11 of 11 Remote Static Application Security Testing Jobs in London

Senior Security Engineer (Product Security) Technology London New Senior Security Engineer (Product Security) London Ebury is a global fintech firm dedicated to empowering businesses to expand internationally through tailored and forward-thinking financial solutions. Since our founding in 2009, we've grown to a diverse team of over 1,700 professionals across 40+ offices and 29+ … contributions are valued. You'll play a key role in shaping the future of cross-border finance, while advancing your own career in a dynamic, high-growth industry. Senior Security Engineer London Office - Hybrid: 4 days in the office, 1 day working from home Role Overview We are seeking a Senior Security Engineer to embed security throughout … security architecture patterns and reference implementations Security Code Reviews & Testing Conduct in-depth security code reviews for critical features Implement automated security testing (SAST, DAST, IAST, SCA) Configure and tune security scanning tools (Aquasec, Trivy, Dependabot, etc) Review cryptographic implementations against industry standards Validate authentication and authorization implementations Ensure compliance with OWASP ASVS More ❯

places! This is where you come in. The Opportunity As IAG Loyalty evolves into a Platform as a Service business, we're looking for a talented and passionate Senior Application Security Engineer to join our security engineering team. You'll have a background in software engineering and a deep interest in application and API security. You … our CI/CD pipelines, facilitate threat modelling sessions, and review security-sensitive design decisions around authentication, cryptography, and logging. You'll also ensure that tools such as SAST, DAST, and SCA are effective and efficient, and that testing programmes - including pen testing, vulnerability scanning, and bug bounty - are delivering value. You'll triage vulnerabilities, support engineering … vulnerabilities, including the OWASP Top 10 Proficient in coding, scripting (e.g. Python, Bash), and automating security in CI/CD Hands-on experience with security tools like SAST, DAST, and SCA Familiar with cloud environments (especially AWS), containers, and microservices Comfortable reviewing technical designs, performing threat modelling, and advising on secure architecture Strong communicator who collaborates well with More ❯

challenges. We are dedicated to consistently updating our job descriptions to ensure we continue to lead in banking innovation. How you will contribute and key responsibilities: As a Senior Security Engineer, you will be instrumental in designing and implementing security measures for our mobile applications, services, and websites to meet the highest security standards. Your expertise will … help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices. Vulnerability … Event driven streaming technologies, Logging and monitoring, networks, firewalls, load balancers, DNS, CDNs, Working knowledge of agile DevSecOps environments, and CI/CD (Git, Concourse, Terraform), Working knowledge of SAST, DAST, RASP, and IAST tools and building security into existing SDLC processes, Knowledge of cloud Security Architecture of public clouds (such as AWS or GCP), Security certification More ❯

65k - £78K + bonus, benefits) We are working with a globally renowned and industry leading UK brand who are going through an exciting phase of growth across their wider Security function, resulting in the need for a DevSecOps Engineer. As a DevSecOps Engineer, you will work within a newly established team in a role that sees you provide hands … on Application Security and DevSecOps responsibilities, as well as being involved in various strategic activities. Your duties would include setting-up, securing and enhancing pipelines, scripting and automation, as well as looking at how things are done, what improvements can be made, supporting cyber change initiatives and driving security awareness/practices as necessary. This role will … most companies of a similar size, who also offer some of the best perks & benefits available! Key skills and experience required: DevSecOps experience Application Security expertise across SAST, DAST & SCA Background and experience in Software Development/Scripting/Automation Ability to work in a fast-paced environment Ability to work on-site for key strategic/important More ❯

future states of the organisation and make faster, more informed decisions. The company is headquartered in London, with offices in Philadelphia, The Hague, Toronto, and Sydney. Role The Principal Security Engineer is a strategic, hands-on leader responsible for evaluating, evolving, and executing Orgvue's security engineering strategy across our entire application development and cloud-hosting estate. … Partnering closely with Information Security, Engineering, and Product teams, you will embed secure-by-design principles throughout the software-development lifecycle (SDLC), champion modern DevSecOps practices, and ensure that security is a first-class citizen in everything we build and operate. This role reports directly to the Chief Technology Officer (CTO) and maintains a dotted-line relationship with … Threat Modeling & Risk Assessment - Conduct regular architecture and code-level reviews, drive remediation plans, and present risk posture to leadership. Tooling & Automation - Evaluate, select, and integrate security tooling (SAST, DAST, SCA, container scanners, CSPM, CWPP) and champion IaC/Terraform modules for reusable controls. Collaboration & Mentorship - Act as a trusted advisor to engineering squads, provide security training, and More ❯

