Static Application Security Testing Jobs in London

17 of 17 Static Application Security Testing Jobs in London

Cyber Security Engineer

London, South East, England, United Kingdom
Hybrid / WFH Options
Circle Recruitment
Role: Cyber Security Engineer Salary/Rate: up to £700 per day (inside IR35) Location: Hybrid LondonContract Duration: until October 2025 We are currently looking for a Cyber Security Engineer for our government client. This Cyber Security Engineer role is hybrid, based between 2-3 days per week on site in central London and the remainder of … the week working remotely. The contract for the Cyber Security Engineer position is until October 2025 with potential to extend, operating inside IR35. Security Clearance: Security Check ("SC Clearance") This role is inside IR35 - Due to the service of the role, it will now be based on an Umbrella solution. Essential skills/experience required: Certifications: OSCP … desirable Role/Responsibilities: Perform penetration testing and vulnerability assessments of web applications, APIs, and cloud infrastructure. Evaluate the automated security tooling into CI/CD pipelines (SAST, DAST, dependency checking, IaC etc), and make necessary recommendations. Collaborate with developers to remediate identified vulnerabilities and ensure secure code practices. Provide expert input on cloud security (AWS, Azure More ❯
Employment Type: Contractor
Rate: £600 - £700 per day
Posted:

Senior Security Engineer

London, United Kingdom
Hybrid / WFH Options
Kroo Bank Ltd
challenges. We are dedicated to consistently updating our job descriptions to ensure we continue to lead in banking innovation. How you will contribute and key responsibilities: As a Senior Security Engineer, you will be instrumental in designing and implementing security measures for our mobile applications, services, and websites to meet the highest security standards. Your expertise will … help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices. Vulnerability … Event driven streaming technologies, Logging and monitoring, networks, firewalls, load balancers, DNS, CDNs, Working knowledge of agile DevSecOps environments, and CI/CD (Git, Concourse, Terraform), Working knowledge of SAST, DAST, RASP, and IAST tools and building security into existing SDLC processes, Knowledge of cloud Security Architecture of public clouds (such as AWS or GCP), Security certification More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Solution Architect - DevSecOps

London, United Kingdom
Computacenter AG & Co. oHG
Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Principal Security Engineer

London, United Kingdom
Virgin Media Ltd
Press space or enter keys to toggle section visibility Location London Job Type Full Time Posted Date 16-Jun-2025 Ref # 62659 We are seeking a Principal Security Engineer to lead and drive security engineering efforts across our cloud and application environments. This strategic, hands-on role requires expertise in cloud security, secure development practices … and the implementation of advanced security controls. You will serve as a leader within the Consumer Security Engineering team, driving security initiatives across cloud platforms, microservice architectures, digital products, application security, and enterprise security. You will define and build comprehensive security strategies in collaboration with developers, DevSecOps engineers, ensuring that security is seamlessly … as a plus. Strong background in DevSecOps, with experience in integrating security into CI/CD pipelines using tools like Jenkins, GitLab, or similar. Experience implementing and managing SAST/DAST tools and processes to secure application development. Deep understanding of application security, including secure coding practices, OWASP Top 10, and API security standards. Knowledge More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Solution Architect

South East London, London, United Kingdom
COMPUTACENTER (UK) LIMITED
Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with More ❯
Employment Type: Permanent
Posted:

Senior Technology Manager

London, United Kingdom
Just Eat Takeaway.com
design, implementation, and evolution of our build and deployment infrastructure, playing a key role in reshaping the next version of our zero touch deployment platform, working closely with engineering, security, and platform teams. You will lead two teams of talented engineers and drive scalability, reliability, and performance improvements in our software delivery process. These are some of the key … business objectives. Lead a team of software engineers, DevOps, and software delivery specialists, ensuring high-performance operations. Own the developer workflow and CI/CD strategy, optimizing for speed, security, and compliance. Build & Deployment Infrastructure Manage CI/CD pipelines for fast and reliable software releases. Drive automation to improve build, test, and deployment processes. Ensure a secure, compliant … to drive alignment. Security & Compliance: Understanding of secure software supply chains , vulnerability management, and artifact signing. Experience implementing security best practices in CI/CD pipelines (e.g., SAST, DAST, SBOM). Bonus Skills: Experience with Infrastructure as Code (IaC) tools like Terraform, Pulumi, or AWS CDK. Familiarity with AI-driven tooling to enhance build & deployment efficiency. At JET More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Senior Application Security Engineer

London
Hybrid / WFH Options
IAG Loyalty
places! This is where you come in. The Opportunity As IAG Loyalty evolves into a Platform as a Service business, we're looking for a talented and passionate Senior Application Security Engineer to join our security engineering team. You'll have a background in software engineering and a deep interest in application and API security. You … our CI/CD pipelines, facilitate threat modelling sessions, and review security-sensitive design decisions around authentication, cryptography, and logging. You'll also ensure that tools such as SAST, DAST, and SCA are effective and efficient, and that testing programmes - including pen testing, vulnerability scanning, and bug bounty - are delivering value. You'll triage vulnerabilities, support engineering … vulnerabilities, including the OWASP Top 10 Proficient in coding, scripting (e.g. Python, Bash), and automating security in CI/CD Hands-on experience with security tools like SAST, DAST, and SCA Familiar with cloud environments (especially AWS), containers, and microservices Comfortable reviewing technical designs, performing threat modelling, and advising on secure architecture Strong communicator who collaborates well with More ❯
Employment Type: Permanent
Posted:

