51 to 75 of 293 Static Application Security Testing Jobs in the UK

Engineers across multiple cross-functional squads Champion quality engineering standards, automation, and BDD practices across the SDLC Define and implement test strategies across UI, API, Back End, performance, and security Embed automated testing into CI/CD pipelines and cloud- environments Collaborate with engineering, product and delivery teams to ensure solutions meet business and user needs Drive continuous … Strong background in cloud- testing (AWS/Azure), microservices, and infrastructure-as-code environments Knowledge of performance (eg, JMeter, Gatling) and security testing tools (eg, ZAP, SAST/DAST) Ability to drive BDD adoption and facilitate collaboration across tech and business Data-driven mindset with experience in defining and tracking quality KPIs Nice to Have: Background in … insurance or financial services Familiarity with FCA and regulatory testing frameworks Relevant certifications (eg, ISTQB, AWS Cloud Practitioner, Certified Agile Tester) If this sounds like the role for you, hit APPLY & a consultant will be in touch. #J-18808-Ljbffr More ❯

skills Experience with Spring Boot and Hibernate Experience with JavaScript or other front-end technologies Building microservice architectures and event-driven systems Test automation: BDD, mocking, contract testing, SAST Knowledge of web technologies, data tooling, infrastructure, and networking About working for us We value diversity and inclusivity, ensuring our organization reflects modern society. We have initiatives supporting under-represented More ❯

one object oriented language, e.g. Java, Go or Python Developing of RESTful API services & understanding of API Gateways (e.g. APIGEE). Building applications utilising container technologies e.g. Docker. Managing application deployed to Kubernetes clusters, Istio & Helm. Cloud: GCP, GKE, IaC (Terraform). Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube. SQL/NoSQL database, Basic … in Spring Boot and Hibernate. Experience in JavaScript or other front-end technologies. Experience of building microservice architecture and event driven systems. Experience in Test automation: BDD, mocking, contract testing, Sast. Exposure to web technologies, data tooling & infrastructure/networking. About working for us Our focus is to ensure we're inclusive every day, building an organisation that reflects More ❯

and ideally an additional OOP language e.g. Go or Python; Developing RESTful API services & understanding of API Gateways (e.g. APIGEE). Building applications utilising container technologies e.g. Docker. Managing application deployed to Kubernetes clusters, Istio & Helm. Cloud: GCP, GKE, IaC (Terraform). Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube. SQL/NoSQL database, Basic … in Spring Boot and Hibernate. Experience in JavaScript or other front-end technologies. Experience of building microservice architecture and event driven systems. Experience in Test automation: BDD, mocking, contract testing, Sast. Exposure to web technologies, data tooling & infrastructure/networking. About working for us Our focus is to ensure we're inclusive every day, building an organisation that reflects More ❯

Join to apply for the Associate Application Security Engineer role at Veeva Systems Join to apply for the Associate Application Security Engineer role at Veeva Systems Veeva Systems is a mission-driven organization and pioneer in industry cloud, helping life sciences companies bring therapies to patients faster. As one of the fastest-growing SaaS companies in … Security Engineer that wants to work with Veeva’s product teams to secure their applications. This role has a broad scope, ranging from assisting with managing our SAST/SCA environment to developing Dev Sec Ops automation services, and system integrations using APIs, Webhooks, or other custom integrations of Veeva’s infrastructure. Development of automated processes of security … our multiple platforms. You will be working as a security expert supporting our product development teams on code quality issues and findings. What You'll Do Support Checkmarx SAST & SCA platform, tuning and supporting product development Assist application product teams with scan automation via pipeline build such as Jenkins or CI/CD Automation of security tools More ❯

ESO's teams are growing, and our software is in demand globally by firefighters, paramedics, hospitals and governments. To meet this demand, we are building an industry-leading cyber security team in Belfast to protect our customers and data from a variety of fast moving and constantly evolving threats. We are looking for an Application Security Engineer … across our estate, and lead remediation activities prioritization. Enhance Secure Development by contributing to threat modelling, risk assessment, evolving Secure Coding Guidelines, and maintaining core security controls like SAST and DAST deployments. Provide technical support with risk assessments on PHI, and steering improvements to our environment in line with common standards such as NIST. Support External Penetration Testing … and cloud native deployments Working with toolsets such as: vulnerability management, firewalls, SIEM, PAM, IDS/IPS, EDR/XDR, WAF Working with code security controls such as SAST/DAST/IAST/RASP You should also: Have some knowledge in securing Continuous Integration/Continuous Deployment and associated practices Understand current attack tactics, techniques and procedures along More ❯

