15 of 15 Static Application Security Testing Jobs in the UK excluding London

Security Development & Test Director 6 Months Hybrid - Birmingham 2 days per week on site £800 per day (Inside IR35) We are currently recruiting for a dynamic Security Development and Test Director to join our growing Security team. This is a great opportunity for you to play a pivotal role in helping to shape our client's transformation … CI/CD workflows to enable secure-by-design delivery. o Oversee the implementation and optimisation of security tooling, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and container security scanners. o Establish architectural review boards and security design checkpoints to validate that … Average time taken to remediate critical and high-severity vulnerabilities identified during development and testing phases. * Toolchain Utilisation Effectiveness: Adoption and effective use of security tools (e.g., SAST, DAST, SCA) across development teams, measured by scan frequency and issue resolution rates. * Training and Awareness Uptake: Percentage of development and QA staff completing secure coding and DevSecOps training programs. More ❯

Security Development & Test Director £140,000 GBP Onsite WORKING Location: Central London, Greater London - United Kingdom Type: Permanent Security Development & Test Director London (Hybrid, 2-3 days onsite) Up to £140,000 + Benefits + Bonus We're hiring a Security Development & Test Director to lead a rapidly growing security capability at a major global consultancy. … This is a leadership role where you'll shape strategic offerings around secure software development, DevSecOps, and security testing - while staying hands-on enough to influence tooling, architecture, and delivery standards across complex client environments. You'll be joining a high-performing cyber team with serious backing and a strong pipeline of transformation work across multiple sectors. … What you'll be doing: Leading the definition and implementation of secure architecture and DevSecOps practices across large-scale client programmes Overseeing security testing operations - including tooling (SAST, DAST, SCA), processes and coverage Driving service maturity and quality across delivery, with a focus on automation, governance, and continuous improvement Supporting business development and client engagement - from presales and More ❯

Security Development and test Director £100,000 to 135,000 GBP Bonus Hybrid WORKING Location: Central London, Greater London - United Kingdom Type: Permanent Security Development & Test Director Permanent | London or Birmingham (Hybrid) | £135,000 + 20% Bonus + £6,000 Car Allowance | Senior Director Level This is a rare opportunity for an accomplished leader in secure development to … shape and drive the future of secure architecture, DevSecOps integration, and software security testing across large-scale transformation programmes. You'll work at both strategic and operational levels, embedding secure-by-design principles across software pipelines while driving improvements in security architecture, tooling, and compliance. This senior role offers significant autonomy and impact-perfect for someone with … SDLC Define and govern secure architecture and ensure alignment with enterprise policies and industry frameworks (e.g. OWASP, NIST, ISO 27001) Drive DevSecOps integration into CI/CD pipelines, embedding SAST, DAST, SCA and container security tools Own the security testing process, improving automation, coverage, and remediation velocity Champion secure design, threat modelling and coding best practices across More ❯

Security Engineer Permanent Hybrid - 2 or 3 days p/w on-site Tunbridge Wells area (Hands on recent career experience of Salesforce Industries/Vlocity is essential) FPSG have a fantastic opportunity to join a large-scale digital transformation programme aimed at uniting multiple internal business units under a new, secure, cloud-native digital platform. Ideal for a … and cloud network architecture (VPNs, subnets, zones) Experience with API security and integration-related platforms such as Auth0 or API Gateways Proficiency with security tools including SAST (e.g. Snyk, Checkmarx), SCA, and DAST (e.g. OpenZAP, Qualys DAST) Ability to manage secure operations of large-scale software estates, including deployment pipelines, rollback strategies, and uptime monitoring Practical experience building … Engineer, Information Security Specialist, Salesforce Industries, Vlocity, Azure, OWASP CI/CD, DSOMM, SAMM, Cloud Security Posture Management, Prisma Cloud, Azure Defender, Snyk, Checkmarx, OpenZAP, Qualys, DAST, SAST, CI/CD, Infrastructure Security, Auth0, Secure APIs, Networking Protocols, DevSecOps, Secure Development, CRM Security Next Steps Please click "Apply now" and submit your up-to-date CV More ❯

