51 to 74 of 74 Static Application Security Testing Jobs in the UK

Press Tab to Move to Skip to Content Link Job Title: Principal Software Engineer - Security Engineer Job Reference: Band: BAND D Salary: £80,000-£90,000k depending on relevant skills, knowledge and experience. The expected salary range for this role reflects internal benchmarking and external market insights. Contract type: Permanent role Location: This is a hybrid role, and the … guidance. Promote secure SDLC practices across engineering teams, collaborating with InfoSec on shared tooling, templates and enablement. Help teams adopt secure coding standards and integrate automated security checks (SAST, DAST, dependency scanning) into CI/CD pipelines. Participate in threat modelling using InfoSec-led methodologies and coordinate validation and review workflows. Review technical designs, proposals and code for alignment … and common secure design patterns. You've helped teams adopt secure SDLC practices, working closely with central security or architecture groups. You know how to embed tools like SAST, DAST, secrets detection and dependency scanning into CI/CD pipelines, and have the scars to prove it. You've worked with complex, multi-tenant cloud platforms - ideally on AWS More ❯

Security Development & Test Director Hybrid – London or Birmingham | £140k–£155k base + 20% bonus + package Our client is a global security leader, operating at the cutting edge of digital transformation, cloud integration, and enterprise security. With a workforce of 7500+ cybersecurity specialists and strategic partnerships with top-tier security tech providers, they're redefining how enterprise … grade security is built, deployed, and continuously improved. They're now seeking a Security Development and Test Director to lead their secure software engineering function, drive DevSecOps maturity, and embed security across the development lifecycle. This is a client-facing, commercially strategic position – ideal for a security leader who thrives at the intersection of technical delivery … in career development What you’ll be doing: Leading secure architecture standards across engineering teams and embedding security within CI/CD workflows Owning security tooling strategy (SAST, DAST, SCA, container scanning) and driving adoption across development pipelines Building and mentoring high-performing teams in secure coding, DevSecOps, and threat modelling Leading engagements with major clients during pre More ❯

Scripting in Bash or Python Able to support migration checklists, config validation, and post-migration testing Security Tooling experience and integration with CI/CD pipelines - SCA, SAST, DAST If you'd like to discuss this OpenShift Platform Engineer role in more detail, please send your updated CV to and I will get in touch. More ❯

Scripting in Bash or Python Able to support migration checklists, config validation, and post-migration testing Security Tooling experience and integration with CI/CD pipelines - SCA, SAST, DAST If you'd like to discuss this OpenShift Platform Engineer role in more detail, please send your updated CV to (url removed) and I will get in touch. More ❯

This is a huge opportunity for an experienced and driven Platform Security Engineer to join a rapidly growing fintech team! As a Platform Security Engineer, you will play a key role in protecting our clients systems, networks, and data while ensuring compliance with industry leading security standards such as ISO 27001. This role sits within the Platform … Engineering Team and requires a strong technical background, hands-on experience with security tools, and a collaborative mindset to work effectively across teams. What you'll do: Develop and implement proactive security strategies, policies, and procedures to protect our systems, networks, and data assets. Lead regular security assessments, including vulnerability scans and penetration tests, identifying risks and … technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools. Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP). Relevant security certifications, such as Security+, IAT II/III level, or equivalent. Strong capability in risk assessment, vulnerability management, and data informed decision -making. More ❯

Windows Server/SSMS * IIS and Apache Tomcat (Web services) * Virtualisation software * Package management tools (CloudSmith/JFrog Artifactory) * Container management (docker or Kubernetes) * CICD process with ideally with SAST and SCA code analysis * DevOps tools: Git repo, Azure DevOps, Azure, GitHub, TeamCity, OctopusDeploy, Terraform, Ansible, PowerShell * Strong stakeholder management and communication skills. Contact: David Southwood - CPS Group By applying More ❯

Months IR35 Status: Inside IR35 Our client, a leading investment bank, is seeking an experienced DevSecOps SME to join their team. This role will lead and advise on integrating security practices into DevOps pipelines. The ideal candidate will have deep expertise across development, security, and operations, with a strong focus on automation, CI/CD, and secure software … development lifecycle (SDLC) practices. Key Responsibilities Lead the integration of security into CI/CD pipelines. Advise on secure coding and deployment practices across teams. Implement and enforce security policies, standards, and best practices. Conduct threat modeling, risk assessments, and vulnerability management. Mentor and train teams on DevSecOps … principles and tools. Skills & Experience Required CI/CD Security Engineering: Proven experience designing and maintaining secure CI/CD pipelines. DevSecOps Tool Integration: Hands-on experience with SAST, DAST, SCA, and secrets management tools. Cross-Functional Collaboration: Ability to work closely with development, operations, and security teams. Threat Modeling & Risk Assessment: Strong knowledge of security risk More ❯

