1 to 25 of 79 Remote Static Application Security Testing Jobs in the UK

Position Overview Fast growing FinTech seeking a technically proficient Principal Application Security Architect to join our innovative FinTech organisation. This role is critical in shaping the security posture of complex, cloud-native applications that power fast-growing financial services and digital payments platforms. As an Application Security Architect, you will work closely with software engineers … teams. Security Testing & Automation Oversee the deployment and tuning of automated application security testing tools including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA). Collaborate with development teams to integrate security testing seamlessly into CI/CD pipelines … security or secure software engineering, preferably within FinTech or highly regulated industries. Hands-on experience with a range of application security testing tools including SAST, DAST, and SCA, and integrating these into automated build and deployment pipelines. Practical expertise with threat modeling methodologies such as STRIDE, PASTA, or Attack Trees. Strong knowledge of secure coding More ❯

designing, developing, and maintaining large-scale, secure, and high-performing solutions. This role involves mentoring and coaching junior team members, translating stakeholder requirements into actionable user stories, and embedding security throughout the software development life cycle. The position calls for strong technical expertise, collaborative mindset, and an ability to deliver innovative solutions that align with business objectives. Experience Requirements … Software Development & Principles Programming Languages: Proficiency in one or more of: Java, Spring Boot, Python, JavaScript, TypeScript, ReactJS SOLID Principles: Familiarity with object-oriented and clean coding practices Testing & BDD Unit Testing Frameworks: Experience with Cypress, Cucumber, Behave, Selenium, or similar tools Domain-Specific Languages: Knowledge of BDD approaches (e.g., Cucumber, Gherkin) for test automation Containerisation & Microservices Container … to build, configure, and secure cloud environments effectively Security & CI/CD Security Integration: Familiarity with embedding security checks at every phase of the SDLC (e.g., SAST, DAST) Automation Pipelines: Experience with Continuous Integration (CI), Continuous Delivery (CD), and continuous testing tools (e.g., Jenkins, GitHub Actions) Agile & Mentorship Agile Delivery: Background in Scrum or Kanban, assisting More ❯

Senior Security Engineer We are seeking an experienced Senior Security Engineer to join our dynamic Security Team. In this key role, you will be a key contributor to Funding Circle's cloud and application security posture. You will leverage your deep expertise in AWS security, secure software development lifecycle (SSDLC) practices, and CI/… CD security to implement and champion robust security solutions. You will act as a subject matter expert and mentor, collaborating closely with engineering and product teams to embed security seamlessly into our cloud infrastructure and development processes, ensuring the protection of our platform and customer data in a fast-paced FinTech environment. Who are we? We're … Deep, demonstrable expertise in designing, implementing, securing, and managing a wide range of AWS security services . Proven, hands-on experience architecting, building, and integrating security tooling (SAST, DAST, SCA, secrets management, IAST) and automated security controls within CI/CD pipelines (e.g., GitLab CI, Jenkins, GitHub Actions). Strong track record of defining, implementing, measuring, and More ❯

Role: Cyber Security Engineer Salary/Rate: up to £700 per day (inside IR35) Location: Hybrid LondonContract Duration: until October 2025 We are currently looking for a Cyber Security Engineer for our government client. This Cyber Security Engineer role is hybrid, based between 2-3 days per week on site in central London and the remainder of … the week working remotely. The contract for the Cyber Security Engineer position is until October 2025 with potential to extend, operating inside IR35. Security Clearance: Security Check ("SC Clearance") This role is inside IR35 - Due to the service of the role, it will now be based on an Umbrella solution. Essential skills/experience required: Certifications: OSCP … desirable Role/Responsibilities: Perform penetration testing and vulnerability assessments of web applications, APIs, and cloud infrastructure. Evaluate the automated security tooling into CI/CD pipelines (SAST, DAST, dependency checking, IaC etc), and make necessary recommendations. Collaborate with developers to remediate identified vulnerabilities and ensure secure code practices. Provide expert input on cloud security (AWS, Azure More ❯

