3 of 3 Remote/Hybrid Static Application Security Testing Jobs in the Midlands

DevSecOps Engineer

Hiring Organisation
Big Red Recruitment
Location
Nottingham, Nottinghamshire, England, United Kingdom
Employment Type
Full-Time
Salary
£60,000 - £65,000 per annum, Inc benefits
looking for a hands-on DevSecOps Engineer to take ownership of application and cloud security across a modern, Azure-first product environment. This is a product-focused security role, sitting at the intersection of development, DevOps and security, helping teams understand why vulnerabilities exist … automation and education. The role: Act as the DevSecOps lead, owning application and cloud security practices across the business Analyse outputs from SAST and DAST tools (e.g. Snyk, BrightSec), understanding vulnerabilities at a low level and advising development teams on remediation Work closely with DevOps to ensure secure ...

DevOps Engineer

Hiring Organisation
CBSbutler Holdings Limited
Location
Birmingham, West Midlands, United Kingdom
Employment Type
Contract
extend Python tooling for: SLSA provenance SBOM generation (CycloneDX) Hash/digest accuracy (SHA1/SHA256) Security scan aggregation (SonarQube, Sonatype IQ, SAST, container scanning) Optimise pipeline performance through parallelisation, caching, dependency prefetching, and BOM scope reduction. Ensure artifact integrity and reproducibility , including evidence modelling and digest validation. Refactor … container image metadata . Solid experience with software supply-chain security (SLSA, CycloneDX SBOMs, digests). Hands-on use of SonarQube, Sonatype IQ, SAST, and container scanning tools . Proven ability to optimise CI/CD performance (caching, parallel builds, dependency pruning). Awareness of compliance and secure ...

DevX Build Pipeline Engineer

Hiring Organisation
CBSbutler Holdings Limited
Location
Birmingham, West Midlands, United Kingdom
Employment Type
Contract
extend Python tooling for: SLSA provenance SBOM generation (CycloneDX) Hash/digest accuracy (SHA1/SHA256) Security scan aggregation (SonarQube, Sonatype IQ, SAST, container scanning) Optimise pipeline performance through parallelisation, caching, dependency prefetching, and BOM scope reduction. Ensure artifact integrity and reproducibility , including evidence modelling and digest validation. Refactor … container image metadata . Solid experience with software supply-chain security (SLSA, CycloneDX SBOMs, digests). Hands-on use of SonarQube, Sonatype IQ, SAST, and container scanning tools . Proven ability to optimise CI/CD performance (caching, parallel builds, dependency pruning). Awareness of compliance and secure ...