Social network you want to login/join with: Senior Application Security Engineer, London col-narrow-left Client: Copper.co Location: London, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Reference: 75101a751ac0 Job Views: 15 Posted: 22.06.2025 Expiry Date: 06.08.2025 col-wide Job Description: Copper is a digital asset technology company dedicated to … trade and settle directly from the safety of their MPC-secured wallets. By reducing settlement time for transfers to a few milliseconds (without blockchain network dependency) and offering enhanced security measures, ClearLoop is rapidly reshaping the way asset managers trade and manage capital. In addition to industry-leading security certifications, Copper has one of the strongest insurance coverages … systemic solutions, removing the possibility of vulnerabilities before they can manifest. Domain Knowledge: Strong understanding of the S-SDLC. Intimate knowledge of security-specific tooling domains (e.g. SCA, SAST, DAST, MAST) and their effective integration within the S-SDLC. Awareness of microservice architecture and associated common deployment patterns a must. Security Industry Knowledge: Deep familiarity with security More ❯

have been building the bank of the future from the ground up, offering you the chance to join us and make a significant impact. Job summary As a Product Security Lead in the Cybersecurity & Technology Controls (CTC) team for the International Consumer Bank, you will work proactively with your technology and business colleagues to identify and quantify security issues within their business and empower them to take decisive risk decisions at speed and scale. You're a security expert with a strong mix of technical and communication skills and are passionate about enabling safe and secure innovation. You will work with some of the best and brightest cybersecurity and technology engineers to solve complex problems which … operations and cloud-native monitoring systems. Ability to read logs, understand detection rules, and propose effective threat mitigations. Knowledge of security best practices and DevSecOps methodologies. Familiarity with SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), and MAST (Mobile Application Security Testing) systems is desirable. Understanding of More ❯

Join to apply for the Senior Product Security Engineer role at Trainline Join to apply for the Senior Product Security Engineer role at Trainline About Us We are champions of rail, inspired to build a greener, more sustainable future of travel. Trainline enables millions of travellers to find and book the best value tickets across carriers, fares, and … risks, and implement effective countermeasures. Proactively assess the security posture of applications through code reviews, manual penetration testing, and static/dynamic security testing (SAST/DAST). Security Tooling And Automation Implement and maintain security tools used in the development and deployment processes (e.g., scanning tools, vulnerability management systems, SAST, DAST, ASPM … Deep understanding of identifying, assessing, and mitigating security risks in application designs, code, and deployed products. Experience managing and using security testing tools such as SAST, DAST, and vulnerability scanning solutions. Strong grasp of secure coding practices and proficiency in integrating security into the Software Development Lifecycle (SDLC). Technical Knowledge And Implementation Experience Direct More ❯

are passionate about fostering a secure environment and contributing to the wider security community. What you will do Design, implement, and manage the integration of security tooling (SAST, DAST, SCA, Secrets Scanning) into our CI/CD pipelines Develop and maintain automation scripts and platforms to streamline security processes and workflows Own and operate the end-to … seamlessly into our Software Development Lifecycle (SDLC). You'll be hands-on in building, integrating, and optimizing security automation pipelines, incorporating tools for static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), and secrets detection directly into our CI/CD processes. You will champion and manage our vulnerability management program, ensuring vulnerabilities are identified … strong passion for cybersecurity and have transitioned or are keen to focus your career on security automation and vulnerability management You have understanding on security tools like SAST, DAST, SCA, and secrets scanning solutions within a CI/CD environment (here at MoonPay we use Github) You understand the principles of vulnerability management, including prioritization frameworks (e.g., CVSS More ❯

