251 to 275 of 289 Static Application Security Testing Jobs in the UK

Social network you want to login/join with: Senior Application Security Consultant, London Client: Senitor Associates Location: London, United Kingdom Job Category: Other EU work permit required: Yes Job Views: 3 Posted: 05.05.2025 Expiry Date: 19.06.2025 Job Description: Application Security Consultant – Remote CSSLP, CISSP, OSWE, GWAPT, CREST CRT/CCT App A leading technology consultancy … is looking for an Application Security Consultant to play a key role in embedding security into modern software development practices. The role: You will work closely with engineering teams to promote secure coding, guide vulnerability remediation, and integrate Application Security … controls within the DevOps pipeline. The focus is on cloud-native development in AWS environments. Key responsibilities include: Embedding secure coding practices and supporting design/code reviews Implementing SAST, DAST, SCA, and other security checks into DevOps workflows Supporting secure API design and cloud-native architecture Serving as a key escalation point for vulnerability triage and remediation Providing More ❯

Mandarin Speaking - IT Security Engineer Mandarin Speaking - IT Security Engineer 2 days ago Be among the first 25 applicants Additional Information: Please note, this role requires working full-time onsite, five days per week. NON Negotiable We are seeking an experienced IT Security Engineer to become a vital part of a growing IT Department. This critical role … focus on protecting our information assets through robust cybersecurity measures, ensuring adherence to best practices, international standards, and local regulations. Ideally suited to candidates who possess expert knowledge of security frameworks including NIST 800, ISO 27001, and cybersecurity guidelines from PRA, FCA, and ICO. Candidates with at least 3 years' relevant experience in finance or banking, particularly as an … practices during usage, storage, transfer, and disposal. Conduct security evaluations on network and firewall policies and manage application security in both development and testing phases (SAST, DAST). Liaise with internal audit teams and international cybersecurity operations centres to implement security policies and controls. Provide cybersecurity training to ensure staff awareness and compliance. Skills & Qualifications More ❯

Summary The Specialist Application Security Engineer will play a pivotal role in ensuring the integrity and security of our applications across various platforms. You will lead the charge in implementing robust security measures, collaborating closely with cross-functional teams to fortify our defences against cyber threats. What's in it for you Being a part of … away from work. What you'll do Focused on application security initiatives across cloud and on-premises environments, employing a diverse suite of tools including Semgrep for SAST, Snyk for SCA, GHAS for secret scanning, Burp Suite for DAST, and scripting for automation. Forge partnerships with external vendors to optimize and seamlessly integrate security tools into our … minimum of 3 years of hands-on experience in application security, with a track record of leadership or significant contributions in similar roles. Proficiency in Semgrep for SAST, Snyk for SCA, GHAS for secret scanning, Burp Suite for DAST, and automation scripting. Understanding of application security principles and best practices. Experience integrating and optimizing security More ❯

We have an exciting opportunity for a Software Security Engineer to join our Global Healthcare client. As a Security Engineer, you ll provide hands-on technical expertise to guide software development, delivery and continuous improvement focusing on risk and security. You ll help evolve our client s new Digital Platform so that it s secure and compliant with … both internal and industry regulations. You ll analyse new feature code to identify security risks and work with engineers to mitigate them, working and applying modern security standards such as OWASP CI/CD, DSOMM, SAMM and Cloud Security Posture management systems such as Azure Defender and Prisma Cloud. Our client empowers their people to balance their … knowledge (TCP/IP, UDP, HTTP/3, AMQP, streaming protocols etc), cloud network design (VPNs, subnets, regions/zones etc), and integration related technologies (Auth0, APIM) Expertise with SAST & SCA systems such as Snyk, Checkmarx Experience with DAST systems such as OpenZAP, Qualys DAST (preferred) ideally with HTTP APIs Ability to manage large scale software estates from a operational More ❯

