1 to 25 of 188 Static Application Security Testing Jobs in the UK excluding London

Job Title: SC Cleared DevSecOps Engineer Location: Corsham Type: Contract Clearance: Active SC (Security Check) Clearance required Salary/Rate: £550-£675 DOE Overview: We are seeking a highly skilled and Security Cleared (SC) DevSecOps Engineer to join our dynamic team. The ideal candidate will have a strong background in DevOps principles, with a specific focus on embedding … security throughout the software development lifecycle. You will play a pivotal role in building, deploying and maintaining secure, scalable infrastructure and applications for mission-critical environments. Key Responsibilities: Design, implement … and manage secure CI/CD pipelines using industry best practices Embed security at every stage of the DevOps lifecycle (shift-left security) Integrate security tools (SAST, DAST, secrets management, etc.) into development workflows Collaborate with development, infrastructure and security teams to ensure compliance with governance and regulatory requirements Automate infrastructure provisioning using Infrastructure as Code More ❯

Job Title: SC Cleared DevSecOps Engineer Location: Corsham Type: Contract Clearance: Active SC (Security Check) Clearance required Salary/Rate: £550-£675 DOE Overview: We are seeking a highly skilled and Security Cleared (SC) DevSecOps Engineer to join our dynamic team. The ideal candidate will have a strong background in DevOps principles, with a specific focus on embedding … security throughout the software development lifecycle. You will play a pivotal role in building, deploying and maintaining secure, scalable infrastructure and applications for mission-critical environments. Key Responsibilities: Design, implement … and manage secure CI/CD pipelines using industry best practices Embed security at every stage of the DevOps lifecycle (shift-left security) Integrate security tools (SAST, DAST, secrets management, etc.) into development workflows Collaborate with development, infrastructure and security teams to ensure compliance with governance and regulatory requirements Automate infrastructure provisioning using Infrastructure as Code More ❯

to enable you to grow within the company and industry. Due to the nature of the work you will be involved in, you will be required to obtain UK security clearance in this role. You will be involved in some of the following: Planning, conducting, and coordinating software development activities Design and development of tests to debug software Correction … operating instructions Documentation of program development Analysis of system capabilities Your skillset may include some of the below: Experience with Java or Python Understanding of mocking up and unit testing frameworks Experienced with Git version control Knowledge of Agile Development using SCRUM Experience in mentoring junior team members Experience in Oracle/Relational Databases and/or Mongo Experience … to build, configure, and secure cloud environments effectively Security & CI/CD Security Integration: Familiarity with embedding security checks at every phase of the SDLC (e.g., SAST, DAST) Automation Pipelines: Experience with Continuous Integration (CI), Continuous Delivery (CD), and continuous testing tools (e.g., Jenkins, GitHub Actions) Agile Delivery: Background in Scrum or Kanban, assisting Product Owners More ❯

Role: Cyber Security Engineer Salary/Rate: up to £700 per day (inside IR35) Location: Hybrid LondonContract Duration: until October 2025 We are currently looking for a Cyber Security Engineer for our government client. This Cyber Security Engineer role is hybrid, based between 2-3 days per week on site in central London and the remainder of … the week working remotely. The contract for the Cyber Security Engineer position is until October 2025 with potential to extend, operating inside IR35. Security Clearance: Security Check ("SC Clearance") This role is inside IR35 - Due to the service of the role, it will now be based on an Umbrella solution. Essential skills/experience required: Certifications: OSCP … desirable Role/Responsibilities: Perform penetration testing and vulnerability assessments of web applications, APIs, and cloud infrastructure. Evaluate the automated security tooling into CI/CD pipelines (SAST, DAST, dependency checking, IaC etc), and make necessary recommendations. Collaborate with developers to remediate identified vulnerabilities and ensure secure code practices. Provide expert input on cloud security (AWS, Azure More ❯