Senior Security Engineer - Build, Secure, and Scale in a Cloud-Native Environment Location: Hybrid (UK-based) Salary: Competitive + Excellent Benefits Employment Type: Full-time, Permanent Are you a seasoned Security Engineer with a passion for protecting infrastructure at scale? A rapidly growing technology-driven organisation is looking for a Senior Security Engineer to play a pivotal … You'll join a high-performing Platform Engineering team, working alongside cloud specialists, DevOps professionals, and software engineers to build secure, scalable platforms. This is more than a pure security role - it's an opportunity to be hands-on in architecture, engineering, and compliance, while leading the charge on modern, cloud-first security strategy. Responsibilties: Designing and implementing … Hands-on expertise in cloud security (preferably AWS), including securing hybrid and multi-region architectures. Practical knowledge of security tooling: IDS/IPS, SIEM, vulnerability scanners, encryption, SAST/DAST tools, OWASP ZAP, etc. Strong understanding of network security protocols and best practices. Scripting and automation experience (e.g. Python). Proven experience with incident response and threat More ❯

we're enabling the fully automated enterprise-but innovation must be secure to be transformative. That's where you come in. We're looking for a Field Chief Information Security Officer (Field CISO) to serve as a strategic security advisor to our customers and partners, guiding them through the complex landscape of compliance, governance, and secure development of … Automations and Agentic AI. You'll work at the intersection of customer success, product innovation, and cybersecurity thought leadership-translating strategic security insights into real-world impact. What you'll do Act as the primary security advisor for clients, assessing their needs, and providing strategic recommendations. Conduct security risk assessments and design tailored strategies that align with … knowledge of security frameworks (e.g., NIST, ISO 27001) and compliance standards (e.g., GDPR, HIPAA, PCI-DSS). Strong expertise in secure SDLC, and application security tooling (SAST, DAST, SCA). Excellent communication skills with the ability to influence executive and technical stakeholders. Experience advising on or implementing security strategies in enterprise environments. Familiarity with software development More ❯

where you will be making an impact on the financial lives of thousands of savers. We're regulated by the Financial Conduct Authority in the UK. As a Senior Security Engineer, you will play a key role in protecting our systems, networks, and data while ensuring compliance with industry leading security standards such as ISO 27001. Your contributions … will be essential in maintaining customer trust and safeguarding critical information assets. This role sits within thePlatform Engineering Teamand requires a strong technical background, hands-on experience with security tools, and a collaborative mindset to work effectively across teams. The role will involveplatform engineering activities, contributing to the design, implementation, and optimisation of scalable infrastructure. If you're motivated … technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools. Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP). Relevant security certifications, such as Security+, IAT II/III level, or equivalent. Strong capability in risk assessment, vulnerability management, and data informed decision-making. More ❯

Press Tab to Move to Skip to Content Link Job Title: Principal Software Engineer - Security Engineer Job Reference: Band: BAND D Salary: £80,000-£90,000k depending on relevant skills, knowledge and experience. The expected salary range for this role reflects internal benchmarking and external market insights. Contract type: Permanent role Location: This is a hybrid role, and the … guidance. Promote secure SDLC practices across engineering teams, collaborating with InfoSec on shared tooling, templates and enablement. Help teams adopt secure coding standards and integrate automated security checks (SAST, DAST, dependency scanning) into CI/CD pipelines. Participate in threat modelling using InfoSec-led methodologies and coordinate validation and review workflows. Review technical designs, proposals and code for alignment … and common secure design patterns. You've helped teams adopt secure SDLC practices, working closely with central security or architecture groups. You know how to embed tools like SAST, DAST, secrets detection and dependency scanning into CI/CD pipelines, and have the scars to prove it. You've worked with complex, multi-tenant cloud platforms - ideally on AWS More ❯

Months IR35 Status: Inside IR35 Our client, a leading investment bank, is seeking an experienced DevSecOps SME to join their team. This role will lead and advise on integrating security practices into DevOps pipelines. The ideal candidate will have deep expertise across development, security, and operations, with a strong focus on automation, CI/CD, and secure software … development lifecycle (SDLC) practices. Key Responsibilities Lead the integration of security into CI/CD pipelines. Advise on secure coding and deployment practices across teams. Implement and enforce security policies, standards, and best practices. Conduct threat modeling, risk assessments, and vulnerability management. Mentor and train teams on DevSecOps … principles and tools. Skills & Experience Required CI/CD Security Engineering: Proven experience designing and maintaining secure CI/CD pipelines. DevSecOps Tool Integration: Hands-on experience with SAST, DAST, SCA, and secrets management tools. Cross-Functional Collaboration: Ability to work closely with development, operations, and security teams. Threat Modeling & Risk Assessment: Strong knowledge of security risk More ❯

Months IR35 Status: Inside IR35 Our client, a leading investment bank, is seeking an experienced DevSecOps SME to join their team. This role will lead and advise on integrating security practices into DevOps pipelines. The ideal candidate will have deep expertise across development, security, and operations, with a strong focus on automation, CI/CD, and secure software … development lifecycle (SDLC) practices. Key Responsibilities Lead the integration of security into CI/CD pipelines. Advise on secure coding and deployment practices across teams. Implement and enforce security policies, standards, and best practices. Conduct threat modeling, risk assessments, and vulnerability management. Mentor and train teams on DevSecOps … principles and tools. Skills & Experience Required CI/CD Security Engineering: Proven experience designing and maintaining secure CI/CD pipelines. DevSecOps Tool Integration: Hands-on experience with SAST, DAST, SCA, and secrets management tools. Cross-Functional Collaboration: Ability to work closely with development, operations, and security teams. Threat Modeling & Risk Assessment: Strong knowledge of security risk More ❯