We have an exciting opportunity for a Software Security Engineer to join our Global Healthcare client. As a Security Engineer, you’ll provide hands-on technical expertise to guide software development, delivery and continuous improvement focusing on risk and security. You’ll help evolve our client’s new Digital Platform so that it’s secure and compliant with … both internal and industry regulations. You’ll analyse new feature code to identify security risks and work with engineers to mitigate them, working and applying modern security standards such as OWASP CI/CD, DSOMM, SAMM and Cloud Security Posture management systems such as Azure Defender and Prisma Cloud. Our client empowers their people to balance their … knowledge (TCP/IP, UDP, HTTP/3, AMQP, streaming protocols etc), cloud network design (VPNs, subnets, regions/zones etc), and integration related technologies (Auth0, APIM) Expertise with SAST & SCA systems such as Snyk, Checkmarx Experience with DAST systems such as OpenZAP, Qualys DAST (preferred) ideally with HTTP APIs Ability to manage large scale software estates from a operational More ❯

Black Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized pioneer in application security, provides SAST, SCA, and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry … leading tools, services, and expertise, only Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle. The Static Analysis team is looking for an exceptional developer, with experience or interest in building and deploying security tools, to join the Static Analysis team at Black Duck. The job involves evolving … our state of the art analysis infrastructure and generally pushing the envelope of static analysis. In particular, you will be enhancing the product engine by broadening its of coverage and deepening its analysis to identify even more vulnerabilities. Additionally, you will ensure the product operates in a scalable and performant manner within a cloud-based environment. The perfect candidate More ❯

About Semgrep Semgrep is on a mission to make it expensive to exploit software. As the team behind the most popular SAST, we built the Semgrep AppSec Platform to deliver industry-leading code, dependency, and secrets scanning to enable organizations to ship secure code quickly without slowing down development. With fast, customizable code analysis across large codebases, Semgrep helps teams … Semgrep is funded by top investors, including Felicis Ventures, Lightspeed Venture Partners, Menlo Ventures, Redpoint Ventures, and Sequoia Capital. About Semgrep Our mission is to make world-class software security available to everyone. This means building program analysis tools that are open source, easy to use, powerful, and fast. It also means building a team with security expertise … and a passion for great developer experiences. Most of all, it means working with honesty and respect in a diverse community of dreamers and builders. We've redefined static analysis tooling by committing to all of these, and turned our project, Semgrep, into an essential safeguard for code at Snowflake, Dropbox, and more. About the role As a Sr. More ❯

Black Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized pioneer in application security, provides SAST, SCA, and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry … leading tools, services, and expertise, only Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle. Software Engineering Manager/Scrum Master Black Duck is seeking a Software Engineering Manager/Scrum Master (SEM) to lead the development of its open source management solution. The SEM will provide leadership across functional teams … across the organization. Take initiative as a technical problem solver, identifying and resolving technical issues and challenges. Key requirements: Provide leadership to achieve high software engineering standards, including quality, security, stability, and scalability. 5-7 years of experience mentoring and growing successful engineering teams. Continuously improve tools and best practices for development activities. Utilize agile and iterative approaches to More ❯

time' objective Participate in planning, daily stand-ups, show and tell sessions and retrospective meetings Experience: 8+ years of experience in all phases of software development including design, coding, testing, debugging, and implementation Strong knowledge of the .NET framework, object-oriented programming, multithreading, C# with exposure of VB.NET, ASP.NET MVC, HTML5, CSS3, ReactJS, Redux, WebPack Expertise in development of … end frameworks (ReactJS, etc) Expertise in development of REST based WebAPIs Expertise in writing Unit Test Cases using MS Test or nUnit Understanding of agile Methodology Preferred: Understanding of SAST tools like HP Fortify, SonarQube and their integration with CI process Understanding of IaaS, PaaS and SaaS models of Azure Cloud Understanding of CI/CD processes Multi-Year Project More ❯

