13 of 13 Static Code Analysis Jobs in Scotland

maintenance. Create and maintain CI/CD pipelines for automation scripts. Report on team tasks, provide mentoring, troubleshoot issues, and offer guidance. Engage in code reviews, merge pull requests, and resolve code conflicts. Lead the creation and maintenance of automation frameworks that support efficient testing and development practices. … tools into the Test Life Cycle (TLC) and Continuous Integration/Continuous Deployment (CI/CD) processes to streamline testing and deployment workflows. Conduct static code analysis and improve code coverage using tools like SonarQube to ensure the quality and reliability of the automation code. Develop … and effectiveness across the team. Engage in stakeholder reporting, effectively communicating automation efforts, results, and impacts on the overall project timeline and quality. Write code aimed at improving the overall testability of the software, ensuring that software designs support robust and efficient testing strategies. Participation and contribution to the More ❯

Job DescriptionJob Description Software Engineer - Code Assessment Overview Tech(x) is an energized company with experienced, specialized and progressive thought leaders progressing talented professionals in areas of technology, security, logistics, project management, talent management and procurement. We are looking for a professional proficient in executing software security assessments on … coding including Python, Java, C/C++, and Rust. Responsibilities Work in a team environment with a cyber security mission. Read, analyze, and understand code to identify vulnerabilities and explain functionality. Experience with static and dynamic code analysis tools. Design and execute software testing methodologies, including … integration, system, and acceptance testing, as well as Independent Verification and Validation (IV&V). Apply cryptographic principles to software analysis and testing methodologies. Prepare professional reports and briefings All other duties assigned Qualifications Certifications: Security+ (or other Security focused certification) Strong understanding of Computer Science fundamentals (e.g., algorithms More ❯

Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required. You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence … based security audit report . Key Responsibilities Perform static code analysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known … issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development More ❯

Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required. You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence … based security audit report . Key Responsibilities Perform static code analysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known … issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development More ❯

Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required. You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence … based security audit report . Key Responsibilities Perform static code analysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known … issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development More ❯

the development and evolution of CI/CD pipelines for all GIDS products using GitHub Actions, ArgoCD, TeamCity, Octopus Deploy, and GitOps principles. Integrate static and dynamic code analysis, vulnerability scanning, artifact promotion, and release gating into the SDLC. Ensure pipeline scalability and governance while maintaining developer … Grafana, Splunk, Datadog). Establish SLOs, SLIs, and error budgets with product and engineering teams. Drive root cause identification using distributed tracing, advanced log analysis, and anomaly detection. Security, Audit & Compliance Partner with security and compliance teams to embed controls into infrastructure and software delivery. Automate audit evidence collection … HashiCorp Vault, OPA, AWS IAM). Ensure all systems meet internal and regulatory audit requirements (SOC2, GDPR, etc.). Infrastructure & Automation Champion infrastructure-as-code (IaC) using Terraform, Helm, and Kubernetes for scalable cloud and hybrid deployments. Optimise infrastructure cost, elasticity, and resilience through autoscaling, canary deployments, and chaos More ❯

the development and evolution of CI/CD pipelines for all GIDS products using GitHub Actions, ArgoCD, TeamCity, Octopus Deploy, and GitOps principles. Integrate static and dynamic code analysis, vulnerability scanning, artifact promotion, and release gating into the SDLC. Ensure pipeline scalability and governance while maintaining developer … Grafana, Splunk, Datadog). Establish SLOs, SLIs, and error budgets with product and engineering teams. Drive root cause identification using distributed tracing, advanced log analysis, and anomaly detection. Security, Audit & Compliance Partner with security and compliance teams to embed controls into infrastructure and software delivery. Automate audit evidence collection … HashiCorp Vault, OPA, AWS IAM). Ensure all systems meet internal and regulatory audit requirements (SOC2, GDPR, etc.). Infrastructure & Automation Champion infrastructure-as-code (IaC) using Terraform, Helm, and Kubernetes for scalable cloud and hybrid deployments. Optimise infrastructure cost, elasticity, and resilience through autoscaling, canary deployments, and chaos More ❯

with higher-level applications. Contribute to the development and maintenance of technical documentation, including design specifications, test plans, and security architecture documents. Participate in code reviews to ensure code quality, security, and adherence to coding standards. Troubleshoot and resolve complex firmware and security-related issues. Qualifications: Bachelor's … to embedded systems (e.g., Common Criteria, FIPS 140-2). Knowledge of hardware security modules (HSMs) and trusted execution environments (TEEs). Familiarity with static and dynamic code analysis tools for security vulnerability detection. Experience with secure coding practices and threat modeling. Contributions to open-source security More ❯

with higher-level applications. Contribute to the development and maintenance of technical documentation, including design specifications, test plans, and security architecture documents. Participate in code reviews to ensure code quality, security, and adherence to coding standards. Troubleshoot and resolve complex firmware and security-related issues. Qualifications: Bachelor's … to embedded systems (e.g., Common Criteria, FIPS 140-2). Knowledge of hardware security modules (HSMs) and trusted execution environments (TEEs). Familiarity with static and dynamic code analysis tools for security vulnerability detection. Experience with secure coding practices and threat modeling. Contributions to open-source security More ❯

tools and monitor system performance, identify bottlenecks, and implement optimisations for improved resource utilisation . Implement security tools and practices, including vulnerability scanning and static code analysis. Communicate effectively with development teams to understand their requirements and align DevOps processes. Configure and maintain monitoring systems for log aggregation … and procedures. Requirements Demonstrated experience in designing, deploying, and managing infrastructure and applications on both AWS and Azure cloud platforms. Familiarity with Infrastructure as Code (IaC) tools such as Terraform, Bicep, CloudFormation, etc Experience with CI/CD tools for building and managing automated continuous integration and continuous delivery More ❯

tools and monitor system performance, identify bottlenecks, and implement optimisations for improved resource utilisation . Implement security tools and practices, including vulnerability scanning and static code analysis. Communicate effectively with development teams to understand their requirements and align DevOps processes. Configure and maintain monitoring systems for log aggregation … and procedures. Requirements Demonstrated experience in designing, deploying, and managing infrastructure and applications on both AWS and Azure cloud platforms. Familiarity with Infrastructure as Code (IaC) tools such as Terraform, Bicep, CloudFormation, etc Experience with CI/CD tools for building and managing automated continuous integration and continuous delivery More ❯

manage infrastructure components using automation tools and monitor system performance, identify bottlenecks, and implement optimisations. Implement security tools and practices, including vulnerability scanning and static code analysis. Communicate with development teams to understand their requirements and align DevOps processes. Configure and maintain monitoring systems for log aggregation and … procedures. Job Requirements Demonstrated experience in designing, deploying, and managing infrastructure and applications on both AWS and Azure cloud platforms. Familiarity with Infrastructure as Code (IaC) tools such as Terraform, Bicep, CloudFormation, etc Experience with CI/CD tools for building and managing automated continuous integration and continuous delivery More ❯

managing infrastructure components using automation tools, monitoring system performance, identifying bottlenecks, and optimizing resource utilization. Implementing security tools and practices, including vulnerability scanning and static code analysis. Communicating effectively with development teams to align DevOps processes with requirements. Configuring and maintaining monitoring systems for log aggregation and leading … detailed documentation for system configurations and procedures. Requirements Experience designing, deploying, and managing infrastructure and applications on AWS and Azure. Familiarity with Infrastructure as Code (IaC) tools such as Terraform, Bicep, CloudFormation, etc. Experience with CI/CD tools for automated build and deployment pipelines. Hands-on experience with More ❯