Security test engineer

Role: Security tester
Rate: Outside IR35
Location: 1-2 day a week onsite Croydon (maybe less)
Duration: 6 months initially
SC clearance required

Security Tester - Job Description

The Security Tester will play a key role in delivering robust application security testing aligned with Secure-by-Design (SbD) principles and compliance frameworks such as NIST, CAF, and CAT. This role supports the Home Office's strategic aim to scale enterprise security testing capabilities, reduce outsourcing reliance, and embed security into the software development life cycle.

Key Responsibilities

Conduct Security Testing using SAST and DAST tools

Collaborate with Cyber Security Managers and Governance teams to ensure alignment with organisational security policies and standards

Mentor and upskill team testers in application security testing and automation

Track and report on security metrics and KPIs, including vulnerability trends and remediation outcomes.

Integrate security testing into CI/CD pipelines, supporting shift-left strategies and DevSecOps practices.

Required Skills & Experience

Strong understanding of security standards including OWASP, NIST SP 800-53, ISO 27001, and CIS Benchmarks.

Experience with SAST/DAST tools and Cloud Security platforms (AWS, Azure).

Familiarity with Secure-by-Design principles and organisational security policies.

Experience with penetration testing, risk assessment, and compliance testing.

Proficiency in tools such as JIRA, SharePoint, and vulnerability management platforms.

Desirable Attributes

Ability to interpret and apply OWASP and NIST security principles across diverse project environments.

Strong stakeholder engagement and communication skills.

Experience in developing deployment checklists and decision trees for secure tool usage.

Certifications such as Crest CRT, OSCP, CEH, or SANS are highly desirable.

Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 10 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds.

Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.