8 of 8 Static Application Security Testing Jobs in London

to-end penetration testing lifecycle, from scoping engagements with technical teams to triaging, validating, and driving the remediation of findings Analyse and interpret results from security tools (SAST, DAST, vulnerability scanners) to prioritise and address the most critical risks Act as a key security advisor to engineering teams, providing expert guidance on security best practices, vulnerability … in automating security controls and compliance checks against standards and frameworks which include SOC 2, ISO 27001, PCI DSS/3DS Experience performing secure code reviews and using SAST/DAST tools for security approvals Expertise in Kubernetes, securing clusters and meshes (Cilium is preferable), networking best practices and RBAC implementation (CKA, CKS qualifications are a plus) Container … into the software development lifecycle Experience performing secure code reviews and security approvals including the use of static and dynamic application security testing (SAST/DAST) tools Experience in Cryptography management & enhancements Experience configuring and utilising cloud-native security logging, monitoring, and detection services Experience with Infrastructure as Code and infrastructure provisioning tools More ❯

is that you're located within a commutable distance of our offices so that we're able to interact and collaborate in person. About the role: As a Cloud Security Engineer at Engine, you will be a hands-on builder, responsible for engineering and automating the security of our core platform. Your primary mission is to treat security … and applications Write and review Infrastructure-as-Code (Terraform) to securely configure our AWS and GCP environments Secure our CI/CD pipelines by implementing and interpreting results from SAST/DAST/SCA tools and ensuring the integrity of our software supply chain Develop and maintain preventative and detective security controls within our cloud environments, responding to and … logging, monitoring, and detection services Experience performing secure code reviews and security approvals including the use of static and dynamic application security testing (SAST/DAST) tools Relevant security certifications such as AWS Security Specialist or GCP Professional Cloud Security Engineer Our Interview process Interviewing is a two way process and More ❯

places! This is where you come in. The Opportunity As IAG Loyalty evolves into a Platform as a Service business, we're looking for a talented and passionate Senior Application Security Engineer to join our security engineering team. You'll have a background in software engineering and a deep interest in application and API security. You … our CI/CD pipelines, facilitate threat modelling sessions, and review security-sensitive design decisions around authentication, cryptography, and logging. You'll also ensure that tools such as SAST, DAST, and SCA are effective and efficient, and that testing programmes - including pen testing, vulnerability scanning, and bug bounty - are delivering value. You'll triage vulnerabilities, support engineering … vulnerabilities, including the OWASP Top 10 Proficient in coding, scripting (e.g. Python, Bash), and automating security in CI/CD Hands-on experience with security tools like SAST, DAST, and SCA Familiar with cloud environments (especially AWS), containers, and microservices Comfortable reviewing technical designs, performing threat modelling, and advising on secure architecture Strong communicator who collaborates well with More ❯

A leading fintech company is seeking a Lead AppSec Engineer to join their established team. Youll be instrumental in embedding security into every stage of the software development lifecycleguiding engineers, shaping best practices, and driving secure, scalable solutions across our platform. Key Responsibilities: Security Advisory : Serve as the go-to expert for application security across engineering … teamsproviding hands-on guidance, resolving concerns, and fostering a security-first mindset. DevSecOps Enablement : Promote and implement secure development practices across CI/CD pipelines, secrets and key management, dependency … management, and secure design. Vulnerability Management : Lead vulnerability remediation effortstriaging findings, prioritizing risks, and partnering with teams to deliver effective, pragmatic fixes. Tooling & Automation : Integrate security tools (e.g., SAST, DAST, SCA, secrets scanning) into developer workflows, ensuring automation is both scalable and developer-friendly. Cloud Security Collaboration : Work alongside infrastructure teams to ensure secure configuration of AWS and More ❯

global, market-leading insurance organisation that's shaping the future of digital health and technology. This is your opportunity to be part of an innovative, forward-thinking environment where security, engineering excellence, and customer impact are at the heart of everything we do! What you'll do: Provide hands-on technical expertise in secure software development within a product … improve secure CI/CD pipelines and modern security practices. Ensure risk management, security, and quality are embedded in software delivery. Implement and manage security tooling (SAST, DAST) to support development and testing. Adhere to best practices in architecture, design, coding standards, and SDLC. Managing risk and security in our software estate through implementation of technology … tooling Demonstrate expert understanding of modern security practices and standards. What you'll bring: Technical leadership with strong decision-making and prioritisation skills. Expertise in secure systems design and infrastructure. Experience securing CI/CD pipelines and using security tools. Expertise in key technologies such as .NET/C#, Azure PaaS, Javascript, and Salesforce APEX, and in frameworks More ❯

. This is a hands-on, advisory role where you will shape, implement, and embed secure DevOps practices across the organisation. The ideal candidate balances deep DevOps expertise with security knowledge, capable of both … advising teams and leading practical delivery. Key Responsibilities: Design, implement, and maintain secure CI/CD pipelines across multiple teams. Integrate security tools and practices into DevOps workflows (SAST, DAST, SCA, secrets management). Collaborate with development, operations, and security teams to implement secure coding and deployment practices. Provide practical guidance on threat modelling, risk assessments, and vulnerability … management. Advise on cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes) with a hands-on delivery mindset. Develop, implement, and enforce security policies, standards, and best practices. Lead incident response and root cause analysis for security-related issues. Mentor and train teams on DevSecOps principles, ensuring knowledge transfer and capability building. What we're More ❯

wins. You MUST Have: 7+ years in technical pre-sales or sales engineering roles Hands-on with Docker, Kubernetes, CI/CD, Git, build tools Solid AppSec experience: SCA, SAST, SBOM, Container Security Cloud infrastructure fluency (AWS, Azure or GCP - must especially tick this box) Proven track record building enterprise relationships - from tech champions to C-level Ability to More ❯

fast-paced environment in their approach Automation Testing. You will be embedded within our client’s engineering organisation, conducting a maturity assessment of existing feature teams approach to automation testing, identifying improvement opportunities, and developing a comprehensive Automation Testing playbook that outlines standards, principles, tooling, and ways of working. Responsibilities Lead and coach cross-functional feature teams to … team development Experience working in banking/mortgages/savings/insurance Strong background in Test Automation with hands-on experience in: Playwright, Selenium, Cucumber, Contract Testing, Gherkin, SAST using Veracode Why join us Career coaching, mentoring and access to upskilling throughout your entire FDM career Assignments with global companies and opportunities to work abroad Opportunity to re-skill More ❯