time' objective Participate in planning, daily stand-ups, show and tell sessions and retrospective meetings Experience: 8+ years of experience in all phases of software development including design, coding, testing, debugging, and implementation Strong knowledge of the .NET framework, object-oriented programming, multithreading, C# with exposure of VB.NET, ASP.NET MVC, HTML5, CSS3, ReactJS, Redux, WebPack Expertise in development of … end frameworks (ReactJS, etc) Expertise in development of REST based WebAPIs Expertise in writing Unit Test Cases using MS Test or nUnit Understanding of agile Methodology Preferred: Understanding of SAST tools like HP Fortify, SonarQube and their integration with CI process Understanding of IaaS, PaaS and SaaS models of Azure Cloud Understanding of CI/CD processes Multi-Year Project More ❯

You will need to login before you can apply for a job. Application Security Engineer - REMOTE Employer Lawrence Harvey Location London Salary 75000.00 - 85000.00 GBP Annual + + Bonus + Benefits Closing date 17 Jun 2025 View more categories View less categories Sector IT Job Role Application Security Job Type Permanent Salary: GBP75,000–GBP85 … + bonus + benefits Location: UK – Remote We're working with a fast–growing company that's investing heavily in its security capabilities. As an Application Security Engineer , you'll work closely with Software Engineers and DevOps teams to integrate security into every stage of the development life cycle. You'll take a hands–on role … –level security issues through code analysis, tooling, and manual testing Conduct secure code reviews and collaborate with engineering teams to drive fixes Integrate security tools (SAST, DAST, SCA) into CI/CD pipelines and optimise their use Contribute to threat modelling and help teams design with security in mind Develop proof–of–concepts (PoCs) to More ❯

Senior Application Security Engineer Salary: up to £100,000 + bonus + benefits Location: UK – Remote This company is scaling its security function and is hiring Senior Application Security Engineers to help embed secure development practices across its engineering teams. You’ll play a hands-on role in identifying and resolving vulnerabilities, integrating security into the SDLC, helping developers create software that is secure, robust, and production-ready by design. You’ll be joining a high-impact security team at a pivotal point in the company’s growth. The environment spans legacy systems, enterprise-grade platforms, and greenfield builds – making it an ideal opportunity for individuals who thrive in varied, fast-paced … vulnerabilities. Requirements: 5+ years of hands-on experience in application security and secure software development. Strong knowledge of secure coding practices and common vulnerabilities (OWASP) Experience with SAST, DAST, and IAST tools and integrating them into CI/CD pipelines. Proficiency in writing and reviewing code (JavaScript, Java, Python) with an emphasis on secure patterns. Ability to work More ❯

Senior Application Security Engineer Salary: up to £100,000 + bonus + benefits Location: UK – Remote This company is scaling its security function and is hiring Senior Application Security Engineers to help embed secure development practices across its engineering teams. You’ll play a hands-on role in identifying and resolving vulnerabilities, integrating security into the SDLC, helping developers create software that is secure, robust, and production-ready by design. You’ll be joining a high-impact security team at a pivotal point in the company’s growth. The environment spans legacy systems, enterprise-grade platforms, and greenfield builds – making it an ideal opportunity for individuals who thrive in varied, fast-paced … vulnerabilities. Requirements: 5+ years of hands-on experience in application security and secure software development. Strong knowledge of secure coding practices and common vulnerabilities (OWASP) Experience with SAST, DAST, and IAST tools and integrating them into CI/CD pipelines. Proficiency in writing and reviewing code (JavaScript, Java, Python) with an emphasis on secure patterns. Ability to work More ❯

