4 of 4 Remote Static Application Security Testing Jobs in Slough

to see. This job is with the software supply chain company - securing and powering how software gets delivered everywhere. What you'll do: Embed security across the platform, from source to prod. Architect security controls across distributed, cloud-native systems. Lead threat modeling and security reviews (and … get people to enjoy them) Pen-test services and infra (ethically, please). Extend security automation and monitoring with tools like CircleCI, GitHub Actions, DataDog, AWS Security Hub, etc. Harden everything from container runtimes to APIs to artifact pipelines. Write secure code, review other people’s code, and … a software engineer. Python for sure and a bit of TypeScript never hurt anyone. Deep application security knowledge Hands-on experience with SAST, DAST, RASP, and securing cloud (preferably AWS). Strong grasp of container security, API security, IaC, and CI/CD. You’ve done More ❯

an agile delivery environment. Own the end-to-end CI/CD lifecycle including environment management, monitoring, and integration of security tools (e.g. SAST, SCA). Champion automation across infrastructure (e.g. Terraform, Ansible) and testing frameworks. Engage with internal and external stakeholders to align technical delivery with business … competing priorities. Excellent communication and stakeholder engagement skills. Bachelor’s degree in Computer Science, Engineering, or equivalent experience. Desirable: Copado Compliance Hub and Robotic Testing experience. Retail or e-commerce background. Experience with containerisation (Docker), orchestration (Kubernetes), and cloud-native architectures. Relevant certifications (e.g. Copado Consultant, DevOps Engineer). More ❯

security hardening: Audit React, GraphQL and FastAPI layers to eliminate XSS/CSRF and strengthen CSP Static analysis remediation: Triage and address SAST findings RBAC rollout: Finalise and implement role-based access controls Audit logging: Structure and surface user action logs in the app 💻 Tech Stack Frontend: React … Apollo GraphQL Backend: FastAPI (Python) Infra/Security: GitHub Actions, SAST tools, Auth0 (or equivalent), RBAC, CSP ✅ What We’re Looking For Must-haves: 5+ years building production-grade web apps (React + Python) CI/CD experience with microservices Hands-on with modern auth providers (Auth0, Kinde, Okta … a must Bonus points for: Experience migrating to managed auth Exposure to Kubernetes, Terraform or Helm Working in early-stage, high-growth startups under security constraints 💬 How We Work You’ll ship iteratively, demo weekly, and document your work for long-term sustainability. We value clean code, proactive ownership More ❯

Cloud is a plus). Using Infrastructure as Code (IaC) and Configuration Management tools like Terraform and Ansible to build and secure environments. Embedding security best practices and compliance benchmarks directly into IaC and CM workflows. Integrating infrastructure with CI/CD pipelines (e.g. GitHub Actions … . Deploying applications using Kubernetes, EKS, ECS, and Lambda — with a preference for Kubernetes/EKS experience. Implementing pipeline security controls, such as SAST, vulnerability scanning, and code linting. Monitoring and securing infrastructure using AWS services like CloudWatch, Athena, Config, and CloudTrail. Why join us - This is an opportunity More ❯