Join to apply for the Cyber Security Engineer role at Circle Group 1 week ago Be among the first 25 applicants Join to apply for the Cyber Security Engineer role at Circle Group Cyber Security Engineer Salary/Rate: up to £700 per day (inside IR35) Location: Hybrid London Contract Duration: until October 2025 We are currently … looking for a Cyber Security Engineer for our government client. This Cyber Security Engineer role is hybrid, based between 2-3 days per week on site in central London and the remainder of the week working remotely. Role: Cyber Security Engineer Salary/Rate: up to £700 per day (inside IR35) Location: Hybrid London Contract Duration: until … desirable Role/Responsibilities Perform penetration testing and vulnerability assessments of web applications, APIs, and cloud infrastructure. Evaluate the automated security tooling into CI/CD pipelines (SAST, DAST, dependency checking, IaC etc), and make necessary recommendations. Collaborate with developers to remediate identified vulnerabilities and ensure secure code practices. Provide expert input on cloud security (AWS, Azure More ❯

challenges. We are dedicated to consistently updating our job descriptions to ensure we continue to lead in banking innovation. How you will contribute and key responsibilities: As a Senior Security Engineer, you will be instrumental in designing and implementing security measures for our mobile applications, services, and websites to meet the highest security standards. Your expertise will … help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices Vulnerability … Event driven streaming technologies, Logging and monitoring, networks, firewalls, load balancers, DNS, CDNs, Working knowledge of agile DevSecOps environments, and CI/CD (Git, Concourse, Terraform), Working knowledge of SAST, DAST, RASP, and IAST tools and building security into existing SDLC processes, Knowledge of cloud Security Architecture of public clouds (such as AWS or GCP), Security certification More ❯

challenges. We are dedicated to consistently updating our job descriptions to ensure we continue to lead in banking innovation. How you will contribute and key responsibilities: As a Senior Security Engineer, you will be instrumental in designing and implementing security measures for our mobile applications, services, and websites to meet the highest security standards. Your expertise will … help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices. Vulnerability … Event driven streaming technologies, Logging and monitoring, networks, firewalls, load balancers, DNS, CDNs, Working knowledge of agile DevSecOps environments, and CI/CD (Git, Concourse, Terraform), Working knowledge of SAST, DAST, RASP, and IAST tools and building security into existing SDLC processes, Knowledge of cloud Security Architecture of public clouds (such as AWS or GCP), Security certification More ❯

challenges. We are dedicated to consistently updating our job descriptions to ensure we continue to lead in banking innovation. How you will contribute and key responsibilities: As a Senior Security Engineer, you will be instrumental in designing and implementing security measures for our mobile applications, services, and websites to meet the highest security standards. Your expertise will … help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices. Vulnerability … Event driven streaming technologies Logging and monitoring, networks, firewalls, load balancers, DNS, CDNs Working knowledge of agile DevSecOps environments, and CI/CD (Git, Concourse, Terraform) Working knowledge of SAST, DAST, RASP, and IAST tools and building security into existing SDLC processes Knowledge of cloud Security Architecture of public clouds (such as AWS or GCP) Security certification More ❯

re located within a commutable distance of our offices so that we're able to interact and collaborate in person. About the role: We are looking for an experienced Security Engineer to join our growing Security Engineering team, working closely with the GRC & compliance team and the various Engine Technology teams to make sure security is at … the heart of all our technical processes. Your place within the team will depend on your individual strengths and interests. This role will cover a wide array of security areas across our multi-tenant SaaS cloud environments and internal infrastructure and will require a skilled individual to spearhead efforts in fortifying both infrastructure and application platforms, against potential … into the software development lifecycle Experience performing secure code reviews and security approvals including the use of static and dynamic application security testing (SAST/DAST) tools. Experience in Cryptography management & enhancements Experience configuring and utilising cloud-native security logging, monitoring, and detection services Relevant security certifications such as ISC2 CC, CISSP More ❯

you will: Lead DevSecOps practices and processes within the organization. Develop and implement DevSecOps strategies. Mentor engineers in cybersecurity best practices. Collaborate with development and operations teams to automate security principles. Identify and implement tools to improve software development and delivery. Communicate trends and innovative solutions to leadership. Monitor and evaluate the performance of solutions, recommending enhancements. Assist in … or related field, or significant work experience emphasizing cybersecurity. 5+ years as a DevSecOps Engineer. Strong knowledge of Network Architecture in AWS and/or Azure. Cybersecurity expertise in SAST, DAST, SIEM, SSO, penetration testing, and cybersecurity controls. Experience with Cybersecurity Incident Response protocols. Cryptographic controls experience, including SSH key handling, logging, and auditing. Competence with Key Management Service … key rotation, and automation. Certifications such as AWS Certified Security, AWS Certified Advanced Networking, CCNA, CCNP are highly desirable. Experience designing solutions with a focus on AWS Security and Network services, including GuardDuty, Config, Security Hub, etc. Proficiency with Infrastructure as Code tools like Terraform. Solid understanding of DevOps practices with hands-on experience. Programming skills in More ❯

