1 to 25 of 32 Static Application Security Testing Jobs in London

Role: Cyber Security Engineer Salary/Rate: up to £700 per day (inside IR35) Location: Hybrid LondonContract Duration: until October 2025 We are currently looking for a Cyber Security Engineer for our government client. This Cyber Security Engineer role is hybrid, based between 2-3 days per week on site in central London and the remainder of … the week working remotely. The contract for the Cyber Security Engineer position is until October 2025 with potential to extend, operating inside IR35. Security Clearance: Security Check ("SC Clearance") This role is inside IR35 - Due to the service of the role, it will now be based on an Umbrella solution. Essential skills/experience required: Certifications: OSCP … desirable Role/Responsibilities: Perform penetration testing and vulnerability assessments of web applications, APIs, and cloud infrastructure. Evaluate the automated security tooling into CI/CD pipelines (SAST, DAST, dependency checking, IaC etc), and make necessary recommendations. Collaborate with developers to remediate identified vulnerabilities and ensure secure code practices. Provide expert input on cloud security (AWS, Azure More ❯

The Role Embed security best practices within the SDLC … collaborating with developers to ensure secure coding. Conduct security assessments, identify potential threats, and mitigate risks in web and mobile applications. Perform application security testing (SAST, DAST) and manual security code reviews. Implement and manage security tools such as SAST, DAST, SCA, and CI/CD security integrations. Investigate security incidents, prioritise … testing, or software security engineering. Strong knowledge of secure coding principles in one or more languages (e.g., Python, Java, JavaScript, Go, .NET). Hands-on experience with SAST, DAST, SCA and security automation in CI/CD pipelines. Familiarity with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top More ❯

The Role Embed security best practices within the SDLC … collaborating with developers to ensure secure coding. Conduct security assessments, identify potential threats, and mitigate risks in web and mobile applications. Perform application security testing (SAST, DAST) and manual security code reviews. Implement and manage security tools such as SAST, DAST, SCA, and CI/CD security integrations. Investigate security incidents, prioritise … testing, or software security engineering. Strong knowledge of secure coding principles in one or more languages (e.g., Python, Java, JavaScript, Go, .NET). Hands-on experience with SAST, DAST, SCA and security automation in CI/CD pipelines. Familiarity with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top More ❯

challenges. We are dedicated to consistently updating our job descriptions to ensure we continue to lead in banking innovation. How you will contribute and key responsibilities: As a Senior Security Engineer, you will be instrumental in designing and implementing security measures for our mobile applications, services, and websites to meet the highest security standards. Your expertise will … help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices. Vulnerability … Event driven streaming technologies, Logging and monitoring, networks, firewalls, load balancers, DNS, CDNs, Working knowledge of agile DevSecOps environments, and CI/CD (Git, Concourse, Terraform), Working knowledge of SAST, DAST, RASP, and IAST tools and building security into existing SDLC processes, Knowledge of cloud Security Architecture of public clouds (such as AWS or GCP), Security certification More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

remote and the rate will be Inside IR35 . Key Responsibilities: Design, deliver, and support secure and scalable AWS infrastructure using services like EC2, S3, ECS, and FARGATE Integrate SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) tools into CI/CD pipelines to enforce secure development practices Automate infrastructure More ❯

remote and the rate will be Inside IR35 . Key Responsibilities: Design, deliver, and support secure and scalable AWS infrastructure using services like EC2, S3, ECS, and FARGATE Integrate SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) tools into CI/CD pipelines to enforce secure development practices Automate infrastructure More ❯

guardrails and best practices, and implement improvements to processes and tooling to ensure engineering excellence. You’ll have a strong understanding of operational requirements, and ensure Scalability, Resiliency, Observability, Security, Cost and Maintainability are at the forefront of all engineering activities. This specific project will involve Real Time Payments value stream, Form 3 gateway set-up and setting up … Cloud Security SDLC & CI/CD tooling (ie GitHub Actions, Jenkins, ArgoCD, Artifact Repository) Knowledge of software engineering including testing frameworks, and secure code delivery (ie SCA, SAST, DAST Networks/Security/Middleware & Apps Scripting/Coding (Bash, Python) End to End Observability solutions (logging, monitoring, alerting) Knowledge of SRE principles and practices More ❯