designing, developing, and maintaining large-scale, secure, and high-performing solutions. This role involves mentoring and coaching junior team members, translating stakeholder requirements into actionable user stories, and embedding security throughout the software development life cycle. The position calls for strong technical expertise, collaborative mindset, and an ability to deliver innovative solutions that align with business objectives. Experience Requirements … Software Development & Principles Programming Languages: Proficiency in one or more of: Java, Spring Boot, Python, JavaScript, TypeScript, ReactJS SOLID Principles: Familiarity with object-oriented and clean coding practices Testing & BDD Unit Testing Frameworks: Experience with Cypress, Cucumber, Behave, Selenium, or similar tools Domain-Specific Languages: Knowledge of BDD approaches (e.g., Cucumber, Gherkin) for test automation Containerisation & Microservices Container … to build, configure, and secure cloud environments effectively Security & CI/CD Security Integration: Familiarity with embedding security checks at every phase of the SDLC (e.g., SAST, DAST) Automation Pipelines: Experience with Continuous Integration (CI), Continuous Delivery (CD), and continuous testing tools (e.g., Jenkins, GitHub Actions) Agile & Mentorship Agile Delivery: Background in Scrum or Kanban, assisting More ❯

designing, developing, and maintaining large-scale, secure, and high-performing solutions. This role involves mentoring and coaching junior team members, translating stakeholder requirements into actionable user stories, and embedding security throughout the software development life cycle. The position calls for strong technical expertise, collaborative mindset, and an ability to deliver innovative solutions that align with business objectives. Experience Requirements … Software Development & Principles SOLID Principles: Familiarity with object-oriented and clean coding practices Testing & BDD Unit Testing Frameworks: Experience with Cypress, Cucumber, Behave, Selenium, or similar tools Domain-Specific Languages: Knowledge of BDD approaches (e.g., Cucumber, Gherkin) for test automation Containerisation & Microservices Container Technologies: Practical understanding of Docker or equivalent solutions Microservice Patterns: Experience architecting microservice-based systems … to build, configure, and secure cloud environments effectively Security & CI/CD Security Integration: Familiarity with embedding security checks at every phase of the SDLC (e.g., SAST, DAST) Automation Pipelines: Experience with Continuous Integration (CI), Continuous Delivery (CD), and continuous testing tools (e.g., Jenkins, GitHub Actions) Agile Delivery: Background in Scrum or Kanban, assisting Product Owners More ❯

be part of shaping the future of our department. We use Agile Methodologies and promote a culture of continuous improvement. We are looking for an enthusiastic Lead Test Engineer (Security) with great technical skills able to coach and mentor other testers and lead the non-functional testing workstream focused on Security testing. You will be part of … our lead tester group, working collaboratively with your team and overseeing the testing journey with management responsibilities. This provides an opportunity to make the test community thrive by exploring new and emerging tools and approaches and working out how you can help the organisation deliver better services. This is a rewarding role within the Test Team and provides an … for automating security-focused API tests. Version control systems (e.g. Git) - for secure code handling and integration with secrets scanners. Static Application Security Testing (SAST) tools - e.g. SonarQube, Checkmarx, Semgrep. Dynamic Application Security Testing (DAST) tools - e.g. OWASP ZAP, Burp Suite Pro. Infrastructure-as-Code (IaC) scanning tools - e.g. tfsec, Checkov. Secrets More ❯

of shaping the future of our department. We use Agile Methodologies and promote a culture of continuous improvement. We are looking for an enthusiastic Senior Test Engineer (Non-Functional Security) with great technical skills, able to deliver and support security testing workstreams, including vulnerability assessments and penetration testing. You will also offer guidance to other testers on … security testing best practices. You will be part of our non-functional testing specialist team, working collaboratively with your team and overseeing the testing journey. This provides an opportunity to make the test community thrive by exploring new and emerging tools and approaches and working out how you can help the organisation deliver better services. This … security-focused API tests. Git or other version control systems - for secure code handling and integration with security scanners. Static Application Security Testing (SAST) tools - e.g. SonarQube, Checkmarx, Semgrep. Dynamic Application Security Testing (DAST) tools - e.g. OWASP ZAP, Burp Suite Pro. Infrastructure-as-Code (IaC) scanning tools - e.g. tfsec, Checkov. Secrets More ❯