global, market-leading insurance organisation that's shaping the future of digital health and technology. This is your opportunity to be part of an innovative, forward-thinking environment where security, engineering excellence, and customer impact are at the heart of everything we do! What you'll do: Provide hands-on technical expertise in secure software development within a product … improve secure CI/CD pipelines and modern security practices. Ensure risk management, security, and quality are embedded in software delivery. Implement and manage security tooling (SAST, DAST) to support development and testing. Adhere to best practices in architecture, design, coding standards, and SDLC. Mentor and support continuous improvement within the engineering community. What you'll bring … Technical leadership with strong decision-making and prioritisation skills. Expertise in secure systems design and infrastructure. Experience securing CI/CD pipelines and using security tools. Expertise in key technologies such as .NET/C#, Azure PaaS, Javascript, and Salesforce APEX, and in frameworks such as React, Node, React-Native, Playwright, etc Holds the right to work in the More ❯

Security Development & Test Director ££140,000 - £155,000 GBP Hybrid WORKING Location: Central London, Greater London - United Kingdom Type: Permanent Security Development & Test Director Anson McCade England, United Kingdom (On-site) SaveApply Security Development & Test Director Hybrid - London or Birmingham | £140k-£155k base + 20% bonus + package Our client is a global security leader, operating … at the cutting edge of digital transformation, cloud integration, and enterprise security. With a workforce of 7500+ cybersecurity specialists and strategic partnerships with top-tier security tech providers, they're redefining how enterprise-grade security is built, deployed, and continuously improved. They're now seeking a Security Development and Test Director to lead their secure software engineering … in career development What you'll be doing: Leading secure architecture standards across engineering teams and embedding security within CI/CD workflows Owning security tooling strategy (SAST, DAST, SCA, container scanning) and driving adoption across development pipelines Building and mentoring high-performing teams in secure coding, DevSecOps, and threat modelling Leading engagements with major clients during pre More ❯

This is a huge opportunity for an experienced and driven Platform Security Engineer to join a rapidly growing fintech team! As a Platform Security Engineer, you will play a key role in protecting our clients systems, networks, and data while ensuring compliance with industry leading security standards such as ISO 27001. This role sits within the Platform … Engineering Team and requires a strong technical background, hands-on experience with security tools, and a collaborative mindset to work effectively across teams. What you'll do: Develop and implement proactive security strategies, policies, and procedures to protect our systems, networks, and data assets. Lead regular security assessments, including vulnerability scans and penetration tests, identifying risks and … technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools. Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP). Relevant security certifications, such as Security+, IAT II/III level, or equivalent. Strong capability in risk assessment, vulnerability management, and data informed decision -making. More ❯

Windows Server/SSMS* IIS and Apache Tomcat (Web services)* Virtualisation software* Package management tools (CloudSmith/JFrog Artifactory)* Container management (docker or Kubernetes)* CICD process with ideally with SAST and SCA code analysis* DevOps tools: Git repo, Azure DevOps, Azure, GitHub, TeamCity, OctopusDeploy, Terraform, Ansible, PowerShell* Strong stakeholder management and communication skills.Contact: David Southwood - CPS GroupBy applying to this More ❯

Months IR35 Status: Inside IR35 Our client, a leading investment bank, is seeking an experienced DevSecOps SME to join their team. This role will lead and advise on integrating security practices into DevOps pipelines. The ideal candidate will have deep expertise across development, security, and operations, with a strong focus on automation, CI/CD, and secure software … development lifecycle (SDLC) practices. Key Responsibilities Lead the integration of security into CI/CD pipelines. Advise on secure coding and deployment practices across teams. Implement and enforce security policies, standards, and best practices. Conduct threat modeling, risk assessments, and vulnerability management. Mentor and train teams on DevSecOps … principles and tools. Skills & Experience Required CI/CD Security Engineering: Proven experience designing and maintaining secure CI/CD pipelines. DevSecOps Tool Integration: Hands-on experience with SAST, DAST, SCA, and secrets management tools. Cross-Functional Collaboration: Ability to work closely with development, operations, and security teams. Threat Modeling & Risk Assessment: Strong knowledge of security risk More ❯

will assist in the delivery on. In full: We are seeking a highly skilled and experienced DevSecOps Subject Matter Expert (SME) to lead and advise on the integration of security practices into our DevOps pipelines. This role requires a deep understanding of development, security, and operations, with a strong emphasis on automation, continuous integration/continuous deployment (CI … software development lifecycle (SDLC) practices. Advise and offer guidance on: * Design, implement, and maintaining secure CI/CD pipelines.* Integrate security tools and practices into DevOps workflows (e.g., SAST, DAST, SCA, secrets management).* Collaborate with development, operations, and security teams to implement and ensure secure coding and deployment practices.* Advise on threat modeling, risk assessments, and vulnerability … management.* Provide expert guidance on cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes).* Develop and enforce security policies, standards, and best practices.* Lead incident response and root cause analysis for security-related issues.* Mentor and train teams on DevSecOps principles and tools. Candidates will ideally show evidence of the above in their CV More ❯

