design and enforce patch windows and remediation SLAs. DevSecOps Toolchain Proficient with CI/CD tooling in Azure DevOps or GitHub Actions. Experience integrating SAST (e.g. SonarQube), DAST (e.g. OWASP ZAP) and SCA (e.g. Dependabot, Snyk) into pipelines. Infrastructure as Code: Terraform, ARM or Bicep. Container & Cloud Security Knowledge of containerisation (Docker, Kubernetes/AKS) and container security best practices. More ❯
Huntingdon, Cambridgeshire, East Anglia, United Kingdom Hybrid / WFH Options
Leidos Innovations UK Limited
firewalls, IDS/IPS, micro-segmentation, and host security. Hands on experience with the following security products Trellix, Ivanti, ClearSwift, Yubikey Understanding of secure coding practices and common vulnerabilities (OWASP Top 10, SANS Top 25). Expertise in identity and access management (IAM), including RBAC, ABAC, JWT and Cookie based authentication. Incident detection and response in MOD environments. Security compliance More ❯
language Experience working with or recommending security tools and technologies Ability to build strong working relationships and influence non-security stakeholders Working knowledge of cybersecurity standards and frameworks (e.g. OWASP, NIST, CIS) Analytical mindset with strong problem-solving skills Excellent written and verbal communication skills Qualifications: 3+ years of experience in information security, with a focus on application and/ More ❯
language Experience working with or recommending security tools and technologies Ability to build strong working relationships and influence non-security stakeholders Working knowledge of cybersecurity standards and frameworks (e.g. OWASP, NIST, CIS) Analytical mindset with strong problem-solving skills Excellent written and verbal communication skills Qualifications: 3+ years of experience in information security, with a focus on application and/ More ❯
Birmingham, West Midlands, West Midlands (County), United Kingdom
ARM
utilisation. * Secure Architecture and DevSecOps Integration o Define and govern secure architecture standards across development teams, ensuring alignment with enterprise security policies, regulatory requirements, and industry frameworks (e.g., NIST, OWASP, ISO 27001). o Lead the strategic integration of security into DevOps pipelines, embedding security controls and automated testing into CI/CD workflows to enable secure-by-design delivery. More ❯
. Proficient in Git or other version control systems. Desirable Knowledge, Skills and Experience: Certifications in OCI or other cloud platforms (AWS, GCP). Experience with security tools like OWASP ZAP, Burp Suite, etc. Familiarity with Jira, Confluence, or similar tools. Knowledge of compliance frameworks (e.g., GDPR, HIPAA, ISO 27001, ISO 13485). Background in start-up or scale-up More ❯
applicationsecurity Experience working with large-scale multi-cloud, multi-account architecture CISSP, CISM, AWS Solutions Architect Professional, Azure Solutions Architect, or equivalent certification, is preferred Thorough understanding of OWASP Top 10 and Secure Development Expertise in automating security tools and integrations, including simple scripting Experience with applicationsecurity tools (SAST, DAST, IAST and SCA) Strong technical knowledge of development More ❯
. Bonus Points For: Cloud wizardry (AWS, Azure, GCP) Knowledge of AI tools (OpenAI, Document Intelligence) Experience with CI/CD pipelines and modern DevOps practices Security know-how (OWASP, data protection) Agile team experience - or just loving the fast-paced, sprint-style vibe About Us We are an international engineering and construction company delivering state-of-the-art infrastructure More ❯
. Bonus Points For: Cloud wizardry (AWS, Azure, GCP) Knowledge of AI tools (OpenAI, Document Intelligence) Experience with CI/CD pipelines and modern DevOps practices Security know-how (OWASP, data protection) Agile team experience About Us We are an international engineering and construction company delivering state-of-the-art infrastructure and buildings projects for clients in the UK, Middle More ❯
DevSecOps or Secure SDLC programmes within enterprise environments Strong technical and commercial acumen - able to engage with both CTOs and procurement teams Experience with regulated environments and frameworks (NIST, OWASP, ISO 27001) Hands-on experience with secure engineering practices, security toolchains, and automation strategy Excellent stakeholder management, crisis leadership, and communication skills Relevant certifications (e.g. CISSP, CSSLP, CISM) Eligibility for More ❯
Bristol, Avon, England, United Kingdom Hybrid / WFH Options
Xpertise Recruitment Ltd
world problems with stakeholders and customers What You’ll Bring: 5+ years of experience in C# and .NET Core Strong grasp of software design principles and secure coding practices (OWASP) Experience with REST API development and deployment in AWS or Azure Familiarity with Entity Framework , SQL/NoSQL databases, and cloud architecture Confidence in automated testing (unit, integration, system) Versatility More ❯
Newton Abbot, Devon, England, United Kingdom Hybrid / WFH Options
Reed
Excellent problem-solving skills and attention to detail Commercial experience in professional PHP development Strong understanding of object-oriented programming and SOLID principles Knowledge of secure coding practices (e.g., OWASP) Strong experience with modern PHP frameworks (preferably Laravel or Symfony) Familiarity with relational databases (MySQL) and writing performant queries Comfortable working with Git, Composer, and modern development workflows Strong verbal More ❯
Security & Compliance Assess applicationsecurity risks and provide remediation strategies. Ensure compliance with industry standards (ISO 27001, GDPR, SOC 2, etc.). Implement best practices for secure software development (OWASP, encryption, IAM, etc.). 6. Performance Optimisation & Scaling Analyse system bottlenecks and recommend performance tuning strategies. Support database optimisations, caching mechanisms, and load balancing strategies. Assist in designing auto-scaling More ❯
EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯
EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯
EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯
EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯
EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯
with C# or .NET Familiarity with AWS services Experience working with Jira and Confluence GitHub workflows and pull request management Experience of React Secure programming techniques and awareness of OWASP best practices Exposure to CI/CD pipelines and DevOps practices QUALIFICATIONS: Ideally hold a degree in Computer Science, Software Engineering, or a related discipline Minimum of 2-4 years More ❯
testing and ethical hacking. Strong understanding of cloud security (AWS, Azure, GCP). Familiarity with Go and Node.js application security. Experience with TEE technologies or confidential computing. Knowledge of OWASP Top 10, CVEs, and secure coding practices. Proficiency with tools like Burp Suite, Metasploit, Nmap, Wireshark, etc. Certifications such as OSCP, CEH, or GIAC are a plus. Nice to Have More ❯
ll Be Doing: Lead and oversee secure development and testing strategy across the SDLC Define and govern secure architecture and ensure alignment with enterprise policies and industry frameworks (e.g. OWASP, NIST, ISO 27001) Drive DevSecOps integration into CI/CD pipelines, embedding SAST, DAST, SCA and container security tools Own the security testing process, improving automation, coverage, and remediation velocity More ❯