Security Engineer - Product Security

London, United Kingdom
Disney Cruise Line - The Walt Disney Company
enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney … by protecting information systems and platforms. Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests. Strengthen the business through optimizing execution, application, and technology used to protect the Company. Innovate by investing in core capabilities to enhance operational efficiency. Team Description: The Product Security Team at The Walt Disney Company … teams on security and building trust through delivery and data. Strong understanding of at least two of the following security testing principles and practices, such as SAST, SCA, DAST, API, Mobile and Penetration testing. Excellent communication and collaboration skills. Ability to work in a fast paced, dynamic environment. Nice To Have: Experience with security tooling and More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Software Development Engineer in Test (SDET)

London, South East, England, United Kingdom
Ncounter
and backend layers Contribute to the design of test frameworks and CI/CD pipelines Collaborate with engineers, product managers, and UX to define and validate features Perform exploratory testing and champion quality throughout the SDLC Support secure deployment and testing practices in containerised environments Tech You’ll … Work With: Automation tools: Playwright, Cypress, JUnit, Jasmine Languages: JavaScript/TypeScript, Java or Kotlin DevOps & Infra: Docker, Kubernetes, GitLab CI, Bitbucket Testing tools: Postman, browser dev tools, SAST/DAST integrations Environments: Unix and Windows What You Bring: Hands-on experience building test automation from scratch Strong debugging and analytical skills Comfortable reviewing code and contributing to testable More ❯
Employment Type: Full-Time
Salary: £65,000 - £80,000 per annum, Negotiable, OTE
Posted:

Senior Security Engineer

City of London, London, United Kingdom
Hybrid / WFH Options
The MDU
Job Title: Senior Security Engineer Manager: CISO Department: Cyber Security Division: Enterprise Information Technology Services Location: London, Hybrid Main Purpose: The MDU is undertaking an exciting digital transformation programme and to support this the Cyber Security Team is looking to appoint a Senior Security Engineer. Working closely with delivery teams covering strategic and non-strategic change … this role will provide subject matter expertise to keep the MDU, its data and, its member safe from cyber security threats. The Senior Security Engineer will be responsible for the delivery of security technologies in a range of projects and will therefore: Have a strong cyber security engineering or professional services background with experience of delivering … technical skills with experience and accreditations covering multiple security domains. Cyber security subject matter expert with relevant certifications such as CISSP, CISM, CSSP, or equivalent. Proficiency in SAST, DAST and SCA with hands on experience integrating such tools into development pipelines. Extensive experience of consulting on projects, building in security requirements and ensuring services go-live with More ❯
Employment Type: Permanent
Posted:

Solutions Architect

London, United Kingdom
JFrog Ltd
within enterprise accounts Proven experience in Docker, Kubernetes, CI/CD, git integrations and build tools Hands-on experience with AppSec tools (part or all) such as: SCA/SAST/SBOM Management/Container Security Ability to build software pipelines with various DevOps tools Hands-on experience with cloud infrastructures - AWS/Azure/GCP - Mandatory Experience with More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Security Engineer (Mid and Senior)

London, United Kingdom
Octopus Group
in energy. Help us make a real impact on shaping a better, more sustainable future. We are very excited to be building a small and efficient Cyber and Information Security team at Octopus Energy Group. We're hiring for both Mid-Level and Senior Security Engineers . We are looking for ambitious, knowledgeable, and experienced Security Engineers … grow with the rest of the company, and ensure we continue to do so in a secure and safe way. You will be a key partner in defining what Security is at Octopus Energy Group. We will be shaping this team to provide a world class support service to our employees, building our way out of problems with engineering … testing tools Experience with security tools and technologies, such as web application firewalls (WAFs), and static and dynamic application security testing (SAST/DAST) tools Experience in endpoint (e.g., EDR and ZTNA) and cloud (e.g., CSPM and CNAPP) security tooling Experience with security SaaS solutions Good AWS experience (or knowledge More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Senior Java Developer (DevSecOps) - VP