helping the team manage and deploy the environment in a secure and optimised manner. This will include managing the logging and SIEM aspects of the infrastructure and coordinating with application development teams to resolve issues. You will also work with the rest of the squad to incorporate more security checks into the CI/CD pipeline. The role … will include validation of planned changes to ensure that they comply with best practice and will also involve working with the Tesco Mobile Cyber Security Team. About the role The Tesco Mobile Engineering team is a truly cross functional team responsible for both the functional software development as well as the running and operation of tailored and product/… setting using and managing Splunk including defining data streams, indices and ingests and dashboards. Experience of CI/CD pipelines and adding security tooling to these. Experience using SAST and other techniques to improve code security. Automation experience using a variety of tools and languages including AWS CLI, python, etc. Containerisation technologies; Docker and Kubernetes. Exposure to Continuous Integration More ❯

If you need support in completing the application or if you require a different format of this document, please get in touch with at UKI.recruitment@tcs.com or call TCS London Office number 02031552100/+44 204 520 2575 with the subject line: “Application Support Request”. Role: Senior DevSecOps Developer Job Type : Permanent Location: Leamington/Gaydon, Hybrid … days on site) Are you ready to leverage your skills in automation and security ? We have a great opportunity for you - Senior DevSecOps Developer . Careers at TCS: It means more TCS is a purpose-led transformation company, built on belief. We do not just help businesses to transform through technology. We support them in making a meaningful difference … of networking concepts, technologies, and protocols (TCP/IP, IPSec, HTTP, FTP, DHCP, and DNS). Previous involvement in all stages of the software delivery lifecycle. Experience on SCA, SAST, and DAST tools. Skilled on IAC automation (Terraform). Desirable skills: An individual who is result driven demonstrates tenacity, drive and perseverance. Resilience, energy, and enthusiasm to deliver results under More ❯

least one object oriented language, e.g. Java, Go or Python Developing of RESTful API services & understanding of API Gateways (e.g. APIGEE) Building applications utilising container technologies e.g. Docker Managing application deployed to Kubernetes clusters, Istio & Helm Cloud: GCP, GKE, IaC (Terraform) Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube It would be … great if you also had... Experience in Spring Boot and Hibernate Experience of building microservice architecture and event driven systems Experience in Test automation: BDD, mocking, contract testing, Sast Exposure to web technologies, data tooling & infrastructure/networking About working for us Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society More ❯

least one object oriented language, e.g. Java, Go or Python Developing of RESTful API services & understanding of API Gateways (e.g. APIGEE) Building applications utilising container technologies e.g. Docker Managing application deployed to Kubernetes clusters, Istio & Helm Cloud: GCP, GKE, IaC (Terraform) Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube It would be … great if you also had... Experience in Spring Boot and Hibernate Experience of building microservice architecture and event driven systems Experience in Test automation: BDD, mocking, contract testing, Sast Exposure to web technologies, data tooling & infrastructure/networking About working for us Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society More ❯

least one object oriented language, e.g. Java, Go or Python Developing of RESTful API services & understanding of API Gateways (e.g. APIGEE) Building applications utilising container technologies e.g. Docker Managing application deployed to Kubernetes clusters, Istio & Helm Cloud: GCP, GKE, IaC (Terraform) Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube It would be … great if you also had... Experience in Spring Boot and Hibernate Experience of building microservice architecture and event driven systems Experience in Test automation: BDD, mocking, contract testing, Sast Exposure to web technologies, data tooling & infrastructure/networking About working for us Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society More ❯

least one object oriented language, e.g. Java, Go or Python Developing of RESTful API services & understanding of API Gateways (e.g. APIGEE) Building applications utilising container technologies e.g. Docker Managing application deployed to Kubernetes clusters, Istio & Helm Cloud: GCP, GKE, IaC (Terraform) Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube It would be … great if you also had... Experience in Spring Boot and Hibernate Experience of building microservice architecture and event driven systems Experience in Test automation: BDD, mocking, contract testing, Sast Exposure to web technologies, data tooling & infrastructure/networking About working for us Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society More ❯

least one object oriented language, e.g. Java, Go or Python Developing of RESTful API services & understanding of API Gateways (e.g. APIGEE) Building applications utilising container technologies e.g. Docker Managing application deployed to Kubernetes clusters, Istio & Helm Cloud: GCP, GKE, IaC (Terraform) Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube It would be … great if you also had... Experience in Spring Boot and Hibernate Experience of building microservice architecture and event driven systems Experience in Test automation: BDD, mocking, contract testing, Sast Exposure to web technologies, data tooling & infrastructure/networking About working for us Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society More ❯