Job Description Are you ready to lead the way in securing cloud environments for a vital public service? We are looking for a highly skilled Principal Cloud Security Engineer to join the Digital Risk & Security branch of our Chief Digital Office. In this pivotal role, your expertise will be instrumental in protecting Social Security Scotland's critical … industry-standard frameworks like AWS Well-Architected or Azure Security Centre. Develop and enforce security controls within Infrastructure as Code (IaC) pipelines, integrating security testing (SAST, DAST, SCA) and automated compliance checks into CI/CD processes. Provide expert guidance on cloud security architecture, articulating security postures, and implementing mitigating controls to reduce risk. … solutions, including native security services (IAM, WAFs, threat detection), with a strong focus on embedding security within CI/CD pipelines using tools like Terraform, AWS CloudFormation, SAST, DAST, and SCA. Demonstrable experience leading DevSecOps initiatives, integrating security controls seamlessly into development and operational workflows, and collaborating effectively with Developers, Architects, and DevOps teams to promote security More ❯

Join to apply for the Principal Security Engineer role at Capco . Capco is a global technology and business consultancy focused on the financial services sector. We are committed to diversity and inclusion, fostering an environment where everyone can be themselves and contribute uniquely. Why Join Capco? Work on engaging projects with leading banks, transforming the financial industry, supported … embedding security best practices within engineering teams. Responsibilities Develop and implement security strategies for infrastructure, networks, and cloud environments. Lead security initiatives across the SDLC, including SAST, DAST, SCA, and container scanning using tools like CheckmarxOne, Prisma Cloud. Collaborate with teams to embed security-by-design principles. Design endpoint and cloud security solutions. Ensure cloud … in secure development practices. Test and monitor security tools for emerging threats. Skills & Expertise Knowledge of application security and tools like CheckmarxOne, Prisma Cloud. Experience with SAST, DAST, SCA, container scanning, and integrating these into pipelines. Expertise in endpoint, cloud security, and network protection. Proficiency with AWS, Azure, or GCP. Understanding of data security principles. More ❯

Principal Cloud Security Engineer (Closing date - 07/17/2025) hackajob Glasgow, Scotland, United Kingdom Join or sign in to find your next job Join to apply for the Principal Cloud Security Engineer (Closing date - 07/17/2025) role at hackajob Continue with Google Continue with Google Principal Cloud Security Engineer (Closing date … industry-standard frameworks like AWS Well-Architected or Azure Security Centre. Develop and enforce security controls within Infrastructure as Code (IaC) pipelines, integrating security testing (SAST, DAST, SCA) and automated compliance checks into CI/CD processes. Provide expert guidance on cloud security architecture, articulating security postures, and implementing mitigating controls to reduce risk. … solutions, including native security services (IAM, WAFs, threat detection), with a strong focus on embedding security within CI/CD pipelines using tools like Terraform, AWS CloudFormation, SAST, DAST, and SCA. Demonstrable experience leading DevSecOps initiatives, integrating security controls seamlessly into development and operational workflows, and collaborating effectively with Developers, Architects, and DevOps teams to promote security More ❯

Press space or enter keys to toggle section visibility Location London Job Type Full Time Posted Date 16-Jun-2025 Ref # 62659 We are seeking a Principal Security Engineer to lead and drive security engineering efforts across our cloud and application environments. This strategic, hands-on role requires expertise in cloud security, secure development practices … and the implementation of advanced security controls. You will serve as a leader within the Consumer Security Engineering team, driving security initiatives across cloud platforms, microservice architectures, digital products, application security, and enterprise security. You will define and build comprehensive security strategies in collaboration with developers, DevSecOps engineers, ensuring that security is seamlessly … as a plus. Strong background in DevSecOps, with experience in integrating security into CI/CD pipelines using tools like Jenkins, GitLab, or similar. Experience implementing and managing SAST/DAST tools and processes to secure application development. Deep understanding of application security, including secure coding practices, OWASP Top 10, and API security standards. Knowledge More ❯

