26 to 50 of 77 Dynamic Application Security Testing Jobs in the UK

Responsibilities: The Security Architect reports to the Chief Information Security Officer. The Chief Information Security Officer determines the activities due by the Security Architect based on evolving needs to improve the company’s security posture and to secure CHAMP assets. Examples of the Security Architect’s responsibilities and duties include: Document and address information security, cybersecurity architecture, and systems security engineering requirements throughout the application acquisition or development life cycle. Employ secure configuration management processes Ensure that acquired or developed system(s) and architecture(s) are consistent with the security … data anonymization, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing) Ability to drive strategy to establish SAST and DAST framework Knowledge of the enterprise information technology (IT) architectural concepts and patterns Knowledge of installation, integration, and optimization of system components Knowledge of remote access More ❯

Your new company - Specialist Global Financial Services Your new role - Permanent - ON SITE 5 Days per week. - UK Only Job Title: IT Security Engineer Job Brief: As the first line of defence in the IT department, the purpose of this role focusses on information security, cybersecurity and data … security, including a wide scope of physical security operating systems such … as Windows and Linux, network security, firewall and other security devices, application security both development and testing phrases SAST & DAST, terminal security, backup security, third party and supply chain security. We are seeking a skilled IT Security Engineer to identify, investigate, and More ❯

applicants Direct message the job poster from RiverSafe Recruitment Manager @ RiverSafe: Helping to grow a company #cybersecurity #devops #appsec The Role The Principal Application Security Consultant is a senior-level role responsible for leading and improving application security strategies, conducting security assessments and providing expert … guidance on secure development practices. This role involves working closely with development teams, security engineers and business stakeholders to integrate security into the software development lifecycle (SDLC), mitigate risks and ensure compliance with security standards. Skills Strong knowledge of application security vulnerabilities (OWASP Top … SANS 25). Hands-on remediation support and vulnerability management expertise. Hands-on experience with threat modelling and secure code reviews. Experience with Mobile Application Security and API Security. Familiarity with security tools (Burp Suite, Fortify, Checkmarx, Veracode, ZAP, etc.). Experience with cloud security (AWS More ❯

regulated by the Financial Conduct Authority in the UK. We are looking for a skilled and proactive DevSecOps Engineer to take ownership of our security frameworks, testing, and hands-on implementation of secure systems. You will join our Engineering team to play a pivotal role in integrating security … Perform regular automated security assessments, including vulnerability scans, assist penetration testing, and remediation planning. Automate security testing processes, including SAST, DAST, and IAST tools, to identify and remediate vulnerabilities earlier in the SDLC. Work closely with Development and Platform teams to promote a DevSecOps culture and … similar programming languages. Understanding of secure coding practices, application security principles, and compliance frameworks. Expertise in implementing security tools (e.g., SAST, DAST, vulnerability scanners, OWASP ZAP, SonarQube, Snyk, Elastic Security, tfsec AWS Inspector or Trivy). Experience with monitoring and logging tools like ELK or cloud More ❯

Application Security Consultant (AppSec) Permanent Role Fully Remote Up to £80K per annum Are you a skilled application security professional with a strong grasp of cloud-native development and a passion for safeguarding software systems? Join an innovative cyber security consultancy working at the forefront … of resilience, supporting clients across the military, government, finance, and tech sectors. As an Application Security Consultant, you'll be the go-to expert on software-level threats and controls. You'll play a key role in embedding security within cloud-native development environments-particularly AWS-by … teams in secure coding best practices through workshops, threat modelling, and code reviews. Define and enforce security checkpoints across the DevOps lifecycle (SAST, DAST, SCA). Champion secure API design, including robust authentication, authorisation, and validation techniques. Identify and mitigate security vulnerabilities through reviews and penetration test support. More ❯

UK based, primarily remote working with some travel required to our London Office. Sponsorship is not available for this role. What you will do: Security Integration in CI/CD Pipelines: Implement security controls within CI/CD pipelines using automation and best practices, ensuring vulnerabilities are caught … Response: Develop and maintain monitoring systems and respond to security incidents quickly and effectively. Automated Security Testing: Integrate and manage SAST, DAST, and other security testing tools to identify security issues in code and applications. Compliance and Governance: Develop and manage Azure policies to … as vulnerability scanners, intrusion detection systems, & security information & event management (SIEM) solutions. Knowledge of container management with Azure Container Registry. Experience in SAST, DAST & other techniques to improve code security Desirable: Proficiency in scripting, preferably with PowerShell. Understanding of DotNet development and deployment pipelines. Experience working with PCI More ❯