Salesforce Security Engineer Salary : £85,000 Locations: Leeds, Manchester, Redhill, Tunbridge Wells, Bournemouth, or Bristol (Hybrid/Flexible) We're looking for a Salesforce Security Engineer who brings strong engineering fundamentals and hands-on experience to the intersection of Salesforce development and security engineering . You'll play a critical role in enhancing the security posture … the DSOMM (DevSecOps Maturity Model) and OWASP security principles to assess and uplift Salesforce security maturity. Own and improve pipeline security including static code analysis (SAST), dynamic application security testing (DAST), dependency checks, and secure deployment patterns. Conduct threat modelling for Salesforce-based estates, identifying and mitigating risks early in the development lifecycle. … on experience with Salesforce development (particularly APEX) and a deep understanding of how engineering and security intersect. Strong grasp of secure coding practices and experience running DAST/SAST on Salesforce environments. Exposure to or working knowledge of DSOMM , OWASP, and threat modelling methodologies. Experience integrating security into CI/CD pipelines , especially in complex enterprise platforms. Ability More ❯

Salesforce Security Engineer Salary : £85,000 Locations: Leeds, Manchester, Redhill, Tunbridge Wells, Bournemouth, or Bristol (Hybrid/Flexible) We're looking for a Salesforce Security Engineer who brings strong engineering fundamentals and hands-on experience to the intersection of Salesforce development and security engineering . You'll play a critical role in enhancing the security posture … the DSOMM (DevSecOps Maturity Model) and OWASP security principles to assess and uplift Salesforce security maturity. Own and improve pipeline security including static code analysis (SAST), dynamic application security testing (DAST), dependency checks, and secure deployment patterns. Conduct threat modelling for Salesforce-based estates, identifying and mitigating risks early in the development lifecycle. … on experience with Salesforce development (particularly APEX) and a deep understanding of how engineering and security intersect. Strong grasp of secure coding practices and experience running DAST/SAST on Salesforce environments. Exposure to or working knowledge of DSOMM , OWASP, and threat modelling methodologies. Experience integrating security into CI/CD pipelines , especially in complex enterprise platforms. Ability More ❯

Salesforce Security Engineer Salary : £85,000 Locations: Leeds, Manchester, Redhill, Tunbridge Wells, Bournemouth, or Bristol (Hybrid/Flexible) We're looking for a Salesforce Security Engineer who brings strong engineering fundamentals and hands-on experience to the intersection of Salesforce development and security engineering . You'll play a critical role in enhancing the security posture … the DSOMM (DevSecOps Maturity Model) and OWASP security principles to assess and uplift Salesforce security maturity. Own and improve pipeline security including static code analysis (SAST), dynamic application security testing (DAST), dependency checks, and secure deployment patterns. Conduct threat modelling for Salesforce-based estates, identifying and mitigating risks early in the development lifecycle. … on experience with Salesforce development (particularly APEX) and a deep understanding of how engineering and security intersect. Strong grasp of secure coding practices and experience running DAST/SAST on Salesforce environments. Exposure to or working knowledge of DSOMM , OWASP, and threat modelling methodologies. Experience integrating security into CI/CD pipelines , especially in complex enterprise platforms. Ability More ❯

Salesforce Security Engineer Salary : £85,000 Locations: Leeds, Manchester, Redhill, Tunbridge Wells, Bournemouth, or Bristol (Hybrid/Flexible) We're looking for a Salesforce Security Engineer who brings strong engineering fundamentals and hands-on experience to the intersection of Salesforce development and security engineering . You'll play a critical role in enhancing the security posture … the DSOMM (DevSecOps Maturity Model) and OWASP security principles to assess and uplift Salesforce security maturity. Own and improve pipeline security including static code analysis (SAST), dynamic application security testing (DAST), dependency checks, and secure deployment patterns. Conduct threat modelling for Salesforce-based estates, identifying and mitigating risks early in the development lifecycle. … on experience with Salesforce development (particularly APEX) and a deep understanding of how engineering and security intersect. Strong grasp of secure coding practices and experience running DAST/SAST on Salesforce environments. Exposure to or working knowledge of DSOMM , OWASP, and threat modelling methodologies. Experience integrating security into CI/CD pipelines , especially in complex enterprise platforms. Ability More ❯

