Engineer position is until October 2025 with potential to extend, operating inside IR35. Security Clearance: Security Check ("SC Clearance") This role is inside IR35 - Due to the service of the role, it will now be based on an Umbrella solution. Essential skills/experience required: Certifications: OSCP … desirable Role/Responsibilities: Perform penetration testing and vulnerability assessments of web applications, APIs, and cloud infrastructure. Evaluate the automated security tooling into CI/CD pipelines (SAST, DAST, dependency checking, IaC etc), and make necessary recommendations. Collaborate with developers to remediate identified vulnerabilities and ensure secure code practices. Provide expert input on cloud security (AWS, Azure More ❯

Join to apply for the Cyber Security Engineer role at Circle Group 1 week ago Be among the first 25 applicants Join to apply for the Cyber Security Engineer role at Circle Group Cyber Security Engineer Salary/Rate: up to £700 per day (inside IR35) Location: Hybrid London Contract Duration: until October 2025 We are currently … looking for a Cyber Security Engineer for our government client. This Cyber Security Engineer role is hybrid, based between 2-3 days per week on site in central London and the remainder of the week working remotely. Role: Cyber Security Engineer Salary/Rate: up to £700 per day (inside IR35) Location: Hybrid London Contract Duration: until … desirable Role/Responsibilities Perform penetration testing and vulnerability assessments of web applications, APIs, and cloud infrastructure. Evaluate the automated security tooling into CI/CD pipelines (SAST, DAST, dependency checking, IaC etc), and make necessary recommendations. Collaborate with developers to remediate identified vulnerabilities and ensure secure code practices. Provide expert input on cloud security (AWS, Azure More ❯

sectors. This is a hands-on, delivery-focused role where you will embed DevSecOps principles into engineering pipelines, guide secure software development lifecycle (SSDLC) practices, and advise on adopting security tooling across cloud and hybrid environments. You will work closely with development, DevOps, and platform teams to uplift security maturity, enabling secure and scalable software delivery aligned with … industry standards and compliance requirements. The role offers the opportunity to influence secure software design from concept to deployment, enabling real-world transformation of engineering practices and security culture across diverse digital programs. Responsibilities Embed security practices into software development pipelines by integrating DevSecOps principles, automation tools, and governance controls. Support the definition, implementation, and continuous improvement of … with exposure to major cloud platforms. Experience collaborating with developers, DevOps, architects, and platform teams to design and implement secure software solutions. Exposure to application security tooling (SAST, DAST, SCA), cloud security services, and infrastructure-as-code security practices. Track record of contributing to security documentation, standards, developer enablement, or secure coding artefacts. Familiarity with More ❯

Position Overview Fast growing FinTech seeking a technically proficient Principal Application Security Architect to join our innovative FinTech organisation. This role is critical in shaping the security posture of complex, cloud-native applications that power fast-growing financial services and digital payments platforms. As an Application Security Architect, you will work closely with software engineers … teams. Security Testing & Automation Oversee the deployment and tuning of automated application security testing tools including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA). Collaborate with development teams to integrate security testing seamlessly into CI/CD pipelines … security or secure software engineering, preferably within FinTech or highly regulated industries. Hands-on experience with a range of application security testing tools including SAST, DAST, and SCA, and integrating these into automated build and deployment pipelines. Practical expertise with threat modeling methodologies such as STRIDE, PASTA, or Attack Trees. Strong knowledge of secure coding More ❯

The Role Embed security best practices within the SDLC … collaborating with developers to ensure secure coding. Conduct security assessments, identify potential threats, and mitigate risks in web and mobile applications. Perform application security testing (SAST, DAST) and manual security code reviews. Implement and manage security tools such as SAST, DAST, SCA, and CI/CD security integrations. Investigate security incidents, prioritise … testing, or software security engineering. Strong knowledge of secure coding principles in one or more languages (e.g., Python, Java, JavaScript, Go, .NET). Hands-on experience with SAST, DAST, SCA and security automation in CI/CD pipelines. Familiarity with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top More ❯