guardrails and best practices, and implement improvements to processes and tooling to ensure engineering excellence. You’ll have a strong understanding of operational requirements, and ensure Scalability, Resiliency, Observability, Security, Cost and Maintainability are at the forefront of all engineering activities. This specific project will involve Real Time Payments value stream, Form 3 gateway set-up and setting up … Cloud Security SDLC & CI/CD tooling (ie GitHub Actions, Jenkins, ArgoCD, Artifact Repository) Knowledge of software engineering including testing frameworks, and secure code delivery (ie SCA, SAST, DAST Networks/Security/Middleware & Apps Scripting/Coding (Bash, Python) End to End Observability solutions (logging, monitoring, alerting) Knowledge of SRE principles and practices More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with More ❯

and backend layers Contribute to the design of test frameworks and CI/CD pipelines Collaborate with engineers, product managers, and UX to define and validate features Perform exploratory testing and champion quality throughout the SDLC Support secure deployment and testing practices in containerised environments Tech You’ll … Work With: Automation tools: Playwright, Cypress, JUnit, Jasmine Languages: JavaScript/TypeScript, Java or Kotlin DevOps & Infra: Docker, Kubernetes, GitLab CI, Bitbucket Testing tools: Postman, browser dev tools, SAST/DAST integrations Environments: Unix and Windows What You Bring: Hands-on experience building test automation from scratch Strong debugging and analytical skills Comfortable reviewing code and contributing to testable More ❯

and backend layers Contribute to the design of test frameworks and CI/CD pipelines Collaborate with engineers, product managers, and UX to define and validate features Perform exploratory testing and champion quality throughout the SDLC Support secure deployment and testing practices in containerised environments Tech You’ll … Work With: Automation tools: Playwright, Cypress, JUnit, Jasmine Languages: JavaScript/TypeScript, Java or Kotlin DevOps & Infra: Docker, Kubernetes, GitLab CI, Bitbucket Testing tools: Postman, browser dev tools, SAST/DAST integrations Environments: Unix and Windows What You Bring: Hands-on experience building test automation from scratch Strong debugging and analytical skills Comfortable reviewing code and contributing to testable More ❯

enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney … by protecting information systems and platforms. Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests. Strengthen the business through optimizing execution, application, and technology used to protect the Company. Innovate by investing in core capabilities to enhance operational efficiency. Team Description: The Product Security Team at The Walt Disney Company … teams on security and building trust through delivery and data. Strong understanding of at least two of the following security testing principles and practices, such as SAST, SCA, DAST, API, Mobile and Penetration testing. Excellent communication and collaboration skills. Ability to work in a fast paced, dynamic environment. Nice To Have: Experience with security tooling and More ❯

Press space or enter keys to toggle section visibility Location London Job Type Full Time Posted Date 16-Jun-2025 Ref # 62659 We are seeking a Principal Security Engineer to lead and drive security engineering efforts across our cloud and application environments. This strategic, hands-on role requires expertise in cloud security, secure development practices … and the implementation of advanced security controls. You will serve as a leader within the Consumer Security Engineering team, driving security initiatives across cloud platforms, microservice architectures, digital products, application security, and enterprise security. You will define and build comprehensive security strategies in collaboration with developers, DevSecOps engineers, ensuring that security is seamlessly … as a plus. Strong background in DevSecOps, with experience in integrating security into CI/CD pipelines using tools like Jenkins, GitLab, or similar. Experience implementing and managing SAST/DAST tools and processes to secure application development. Deep understanding of application security, including secure coding practices, OWASP Top 10, and API security standards. Knowledge More ❯

and backend layers Contribute to the design of test frameworks and CI/CD pipelines Collaborate with engineers, product managers, and UX to define and validate features Perform exploratory testing and champion quality throughout the SDLC Support secure deployment and testing practices in containerised environments Tech You’ll … Work With: Automation tools: Playwright, Cypress, JUnit, Jasmine Languages: JavaScript/TypeScript, Java or Kotlin DevOps & Infra: Docker, Kubernetes, GitLab CI, Bitbucket Testing tools: Postman, browser dev tools, SAST/DAST integrations Environments: Unix and Windows What You Bring: Hands-on experience building test automation from scratch Strong debugging and analytical skills Comfortable reviewing code and contributing to testable More ❯