Salesforce Security Engineer Salary : £85,000 Locations: Leeds, Manchester, Redhill, Tunbridge Wells, Bournemouth, or Bristol (Hybrid/Flexible) We're looking for a Salesforce Security Engineer who brings strong engineering fundamentals and hands-on experience to the intersection of Salesforce development and security engineering . You'll play a critical role in enhancing the security posture … the DSOMM (DevSecOps Maturity Model) and OWASP security principles to assess and uplift Salesforce security maturity. Own and improve pipeline security including static code analysis (SAST), dynamic application security testing (DAST), dependency checks, and secure deployment patterns. Conduct threat modelling for Salesforce-based estates, identifying and mitigating risks early in the development lifecycle. … on experience with Salesforce development (particularly APEX) and a deep understanding of how engineering and security intersect. Strong grasp of secure coding practices and experience running DAST/SAST on Salesforce environments. Exposure to or working knowledge of DSOMM , OWASP, and threat modelling methodologies. Experience integrating security into CI/CD pipelines , especially in complex enterprise platforms. Ability More ❯

Salesforce Security Engineer Salary : £85,000 Locations: Leeds, Manchester, Redhill, Tunbridge Wells, Bournemouth, or Bristol (Hybrid/Flexible) We're looking for a Salesforce Security Engineer who brings strong engineering fundamentals and hands-on experience to the intersection of Salesforce development and security engineering . You'll play a critical role in enhancing the security posture … the DSOMM (DevSecOps Maturity Model) and OWASP security principles to assess and uplift Salesforce security maturity. Own and improve pipeline security including static code analysis (SAST), dynamic application security testing (DAST), dependency checks, and secure deployment patterns. Conduct threat modelling for Salesforce-based estates, identifying and mitigating risks early in the development lifecycle. … on experience with Salesforce development (particularly APEX) and a deep understanding of how engineering and security intersect. Strong grasp of secure coding practices and experience running DAST/SAST on Salesforce environments. Exposure to or working knowledge of DSOMM , OWASP, and threat modelling methodologies. Experience integrating security into CI/CD pipelines , especially in complex enterprise platforms. Ability More ❯

Salesforce Security Engineer Salary : £85,000 Locations: Leeds, Manchester, Redhill, Tunbridge Wells, Bournemouth, or Bristol (Hybrid/Flexible) We're looking for a Salesforce Security Engineer who brings strong engineering fundamentals and hands-on experience to the intersection of Salesforce development and security engineering . You'll play a critical role in enhancing the security posture … the DSOMM (DevSecOps Maturity Model) and OWASP security principles to assess and uplift Salesforce security maturity. Own and improve pipeline security including static code analysis (SAST), dynamic application security testing (DAST), dependency checks, and secure deployment patterns. Conduct threat modelling for Salesforce-based estates, identifying and mitigating risks early in the development lifecycle. … on experience with Salesforce development (particularly APEX) and a deep understanding of how engineering and security intersect. Strong grasp of secure coding practices and experience running DAST/SAST on Salesforce environments. Exposure to or working knowledge of DSOMM , OWASP, and threat modelling methodologies. Experience integrating security into CI/CD pipelines , especially in complex enterprise platforms. Ability More ❯

in energy. Help us make a real impact on shaping a better, more sustainable future. We are very excited to be building a small and efficient Cyber and Information Security team at Octopus Energy Group. We're hiring for both Mid-Level and Senior Security Engineers . We are looking for ambitious, knowledgeable, and experienced Security Engineers … grow with the rest of the company, and ensure we continue to do so in a secure and safe way. You will be a key partner in defining what Security is at Octopus Energy Group. We will be shaping this team to provide a world class support service to our employees, building our way out of problems with engineering … testing tools Experience with security tools and technologies, such as web application firewalls (WAFs), and static and dynamic application security testing (SAST/DAST) tools Experience in endpoint (e.g., EDR and ZTNA) and cloud (e.g., CSPM and CNAPP) security tooling Experience with security SaaS solutions Good AWS experience (or knowledge More ❯