the firm managed approximately US$122 billion on behalf of major pension funds, endowments, foundations, governments and other investors based in the U.S. and abroad.Position Overview:The Senior Security Engineer, reporting to the Director of Information Assurance, is responsible for cloud platform and DevOps security. This senior role will call upon the candidate’s DevSecOps experience to help Acadian … Shift Left, injecting security directly into our Software … Development Lifecycle and consistently governing our AWS Platform-as-a-Service (PaaS) infrastructure. We are looking for candidates with deep experience and understanding of continuous delivery, container security, SAST/DAST, secrets management, Identity and Access Management (IAM) governance, privilege management, encryption and key management, threat detection, logging, cloud infrastructure security and policy-as-code.What You’ll Do More ❯

ago Be among the first 25 applicants Direct message the job poster from RiverSafe Recruitment Manager @ RiverSafe: Helping to grow a company #cybersecurity #devops #appsec The Role The Principal Application Security Consultant is a senior-level role responsible for leading and improving application security strategies, conducting security assessments and providing expert guidance on secure development … practices. This role involves working closely with development teams, security engineers and business stakeholders to integrate security into the software development lifecycle (SDLC), mitigate risks and ensure compliance with security standards. Skills Strong knowledge of application security vulnerabilities (OWASP Top 10, CWE, SANS 25). Hands-on remediation support and vulnerability management expertise. Hands-on … Azure, GCP) and container security (Docker, Kubernetes). Ability to conduct maturity assessments and gap analysis. Familiarity with RASP technology as well as traditional security tools like SAST or DAST. Excellent communication skills to engage with developers, executives and clients. Experience in consulting and working with multiple clients on application security projects. Certifications: CISSP, OSCP, GWAPT More ❯

and backend layers Contribute to the design of test frameworks and CI/CD pipelines Collaborate with engineers, product managers, and UX to define and validate features Perform exploratory testing and champion quality throughout the SDLC Support secure deployment and testing practices in containerised environments Tech You’ll … Work With: Automation tools: Playwright, Cypress, JUnit, Jasmine Languages: JavaScript/TypeScript, Java or Kotlin DevOps & Infra: Docker, Kubernetes, GitLab CI, Bitbucket Testing tools: Postman, browser dev tools, SAST/DAST integrations Environments: Unix and Windows What You Bring: Hands-on experience building test automation from scratch Strong debugging and analytical skills Comfortable reviewing code and contributing to testable More ❯

and backend layers Contribute to the design of test frameworks and CI/CD pipelines Collaborate with engineers, product managers, and UX to define and validate features Perform exploratory testing and champion quality throughout the SDLC Support secure deployment and testing practices in containerised environments Tech You’ll … Work With: Automation tools: Playwright, Cypress, JUnit, Jasmine Languages: JavaScript/TypeScript, Java or Kotlin DevOps & Infra: Docker, Kubernetes, GitLab CI, Bitbucket Testing tools: Postman, browser dev tools, SAST/DAST integrations Environments: Unix and Windows What You Bring: Hands-on experience building test automation from scratch Strong debugging and analytical skills Comfortable reviewing code and contributing to testable More ❯

and backend layers Contribute to the design of test frameworks and CI/CD pipelines Collaborate with engineers, product managers, and UX to define and validate features Perform exploratory testing and champion quality throughout the SDLC Support secure deployment and testing practices in containerised environments Tech You’ll … Work With: Automation tools: Playwright, Cypress, JUnit, Jasmine Languages: JavaScript/TypeScript, Java or Kotlin DevOps & Infra: Docker, Kubernetes, GitLab CI, Bitbucket Testing tools: Postman, browser dev tools, SAST/DAST integrations Environments: Unix and Windows What You Bring: Hands-on experience building test automation from scratch Strong debugging and analytical skills Comfortable reviewing code and contributing to testable More ❯

Senior Security Engineer, Application Security Blockchain.com is the world's leading software platform for digital assets, powering the largest production blockchain platform globally. We are driven by a passion to code, create, and ultimately build an open, accessible, and fair financial future—one line of code at a time. As we scale our platform to serve millions … of people each day, we seek a Senior Application Security Engineer to join our dedicated security team. At Blockchain.com, security is more than a set of policies—it's a core mindset. As we continue to innovate in the crypto space, you will tackle some of the most complex problems around securing a distributed financial platform. … working in highly regulated environments, with previous involvement in cryptocurrency-related projects being a strong plus. Strong knowledge of OWASP standards, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) tools. Familiarity with integrating these tools into CI/CD pipelines is highly desirable. Experience with security More ❯

