6 of 6 Remote Static Application Security Testing Jobs in the South East

company and we're committed to helping the UK reach Net Zero by 2050. About the role This role will support the delivery of security engineering across both internal and external infrastructure and services. Key responsibilities include: Implement security best practices across the application and infrastructure lifecycle … Define and maintain security testing processes for in-scope applications and services Manage identified vulnerabilities through to remediation, in collaboration with relevant teams Provide expert advice and guidance on secure software and infrastructure development to engineering teams About you and your experience • 5 years' experience working within a … Kanban, and a DevOps mindset • Experience managing Endpoint Detection services such as SentinelOne, zScaler, or Crowdstrike • Experience in conducting security checks, such as SAST, DAST, and SCA with Snyk, OWASP ZAP, Burp Suite tools, vulnerability analysis in applications, and penetration testing skills. Familiarity with OWASP Testing Guide More ❯

an agile delivery environment. Own the end-to-end CI/CD lifecycle including environment management, monitoring, and integration of security tools (e.g. SAST, SCA). Champion automation across infrastructure (e.g. Terraform, Ansible) and testing frameworks. Engage with internal and external stakeholders to align technical delivery with business … competing priorities. Excellent communication and stakeholder engagement skills. Bachelor’s degree in Computer Science, Engineering, or equivalent experience. Desirable: Copado Compliance Hub and Robotic Testing experience. Retail or e-commerce background. Experience with containerisation (Docker), orchestration (Kubernetes), and cloud-native architectures. Relevant certifications (e.g. Copado Consultant, DevOps Engineer). More ❯

Security DevOps Engineer - Tunbridge Wells Hybrid working model - 2-3 days per week in the office The Company: The company is a leader in its field and is an Insurance business with an excellent reputation both in the UK and abroad. The role: This is an excellent opportunity to … be involved in the development of a brand new digital platform that will be used across the business. As a Security Engineer, you'll provide hands-on technical expertise to guide software development, delivery and continuous improvement focusing on risk and security. You'll help evolve our new Digital … HTTP/3, AMQP, streaming protocols etc), cloud network design (VPNs, subnets, regions/zones etc), and integration related technologies (Auth0, APIM) · Expertise with SAST & SCA systems such as Snyk, Checkmarx · Experience with DAST systems such as OpenZAP, Qualys DAST (preferred) ideally with HTTP APIs · Ability to manage large scale More ❯

security hardening: Audit React, GraphQL and FastAPI layers to eliminate XSS/CSRF and strengthen CSP Static analysis remediation: Triage and address SAST findings RBAC rollout: Finalise and implement role-based access controls Audit logging: Structure and surface user action logs in the app 💻 Tech Stack Frontend: React … Apollo GraphQL Backend: FastAPI (Python) Infra/Security: GitHub Actions, SAST tools, Auth0 (or equivalent), RBAC, CSP ✅ What We’re Looking For Must-haves: 5+ years building production-grade web apps (React + Python) CI/CD experience with microservices Hands-on with modern auth providers (Auth0, Kinde, Okta … a must Bonus points for: Experience migrating to managed auth Exposure to Kubernetes, Terraform or Helm Working in early-stage, high-growth startups under security constraints 💬 How We Work You’ll ship iteratively, demo weekly, and document your work for long-term sustainability. We value clean code, proactive ownership More ❯

Cloud is a plus). Using Infrastructure as Code (IaC) and Configuration Management tools like Terraform and Ansible to build and secure environments. Embedding security best practices and compliance benchmarks directly into IaC and CM workflows. Integrating infrastructure with CI/CD pipelines (e.g. GitHub Actions … . Deploying applications using Kubernetes, EKS, ECS, and Lambda — with a preference for Kubernetes/EKS experience. Implementing pipeline security controls, such as SAST, vulnerability scanning, and code linting. Monitoring and securing infrastructure using AWS services like CloudWatch, Athena, Config, and CloudTrail. Why join us - This is an opportunity More ❯

impact how and where it matters most. Connect to your opportunity As a Technical Analyst, you will provide support to Cybersecurity Risk Management team, Security Operations Centre (SOC), Global Event Monitoring Service (GEMS), Deloitte firms and cybersecurity service teams like Firewall Management, IDS/IPS, Email protection amongst others. … In this role you will: Focus on the analysis of Security Incident Event Management (SIEM) data, which includes: Provide Deloitte firms with cybersecurity data. Assist Deloitte Global and Deloitte firms with data extraction for ISO and PCI audit requirements. Support eDiscovery teams by providing data relating to insider threats … qualifications (Azure, Microsoft Windows, Microsoft SQL.) Qualified to ICS2 CC, CISM, CISSP or relevant Cybersecurity related qualification. Working knowledge of source code analytical tools (SAST, DAST code analysis.) Strong experience in Python; detailed ability to write and review code in Python. Information technology background; high level knowledge of internal systems More ❯