Sr. Application Security Engineer/Director - Generative AI (Remote) About the Role: The S&P Ratings Security team focuses on protecting our clients and users from all aspects of modern-day security threats. The mission of our team is to safeguard systems and data by developing innovative solutions for the biggest security challenges. We are … looking for a Senior security engineer responsible for development and implementation of security architecture and engineering best practices across S&P Ratings technology platforms. This role will provide Security engineering and Security Architecture consultation to build and enhance security in S&P Ratings Applications and Services including GenAI applications. Responsibilities and Impact: This is a … security reference architectures and standards Experience with automation tools associated with DevOps and CI/CD pipelines, and with security integration into CI/CD Familiarity with SAST/DAST/SCA tools like Fortify, Whitesource Database, datalake knowledge – Postgres, Oracle, Databricks, Snowflake Familiarity with Secure SDLC frameworks such as NIST SSDF, OpenSAMM, BSIMM Security Forensic analysis More ❯

Security · NI/GB/ROI Security Engineer (AppSec) TL;DR: We're seeking a passionate and technically sophisticated security engineer to lead, architect, and integrate security into every aspect of our platform. You like making things but also breaking things and preventing others from doing the same. About Cloudsmith Cloudsmith is transforming how organizations handle … most potent artifact management platform, built by developers for developers. Our platform supports over 30 formats spanning languages, containers, and operating systems, with enterprise-grade features, including vulnerability and security scanning, world-class policy management and enforcement, and web-scale to handle the Fortune 500. Organizations integrate Cloudsmith as critical infrastructure into their development, deployment, and distribution pipelines, trusting … Required Experience, Qualities & Skills Technical Expertise 3+ years of security engineering experience or equivalent. Deep expertise in application security and secure software development. Experience with implementing SAST, DAST, and RASP (Runtime Security). Strong programming skills in Python, with familiarity in TypeScript/Node.js or similar. Extensive experience with: Cloud security (AWS-based, preferably). More ❯

remote and the rate will be Inside IR35 . Key Responsibilities: Design, deliver, and support secure and scalable AWS infrastructure using services like EC2, S3, ECS, and FARGATE Integrate SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) tools into CI/CD pipelines to enforce secure development practices Automate infrastructure More ❯

remote and the rate will be Inside IR35 . Key Responsibilities: Design, deliver, and support secure and scalable AWS infrastructure using services like EC2, S3, ECS, and FARGATE Integrate SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) tools into CI/CD pipelines to enforce secure development practices Automate infrastructure More ❯

remote and the rate will be Inside IR35 . Key Responsibilities: Design, deliver, and support secure and scalable AWS infrastructure using services like EC2, S3, ECS, and FARGATE Integrate SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) tools into CI/CD pipelines to enforce secure development practices Automate infrastructure More ❯

skills Experience with Spring Boot and Hibernate Experience with JavaScript or other front-end technologies Building microservice architectures and event-driven systems Test automation: BDD, mocking, contract testing, SAST Knowledge of web technologies, data tooling, infrastructure, and networking About working for us We value diversity and inclusivity, ensuring our organization reflects modern society. We have initiatives supporting under-represented More ❯

and ideally an additional OOP language e.g. Go or Python; Developing RESTful API services & understanding of API Gateways (e.g. APIGEE). Building applications utilising container technologies e.g. Docker. Managing application deployed to Kubernetes clusters, Istio & Helm. Cloud: GCP, GKE, IaC (Terraform). Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube. SQL/NoSQL database, Basic … in Spring Boot and Hibernate. Experience in JavaScript or other front-end technologies. Experience of building microservice architecture and event driven systems. Experience in Test automation: BDD, mocking, contract testing, Sast. Exposure to web technologies, data tooling & infrastructure/networking. About working for us Our focus is to ensure we're inclusive every day, building an organisation that reflects More ❯

Join to apply for the Associate Application Security Engineer role at Veeva Systems Join to apply for the Associate Application Security Engineer role at Veeva Systems Veeva Systems is a mission-driven organization and pioneer in industry cloud, helping life sciences companies bring therapies to patients faster. As one of the fastest-growing SaaS companies in … Security Engineer that wants to work with Veeva’s product teams to secure their applications. This role has a broad scope, ranging from assisting with managing our SAST/SCA environment to developing Dev Sec Ops automation services, and system integrations using APIs, Webhooks, or other custom integrations of Veeva’s infrastructure. Development of automated processes of security … our multiple platforms. You will be working as a security expert supporting our product development teams on code quality issues and findings. What You'll Do Support Checkmarx SAST & SCA platform, tuning and supporting product development Assist application product teams with scan automation via pipeline build such as Jenkins or CI/CD Automation of security tools More ❯