26 to 28 of 28 Static Application Security Testing Jobs in the UK excluding London

extend Python tooling for: SLSA provenance SBOM generation (CycloneDX) Hash/digest accuracy (SHA1/SHA256) Security scan aggregation (SonarQube, Sonatype IQ, SAST, container scanning) Optimise pipeline performance through parallelisation, caching, dependency prefetching, and BOM scope reduction. Ensure artifact integrity and reproducibility , including evidence modelling and digest validation. Refactor … container image metadata . Solid experience with software supply-chain security (SLSA, CycloneDX SBOMs, digests). Hands-on use of SonarQube, Sonatype IQ, SAST, and container scanning tools . Proven ability to optimise CI/CD performance (caching, parallel builds, dependency pruning). Awareness of compliance and secure ...

package, scan, deploy). Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ,SAST/Container). Optimize performance (parallel builds, caching, scope-reduced BOMs, dependency prefetch). Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible inputs, evidence … Helm/Terraform and container image metadata. Supply-chain security (SLSA, CycloneDX SBOM, digests). Experience with SonarQube, Sonatype IQ, container and SAST scanning. Proven performance tuning (caching, parallelization, dependency pruning). Compliance Awareness. ...

controls. Capture and assess evidence such as pipeline logs, approvals, artefact integrity/signing, access controls, and configuration baselines. Validate security posture via SAST/DAST scans, dependency and licence reviews, container/image policies, and supply-chain controls. Evaluate logging, monitoring, and observability practices. Map findings to compliance ...