4 of 4 Remote Static Application Security Testing Jobs in London

to-end penetration testing lifecycle, from scoping engagements with technical teams to triaging, validating, and driving the remediation of findings Analyse and interpret results from security tools (SAST, DAST, vulnerability scanners) to prioritise and address the most critical risks Act as a key security advisor to engineering teams, providing expert guidance on security best practices, vulnerability … in automating security controls and compliance checks against standards and frameworks which include SOC 2, ISO 27001, PCI DSS/3DS Experience performing secure code reviews and using SAST/DAST tools for security approvals Expertise in Kubernetes, securing clusters and meshes (Cilium is preferable), networking best practices and RBAC implementation (CKA, CKS qualifications are a plus) Container … into the software development lifecycle Experience performing secure code reviews and security approvals including the use of static and dynamic application security testing (SAST/DAST) tools Experience in Cryptography management & enhancements Experience configuring and utilising cloud-native security logging, monitoring, and detection services Experience with Infrastructure as Code and infrastructure provisioning tools More ❯

is that you're located within a commutable distance of our offices so that we're able to interact and collaborate in person. About the role: As a Cloud Security Engineer at Engine, you will be a hands-on builder, responsible for engineering and automating the security of our core platform. Your primary mission is to treat security … and applications Write and review Infrastructure-as-Code (Terraform) to securely configure our AWS and GCP environments Secure our CI/CD pipelines by implementing and interpreting results from SAST/DAST/SCA tools and ensuring the integrity of our software supply chain Develop and maintain preventative and detective security controls within our cloud environments, responding to and … logging, monitoring, and detection services Experience performing secure code reviews and security approvals including the use of static and dynamic application security testing (SAST/DAST) tools Relevant security certifications such as AWS Security Specialist or GCP Professional Cloud Security Engineer Our Interview process Interviewing is a two way process and More ❯

places! This is where you come in. The Opportunity As IAG Loyalty evolves into a Platform as a Service business, we're looking for a talented and passionate Senior Application Security Engineer to join our security engineering team. You'll have a background in software engineering and a deep interest in application and API security. You … our CI/CD pipelines, facilitate threat modelling sessions, and review security-sensitive design decisions around authentication, cryptography, and logging. You'll also ensure that tools such as SAST, DAST, and SCA are effective and efficient, and that testing programmes - including pen testing, vulnerability scanning, and bug bounty - are delivering value. You'll triage vulnerabilities, support engineering … vulnerabilities, including the OWASP Top 10 Proficient in coding, scripting (e.g. Python, Bash), and automating security in CI/CD Hands-on experience with security tools like SAST, DAST, and SCA Familiar with cloud environments (especially AWS), containers, and microservices Comfortable reviewing technical designs, performing threat modelling, and advising on secure architecture Strong communicator who collaborates well with More ❯

A leading fintech company is seeking a Lead AppSec Engineer to join their established team. Youll be instrumental in embedding security into every stage of the software development lifecycleguiding engineers, shaping best practices, and driving secure, scalable solutions across our platform. Key Responsibilities: Security Advisory : Serve as the go-to expert for application security across engineering … teamsproviding hands-on guidance, resolving concerns, and fostering a security-first mindset. DevSecOps Enablement : Promote and implement secure development practices across CI/CD pipelines, secrets and key management, dependency … management, and secure design. Vulnerability Management : Lead vulnerability remediation effortstriaging findings, prioritizing risks, and partnering with teams to deliver effective, pragmatic fixes. Tooling & Automation : Integrate security tools (e.g., SAST, DAST, SCA, secrets scanning) into developer workflows, ensuring automation is both scalable and developer-friendly. Cloud Security Collaboration : Work alongside infrastructure teams to ensure secure configuration of AWS and More ❯