Story Behind the Need • Business group: Application Security - deploying application security vulnerability testing tools used by the Bank for vulnerability testing; currently doing a lot of modernization projects updating portfolio for statis dynamic and mobile testing • Project: Resource will be playing a key role in deploying components of the strategic solution for Application … CD pipelines and automation (e.g. Jenkins) Nice-To-Have Skills: • Cloud solution and containerization deployment experience - GCP(1st), AWS(2nd), Azure(3rd), • Experience with security testing tools (SAST, SCA, DAST) • Experience/knowledge of security best practices around connectivity (MTLS, SAML, OAuth Client and Credentials IP Allow Listing) • Cybersecurity experience • Experience from large highly matrixed enterprise organizations … initiative, strong problem solver and is a strategic thinker and can identify solution; experience using vulnerability and security testing tools to help with understanding of software composition (SAST, SCA, DAST), best will have used the tools themselves and have an understanding of how they work, strong independent developer, with programming and automation expertise Feedback from previous supplier calls More ❯

you will: Lead DevSecOps practices and processes within the organization. Develop and implement DevSecOps strategies. Mentor engineers in cybersecurity best practices. Collaborate with development and operations teams to automate security principles. Identify and implement tools to improve software development and delivery. Communicate trends and innovative solutions to leadership. Monitor and evaluate the performance of solutions, recommending enhancements. Assist in … or related field, or significant work experience emphasizing cybersecurity. 5+ years as a DevSecOps Engineer. Strong knowledge of Network Architecture in AWS and/or Azure. Cybersecurity expertise in SAST, DAST, SIEM, SSO, penetration testing, and cybersecurity controls. Experience with Cybersecurity Incident Response protocols. Cryptographic controls experience, including SSH key handling, logging, and auditing. Competence with Key Management Service … key rotation, and automation. Certifications such as AWS Certified Security, AWS Certified Advanced Networking, CCNA, CCNP are highly desirable. Experience designing solutions with a focus on AWS Security and Network services, including GuardDuty, Config, Security Hub, etc. Proficiency with Infrastructure as Code tools like Terraform. Solid understanding of DevOps practices with hands-on experience. Programming skills in More ❯

helping the team manage and deploy the environment in a secure and optimised manner. This will include managing the logging and SIEM aspects of the infrastructure and coordinating with application development teams to resolve issues. You will also work with the rest of the squad to incorporate more security checks into the CI/CD pipeline. The role … will include validation of planned changes to ensure that they comply with best practice and will also involve working with the Tesco Mobile Cyber Security Team. About the role The Tesco Mobile Engineering team is a truly cross functional team responsible for both the functional software development as well as the running and operation of tailored and product/… setting using and managing Splunk including defining data streams, indices and ingests and dashboards. Experience of CI/CD pipelines and adding security tooling to these. Experience using SAST and other techniques to improve code security. Automation experience using a variety of tools and languages including AWS CLI, python, etc. Containerisation technologies; Docker and Kubernetes. Exposure to Continuous Integration More ❯

If you need support in completing the application or if you require a different format of this document, please get in touch with at UKI.recruitment@tcs.com or call TCS London Office number 02031552100/+44 204 520 2575 with the subject line: “Application Support Request”. Role: Senior DevSecOps Developer Job Type : Permanent Location: Leamington/Gaydon, Hybrid … days on site) Are you ready to leverage your skills in automation and security ? We have a great opportunity for you - Senior DevSecOps Developer . Careers at TCS: It means more TCS is a purpose-led transformation company, built on belief. We do not just help businesses to transform through technology. We support them in making a meaningful difference … of networking concepts, technologies, and protocols (TCP/IP, IPSec, HTTP, FTP, DHCP, and DNS). Previous involvement in all stages of the software delivery lifecycle. Experience on SCA, SAST, and DAST tools. Skilled on IAC automation (Terraform). Desirable skills: An individual who is result driven demonstrates tenacity, drive and perseverance. Resilience, energy, and enthusiasm to deliver results under More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements - and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements – and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with … are still areas of our business with clear hiring requirements – and we would like to bring talent like you on board! By the way, we have completely virtualised our application process and our recruiters remain available to you should you have any questions. We are still looking forward to getting to know you! About us Computacenter is a leading More ❯