The Role Embed security best practices within the SDLC … collaborating with developers to ensure secure coding. Conduct security assessments, identify potential threats, and mitigate risks in web and mobile applications. Perform application security testing (SAST, DAST) and manual security code reviews. Implement and manage security tools such as SAST, DAST, SCA, and CI/CD security integrations. Investigate security incidents, prioritise … testing, or software security engineering. Strong knowledge of secure coding principles in one or more languages (e.g., Python, Java, JavaScript, Go, .NET). Hands-on experience with SAST, DAST, SCA and security automation in CI/CD pipelines. Familiarity with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top More ❯

Senior Security Engineer We are seeking an experienced Senior Security Engineer to join our dynamic Security Team. In this key role, you will be a key contributor to Funding Circle's cloud and application security posture. You will leverage your deep expertise in AWS security, secure software development lifecycle (SSDLC) practices, and CI/… CD security to implement and champion robust security solutions. You will act as a subject matter expert and mentor, collaborating closely with engineering and product teams to embed security seamlessly into our cloud infrastructure and development processes, ensuring the protection of our platform and customer data in a fast-paced FinTech environment. Who are we? We’re … Deep, demonstrable expertise in designing, implementing, securing, and managing a wide range of AWS security services . Proven, hands-on experience architecting, building, and integrating security tooling (SAST, DAST, SCA, secrets management, IAST) and automated security controls within CI/CD pipelines (e.g., GitLab CI, Jenkins, GitHub Actions). Strong track record of defining, implementing, measuring, and More ❯

Role: Cyber Security Engineer Contract Duration: Until 1st October 2025 Rate: £700/day Security Clearance: SC required Expenses: Reimbursed when travelling away from base office A leading digital security function is seeking an experienced Cyber Security Engineer to strengthen its Application Security (AppSec) capabilities. This role focuses on embedding automated security controls … within CI/CD pipelines and delivering hands-on testing of cloud-based … services. Key Responsibilities: Conduct penetration tests and security assessments on web apps, APIs, and cloud platforms Review and optimise security automation tools within CI/CD workflows (SAST, DAST, IaC scanning, etc.) Partner with developers to fix vulnerabilities and champion secure coding Provide subject-matter expertise in cloud security (AWS, Azure, or GCP) and DevSecOps tooling Ensure More ❯

Social network you want to login/join with: Senior Security Engineer We are seeking an experienced Senior Security Engineer to join our dynamic Security Team. In this key role, you will be a key contributor to Funding Circle's cloud and application security posture. You will leverage your deep expertise in AWS security, secure software development lifecycle (SSDLC) practices, and CI/CD security to implement and champion robust security solutions. You will act as a subject matter expert and mentor, collaborating closely with engineering and product teams to embed security seamlessly into our cloud infrastructure and development processes, ensuring the protection of our platform and customer data in … with a focus on AWS cloud security and application security. Deep expertise in designing, implementing, securing, and managing AWS security services. Experience integrating security tooling (SAST, DAST, SCA, secrets management, IAST) within CI/CD pipelines (e.g., GitLab CI, Jenkins, GitHub Actions). Proven experience supporting secure software development lifecycle (SSDLC) practices and secure coding standards. More ❯

Job Title: Cyber Security Engineer - MUST HAVE INSURANCE EXPERIENCE Department: Cyber Security Reports To: Head of Security Architecture & Engineering Salary: £600 Per Day Inside IR35 Location: Central London (3 days per week on site, 2 days per week remote) The Role We're looking for a hands-on Application Security Engineer with a strong engineering … mindset and a background in financial services, insurance, or fintech . You'll be embedded with product and engineering teams, driving secure development practices and owning security controls across our SDLC and cloud-native platforms. This is a technical role , not for architects or managers - you'll be writing code … integrating tools, running threat modelling sessions, and solving real-world security problems. What You'll Do Lead threat modelling , secure design reviews, and AppSec assessments. Integrate and automate SAST, DAST, SCA , and container scanning in CI/CD. Triage and drive remediation of vulnerabilities across cloud and app layers. Deliver security controls via code (Terraform, YAML, scripting). More ❯