Join to apply for the Platform Security Engineer role at Bondsmith 2 weeks ago Be among the first 25 applicants Join to apply for the Platform Security Engineer role at Bondsmith Get AI-powered advice on this job and more exclusive features. About us Bondsmith is a fast … regulated by the Financial Conduct Authority in the UK. We are looking for a skilled and proactive DevSecOps Engineer to take ownership of our security frameworks, testing, and hands on implementation of secure systems. You will join our Engineering team to play a pivotal role in integrating security … ELK, Datadog) Understanding of secure coding practices, application security principles, and compliance frameworks. Hands-on experience in security tools (e.g., SAST, DAST, vulnerability scanners, OWASP ZAP, SonarQube, Snyk, Elastic Security, tfsec, AWS Inspector or Trivy). Experience in SIEM systems and threat detection. Financial services experience More ❯

We support organisations across a variety of sectors including finance, retail, telecommunications, utilities, gaming, government and insurance. We’re looking for a Senior Information Security Consultant to join our growing team. The Senior Security Consultant is responsible for maintaining end-to-end security through compliance with global … policy, standards, regulations and industry best practices. This person works with Information Security management to implement a cloud first programme for enabling security standards across people, process and technology within the TransUnion Monevo portfolio. Day to Day You’ll Be: Guides and advises technology teams on infrastructure vulnerability … internal standards, best practices and architectures based on this information Assists Engineering teams with adoption to changes in application security tooling (SAST, DAST, etc.) and interpretation of its results to ensure vulnerabilities are addressed on a timely basis and prevented from deployment into production Builds relationships and partners More ❯

Cloud Security Architect, AWS ProServe India Job ID: AWS ProServe IN - Maharashtra AWS Sales, Marketing, and Global Services (SMGS) is responsible for driving revenue, adoption, and growth from the largest and fastest growing small- and mid-market accounts to enterprise-level customers including public sector. At Amazon, Security is Top Priority. We are looking for security architects who are passionate about Cloud Security. Ideal candidates are those who have working experience with AWS Cloud, Cloud Security, Infrastructure Security, Network Security, Cloud Security Assessment, Penetration testing, Application security assessment, Compliance … Organisations, Web Application Firewall, AWS Network Firewall, GWLB based Security Appliances. Have implementation knowledge to deliver DevSecOps pipeline with IaC scanner, SAST, DAST tool in the SDLC. Hands-on experience in one of the following is mandatory: Identity and Access Management Data Encryption Network Security Incident Response More ❯

Principal Product Security Engineer Apply locations CZ - Prague UK - London time type Full time posted on Posted 6 Days Ago job requisition id JR103958 Our Product Security team is seeking a Principal Product Security Engineer to define and lead a secure development strategy and approach in a … fast-paced, agile development environment. You will be responsible for defining and driving security-related initiatives in collaboration with internal stakeholders. You will bring a wealth of technical expertise and industry experience spanning application security, cloud security, DevSecOps and CI/CD. The ideal candidate for … with secure software development lifecycle, security testing, vulnerability management. Experience with cloud technologies (AWS, Azure), security testing and automation (SAST, DAST, SCA), and AI/ML technologies. Deep understanding of DevSecOps principles and agile development. Knowledge of secure architecture and design principles, industry standards (NIST SSDF More ❯

Application Security Consultant – Remote CSSLP, CISSP, OSWE, GWAPT, CREST CRT/CCT App A leading Technology consultancy is looking for an Application Security Consultant to play a key role in embedding security into the heart of modern software development practices. The role: You’ll work … especially focused on cloud-native development in AWS environments. Key responsibilities include: Embedding secure coding practices and supporting design/code reviews Implementing SAST, DAST, SCA, and other security checks into DevOps workflows Supporting secure API design and cloud-native architecture Acting as a key escalation point for vulnerability … triage and remediation Delivering developer enablement through workshops and hands-on threat modelling What you’ll bring: 3+ years in application or product security roles Strong grasp of application-level threats, secure design, and remediation strategies Experience with IaC security (Terraform, CloudFormation), container security, and More ❯

Application Security Consultant – Remote CSSLP, CISSP, OSWE, GWAPT, CREST CRT/CCT App A leading Technology consultancy is looking for an Application Security Consultant to play a key role in embedding security into the heart of modern software development practices. The role: You’ll work … especially focused on cloud-native development in AWS environments. Key responsibilities include: Embedding secure coding practices and supporting design/code reviews Implementing SAST, DAST, SCA, and other security checks into DevOps workflows Supporting secure API design and cloud-native architecture Acting as a key escalation point for vulnerability … triage and remediation Delivering developer enablement through workshops and hands-on threat modelling What you’ll bring: 3+ years in application or product security roles Strong grasp of application-level threats, secure design, and remediation strategies Experience with IaC security (Terraform, CloudFormation), container security, and More ❯