CD tools (Jenkins, GitHub Actions, GitLab etc.) Container platforms (Docker, Kubernetes) Infrastructure-as-code (Terraform, Ansible, Pulumi, CloudFormation) Cloud platforms (AWS, Azure, GCP) Security engineering tools and practices: SAST/DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. … Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in consulting , solutions architecture , or technical coaching . Interest in technical sales and supporting go-to-market strategies. Excellent written and verbal communication skills, with the ability to translate complex technical topics to both … technical and non-technical stakeholders. AWS/Azure/GCP certifications, CISSP, CISM, or other security certifications are a plus Perks & Benefits Competitive salary. Generous equity plan. Remote-first working environment with regular travel to customer sites across Europe (London, Zurich, and more). Opportunity to work on innovative solutions with a passionate and driven team. If you are More ❯

CD tools (Jenkins, GitHub Actions, GitLab etc.) Container platforms (Docker, Kubernetes) Infrastructure-as-code (Terraform, Ansible, Pulumi, CloudFormation) Cloud platforms (AWS, Azure, GCP) Security engineering tools and practices: SAST/DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. … Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in consulting , solutions architecture , or technical coaching . Interest in technical sales and supporting go-to-market strategies. Excellent written and verbal communication skills, with the ability to translate complex technical topics to both … technical and non-technical stakeholders. AWS/Azure/GCP certifications, CISSP, CISM, or other security certifications are a plus Perks & Benefits Competitive salary. Generous equity plan. Remote-first working environment with regular travel to customer sites across Europe (London, Zurich, and more). Opportunity to work on innovative solutions with a passionate and driven team. If you are More ❯

CD tools (Jenkins, GitHub Actions, GitLab etc.) Container platforms (Docker, Kubernetes) Infrastructure-as-code (Terraform, Ansible, Pulumi, CloudFormation) Cloud platforms (AWS, Azure, GCP) Security engineering tools and practices: SAST/DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. … Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in consulting , solutions architecture , or technical coaching . Interest in technical sales and supporting go-to-market strategies. Excellent written and verbal communication skills, with the ability to translate complex technical topics to both … technical and non-technical stakeholders. AWS/Azure/GCP certifications, CISSP, CISM, or other security certifications are a plus Perks & Benefits Competitive salary. Generous equity plan. Remote-first working environment with regular travel to customer sites across Europe (London, Zurich, and more). Opportunity to work on innovative solutions with a passionate and driven team. If you are More ❯

CD tools (Jenkins, GitHub Actions, GitLab etc.) Container platforms (Docker, Kubernetes) Infrastructure-as-code (Terraform, Ansible, Pulumi, CloudFormation) Cloud platforms (AWS, Azure, GCP) Security engineering tools and practices: SAST/DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. … Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in consulting , solutions architecture , or technical coaching . Interest in technical sales and supporting go-to-market strategies. Excellent written and verbal communication skills, with the ability to translate complex technical topics to both … technical and non-technical stakeholders. AWS/Azure/GCP certifications, CISSP, CISM, or other security certifications are a plus Perks & Benefits Competitive salary. Generous equity plan. Remote-first working environment with regular travel to customer sites across Europe (London, Zurich, and more). Opportunity to work on innovative solutions with a passionate and driven team. If you are More ❯

wins. You MUST Have: 7+ years in technical pre-sales or sales engineering roles Hands-on with Docker, Kubernetes, CI/CD, Git, build tools Solid AppSec experience: SCA, SAST, SBOM, Container Security Cloud infrastructure fluency (AWS, Azure or GCP - must especially tick this box) Proven track record building enterprise relationships - from tech champions to C-level Ability to More ❯