places! This is where you come in. The Opportunity As IAG Loyalty evolves into a Platform as a Service business, we're looking for a talented and passionate Senior Application Security Engineer to join our security engineering team. You'll have a background in software engineering and a deep interest in application and API security. You … our CI/CD pipelines, facilitate threat modelling sessions, and review security-sensitive design decisions around authentication, cryptography, and logging. You'll also ensure that tools such as SAST, DAST, and SCA are effective and efficient, and that testing programmes - including pen testing, vulnerability scanning, and bug bounty - are delivering value. You'll triage vulnerabilities, support engineering … vulnerabilities, including the OWASP Top 10 Proficient in coding, scripting (e.g. Python, Bash), and automating security in CI/CD Hands-on experience with security tools like SAST, DAST, and SCA Familiar with cloud environments (especially AWS), containers, and microservices Comfortable reviewing technical designs, performing threat modelling, and advising on secure architecture Strong communicator who collaborates well with More ❯

Up to c. £225k Comp Package | Hybrid Working - 3 Days in Office] We’re partnering with a leading pensions investment firm undergoing a major cloud-native technology transformation, embedding security into every layer of software delivery. This is a rare opportunity to join a highly technical security engineering team with full leadership backing, directly shaping secure-by-design … systems that safeguard billions in assets and over a million pension holders. If you’re passionate about automation, developer enablement, and driving security culture within engineering-led teams, this role offers real influence and impact at scale... Key Responsibilities Integrate security controls across … the full software development lifecycle - from threat modelling and design to secure coding and CI/CD pipeline enforcement Build and automate security tooling into developer workflows, including SAST, DAST, secrets management, dependency scanning and policy-as-code guardrails Create reusable infrastructure-as-code modules and templates to enable consistent security patterns across cloud-native deployments (AWS focus More ❯

Up to c. £225k Comp Package | Hybrid Working - 3 Days in Office] We’re partnering with a leading pensions investment firm undergoing a major cloud-native technology transformation, embedding security into every layer of software delivery. This is a rare opportunity to join a highly technical security engineering team with full leadership backing, directly shaping secure-by-design … systems that safeguard billions in assets and over a million pension holders. If you’re passionate about automation, developer enablement, and driving security culture within engineering-led teams, this role offers real influence and impact at scale... Key Responsibilities Integrate security controls across … the full software development lifecycle - from threat modelling and design to secure coding and CI/CD pipeline enforcement Build and automate security tooling into developer workflows, including SAST, DAST, secrets management, dependency scanning and policy-as-code guardrails Create reusable infrastructure-as-code modules and templates to enable consistent security patterns across cloud-native deployments (AWS focus More ❯

Job Title: Senior Security Engineer Manager: CISO Department: Cyber Security Division: Enterprise Information Technology Services Location: London, Hybrid Main Purpose: The MDU is undertaking an exciting digital transformation programme and to support this the Cyber Security Team is looking to appoint a Senior Security Engineer. Working closely with delivery teams covering strategic and non-strategic change … this role will provide subject matter expertise to keep the MDU, its data and, its member safe from cyber security threats. The Senior Security Engineer will be responsible for the delivery of security technologies in a range of projects and will therefore: Have a strong cyber security engineering or professional services background with experience of delivering … technical skills with experience and accreditations covering multiple security domains. Cyber security subject matter expert with relevant certifications such as CISSP, CISM, CSSP, or equivalent. Proficiency in SAST, DAST and SCA with hands on experience integrating such tools into development pipelines. Extensive experience of consulting on projects, building in security requirements and ensuring services go-live with More ❯

within enterprise accounts Proven experience in Docker, Kubernetes, CI/CD, git integrations and build tools Hands-on experience with AppSec tools (part or all) such as: SCA/SAST/SBOM Management/Container Security Ability to build software pipelines with various DevOps tools Hands-on experience with cloud infrastructures - AWS/Azure/GCP - Mandatory Experience with More ❯