This is a leading product role within the GitLab Sec Section. The Sec section provides GitLab Ultimate customers with comprehensive coverage for all their Security needs across the SDLC, from development to production, including risk assessment, compliance frameworks, application security posture, and vulnerability management. Enable AppSec and … All these capabilities are driven not only by GitLab's broad set of application security testing scanners (SAST, SCA, Secret Scanning, DAST, etc.) but also by GitLab's AI-powered vulnerability resolution and explanation engine. As our new Sr. Product Manager, you will develop and clearly communicate … detailed roadmap for our Vulnerability Management & Insights solution, ensuring they align with both our company's objectives and evolving market demands within our broader Application Security platform. You will collaborate closely with the relevant engineering teams and Product team members of the different scanners and adjacent areas like More ❯

to help shape the new flagship development center and contribute to high-impact projects in a thriving tech environment. Position Overview: Were expanding our application security team and are looking for someone with Java and Python experience. Youll focus on a subset of our products to understand them … development teams build products that are secure by design. What you will do: Youll support product teams through activities such as: Defining requirements for security features Proactively identifying and controlling risks using techniques like threat modeling Designing and implementing automated security tests Performing manual security assessments including … JavaScript framework Test design Unit tests and end-to-end tests both automated and manual A proven history of turning SCA/SAST/DAST results into teachable moments Application penetration testing experience is a bonus. Fluency in English What you'll gain at Intapp: Our culture at More ❯

to help shape the new flagship development center and contribute to high-impact projects in a thriving tech environment. Position Overview: Were expanding our application security team and are looking for someone with Java and Python experience. Youll focus on a subset of our products to understand them … development teams build products that are secure by design. What you will do: Youll support product teams through activities such as: Defining requirements for security features Proactively identifying and controlling risks using techniques like threat modeling Designing and implementing automated security tests Performing manual security assessments including … JavaScript framework Test design Unit tests and end-to-end tests both automated and manual A proven history of turning SCA/SAST/DAST results into teachable moments Application penetration testing experience is a bonus. Fluency in English What you'll gain at Intapp: Our culture at More ❯

to help shape the new flagship development center and contribute to high-impact projects in a thriving tech environment. Position Overview: Were expanding our application security team and are looking for someone with Java and Python experience. Youll focus on a subset of our products to understand them … development teams build products that are secure by design. What you will do: Youll support product teams through activities such as: Defining requirements for security features Proactively identifying and controlling risks using techniques like threat modeling Designing and implementing automated security tests Performing manual security assessments including … JavaScript framework Test design Unit tests and end-to-end tests both automated and manual A proven history of turning SCA/SAST/DAST results into teachable moments Application penetration testing experience is a bonus. Fluency in English What you'll gain at Intapp: Our culture at More ❯

on, delivery-focused role where you will embed DevSecOps principles into engineering pipelines, guide secure software development lifecycle (SSDLC) practices, and advise on adopting security tooling across cloud and hybrid environments. You will work closely with development, DevOps, and platform teams to uplift security maturity, enabling secure and … scalable software delivery aligned with industry standards and compliance requirements. Responsibilities Embed security practices into software development pipelines by integrating DevSecOps principles, automation tools, and governance controls. Support the definition, implementation, and continuous improvement of secure software development lifecycle (SSDLC) processes across internal and client delivery teams. Advise on … Experience collaborating with developers, DevOps, architects, and platform teams to design and implement secure software solutions. Exposure to application security tooling (SAST, DAST, SCA), cloud security services, and infrastructure-as-code security practices. Familiarity with agile or DevOps-based delivery models and working across multiple stakeholders More ❯

as Jenkins, GitLab or similar. Knowledge of Hashicorp Terraform and Hashicorp Vault. Awareness of SAST Security Testing - GitLab, Checkmarx, Veracode. Awareness of DAST Security Testing - GitLab, Veracode. Awareness of SCA/IAST Security Testing - Checkmarx, GitLab, Veracode. Awareness of Vulnerability Management - PA Prisma. Awareness … of QA Testing - Selenium. Certifications in Gitlab, Terraform and Vault would be preferable. About us With over 20,000 employees across the globe, we work at the heart of digitisation, advising organisations on IT strategy, implementing the most appropriate technology, and helping our customers to source, transform and manage More ❯

