🤖 15+ AI Agents working for you. Find jobs, score and update resumes, cover letter, interview questions, missing keywords, and lots more.
Cookies & analytics consent
We serve candidates globally, so we only activate Google Tag Manager and other analytics after you opt in. This keeps us aligned with GDPR/UK DPA, ePrivacy, LGPD, and similar rules. Essential features still run without analytics cookies.
Read how we use data in our Privacy Policy and Terms of Service.
🤖 15+ AI Agents working for you. Find jobs, score and update resumes, cover letter, interview questions, missing keywords, and lots more.
Client Server • Cambridge, England, United Kingdom
Role & seniority: Application Security Test Engineer (DAST/IAST); mid-level professional in security testing and SDLC/DevSecOps practices
Stack/tools: Dynamic and Interactive Application Security Testing (DAST/IAST); SAST; software composition analysis (Black Duck, Mend/Whitesource, Snyk); Burp Suite; OWASP ZAP; Frida; code reading (Java, Python, C++, or similar)
Conduct threat modelling and risk assessments during design; define security requirements for new features; participate in architecture reviews
Perform secure code reviews and guide development teams on secure practices aligned with CIS Controls and OWASP Top 10
Execute security testing across environments (DAST/IAST on live apps, SAST on code/binaries, and assess dependencies)
Strong understanding of secure SDLC and DevSecOps
Proficiency with DAST, IAST, pen-testing tools, and SAST
Ability to read/understand code (Java, Python, C++, etc.)
Experience with SCA tools (Black Duck, Mend/Whitesource, Snyk or equivalent)
Collaboration and clear communication skills
Familiarity with CIS Critical Security Controls and OWASP Top 10 in practice
Prior experience embedding security into development workflows; working in a software house or product environment
Location & work type: Cambridge/Remote–hybrid; work-from-home option most of the time with periodic in-office meetups (weekly/monthly) in Cambridge
Application Security Test Engineer (DAST IAST) Cambridge / WFH to £70k
Are you a security focussed Test Engineer?
You could be joining a market leading software house that's remote access product is used by hundreds of millions of users worldwide.
Working closely with development teams, you'll carry out secure code reviews and provide guidance on best practices, including alignment with CIS Critical Security Controls and the OWASP Top 10, collaborating with engineers to embed security into development workflows rather than treating it as an afterthought.
You'll be hands-on with security testing across a range of environments, running Dynamic Application Security Testing (DAST) against live applications, focusing on issues such as cross-site scripting, SQL injection and broken access control. You'll also use Interactive Application Security Testing (IAST) tools for runtime analysis, including tools such as Burp Suite, OWASP ZAP and Frida, alongside Static Application Security Testing (SAST) and software composition analysis to assess source code, binaries, and third-party dependencies.
Apply now to find out more about this Application Security Test Engineer (DAST IAST) opportunity.
At Client Server we believe in a diverse workplace that allows people to play to their strengths and continually learn. We're an equal opportunities employer whose people come from all walks of life and will never discriminate based on race, colour, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. The clients we work with share our values.