26 to 50 of 57 Dynamic Application Security Testing Jobs in the UK

The Cyber Security Architect will work closely with the solution architects and enterprise architects to improve and maintain the cyber security of NAVBLUE'S products, services and infrastructure. The ideal candidate will play a critical role in designing and implementing cybersecurity frameworks to align with the business objectives and mitigate potential threats. Main Responsibilities: Perform Security Risk … and Threat analysis during the initial design and the Software Development Life Cycle planning, analysis, and design phases. Providing recommendations and requirements for mitigating any security weaknesses identified while defining Non-Functional Requirements in coordination with Solutions Architects. Ensure Security by Design is embedded within the Software Development Life Cycle, while ensuring that all security requirements have … knowledge of the SDLC and AWS network architecture Knowledge of the SAFe Agile method would be an asset Understanding of security testing in the software pipeline (SAST, DAST, SCA, RASP) Knowledge of STRIDE, DICE and other threat and risk frameworks Knowledge of AWS tools Proven experience managing multiple projects simultaneously Practical interpersonal skills; adaptable to all levels of More ❯

The Cyber Security Architect will work closely with the solution architects and enterprise architects to improve and maintain the cyber security of NAVBLUE'S products, services and infrastructure. The ideal candidate will play a critical role in designing and implementing cybersecurity frameworks to align with the business objectives and mitigate potential threats. Main Responsibilities: Perform Security Risk … and Threat analysis during the initial design and the Software Development Life Cycle planning, analysis, and design phases. Providing recommendations and requirements for mitigating any security weaknesses identified while defining Non-Functional Requirements in coordination with Solutions Architects. Ensure Security by Design is embedded within the Software Development Life Cycle, while ensuring that all security requirements have … knowledge of the SDLC and AWS network architecture Knowledge of the SAFe Agile method would be an asset Understanding of security testing in the software pipeline (SAST, DAST, SCA, RASP) Knowledge of STRIDE, DICE and other threat and risk frameworks Knowledge of AWS tools Proven experience managing multiple projects simultaneously Practical interpersonal skills; adaptable to all levels of More ❯

My growing defence client is seeking a Security Engineer. You'll join a leading organisation that develops cutting edge products and technology. Role Purpose You'll own the security posture across our client's product portfolio-encompassing software, hardware, and services-by embedding robust security controls throughout the development lifecycle, identifying and mitigating risks, and ensuring compliance … tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI/CD integration, SAST/DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience (5+ years) in product or application security within defence …/31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138/139). Hands-on experience with security testing tools and techniques (SAST, DAST, penetration testing). Eligible for UK SC clearance; right to work in the UK. Why Join? You'll Gain exposure to cutting-edge defence technology and intelligence insights. Good salary More ❯

Job Summary We are seeking a pragmatic and highly skilled DevSecOps Engineer to join our Platform team. In this role, you will be responsible for identifying, prioritising and remediating security issues as a security engineer and lead analyst to support the broader organisation. You will collaborate closely with Platform, Infrastructure, Development and Security teams to embed security … code and infrastructure reviews. Develop and execute incident response procedures, leveraging Sentinel playbooks and Logic Apps when required. CI/CD & Automation Integrate automated security testing (SAST, DAST, SCA) into Azure DevOps pipelines or GitHub Actions. Create Infrastructure as Code (IaC) with Terraform or ARM templates, embedding security checks. Automate security operations tasks using Azure Functions … Ability to design and enforce patch windows and remediation SLAs. DevSecOps Toolchain Proficient with CI/CD tooling in Azure DevOps or GitHub Actions. Experience integrating SAST (e.g. SonarQube), DAST (e.g. OWASP ZAP) and SCA (e.g. Dependabot, Snyk) into pipelines. Infrastructure as Code: Terraform, ARM or Bicep. Container & Cloud Security Knowledge of containerisation (Docker, Kubernetes/AKS) and container More ❯

