26 to 33 of 33 Static Application Security Testing Jobs in London

cloud landing zones (Azure/AWS) with environment segregation (dev, test, UAT, prod). - Automate infrastructure using Infrastructure as Code (Terraform, ARM, CloudFormation) - Embed security and compliance controls (SAST/DAST/IaC/SBOM). - Enable observability (logging, metrics, tracing, alerting) and support SRE/incident management practices. - Partner with client stakeholders to align DevOps with FCA/… operational resilience and Lloyd's standards. - Support disaster recovery and business continuity planning, including resilience testing. - Mentor client teams in DevOps best practices and drive shift-left adoption of testing, security, and compliance. Skills & Experience: - Proven expertise with CI/CD tooling (Azure DevOps, GitHub Actions, Jenkins, GitLab). - Strong knowledge of infrastructure automation (Terraform, Ansible, Puppet, Chef … . - Hands-on experience with Azure and/or AWS in enterprise or hybrid environments. - Familiarity with containerisation & orchestration (Docker, Kubernetes). - Solid understanding of security controls and compliance in financial services. - Experience with observability tools (Prometheus, Grafana, ELK, Splunk, AppDynamics, etc.). - Awareness of UK/EU financial regulations (GDPR, PRA/FCA, Lloyd's). - Consulting experience More ❯

Press Tab to Move to Skip to Content Link Job Title: Principal Software Engineer - Security Engineer Job Reference: Band: BAND D Salary: £80,000-£90,000k depending on relevant skills, knowledge and experience. The expected salary range for this role reflects internal benchmarking and external market insights. Contract type: Permanent role Location: This is a hybrid role, and the … guidance. Promote secure SDLC practices across engineering teams, collaborating with InfoSec on shared tooling, templates and enablement. Help teams adopt secure coding standards and integrate automated security checks (SAST, DAST, dependency scanning) into CI/CD pipelines. Participate in threat modelling using InfoSec-led methodologies and coordinate validation and review workflows. Review technical designs, proposals and code for alignment … and common secure design patterns. You've helped teams adopt secure SDLC practices, working closely with central security or architecture groups. You know how to embed tools like SAST, DAST, secrets detection and dependency scanning into CI/CD pipelines, and have the scars to prove it. You've worked with complex, multi-tenant cloud platforms - ideally on AWS More ❯

This is a huge opportunity for an experienced and driven Platform Security Engineer to join a rapidly growing fintech team! As a Platform Security Engineer, you will play a key role in protecting our clients systems, networks, and data while ensuring compliance with industry leading security standards such as ISO 27001. This role sits within the Platform … Engineering Team and requires a strong technical background, hands-on experience with security tools, and a collaborative mindset to work effectively across teams. What you'll do: Develop and implement proactive security strategies, policies, and procedures to protect our systems, networks, and data assets. Lead regular security assessments, including vulnerability scans and penetration tests, identifying risks and … technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools. Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP). Relevant security certifications, such as Security+, IAT II/III level, or equivalent. Strong capability in risk assessment, vulnerability management, and data informed decision -making. More ❯

Months IR35 Status: Inside IR35 Our client, a leading investment bank, is seeking an experienced DevSecOps SME to join their team. This role will lead and advise on integrating security practices into DevOps pipelines. The ideal candidate will have deep expertise across development, security, and operations, with a strong focus on automation, CI/CD, and secure software … development lifecycle (SDLC) practices. Key Responsibilities Lead the integration of security into CI/CD pipelines. Advise on secure coding and deployment practices across teams. Implement and enforce security policies, standards, and best practices. Conduct threat modeling, risk assessments, and vulnerability management. Mentor and train teams on DevSecOps … principles and tools. Skills & Experience Required CI/CD Security Engineering: Proven experience designing and maintaining secure CI/CD pipelines. DevSecOps Tool Integration: Hands-on experience with SAST, DAST, SCA, and secrets management tools. Cross-Functional Collaboration: Ability to work closely with development, operations, and security teams. Threat Modeling & Risk Assessment: Strong knowledge of security risk More ❯

Months IR35 Status: Inside IR35 Our client, a leading investment bank, is seeking an experienced DevSecOps SME to join their team. This role will lead and advise on integrating security practices into DevOps pipelines. The ideal candidate will have deep expertise across development, security, and operations, with a strong focus on automation, CI/CD, and secure software … development lifecycle (SDLC) practices. Key Responsibilities Lead the integration of security into CI/CD pipelines. Advise on secure coding and deployment practices across teams. Implement and enforce security policies, standards, and best practices. Conduct threat modeling, risk assessments, and vulnerability management. Mentor and train teams on DevSecOps … principles and tools. Skills & Experience Required CI/CD Security Engineering: Proven experience designing and maintaining secure CI/CD pipelines. DevSecOps Tool Integration: Hands-on experience with SAST, DAST, SCA, and secrets management tools. Cross-Functional Collaboration: Ability to work closely with development, operations, and security teams. Threat Modeling & Risk Assessment: Strong knowledge of security risk More ❯

will assist in the delivery on. In full: We are seeking a highly skilled and experienced DevSecOps Subject Matter Expert (SME) to lead and advise on the integration of security practices into our DevOps pipelines. This role requires a deep understanding of development, security, and operations, with a strong emphasis on automation, continuous integration/continuous deployment (CI … software development lifecycle (SDLC) practices. Advise and offer guidance on: * Design, implement, and maintaining secure CI/CD pipelines.* Integrate security tools and practices into DevOps workflows (e.g., SAST, DAST, SCA, secrets management).* Collaborate with development, operations, and security teams to implement and ensure secure coding and deployment practices.* Advise on threat modeling, risk assessments, and vulnerability … management.* Provide expert guidance on cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes).* Develop and enforce security policies, standards, and best practices.* Lead incident response and root cause analysis for security-related issues.* Mentor and train teams on DevSecOps principles and tools. Candidates will ideally show evidence of the above in their CV More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

wins. You MUST Have: 7+ years in technical pre-sales or sales engineering roles Hands-on with Docker, Kubernetes, CI/CD, Git, build tools Solid AppSec experience: SCA, SAST, SBOM, Container Security Cloud infrastructure fluency (AWS, Azure or GCP - must especially tick this box) Proven track record building enterprise relationships - from tech champions to C-level Ability to More ❯