London, United Kingdom
Hybrid / WFH Options
Citigroup Inc
standards. Write and maintain unit, integration, and end-to-end tests using JUnit 5, Mockito, WireMock, and Testcontainers. Collaborate with cross-functional teams to implement DevSecOps practices, including SCA, SAST, shift-left, and secure SDLC. Required Skills and Experience: Strong proficiency in Java (Java 21 and Java 8). Experience with reactive programming (Project Reactor, Spring WebFlux). Solid understanding … of DevOps and DevSecOps principles, including SCA, SAST, and shift-left security. Hands-on experience with dependency management tools (Gradle, Maven, npm, etc.). Familiarity with relational databases (Postgres) and database change management using Flyway. Experience with distributed caching systems like Hazelcast. Proficiency in microservice architecture and deploying applications on OpenShift. Knowledge of version control systems (Git). Basic understanding … of Linux. Strong testing skills using JUnit 5, Mockito, WireMock, and Testcontainers. Preferred Skills: Experience with Go, JavaScript, or TypeScript. Familiarity with CI/CD tools like Jenkins, TeamCity, and Tekton. Knowledge of open-source contributions, especially in CycloneDX or similar projects. Why Join Us? Work on impactful projects that improve developer productivity across Citi. Contribute to open-source More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Security Engineer

City, London, United Kingdom
Red - Specialist Recruitment
We have an exciting opportunity for a Software Security Engineer to join our Global Healthcare client. As a Security Engineer, you ll provide hands-on technical expertise to guide software development, delivery and continuous improvement focusing on risk and security. You ll help evolve our client s new Digital Platform so that it s secure and compliant with … both internal and industry regulations. You ll analyse new feature code to identify security risks and work with engineers to mitigate them, working and applying modern security standards such as OWASP CI/CD, DSOMM, SAMM and Cloud Security Posture management systems such as Azure Defender and Prisma Cloud. Our client empowers their people to balance their … knowledge (TCP/IP, UDP, HTTP/3, AMQP, streaming protocols etc), cloud network design (VPNs, subnets, regions/zones etc), and integration related technologies (Auth0, APIM) Expertise with SAST & SCA systems such as Snyk, Checkmarx Experience with DAST systems such as OpenZAP, Qualys DAST (preferred) ideally with HTTP APIs Ability to manage large scale software estates from a operational More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Security Engineer

EC3V, Langbourn, Greater London, United Kingdom
Red - Specialist Recruitment
We have an exciting opportunity for a Software Security Engineer to join our Global Healthcare client. As a Security Engineer, you’ll provide hands-on technical expertise to guide software development, delivery and continuous improvement focusing on risk and security. You’ll help evolve our client’s new Digital Platform so that it’s secure and compliant with … both internal and industry regulations. You’ll analyse new feature code to identify security risks and work with engineers to mitigate them, working and applying modern security standards such as OWASP CI/CD, DSOMM, SAMM and Cloud Security Posture management systems such as Azure Defender and Prisma Cloud. Our client empowers their people to balance their … knowledge (TCP/IP, UDP, HTTP/3, AMQP, streaming protocols etc), cloud network design (VPNs, subnets, regions/zones etc), and integration related technologies (Auth0, APIM) Expertise with SAST & SCA systems such as Snyk, Checkmarx Experience with DAST systems such as OpenZAP, Qualys DAST (preferred) ideally with HTTP APIs Ability to manage large scale software estates from a operational More ❯
Employment Type: Permanent
Posted:

Senior Security Engineer London

London, United Kingdom
Hybrid / WFH Options
Bondsmith Savings Ltd
where you will be making an impact on the financial lives of thousands of savers. We're regulated by the Financial Conduct Authority in the UK. As a Senior Security Engineer, you will play a key role in protecting our systems, networks, and data while ensuring compliance with industry leading security standards such as ISO 27001. Your contributions … will be essential in maintaining customer trust and safeguarding critical information assets. This role sits within thePlatform Engineering Teamand requires a strong technical background, hands-on experience with security tools, and a collaborative mindset to work effectively across teams. The role will involveplatform engineering activities, contributing to the design, implementation, and optimisation of scalable infrastructure. If you're motivated … technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools. Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP). Relevant security certifications, such as Security+, IAT II/III level, or equivalent. Strong capability in risk assessment, vulnerability management, and data informed decision-making. More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

DevSecOps Engineer

London, South East, England, United Kingdom
Hybrid / WFH Options
FOUNDATIONS EXECUTIVE SEARCH
65k - £78K + bonus, benefits) We are working with a globally renowned and industry leading UK brand who are going through an exciting phase of growth across their wider Security function, resulting in the need for a DevSecOps Engineer. As a DevSecOps Engineer, you will work within a newly established team in a role that sees you provide hands … on Application Security and DevSecOps responsibilities, as well as being involved in various strategic activities. Your duties would include setting-up, securing and enhancing pipelines, scripting and automation, as well as looking at how things are done, what improvements can be made, supporting cyber change initiatives and driving security awareness/practices as necessary. This role will … most companies of a similar size, who also offer some of the best perks & benefits available! Key skills and experience required: · DevSecOps experience · Application Security expertise across SAST, DAST & SCA · Background and experience in Software Development/Scripting/Automation · Ability to work in a fast-paced environment · Ability to work on-site for key strategic/important More ❯
Employment Type: Full-Time
Salary: £65,000 - £78,000 per annum
Posted:
Static Application Security Testing
London
10th Percentile
£66,500
25th Percentile
£70,000
Median
£95,000
75th Percentile
£106,250
90th Percentile
£112,000