challenges. We are dedicated to consistently updating our job descriptions to ensure we continue to lead in banking innovation. How you will contribute and key responsibilities: As a Senior Security Engineer, you will be instrumental in designing and implementing security measures for our mobile applications, services, and websites to meet the highest security standards. Your expertise will … help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices. Vulnerability … driven streaming technologies, Logging and monitoring, networks, firewalls, load balancers, DNS, CDNs, Working knowledge of agile DevSecOps environments, and CI/CD (Git, Concourse, Terraform), Working knowledge of SAST, DAST, RASP, and IAST tools and building security into existing SDLC processes, Knowledge of cloud Security Architecture of public clouds (such as AWS or GCP), Security certification such More ❯

continuously evolving our recruitment processes to ensure fairness and are open to accommodating any needs you might have. If, due to a disability, you need adjustments to complete the application, please let us know by sending an email with your name, the role to which you would like to apply, and the type of support you need to complete … the application to . For any other non-disability related questions, please reach out to our Talent Partners. The Role In 2025 we are investing in improving security capabilities to our Engineering & Data group. We are looking for a security engineer to guide our engineering practices, improve security in our software delivery lifecycle, and work closely … for security incidents Requirements Experience with developing APIs and Frontend applications Experience architecting secure systems at scale Experience integrating security testing into the SDLC i.e. SAST, DAST, SCA Experience with vulnerability scanning and software patching at scale Experience working with at least one major cloud provider (AWS specifically is advantageous) Strong networking foundations Experience with infrastructure as More ❯

Gartner and Forrester, and our sustained, aggressive growth has landed Smarsh in the annual Inc. 5000 list of fastest-growing American companies since 2008. We're seeking a Product Security Engineer to support secure development across our engineering teams. In this hands-on role, you'll help identify and mitigate product risks by participating in security reviews, improving … and backlog grooming. Threat Modelling : Participate in structured threat modelling exercises with guidance from senior team members. Vulnerability Triage : Work with engineering teams to review findings from SAST, SCA, DAST, and container scans and track remediation progress. Code & Config Review : Conduct basic secure code and configuration reviews, escalating high-risk findings as needed. Security Tooling & Automation : Help maintain and … JavaScript, Go, or C#). Familiarity with cloud platforms (AWS, Azure, or GCP) and container technologies (Docker, Kubernetes). Exposure to security tooling such as SAST, SCA, or DAST scanners (e.g., Semgrep, Endor, Burp). Basic understanding of identity and access controls (OAuth, SAML, API tokens). Strong collaboration and communication skills, with a willingness to learn and grow. More ❯

Pre Sales Application Architect + Permanent opportunity + On-site in Bracknell/Basingstoke + SC cleared role + Salary: £75,000 + £6,000 Car allowance + 10% bonus This role involves creating design artefacts that enable the deployment of Applications using industry-standard methodologies. You will collaborate closely with Solution Owners and Project Managers to ensure solutions … Archimate (BizzDesign preferred) Requirements Modelling/Capture techniques such as User Stories and Use Cases AWS and Azure Cloud usage VMWare usage Technical Leadership & Design DevSecOps tooling and practices Application Security Testing SAFe (scaled agile) Processes Data Integration Focused: Data Pipeline Orchestration and ELT tooling such as Apache Airflow, Apache NiFi, Airbyte, and Singer Message Brokers and … Microservices Automated Test tooling, ideally Selenium or Robot Framework DevSecOps Key Skills: CI/CD Pipelines, ideally Azure DevOps IaC tooling, including Terraform, Ansible, Harbor SCA/IAST/DAST tooling, e.g., Black Duck, Coverity, JFrog, Snyk Automated Test tooling, ideally Selenium or Robot Framework Test Management Tools, ideally Azure Test Plans Secure Secrets Management, ideally with Azure DevOps and More ❯

