Application Security Test Engineer (DAST IAST) Cambridge / WFH to £70k Are you a security focussed Test Engineer? You could be joining a market leading software house thats remote access product is used by hundreds of millions of users worldwide.
Please read the following job description thoroughly to ensure you are the right fit for this role before applying.
Whats in it for you: Salary to £70k Bonus Hybrid working Pension, Private Medical Care, Life Assurance, Travel Insurance Subsidised gym membership and a range of other perks Your role: As an Application Security Test Engineer youll play a key role in building security into applications, carrying out threat modelling and risk assessments during the design phase to ensure solutions are secure by default.
Youll help define security requirements for new features and take part in architecture reviews to spot and address potential risks early.
Working closely with development teams, youll carry out secure code reviews and provide guidance on best practices, including alignment with CIS Critical Security Controls and the OWASP Top 10, collaborating with engineers to embed security into development workflows rather than treating it as an afterthought.
Youll be hands-on with security testing across a range of environments, running Dynamic Application Security Testing (DAST) against live applications, focusing on issues such as cross-site scripting, SQL injection and broken access control.
Youll also use Interactive Application Security Testing (IAST) tools for runtime analysis, including tools such as Burp Suite, OWASP ZAP and Frida, alongside Static Application Security Testing (SAST) and software composition analysis to assess source code, binaries, and third-party dependencies.
Location / WFH: You can work from home most of the time, meeting up with colleagues in the Cambridge office on a weekly / monthly basis.
About you: You have a strong understanding of the secure software development lifecycle and DevSecOps principles You have a good knowledge of Application Security principles and common vulnerabilities (e.g., XSS, SQL Injection, Broken Access Control) You have hands-on experience with DAST, IAST and Penetration Testing tools (e.g., Burp Suite, OWASP ZAP, Frida) and Static Application Security Testing (SAST) You can read and understand code (e.g.
Java, Python, C++ or similar) Youre familiar with using software composition analysis (SCA) tools such as Blackduck, Mend / Whitesource, Snyk or similar Youre collaborative and pragmatic with great communications skills Apply now to find out more about this Application Security Test Engineer (DAST IAST) opportunity.
At Client Server we believe in a diverse workplace that allows people to play to their strengths and continually learn.
Were an equal opportunities employer whose people come from all walks of life and will never discriminate based on race, colour, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. xjlbheb
The clients we work with share our values.