INSURANCE EXPERIENCED* Cyber Security Engineer Eames Consulting London, United Kingdom Apply now Posted 11 hours ago Permanent £550 - £600 per day + Inside IR35 *INSURANCE EXPERIENCED* Cyber Security Engineer Eames Consulting London, United Kingdom Apply now Job Title: Cyber Security Engineer - MUST HAVE INSURANCE EXPERIENCE Department: Cyber Security Reports To: Head of Security Architecture & Engineering … Salary: £600 Per Day Inside IR35 Location: Central London (3 days per week on site, 2 days per week remote) The Role We're looking for a hands-on Application Security Engineer with a strong engineering mindset and a background in financial services, insurance, or fintech . You'll be embedded with product and engineering teams, driving secure … integrating tools, running threat modelling sessions, and solving real-world security problems. What You'll Do Lead threat modelling , secure design reviews, and AppSec assessments. Integrate and automate SAST, DAST, SCA , and container scanning in CI/CD. Triage and drive remediation of vulnerabilities across cloud and app layers. Deliver security controls via code (Terraform, YAML, scripting). More ❯

challenges. We are dedicated to consistently updating our job descriptions to ensure we continue to lead in banking innovation. How you will contribute and key responsibilities: As a Senior Security Engineer, you will be instrumental in designing and implementing security measures for our mobile applications, services, and websites to meet the highest security standards. Your expertise will … help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices Vulnerability … Event driven streaming technologies, Logging and monitoring, networks, firewalls, load balancers, DNS, CDNs, Working knowledge of agile DevSecOps environments, and CI/CD (Git, Concourse, Terraform), Working knowledge of SAST, DAST, RASP, and IAST tools and building security into existing SDLC processes, Knowledge of cloud Security Architecture of public clouds (such as AWS or GCP), Security certification More ❯

challenges. We are dedicated to consistently updating our job descriptions to ensure we continue to lead in banking innovation. How you will contribute and key responsibilities: As a Senior Security Engineer, you will be instrumental in designing and implementing security measures for our mobile applications, services, and websites to meet the highest security standards. Your expertise will … help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices. Vulnerability … Event driven streaming technologies, Logging and monitoring, networks, firewalls, load balancers, DNS, CDNs, Working knowledge of agile DevSecOps environments, and CI/CD (Git, Concourse, Terraform), Working knowledge of SAST, DAST, RASP, and IAST tools and building security into existing SDLC processes, Knowledge of cloud Security Architecture of public clouds (such as AWS or GCP), Security certification More ❯

re located within a commutable distance of our offices so that we're able to interact and collaborate in person. About the role: We are looking for an experienced Security Engineer to join our growing Security Engineering team, working closely with the GRC & compliance team and the various Engine Technology teams to make sure security is at … the heart of all our technical processes. Your place within the team will depend on your individual strengths and interests. This role will cover a wide array of security areas across our multi-tenant SaaS cloud environments and internal infrastructure and will require a skilled individual to spearhead efforts in fortifying both infrastructure and application platforms, against potential … into the software development lifecycle Experience performing secure code reviews and security approvals including the use of static and dynamic application security testing (SAST/DAST) tools. Experience in Cryptography management & enhancements Experience configuring and utilising cloud-native security logging, monitoring, and detection services Relevant security certifications such as ISC2 CC, CISSP More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

least one object oriented language, e.g. Java, Go or Python Developing of RESTful API services & understanding of API Gateways (e.g. APIGEE) Building applications utilising container technologies e.g. Docker Managing application deployed to Kubernetes clusters, Istio & Helm Cloud: GCP, GKE, IaC (Terraform) Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube It would be … great if you also had... Experience in Spring Boot and Hibernate Experience of building microservice architecture and event driven systems Experience in Test automation: BDD, mocking, contract testing, Sast Exposure to web technologies, data tooling & infrastructure/networking About working for us Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society More ❯

Sr. Application Security Engineer/Director - Generative AI (Remote) About the Role: The S&P Ratings Security team focuses on protecting our clients and users from all aspects of modern-day security threats. The mission of our team is to safeguard systems and data by developing innovative solutions for the biggest security challenges. We are … looking for a Senior security engineer responsible for development and implementation of security architecture and engineering best practices across S&P Ratings technology platforms. This role will provide Security engineering and Security Architecture consultation to build and enhance security in S&P Ratings Applications and Services including GenAI applications. Responsibilities and Impact: This is a … security reference architectures and standards Experience with automation tools associated with DevOps and CI/CD pipelines, and with security integration into CI/CD Familiarity with SAST/DAST/SCA tools like Fortify, Whitesource Database, datalake knowledge – Postgres, Oracle, Databricks, Snowflake Familiarity with Secure SDLC frameworks such as NIST SSDF, OpenSAMM, BSIMM Security Forensic analysis More ❯