Pre Sales Application Architect +Permanent opportunity +Hybrid 1 day on site in Bracknell/Basingstoke +SC cleared role + 65,000 - 90,000 You will be responsible for the creation of design artefacts that enable the provision of Applications using industry standard methodologies. You will work closely with Solution Owners and Project Managers to ensure that solutions are in … Capture techniques such as User Stories and Use Cases. AWS General/Usage Azure Cloud General/Usage VMWare General/Usage Technical Leadership & Design DevSecOps tooling and practices Application Security Testing SAFe (scaled agile) Processes Data Integration Focused Data Pipeline Orchestration, and ELT tooling such as Apache Airflow, Apark, NiFi, Airbyte and Singer. Message Brokers, streaming … Design/Configuration/Usage in a number of the following - CI/CD Pipelines, ideally Azure DevOps IaC code tooling, including Terraform, Ansible, Harbor SCA/IAST/DAST tooling, e.g. Black Duck, Coverity, Codesight, JFrog, Snyk Automated Test tooling, ideally Selenium/Robot Framework Test Management Tooling ideally Azure Test Plans Secure Secrets Management, ideally Azure DevOps and More ❯

Presales Application Architect Location: Basingstoke (circa 1 day a week onsite) Salary: £60,000 - £65,000 Basic + 15% Bonus + £6,000 Car Allowance + 10% Clearance Bonus (Total Comp circa £80K) Security Clearance: Eligibility to obtain and maintain UK Developed Vetting Clearance (DV) is essential for this role. Candidates may potentially start whilst clearance is in … progress. Keywords: Presales, Application Architect, Solution Design, AWS, Azure, VMWare, DevSecOps, CI/CD, Automation, Data Integration, API, Low-Code, Security Clearance, DV Cleared, DV Eligible, Basingstoke Are you a skilled Application Architect with a talent for presales and solution design? Do you want to architect innovative, sustainable technology solutions for a global leader committed to building … code Platforms (Power Platform, Appian, UiPath etc.), RPA solutions, Business Process Analysis. DevSecOps & Security: CI/CD Pipelines (Azure DevOps preferred), IaC (Terraform, Ansible), SCA/IAST/DAST tooling (Black Duck, Snyk etc.), Automated Testing (Selenium, Robot Framework), Secure Secrets Management (Vault). Methodologies: Experience with SAFe (Scaled Agile Framework) processes is beneficial. Don't meet every More ❯

65k - £78K + bonus, benefits) We are working with a globally renowned and industry leading UK brand who are going through an exciting phase of growth across their wider Security function, resulting in the need for a DevSecOps Engineer. As a DevSecOps Engineer, you will work within a newly established team in a role that sees you provide hands … on Application Security and DevSecOps responsibilities, as well as being involved in various strategic activities. Your duties would include setting-up, securing and enhancing pipelines, scripting and automation, as well as looking at how things are done, what improvements can be made, supporting cyber change initiatives and driving security awareness/practices as necessary. This role will … companies of a similar size, who also offer some of the best perks & benefits available! Key skills and experience required: DevSecOps experience Application Security expertise across SAST, DAST & SCA Background and experience in Software Development/Scripting/Automation Ability to work in a fast-paced environment Ability to work on-site for key strategic/important meetings More ❯

65k - £78K + bonus, benefits) We are working with a globally renowned and industry leading UK brand who are going through an exciting phase of growth across their wider Security function, resulting in the need for a DevSecOps Engineer. As a DevSecOps Engineer, you will work within a newly established team in a role that sees you provide hands … on Application Security and DevSecOps responsibilities, as well as being involved in various strategic activities. Your duties would include setting-up, securing and enhancing pipelines, scripting and automation, as well as looking at how things are done, what improvements can be made, supporting cyber change initiatives and driving security awareness/practices as necessary. This role will … companies of a similar size, who also offer some of the best perks & benefits available! Key skills and experience required: · DevSecOps experience · Application Security expertise across SAST, DAST & SCA · Background and experience in Software Development/Scripting/Automation · Ability to work in a fast-paced environment · Ability to work on-site for key strategic/important meetings More ❯