Job Title: Application Security (AppSec) Consultant Location: Remote (UK-based only) Salary: Up to £80,000 Type: Full-time, Permanent Are you passionate about building secure software and driving real impact in the world of cybersecurity? Our client, a cutting-edge cyber consultancy, is seeking an Application Security Consultant to strengthen their growing technical team. This is a fully remote role, offering the chance to work alongside experts from diverse industries including defence, finance, and tech— while making a real difference. What You’ll Be Doing … Partnering with developers and engineers to bake security into every stage of the software development lifecycle. Enhancing DevSecOps practices with tools like SAST, DAST, and SCA—making sure security isn’t just an afterthought. Leading secure code reviews, threat modelling sessions, and providing practical guidance on secure design. More ❯

consistently updating our job descriptions to ensure we continue to lead in banking innovation. How you will contribute and key responsibilities: As a Senior Security Engineer, you will be instrumental in designing and implementing security measures for our mobile applications, services, and websites to meet the highest security standards. Your expertise will help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems … monitoring, networks, firewalls, load balancers, DNS, CDNs Working knowledge of agile DevSecOps environments, and CI/CD (Git, Concourse, Terraform) Working knowledge of SAST, DAST, RASP, and IAST tools and building security into existing SDLC processes Knowledge of cloud Security Architecture of public clouds (such as AWS or More ❯

Join to apply for the Senior Security Engineer role at Policy Expert 3 weeks ago Be among the first 25 applicants Join to apply for the Senior Security Engineer role at Policy Expert Policy Expert – Senior Security Engineer Are you ready to transform the insurance industry? Policy … ranked the UK's No.1-rated home insurer by Review Centre since 2013. About the DevSecOps team: At PolicyExpert, the DevSecOps team focuses on application, cloud, and cybersecurity to ensure security is integrated throughout the software development lifecycle. Our goal is to empower tech teams to build and … are you: Proven experience delivering web application and API security improvements across an organisation. Proficiency with DevSecOps and SDLC tooling, including SAST, DAST, SCA, ASPM, and CSPM. Hands-on experience with IAM solutions such as Auth0 or AWS Cognito. Strong background in threat modelling and vulnerability management. Strong More ❯

Policy Expert - Senior Security Engineer We're on a mission to make: The most successful insurance disruptor people want to stay with for life Are you ready to transform the insurance industry with innovative technology? At Policy Expert , we are on a mission to revolutionize Home , Pet , and Motor … the UK's No.1-rated home insurance provider for 9 years . About the DevSecOps team: At Policy Expert, the DevSecOps team focuses on application, cloud, and cybersecurity to ensure security is integrated throughout the software development lifecycle. Our goal is to empower tech teams to build and … are you: Proven experience delivering web application and API security improvements across an organisation. Proficiency with DevSecOps and SDLC tooling, including SAST, DAST, SCA, ASPM and CSPM. Hands-on experience with IAM solutions such as Auth0, or AWS Cognito. Strong background in threat modelling and vulnerability management. Strong More ❯

the sole expert in this position, you'll spearhead Cyber projects with plans to build your own team in 2025 The role combines two dynamic elements: Core IT Security: Leverage your deep technical expertise to maintain the security of our infrastructure, servers, and systems. From leading our … Managed Security Service Providers (MSSPs), building a best-in-class Cyber training and awareness programme, and performing security audits on critical systems. Cybersecurity Governance: Implement governance and frameworks to embed security across the business, across IT, Engineering, and other business verticals, ensuring best-practice configurations become the … application gateways, private and service endpoints, and firewalls. Secure Software Development: Deep experience implementing effective secure coding practices (e.g., OWASP Top 10, SAST, DAST, SonarCloud). You can seamlessly integrate security into the SDLC with a shift-left approach. Cloud Security Tools: Practical experience with Azure Sentinel More ❯

We have a great career opportunity for an experienced Mid-level Product Security Engineer with a background in cloud-based (AWS & Azure) & on-prem infrastructures and automation to join one of the most prestigious e-commerce and tech companies. Multi-million £ brand with a firm lead in their market … it's not even close) Multi-award-winning platform on an extraordinary journey. Oversee, maintain, and upkeep customer/client data. Utilise your advanced security knowledge. Manage cloud-based & on-prem infrastructures. Be the risk manager and automation advocate we need. Help us safeguard customer/client data with … security tools. Expertise in securing microservices and APIs. Deep understanding of secure coding, SDLC, and engineering integration. Hands-on experience with SAST/DAST in CI/CD. Knowledge of WAFs, vulnerability scanners, and security tools. Understanding of cryptography, authentication, and authorisation. Next Steps: Please note, with this More ❯

Overview: Additional Information: Please note, this role requires working full-time onsite, five days per week. NON Negotiable We are seeking an experienced IT Security Engineer to become a vital part of a growing IT Department. This critical role will focus on protecting our information assets through robust cybersecurity … measures, ensuring adherence to best practices, international standards, and local regulations. Ideally suited to candidates who possess expert knowledge of security frameworks including NIST 800, ISO 27001, and cybersecurity guidelines from PRA, FCA, and ICO. Candidates with at least 3 years' relevant experience in finance or banking, particularly as … disposal. Conduct security evaluations on network and firewall policies and manage application security in both development and testing phases (SAST, DAST). Liaise with internal audit teams and international cybersecurity operations centres to implement security policies and controls. Provide cybersecurity training to ensure staff awareness More ❯