Role: Product Security Engineer Location: London (Hybrid – 3 Days in Office) Contract Length: 6 Months (possibility for extensions) Are you a seasoned Product/Application Security Engineer with a passion for protecting cutting-edge systems in fast-paced, high-stakes environments? Our highly reputable client operating in the fintech space is seeking a Product Security Engineer … C++, Rust, Go, Kotlin/Java. Conduct hands-on threat modelling, security assessments, code reviews, and risk mitigation for large-scale distributed systems. Integrate security scanning tools (SAST, DAST) into CI/CD pipelines to maintain continuous monitoring and threat detection. Mentor engineers on security principles and maintain QRT’s high standards through third-party/vendor … security with a proven track record of securing complex, scalable systems Experience working in smaller companies or start-ups, with a broad range of responsibilities Experienced with SAST and DAST, integrating into CI/CD pipelines Programming Languages: skills in either Python, C++, Rust, Go, Kotlin/Java Experience with cloud platforms (either AWS, Azure or Alibaba Cloud More ❯

Role: Product Security Engineer Location: London (Hybrid – 3 Days in Office) Contract Length: 6 Months (possibility for extensions) Are you a seasoned Product/Application Security Engineer with a passion for protecting cutting-edge systems in fast-paced, high-stakes environments? Our highly reputable client operating in the fintech space is seeking a Product Security Engineer … C++, Rust, Go, Kotlin/Java. Conduct hands-on threat modelling, security assessments, code reviews, and risk mitigation for large-scale distributed systems. Integrate security scanning tools (SAST, DAST) into CI/CD pipelines to maintain continuous monitoring and threat detection. Mentor engineers on security principles and maintain QRT’s high standards through third-party/vendor … security with a proven track record of securing complex, scalable systems Experience working in smaller companies or start-ups, with a broad range of responsibilities Experienced with SAST and DAST, integrating into CI/CD pipelines Programming Languages: skills in either Python, C++, Rust, Go, Kotlin/Java Experience with cloud platforms (either AWS, Azure or Alibaba Cloud More ❯

Senior Product Security Engineer Location: London Salary: £200,000+ A leading global quantitative investment firm is seeking a Senior Product Security Engineer to strengthen the security of its trading systems, cloud infrastructure, and business applications. This is a hands-on, high-impact role working across a modern tech stack in a fast-paced environment. Key Responsibilities Implement … and maintain security controls across low-latency systems and multi-cloud platforms (AWS, Azure, Alibaba Cloud) Collaborate … with engineering teams to integrate secure coding practices into the SDLC Conduct threat modeling, vulnerability assessments, and code reviews Automate security processes through CI/CD integration using SAST, DAST, and related tools Assess third-party vendors and enforce security standards Mentor teams on security architecture and best practices What We’re Looking For Experience in product More ❯

Senior Product Security Engineer Location: London Salary: £200,000+ A leading global quantitative investment firm is seeking a Senior Product Security Engineer to strengthen the security of its trading systems, cloud infrastructure, and business applications. This is a hands-on, high-impact role working across a modern tech stack in a fast-paced environment. Key Responsibilities Implement … and maintain security controls across low-latency systems and multi-cloud platforms (AWS, Azure, Alibaba Cloud) Collaborate … with engineering teams to integrate secure coding practices into the SDLC Conduct threat modeling, vulnerability assessments, and code reviews Automate security processes through CI/CD integration using SAST, DAST, and related tools Assess third-party vendors and enforce security standards Mentor teams on security architecture and best practices What We’re Looking For Experience in product More ❯

standards. Write and maintain unit, integration, and end-to-end tests using JUnit 5, Mockito, WireMock, and Testcontainers. Collaborate with cross-functional teams to implement DevSecOps practices, including SCA, SAST, shift-left, and secure SDLC. Required Skills and Experience: Strong proficiency in Java (Java 21 and Java 8). Experience with reactive programming (Project Reactor, Spring WebFlux). Solid understanding … of DevOps and DevSecOps principles, including SCA, SAST, and shift-left security. Hands-on experience with dependency management tools (Gradle, Maven, npm, etc.). Familiarity with relational databases (Postgres) and database change management using Flyway. Experience with distributed caching systems like Hazelcast. Proficiency in microservice architecture and deploying applications on OpenShift. Knowledge of version control systems (Git). Basic understanding … of Linux. Strong testing skills using JUnit 5, Mockito, WireMock, and Testcontainers. Preferred Skills: Experience with Go, JavaScript, or TypeScript. Familiarity with CI/CD tools like Jenkins, TeamCity, and Tekton. Knowledge of open-source contributions, especially in CycloneDX or similar projects. Why Join Us? Work on impactful projects that improve developer productivity across Citi. Contribute to open-source More ❯