Lead the design and implementation of secure, scalable DevSecOps solutions across cloud, on-prem, and hybrid environments Advise customers on best practices for CI/CD, containerisation, and integrating security across the SDLC Collaborate with Sales and Consulting teams to develop technical proposals and bid responses Facilitate customer workshops, design reviews, and solution assurance activities Drive innovation and thought … SAFe, Kanban, etc.) Deep expertise in Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with More ❯

least one object oriented language, e.g. Java, Go or Python Developing of RESTful API services & understanding of API Gateways (e.g. APIGEE) Building applications utilising container technologies e.g. Docker Managing application deployed to Kubernetes clusters, Istio & Helm Cloud: GCP, GKE, IaC (Terraform) Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube It would be … great if you also had... Experience in Spring Boot and Hibernate Experience of building microservice architecture and event driven systems Experience in Test automation: BDD, mocking, contract testing, Sast Exposure to web technologies, data tooling & infrastructure/networking About working for us Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society More ❯

least one object oriented language, e.g. Java, Go or Python Developing of RESTful API services & understanding of API Gateways (e.g. APIGEE) Building applications utilising container technologies e.g. Docker Managing application deployed to Kubernetes clusters, Istio & Helm Cloud: GCP, GKE, IaC (Terraform) Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube It would be … great if you also had... Experience in Spring Boot and Hibernate Experience of building microservice architecture and event driven systems Experience in Test automation: BDD, mocking, contract testing, Sast Exposure to web technologies, data tooling & infrastructure/networking About working for us Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society More ❯

least one object oriented language, e.g. Java, Go or Python Developing of RESTful API services & understanding of API Gateways (e.g. APIGEE) Building applications utilising container technologies e.g. Docker Managing application deployed to Kubernetes clusters, Istio & Helm Cloud: GCP, GKE, IaC (Terraform) Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube It would be … great if you also had... Experience in Spring Boot and Hibernate Experience of building microservice architecture and event driven systems Experience in Test automation: BDD, mocking, contract testing, Sast Exposure to web technologies, data tooling & infrastructure/networking About working for us Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society More ❯

least one object oriented language, e.g. Java, Go or Python Developing of RESTful API services & understanding of API Gateways (e.g. APIGEE) Building applications utilising container technologies e.g. Docker Managing application deployed to Kubernetes clusters, Istio & Helm Cloud: GCP, GKE, IaC (Terraform) Build Tools & DevOps principles: Git, Maven, Jenkins CI/CD, Nexus, SonarQube It would be … great if you also had... Experience in Spring Boot and Hibernate Experience of building microservice architecture and event driven systems Experience in Test automation: BDD, mocking, contract testing, Sast Exposure to web technologies, data tooling & infrastructure/networking About working for us Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society More ❯

industry-standard frameworks like AWS Well-Architected or Azure Security Centre. Develop and enforce security controls within Infrastructure as Code (IaC) pipelines, integrating security testing (SAST, DAST, SCA) and automated compliance checks into CI/CD processes. Provide expert guidance on cloud security architecture, articulating security postures, and implementing mitigating controls to reduce risk. … industry-standard frameworks like AWS Well-Architected or Azure Security Centre. Develop and enforce security controls within Infrastructure as Code (IaC) pipelines, integrating security testing (SAST, DAST, SCA) and automated compliance checks into CI/CD processes. Provide expert guidance on cloud security architecture, articulating security postures, and implementing mitigating controls to reduce risk. … solutions, including native security services (IAM, WAFs, threat detection), with a strong focus on embedding security within CI/CD pipelines using tools like Terraform, AWS CloudFormation, SAST, DAST, and SCA. Demonstrable experience leading DevSecOps initiatives, integrating security controls seamlessly into development and operational workflows, and collaborating effectively with Developers, Architects, and DevOps teams to promote security More ❯

Job Description Are you ready to lead the way in securing cloud environments for a vital public service? We are looking for a highly skilled Principal Cloud Security Engineer to join the Digital Risk & Security branch of our Chief Digital Office. In this pivotal role, your expertise will be instrumental in protecting Social Security Scotland's critical … industry-standard frameworks like AWS Well-Architected or Azure Security Centre. Develop and enforce security controls within Infrastructure as Code (IaC) pipelines, integrating security testing (SAST, DAST, SCA) and automated compliance checks into CI/CD processes. Provide expert guidance on cloud security architecture, articulating security postures, and implementing mitigating controls to reduce risk. … solutions, including native security services (IAM, WAFs, threat detection), with a strong focus on embedding security within CI/CD pipelines using tools like Terraform, AWS CloudFormation, SAST, DAST, and SCA. Demonstrable experience leading DevSecOps initiatives, integrating security controls seamlessly into development and operational workflows, and collaborating effectively with Developers, Architects, and DevOps teams to promote security More ❯