you can do your best work. Learn more at iongroup.com . Your role Your duties and responsibilities: Establish policies and procedures that promote secure development/cloud principles. Enable security automation through tools to reduce vulnerabilities and flaws due to human errors. Automate audit evidence collection throughout the SDLC to facilitate compliance reporting. Monitor security metrics to continuously … stay one step ahead of the red team. Maintain strong and continuous engagement with teams to ensure the ION Cloud architecture and operating model is up to the top security standards. Create a state-of-the-art secure cloud architecture and strategy, supported by a robust and flexible infrastructure with reliable and efficient operating model. Run post-mortem incidents … CI/CD environment. OWASP Top 10, SANS CWE, OpenSAMM, BSIMM, etc. Penetration testing, vulnerability scanning. Design security monitoring tools. Designing pipelines that make use of SCA, SAST, DAST, IAST and RASP solutions. Qualifications: SANS/SEC-540: Cloud Security and DevSecOps Automation. Systems Security Certified Practitioner (SSCP). Certified Information Systems Security Professional (CISSP More ❯

the firm managed approximately US$122 billion on behalf of major pension funds, endowments, foundations, governments and other investors based in the U.S. and abroad.Position Overview:The Senior Security Engineer, reporting to the Director of Information Assurance, is responsible for cloud platform and DevOps security. This senior role will call upon the candidate’s DevSecOps experience to help Acadian … Shift Left, injecting security directly into our Software … Development Lifecycle and consistently governing our AWS Platform-as-a-Service (PaaS) infrastructure. We are looking for candidates with deep experience and understanding of continuous delivery, container security, SAST/DAST, secrets management, Identity and Access Management (IAM) governance, privilege management, encryption and key management, threat detection, logging, cloud infrastructure security and policy-as-code.What You’ll Do More ❯

remote and the rate will be Inside IR35 . Key Responsibilities: Design, deliver, and support secure and scalable AWS infrastructure using services like EC2, S3, ECS, and FARGATE Integrate SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) tools into CI/CD pipelines to enforce secure development practices Automate infrastructure More ❯

remote and the rate will be Inside IR35 . Key Responsibilities: Design, deliver, and support secure and scalable AWS infrastructure using services like EC2, S3, ECS, and FARGATE Integrate SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) tools into CI/CD pipelines to enforce secure development practices Automate infrastructure More ❯

operation of our software systems. Your expertise in DevOps, combined with your deep understanding of security, will help us incorporate Static Application Security Testing (SAST) scanning and other security measures throughout our development lifecycle. Engaging with colleagues across Gallagher Re, you'll have an inquisitive approach to your work, engaging early and being prepared … a month in London so travel to this will be required. How you'll make an impact Design, implement, and maintain secure and efficient CI/CD pipelines, integrating SAST scanning and other security tools Collaborate with development, operations, and security teams to ensure security best practices are followed throughout the development lifecycle Continuously monitor and assess … in DevOps, with a focus on security, preferably in a Senior DevSecOps Engineer or similar role Hands-on experience with Static Application Security Testing (SAST) tools and their integration into CI/CD pipelines Experience with Azure Cloud is essential and we cannot consdier applicants at this time who do not have previous experience of More ❯

guardrails and best practices, and implement improvements to processes and tooling to ensure engineering excellence. You’ll have a strong understanding of operational requirements, and ensure Scalability, Resiliency, Observability, Security, Cost and Maintainability are at the forefront of all engineering activities. This specific project will involve Real Time Payments value stream, Form 3 gateway set-up and setting up … Cloud Security SDLC & CI/CD tooling (ie GitHub Actions, Jenkins, ArgoCD, Artifact Repository) Knowledge of software engineering including testing frameworks, and secure code delivery (ie SCA, SAST, DAST Networks/Security/Middleware & Apps Scripting/Coding (Bash, Python) End to End Observability solutions (logging, monitoring, alerting) Knowledge of SRE principles and practices More ❯