26 to 34 of 34 Static Application Security Testing Jobs in the UK

scan, and deployment processes. Extend Python tooling for SLSA provenance, SBOM generation, hash/digest validation, and security scan aggregation (SonarQube, Sonatype IQ, SAST/Container). Optimise pipeline performance using parallel builds, caching, scope-reduced BOMs, and dependency prefetching. Ensure artifact integrity through correct SHA1/SHA256 mapping … Terraform, and container image metadata. Knowledge of supply-chain security, including SLSA, CycloneDX SBOMs, and digests. Experience with SonarQube, Sonatype IQ, container and SAST scanning. Proven skills in pipeline performance tuning, including caching, parallelisation, and dependency pruning. Awareness of compliance and security standards relevant to CI/ ...

continuous evolution of our enterprise API Platform. This role is fully hands-on, combining deep expertise in Azure cloud services, Kubernetes, Terraform, API security, and distributed systems with the ability to guide, review, and contribute to .NET Core API development practices. The architect will define and maintain the vision … pipeline definition for APIM deployments, testing, API versioning, and documentation automation. Establish CI/CD pipelines for Terraform, .NET API builds, image scanning, SAST/DAST, compliance enforcement. 8. Hands-On .NET Core API Integration & Code Reviews Review .NET Core API implementations to ensure correct API design, platform alignment ...

continuous evolution of our enterprise API Platform. This role is fully hands-on , combining deep expertise in Azure cloud services, Kubernetes, Terraform, API security, and distributed systems with the ability to guide, review, and contribute to .NET Core API development practices . The architect will define and maintain … pipeline definition for APIM deployments, testing, API versioning, and documentation automation. Establish CI/CD pipelines for Terraform, .NET API builds, image scanning, SAST/DAST, compliance enforcement. 8. Hands-On .NET Core API Integration & Code Reviews Review .NET Core API implementations to ensure correct API design , platform alignment ...

appoint a Senior Azure Cloud Engineer. This is a hands-on senior role where youll take ownership of Azure infrastructure, DevOps practices, and cloud security, working closely with architects and development teams in an agile environment. The platform is API-driven and operates at scale, so reliability, performance … security Proven Infrastructure-as-Code expertise (Terraform, Bicep/ARM) Experience with Azure DevOps, GitHub, and CI/CD pipelines Familiarity with DevSecOps, SAST/DAST, and cloud monitoring Confident communicator with a pragmatic, delivery-focused mindset This is an opportunity to join a business where cloud engineering ...

Senior Azure Cloud Engineer. This is a hands-on senior role where you’ll take ownership of Azure infrastructure, DevOps practices, and cloud security, working closely with architects and development teams in an agile environment. The platform is API-driven and operates at scale, so reliability, performance, and security … security Proven Infrastructure-as-Code expertise (Terraform, Bicep/ARM) Experience with Azure DevOps, GitHub, and CI/CD pipelines Familiarity with DevSecOps, SAST/DAST, and cloud monitoring Confident communicator with a pragmatic, delivery-focused mindset This is an opportunity to join a business where cloud engineering ...

extend Python tooling for: SLSA provenance SBOM generation (CycloneDX) Hash/digest accuracy (SHA1/SHA256) Security scan aggregation (SonarQube, Sonatype IQ, SAST, container scanning) Optimise pipeline performance through parallelisation, caching, dependency prefetching, and BOM scope reduction. Ensure artifact integrity and reproducibility , including evidence modelling and digest validation. Refactor … container image metadata . Solid experience with software supply-chain security (SLSA, CycloneDX SBOMs, digests). Hands-on use of SonarQube, Sonatype IQ, SAST, and container scanning tools . Proven ability to optimise CI/CD performance (caching, parallel builds, dependency pruning). Awareness of compliance and secure ...

extend Python tooling for: SLSA provenance SBOM generation (CycloneDX) Hash/digest accuracy (SHA1/SHA256) Security scan aggregation (SonarQube, Sonatype IQ, SAST, container scanning) Optimise pipeline performance through parallelisation, caching, dependency prefetching, and BOM scope reduction. Ensure artifact integrity and reproducibility , including evidence modelling and digest validation. Refactor … container image metadata . Solid experience with software supply-chain security (SLSA, CycloneDX SBOMs, digests). Hands-on use of SonarQube, Sonatype IQ, SAST, and container scanning tools . Proven ability to optimise CI/CD performance (caching, parallel builds, dependency pruning). Awareness of compliance and secure ...

package, scan, deploy). Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ,SAST/Container). Optimize performance (parallel builds, caching, scope-reduced BOMs, dependency prefetch). Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible inputs, evidence … Helm/Terraform and container image metadata. Supply-chain security (SLSA, CycloneDX SBOM, digests). Experience with SonarQube, Sonatype IQ, container and SAST scanning. Proven performance tuning (caching, parallelization, dependency pruning). Compliance Awareness. ...

controls. Capture and assess evidence such as pipeline logs, approvals, artefact integrity/signing, access controls, and configuration baselines. Validate security posture via SAST/DAST scans, dependency and licence reviews, container/image policies, and supply-chain controls. Evaluate logging, monitoring, and observability practices. Map findings to compliance ...