Role Overview: Additional Information: Please note, this role requires working full-time onsite, five days per week. NON Negotiable We are seeking an experienced IT Security Engineer to become a vital part of a growing IT Department. This critical role will focus on protecting our information assets through robust cybersecurity measures, ensuring adherence to best practices, international standards, and … local regulations. Ideally suited to candidates who possess expert knowledge of security frameworks including NIST 800, ISO 27001, and cybersecurity guidelines from PRA, FCA, and ICO. Candidates with at least 3 years' relevant experience in finance or banking, particularly as an information security officer or involvement in regulatory technical projects, are strongly preferred. Key Responsibilities: Develop and maintain … practices during usage, storage, transfer, and disposal. Conduct security evaluations on network and firewall policies and manage application security in both development and testing phases (SAST, DAST). Liaise with internal audit teams and international cybersecurity operations centres to implement security policies and controls. Provide cybersecurity training to ensure staff awareness and compliance. Skills & Qualifications More ❯

Role Overview: Additional Information: Please note, this role requires working full-time onsite, five days per week. NON Negotiable We are seeking an experienced IT Security Engineer to become a vital part of a growing IT Department. This critical role will focus on protecting our information assets through robust cybersecurity measures, ensuring adherence to best practices, international standards, and … local regulations. Ideally suited to candidates who possess expert knowledge of security frameworks including NIST 800, ISO 27001, and cybersecurity guidelines from PRA, FCA, and ICO. Candidates with at least 3 years' relevant experience in finance or banking, particularly as an information security officer or involvement in regulatory technical projects, are strongly preferred. Key Responsibilities: Develop and maintain … practices during usage, storage, transfer, and disposal. Conduct security evaluations on network and firewall policies and manage application security in both development and testing phases (SAST, DAST). Liaise with internal audit teams and international cybersecurity operations centres to implement security policies and controls. Provide cybersecurity training to ensure staff awareness and compliance. Skills & Qualifications More ❯

Social network you want to login/join with: Mandarin Speaking - IT Security Engineer, slough col-narrow-left Client: Location: slough, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Views: 5 Posted: 31.05.2025 Expiry Date: 15.07.2025 col-wide Job Description: Role Overview: Additional Information: Please note, this role requires working full-time onsite … five days per week. NON Negotiable We are seeking an experienced IT Security Engineer to become a vital part of a growing IT Department. This critical role will focus on protecting our information assets through robust cybersecurity measures, ensuring adherence to best practices, international standards, and local regulations. Ideally suited to candidates who possess expert knowledge of security … practices during usage, storage, transfer, and disposal. Conduct security evaluations on network and firewall policies and manage application security in both development and testing phases (SAST, DAST). Liaise with internal audit teams and international cybersecurity operations centres to implement security policies and controls. Provide cybersecurity training to ensure staff awareness and compliance. Skills & Qualifications More ❯

Cyber Security Operations Lead 12 Months (Outside IR35) Hybrid (Edinburgh) Harvey Nash's client is recruiting for a Cyber Security Operations Lead on a 12 Month contract Main Responsibilities Use understanding of digital systems and attack frameworks to apply theory to practice. Be aware of the current cyber threat landscape and industry best practices and standards. Lead on … improvement to coverage and depth of security monitoring and vulnerability scanning Design vulnerability data gathering and prioritisation procedures Act as technical escalation point for analysts on significant incidents, investigations, including hands on experience Establish procedures for intelligence ingestion and threat hunting Working with architects and interpreting designs to ensure strong handover to SecOps during new service go live. Recommendation … product delivery evidence Key Skills Security products (M365 Defender stack, Sentinel/SIEM, email filtering (including authentication protocols), AV, firewalls, WAFs, Defender for Cloud) Security Testing (SAST, DAST, vulnerability scanning, configuration compliance scanning) Virtualisation platforms and operating systems, including Hyper-V and Windows Server. Enterprise Systems (Azure, M365, Intune, email, PKI, AD, GP, SCCM) Application platforms More ❯