Months IR35 Status: Inside IR35 Our client, a leading investment bank, is seeking an experienced DevSecOps SME to join their team. This role will lead and advise on integrating security practices into DevOps pipelines. The ideal candidate will have deep expertise across development, security, and operations, with a strong focus on automation, CI/CD, and secure software … development lifecycle (SDLC) practices. Key Responsibilities Lead the integration of security into CI/CD pipelines. Advise on secure coding and deployment practices across teams. Implement and enforce security policies, standards, and best practices. Conduct threat modeling, risk assessments, and vulnerability management. Mentor and train teams on DevSecOps … principles and tools. Skills & Experience Required CI/CD Security Engineering: Proven experience designing and maintaining secure CI/CD pipelines. DevSecOps Tool Integration: Hands-on experience with SAST, DAST, SCA, and secrets management tools. Cross-Functional Collaboration: Ability to work closely with development, operations, and security teams. Threat Modeling & Risk Assessment: Strong knowledge of security risk More ❯

will assist in the delivery on. In full: We are seeking a highly skilled and experienced DevSecOps Subject Matter Expert (SME) to lead and advise on the integration of security practices into our DevOps pipelines. This role requires a deep understanding of development, security, and operations, with a strong emphasis on automation, continuous integration/continuous deployment (CI … software development lifecycle (SDLC) practices. Advise and offer guidance on: * Design, implement, and maintaining secure CI/CD pipelines.* Integrate security tools and practices into DevOps workflows (e.g., SAST, DAST, SCA, secrets management).* Collaborate with development, operations, and security teams to implement and ensure secure coding and deployment practices.* Advise on threat modeling, risk assessments, and vulnerability … management.* Provide expert guidance on cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes).* Develop and enforce security policies, standards, and best practices.* Lead incident response and root cause analysis for security-related issues.* Mentor and train teams on DevSecOps principles and tools. Candidates will ideally show evidence of the above in their CV More ❯

CD tools (Jenkins, GitHub Actions, GitLab etc.) Container platforms (Docker, Kubernetes) Infrastructure-as-code (Terraform, Ansible, Pulumi, CloudFormation) Cloud platforms (AWS, Azure, GCP) Security engineering tools and practices: SAST/DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. … Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in consulting , solutions architecture , or technical coaching . Interest in technical sales and supporting go-to-market strategies. Excellent written and verbal communication skills, with the ability to translate complex technical topics to both … technical and non-technical stakeholders. AWS/Azure/GCP certifications, CISSP, CISM, or other security certifications are a plus Perks & Benefits Competitive salary. Generous equity plan. Remote-first working environment with regular travel to customer sites across Europe (London, Zurich, and more). Opportunity to work on innovative solutions with a passionate and driven team. If you are More ❯

CD tools (Jenkins, GitHub Actions, GitLab etc.) Container platforms (Docker, Kubernetes) Infrastructure-as-code (Terraform, Ansible, Pulumi, CloudFormation) Cloud platforms (AWS, Azure, GCP) Security engineering tools and practices: SAST/DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. … Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in consulting , solutions architecture , or technical coaching . Interest in technical sales and supporting go-to-market strategies. Excellent written and verbal communication skills, with the ability to translate complex technical topics to both … technical and non-technical stakeholders. AWS/Azure/GCP certifications, CISSP, CISM, or other security certifications are a plus Perks & Benefits Competitive salary. Generous equity plan. Remote-first working environment with regular travel to customer sites across Europe (London, Zurich, and more). Opportunity to work on innovative solutions with a passionate and driven team. If you are More ❯

CD tools (Jenkins, GitHub Actions, GitLab etc.) Container platforms (Docker, Kubernetes) Infrastructure-as-code (Terraform, Ansible, Pulumi, CloudFormation) Cloud platforms (AWS, Azure, GCP) Security engineering tools and practices: SAST/DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. … Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in consulting , solutions architecture , or technical coaching . Interest in technical sales and supporting go-to-market strategies. Excellent written and verbal communication skills, with the ability to translate complex technical topics to both … technical and non-technical stakeholders. AWS/Azure/GCP certifications, CISSP, CISM, or other security certifications are a plus Perks & Benefits Competitive salary. Generous equity plan. Remote-first working environment with regular travel to customer sites across Europe (London, Zurich, and more). Opportunity to work on innovative solutions with a passionate and driven team. If you are More ❯