Application Security Architect – UK remote - £70,000 - £90,000 Opus are looking for multiple experienced Application Security Architects to join our clients growing AppSec team. As our client continues the development and improvement of their overall cyber team, they’re looking for AppSec specialists to shape the strategic direction of our clients application security posture, collaborating with developers, product managers, and security stakeholders to ensure that security is embedded throughout the SDLC. Main Responsibilities: Define and enforce secure architecture standards and frameworks across web, mobile, and cloud-native applications. Provide security guidance throughout product development, including threat modeling, secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps … SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures Proficiency in one or more programming languages such as Python, Java More ❯

Senior Application Security Architect – UK remote - £80,000 - £100,000 Opus are looking for multiple experienced Application Security Architects to join our clients growing AppSec team. As our client continues the development and improvement of their overall cyber team, they’re looking for AppSec specialists to shape the strategic direction of our clients application security posture, collaborating with developers, product managers, and security stakeholders to ensure that security is embedded throughout the SDLC. Main Responsibilities: Define and enforce secure architecture standards and frameworks across web, mobile, and cloud-native applications. Provide security guidance throughout product development, including threat modeling, secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps … SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures Proficiency in one or more programming languages such as Python, Java More ❯

it Simple. We aim to delight our customers by making the experience simpler, more enjoyable, and more intelligent—treating customers fairly and giving them more control of their money. Application Security Specialist As an Application Security Specialist, you will be responsible for ensuring the security of our Jaja software applications throughout their lifecycle. You will … work closely with our development teams to identify and mitigate security risks, implement best practices, and establish robust security measures to protect our applications from potential threats. Key Accountabilities Security Assessment: Conduct comprehensive security assessments of new and existing applications to identify vulnerabilities, security weaknesses, and potential risks. Threat Modeling: Collaborate with development teams to … code to identify security flaws, coding errors, and vulnerabilities, providing guidance and recommendations for remediation. Security Testing: Plan and execute security testing activities, including SAST/DAST/IAST, penetration testing, fuzz testing, and vulnerability scanning to evaluate the effectiveness of security controls and identify weaknesses. Security Compliance: Ensure that applications More ❯

Senior Application Security Architect, Woking Client: Opus Recruitment Solutions Location: Woking, United Kingdom Job Category: Other EU work permit required: Yes Job Views: 3 Posted: 26.06.2025 Expiry Date: 10.08.2025 Job Description: Opus Recruitment Solutions is seeking multiple experienced Application Security Architects to join our client's growing AppSec team. As part of the ongoing development of … their cyber security capabilities, these specialists will help shape the strategic direction of the client's application security posture, working closely with developers, product managers, and security stakeholders to embed security throughout the SDLC. Main Responsibilities: Define and enforce secure architecture standards across web, mobile, and cloud-native applications. Provide security guidance during product … Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modeling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools like SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. Relevant certifications such as CSSLP, OSWE, GWAPT, CISSP, or equivalent More ❯

places! This is where you come in. The Opportunity As IAG Loyalty evolves into a Platform as a Service business, we're looking for a talented and passionate Senior Application Security Engineer to join our security engineering team. You'll have a background in software engineering and a deep interest in application and API security. You … our CI/CD pipelines, facilitate threat modelling sessions, and review security-sensitive design decisions around authentication, cryptography, and logging. You'll also ensure that tools such as SAST, DAST, and SCA are effective and efficient, and that testing programmes - including pen testing, vulnerability scanning, and bug bounty - are delivering value. You'll triage vulnerabilities, support engineering … vulnerabilities, including the OWASP Top 10 Proficient in coding, scripting (e.g. Python, Bash), and automating security in CI/CD Hands-on experience with security tools like SAST, DAST, and SCA Familiar with cloud environments (especially AWS), containers, and microservices Comfortable reviewing technical designs, performing threat modelling, and advising on secure architecture Strong communicator who collaborates well with More ❯