Hands-on with tools such as Burp Suite, ZAP, Nmap, Metasploit Deep understanding of secure cloud infrastructure (AWS/Azure) and scripting (Python, Bash) Familiarity with DevSecOps tools (e.g. Veracode, GitHub Advanced Security) Certifications such as OSCP or CREST/TIGER Bonus Skills: Experience within the CHECK scheme Knowledge of UK public sector security practices Exposure to threat modelling and More ❯
London, England, United Kingdom Hybrid / WFH Options
Funding Circle
remediation efforts. Nice to have Advanced security certifications (e.g., AWS Certified Security - Specialty, CISSP, CCSP, OSCP/OSWE). Experience with security platforms/tools (e.g., Wiz, Snyk, Checkmarx, Veracode). Scripting skills in Python or similar for automation. Experience working in FinTech or regulated environments. Knowledge of mobile application security principles. We are committed to building diverse teams. Please More ❯
London, England, United Kingdom Hybrid / WFH Options
Funding Circle
Nice to have Relevant advanced security certifications (e.g., AWS Certified Security - Specialty, CISSP, CCSP, OSCP/OSWE). Experience with specific security platforms/tools (e.g., Wiz, Snyk, Checkmarx, Veracode). Proficiency in security automation using scripting languages (e.g., Python). Experience working in FinTech or other highly regulated environments. Experience with mobile application security principles and testing. At Funding More ❯
the following: Creating and deploying CI/CD pipelines (GitLab/Jenkins/GitHub) Configuring and running Code/Binary scans using solutions like SonarQube, Semgrep, Blackbuck, Trivy, GitLeaks Veracode, etc. Configuring and using Secrets management tools like Vault and Cloud native solutions Broad knowledge of SDLC Tools, specifically Build, Test and Deploy Automation tools, e.g., Maven, Gradle, Selenium, Ansible More ❯
Strong understanding of web application security concepts, including secure coding practices, authentication mechanisms, and common vulnerabilities. Proficiency in security testing tools and techniques, such as Burp Suite, SonarQube, Checkmarx, Veracode, etc... Excellent analytical and problem-solving skills, with the ability to think critically and creatively to address complex security challenges. Strong communication and interpersonal skills, with the ability to effectively More ❯
vulnerability management expertise. Hands-on experience with threat modelling and secure code reviews. Experience with Mobile Application Security and API Security. Familiarity with security tools (Burp Suite, Fortify, Checkmarx, Veracode, ZAP, etc.). Experience with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Ability to conduct maturity assessments and gap analysis. Familiarity with RASP technology as well More ❯
vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯
vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯
vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯
vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯
vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯
vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯
vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯
vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯
vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯
best practices. Familiarity with threat modeling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools like SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. Relevant certifications such as CSSLP, OSWE, GWAPT, CISSP, or equivalent are advantageous. Additional notes: If you are not a More ❯
Chatham, Kent, United Kingdom Hybrid / WFH Options
Tilt Recruitment
identity and access management to secure networking, container platforms (Kubernetes/AKS), and infrastructure protection. Hands-on knowledge of DevSecOps, IaC (Terraform), CI/CD pipelines, and tools like Veracode, Trivy, and Checkov. Familiarity with standards such as CIS, NIST, GDPR, ISO and frameworks like MITRE ATT&CK. Strong programming/scripting skills (Python, Go, Groovy) with a clean, secure More ❯
Wolverhampton, Bushbury, West Midlands (County), United Kingdom Hybrid / WFH Options
Tilt Recruitment
identity and access management to secure networking, container platforms (Kubernetes/AKS), and infrastructure protection. Hands-on knowledge of DevSecOps, IaC (Terraform), CI/CD pipelines, and tools like Veracode, Trivy, and Checkov. Familiarity with standards such as CIS, NIST, GDPR, ISO and frameworks like MITRE ATT&CK. Strong programming/scripting skills (Python, Go, Groovy) with a clean, secure More ❯
CWE Top 25, and secure coding best practices. Familiarity with threat modeling methodologies such as STRIDE. Hands-on experience with tools like SAST, DAST, IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. Relevant certifications such as CSSLP, OSWE, GWAPT, CISSP, or equivalent are advantageous. #J-18808-Ljbffr More ❯
practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures Relevant certifications such as CSSLP, OSWE, GWAPT, CISSP , or equivalent are advantageous. #J-18808-Ljbffr More ❯
practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures Relevant certifications such as CSSLP, OSWE, GWAPT, CISSP , or equivalent are advantageous. #J-18808-Ljbffr More ❯