opportunity to join a large-scale digital transformation programme aimed at uniting multiple internal business units under a new, secure, cloud-native digital platform. Ideal for a hands-on Security Engineer who enjoys embedding security into the development lifecycle and working with modern tooling and cloud environments. The successful Security Engineer's responsibilities will include: Analysing new … subnets, zones) Experience with API security and integration-related platforms such as Auth0 or API Gateways Proficiency with security tools including SAST (e.g. Snyk, Checkmarx), SCA, and DAST (e.g. OpenZAP, Qualys DAST) Ability to manage secure operations of large-scale software estates, including deployment pipelines, rollback strategies, and uptime monitoring Practical experience building automated security test suites … Engineering, Cybersecurity Engineer, Information Security Specialist, Salesforce, Azure, OWASP CI/CD, DSOMM, SAMM, Cloud Security Posture Management, Prisma Cloud, Azure Defender, Snyk, Checkmarx, OpenZAP, Qualys, DAST, SAST, CI/CD, Infrastructure Security, Auth0, Secure APIs, Networking Protocols, DevSecOps, Secure Development, CRM Security Next Steps Please click "Apply now" and submit your up-to-date More ❯

Job Title: Head of Information Security Reporting To: Chief Technology Officer Location: Bournemouth/Hybrid Working Salary: Competitive Job Type: Full Time 37.5 hours a week Our Purpose Nourish Care is the UK market leader in digital social care planning. Our SaaS platform empowers care providers to deliver more transparent, coordinated, and person-centred care. With thousands of care … product, we are scaling fast and aiming even higher - our mission is simple: better care for all. About the Job We're looking for an experienced Head of Information Security to lead and scale Nourish's security strategy in a fast-paced, cloud-native, multi-product SaaS environment. You'll be responsible for safeguarding the confidentiality, integrity, and … vulnerability scanning Collaborate with Product and Engineering teams on threat modelling, penetration testing, and remediation efforts Select, implement, and manage key SaaS security tooling (e.g. SAST/DAST, SIEM, CSPM, endpoint protection, IAM) Ensure alignment with cloud-native architecture and tooling (we primarily use AWS, GitHub Actions, and Terraform) Compliance & Assurance Lead ongoing readiness and evidence for ISO More ❯

future states of the organisation and make faster, more informed decisions. The company is headquartered in London, with offices in Philadelphia, The Hague, Toronto, and Sydney. Role The Principal Security Engineer is a strategic, hands-on leader responsible for evaluating, evolving, and executing Orgvue's security engineering strategy across our entire application development and cloud-hosting estate. … Partnering closely with Information Security, Engineering, and Product teams, you will embed secure-by-design principles throughout the software-development lifecycle (SDLC), champion modern DevSecOps practices, and ensure that security is a first-class citizen in everything we build and operate. This role reports directly to the Chief Technology Officer (CTO) and maintains a dotted-line relationship with … Modeling & Risk Assessment - Conduct regular architecture and code-level reviews, drive remediation plans, and present risk posture to leadership. Tooling & Automation - Evaluate, select, and integrate security tooling (SAST, DAST, SCA, container scanners, CSPM, CWPP) and champion IaC/Terraform modules for reusable controls. Collaboration & Mentorship - Act as a trusted advisor to engineering squads, provide security training, and mentor More ❯

we're enabling the fully automated enterprise-but innovation must be secure to be transformative. That's where you come in. We're looking for a Field Chief Information Security Officer (Field CISO) to serve as a strategic security advisor to our customers and partners, guiding them through the complex landscape of compliance, governance, and secure development of … Automations and Agentic AI. You'll work at the intersection of customer success, product innovation, and cybersecurity thought leadership-translating strategic security insights into real-world impact. What you'll do Act as the primary security advisor for clients, assessing their needs, and providing strategic recommendations. Conduct security risk assessments and design tailored strategies that align with … of security frameworks (e.g., NIST, ISO 27001) and compliance standards (e.g., GDPR, HIPAA, PCI-DSS). Strong expertise in secure SDLC, and application security tooling (SAST, DAST, SCA). Excellent communication skills with the ability to influence executive and technical stakeholders. Experience advising on or implementing security strategies in enterprise environments. Familiarity with software development practices More ❯