CD tools (Jenkins, GitHub Actions, GitLab etc.) Container platforms (Docker, Kubernetes) Infrastructure-as-code (Terraform, Ansible, Pulumi, CloudFormation) Cloud platforms (AWS, Azure, GCP) Security engineering tools and practices: SAST/DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. … Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in consulting , solutions architecture , or technical coaching . Interest in technical sales and supporting go-to-market strategies. Excellent written and verbal communication skills, with the ability to translate complex technical topics to both … technical and non-technical stakeholders. AWS/Azure/GCP certifications, CISSP, CISM, or other security certifications are a plus Perks & Benefits Competitive salary. Generous equity plan. Remote-first working environment with regular travel to customer sites across Europe (London, Zurich, and more). Opportunity to work on innovative solutions with a passionate and driven team. If you are More ❯

We're looking for a Software Engineer to build the internal platform that powers our security development lifecycle. You will design and maintain a backend-focused service that ingests, normalizes, and correlates security artifacts … enabling centralized risk visibility, audit readiness and automated compliance workflows. Key Responsibilities Design & implement a backend platformthat schedules ingestion, normalization, storage, and historical tracking of security artifacts (BOMs, SAST/SCA findings, fuzzing results) in a scalable, tool-agnostic fashion. Develop and maintain ETL pipelinesand database schemas for high-throughput ingestion and historical trend analysis. Expose data via well … and querying relational databases. Clear technical writing todocumentdata schemas, APIs, and dashboard usage. "Nice to Have" Skills and Experience Experience with Grafana, Prometheus, or similar observability platforms. Familiarity with SAST and SCA tools (e.g., Coverity, Black Duck) and experience understanding their findings. Experience defining and visualizing key security and performance metrics within dashboard solutions. Experience with security data More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

We have an exciting opportunity for a Software Security Engineer to join our Global Healthcare client. As a Security Engineer, you’ll provide hands-on technical expertise to guide software development, delivery and continuous improvement focusing on risk and security. You’ll help evolve our client’s new Digital Platform so that it’s secure and compliant with … both internal and industry regulations. You’ll analyse new feature code to identify security risks and work with engineers to mitigate them, working and applying modern security standards such as OWASP CI/CD, DSOMM, SAMM and Cloud Security Posture management systems such as Azure Defender and Prisma Cloud. Our client empowers their people to balance their … knowledge (TCP/IP, UDP, HTTP/3, AMQP, streaming protocols etc), cloud network design (VPNs, subnets, regions/zones etc), and integration related technologies (Auth0, APIM) Expertise with SAST & SCA systems such as Snyk, Checkmarx Experience with DAST systems such as OpenZAP, Qualys DAST (preferred) ideally with HTTP APIs Ability to manage large scale software estates from a operational More ❯

wins. You MUST Have: 7+ years in technical pre-sales or sales engineering roles Hands-on with Docker, Kubernetes, CI/CD, Git, build tools Solid AppSec experience: SCA, SAST, SBOM, Container Security Cloud infrastructure fluency (AWS, Azure or GCP - must especially tick this box) Proven track record building enterprise relationships - from tech champions to C-level Ability to More ❯

gaps. Ensure adherence to existing Change Management Policy. Perform daily system monitoring, verifying the integrity and availability of all hardware, server resources, systems and key processes, reviewing system and application logs, and verifying completion of scheduled jobs such as backups. Use Windows Active Directory to administer user permissions, managing/creating service accounts and group membership. Assist in disaster … recovery planning and testing for TMHCC International applications. Assist with out of hours deployments where required. Identify automation opportunities with regular, frequent maintenance activities, such as deployments and refreshes. Work closely with other Product Engineering, QE, Platform and Support engineers to develop efficient and effective CI/CD pipelines and processes. Develop policies, standards, guidelines, governance and related guidance … with automation Windows Server SQL Server Management Studio IIS and Apache Tomcat (Web services) Virtualisation software Package management tools like CloudSmith or JFrog Artifactory CICD process with ideally with SAST and SCA code analysis PowerShell Azure and AWS fundamentals Experience of working with third-party software suppliers Experience in the Insurance Industry Exposure to Application support and systems administration More ❯

issues. We're happy to discuss flexible working. Please indicate your choice under the flexible working question in the application. There is no obligation to raise this at the application stage but if you wish to do so, you are welcome to. Flexible working will be part of the discussion at offer stage. TD25 Purpose Of The Role The … MediaCityUK, Salford, you'll join our TV Enablement team to deliver a world-class connected TV experience for BBC iPlayer and Sounds. Your work will contribute to the TV application platform, and you will develop and maintain tooling used by other teams. You will have an opportunity to work on software at a scale that is hard to find … In-depth knowledge of AWS technologies, or AWS accreditations/qualifications. Out Of Hours/On Call engineer experience. Knowledge or experience of DORA metrics. Knowledge or experience with SAST/DAST. Experience with complex deployment systems. Experience with mono/multi-tenant repo tooling. Experience with AWS CDK. Knowledge of HbbTV/DVB standards. Disclaimer This job description is More ❯