DevSecOps Pentester Job in South East London

2644 IT & Software Developer jobs in the UK

Company Size

<50

Company Type

Services

Exp Level

Regular

Job Type

Full-Time

Language

English

Visa sponsorship

Requirements

Must:

We are looking for candidates who possess the following essential skills, knowledge, and experience: - A strong background in application security, especially with OWASP Top 10 and API security. - Experience in manual penetration testing of modern web applications, APIs, and CI/CD pipelines. - A deep understanding of DevSecOps practices, secure Software Development Life Cycle (SDLC), and expertise in threat modeling and secure design review. - Proficiency in automating security checks within CI/CD pipelines using tools such as Jenkins, GitLab, and Ansible. - Knowledge of secure coding practices and awareness of common developer pitfalls. - Scripting capabilities for testing and automation, specifically in Python, Bash, or Go. - Experience with cloud-native architectures such as Docker and Kubernetes, as well as infrastructure-as-code (IaC) practices. - Familiarity with securing cloud platforms, particularly AWS, Azure, and GCP, while understanding cloud security best practices. - Effective communication skills and the ability to collaborate seamlessly with developers and DevOps teams. - A comfort level operating in agile, fast-paced environments.

Technologies

CI/CD

DevSecOps

GitLab

Jenkins

Responsibilities

In this role, I will expect you to take on the following responsibilities: - Integrate security practices and tools into the DevOps pipeline to ensure that security is treated as a continuous process. - Perform Infrastructure-as-Code (IaC) automation and ServiceNow integrations to enhance automation of AWS service catalogues. - Contribute to the development of security tools, checklists, and automation efforts. - Identify potential security threats and vulnerabilities during the design phase, addressing flaws in CI/CD, IaC, and cloud/containerized environments. - Conduct both manual and automated security testing on web applications, APIs, and pipelines. - Actively participate in agile ceremonies, including sprint planning, threat modeling, and grooming sessions. - Create detailed reports that provide actionable advice on addressing identified vulnerabilities and improving security posture, including executive summaries and technical findings. - Validate remediation efforts and conduct retesting cycles to ensure issues are resolved effectively. - Track and manage issues using Jira workflows and developer tickets. - Advise on secrets management, Identity and Access Management (IAM), and secure deployment practices. - Educate development and operations teams on security best practices and emerging threats.

Description

We also value additional desirable skills, knowledge, and experience, such as: - Exceptional customer engagement and reporting skills. - Strong analytical, problem-solving, and troubleshooting abilities. - Proven experience with modern security tooling in real-world projects. - Exposure to agile delivery teams and cross-functional collaboration. - Familiarity with cloud security and infrastructure-as-code misconfiguration testing. - Comfort in documenting technical findings and engaging in remediation cycles. While certifications are not mandatory, having any of the following would be a nice addition to your profile: - OSCP, OSWA, CRTO, GWAPT, GPEN, eWPT - Azure Security Engineer Associate / AWS Security Specialty - Kubernetes Security or DevSecOps-focused certifications. If you believe you meet these criteria and are excited about contributing to our team, we encourage you to apply.

Something wrong or incorrect with this job? Tell us in the chat 💬 on the right ➡️

IT & Software developer jobs in the UKQA, Software Tester jobs in the UKQA, Software Tester jobs London

You can find QA, Test Engineer salaries in the UK here.

How many QA, Test Engineer jobs are in the UK?

Currently, there are 2644 QA, Test openings. Check also: Selenium jobs, Cypress jobs, Cucumber jobs - all with salary brackets.

Is the UK a good place for QA, Test Engineers?

The UK is one of the best countries to work as a QA, Test Engineer. It has a vibrant startup community, growing tech hubs and, most important: lots of interesting jobs for people who work in tech.

Which companies are hiring for QA, Test Engineer jobs in the UK?

MastarRec, Mas & Pas Limited, BAE Systems, Kura, FCDO Services, Core-Asset Consulting, ApplianSys among others, are currently hiring for QA, Test roles in the UK.

The company with most openings is Experis as they are hiring for 71 different QA, Test Engineer jobs in the UK. They are probably quite committed to find good QA, Test Engineers.