an outsized impact, you'll thrive here at Zopa, so join us, and make it count.Want to see us in action? Follow us on The team: Zopa's Product Security team ensures security is baked into our products from the very start of their lifecycles, all the way to the end. We provide the more pre-emptive, design … thinking led, less response-based side of securing the bank. If we do our job right, security becomes inherent in the design of our products, rather than something grafted on after. With you, we'll be a Product Security team of 4, sitting within a larger InfoSec team of 18. Our current projects include ongoing security assessments … security tooling, stitching together CI steps, scripts, and small tools to automate security controls and visualise their results in a helpful manner. This could include SAST, SCA, DAST, secrets scanning, vulnerability scanning, or other tooling Being guardians of our Secure Development Lifecycle, ensuring security controls are baked in and "pushed left" as much as reasonably possible Triaging More ❯

where you will be making an impact on the financial lives of thousands of savers. We're regulated by the Financial Conduct Authority in the UK. As a Senior Security Engineer, you will play a key role in protecting our systems, networks, and data while ensuring compliance with industry leading security standards such as ISO 27001. Your contributions … will be essential in maintaining customer trust and safeguarding critical information assets. This role sits within thePlatform Engineering Teamand requires a strong technical background, hands-on experience with security tools, and a collaborative mindset to work effectively across teams. The role will involveplatform engineering activities, contributing to the design, implementation, and optimisation of scalable infrastructure. If you're motivated … technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools. Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP). Relevant security certifications, such as Security+, IAT II/III level, or equivalent. Strong capability in risk assessment, vulnerability management, and data informed decision-making. Solid More ❯

The Product Security Team's mission is to Left-shift SDLC (Security Development Lifecycle) processes for ALL code written in Databricks (for Customer Use or Supporting Customer internally) to reduce the likelihood of introducing new vulnerabilities in production and minimize the count and effect of externally identified vulnerabilities on Databricks Services. You will be an individual contributor on … the product security team at Databricks, managing SDLC functions for features and products within Databricks. This would include, but is not limited to, security design reviews, threat models, manual code reviews, exploit writing and exploit chain creation. You will also support IR and VRP programs when there is a vulnerability report or a product security incident. You … and Vulnerability Response as and when needed. Work with the results of SAST tools to help evaluate and identify false positives and file defects for real issues. Work on DAST tools and related automation for auto-assessment and defect filing. Maintain the automation framework and add new features as needed to support different security compliances that Databricks may want More ❯

for a Senior Cyber Engineer to become part of our growing Cyber Engineering Services. A successful candidate for the Cyber Engineer role will possess a solid foundation as a security engineer, responsible for ensuring the security of complex global environments and designing security solutions at scale. This includes extensive expertise in application, cloud, and infrastructure domains. … will design and implement highly secure technical solutions to protect against cyber threats and potential cyber-attacks. The role will be focused on detection engineering within the strategic Element security tooling. Responsibilities Assist in the design and implementation of technical solutions and security toolsets to address security vulnerabilities, mitigate cyber threats, and automate tasks. Contribute to the … site environment ideally including multinational connectivity; Experience with various security technologies such as NDR/content filtering/FW/IPS/IDS/DDOS, EDR/MDR, DAST/SAST, Identity Access Management, SIEM & SOAR, log management. Preferable experience in Azure, AWS, Defender, Darktrace. Experience and technical knowledge in multiple areas of cyber defence operations. Experience as a More ❯

the firm managed approximately US$122 billion on behalf of major pension funds, endowments, foundations, governments and other investors based in the U.S. and abroad.Position Overview:The Senior Security Engineer, reporting to the Director of Information Assurance, is responsible for cloud platform and DevOps security. This senior role will call upon the candidate's DevSecOps experience to help Acadian … Shift Left, injecting security directly into our Software Development Lifecycle … and consistently governing our AWS Platform-as-a-Service (PaaS) infrastructure. We are looking for candidates with deep experience and understanding of continuous delivery, container security, SAST/DAST, secrets management, Identity and Access Management (IAM) governance, privilege management, encryption and key management, threat detection, logging, cloud infrastructure security and policy-as-code.What You'll Do: Assess Acadian More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