17 of 17 OWASP Jobs in the South East

Familiarity with scripting languages like PowerShell, YAML, JSON Hands-on with application security tools and DevSecOps processes Understanding of frameworks and standards like OWASP, NIST SSDF, ISO27001, NCSC Experience with threat modelling, risk assessments, and secure design reviews Confident owning security strategy and tooling across complex product landscapes A strong ...

awareness support to internal teams. Essential Skills & Experience Strong hands-on experience in application and cloud security engineering. Deep understanding of web app vulnerabilities (OWASP Top 10, CWE) and secure coding practices. Proficiency with security testing tools and vulnerability management platforms. Broad knowledge of network and infrastructure security concepts (WAFs ...

equivalent Higher education sector experience Multi-tenant SaaS architecture security experience DevSecOps and CI/CD security integration knowledge Security frameworks: NIST, CIS Controls, OWASP Multi-jurisdictional data protection knowledge Enterprise sales cycle support experience Key Attributes: Strategic thinker who can balance security with business needs Pragmatic approach to security ...

equivalent Higher education sector experience Multi-tenant SaaS architecture security experience DevSecOps and CI/CD security integration knowledge Security frameworks: NIST, CIS Controls, OWASP Multi-jurisdictional data protection knowledge Enterprise sales cycle support experience Key Attributes: Strategic thinker who can balance security with business needs Pragmatic approach to security ...

Compliance Contribute to and follow coding standards and security policies, maintaining and supporting compliance with security standards/guidelines such as PCI v4, OWASP etc. Ensure Senior and Junior Developers are well trained in application security practices and knowledge is kept up to date. Strategy Contribute to long-term technical ...

designing and implementing secure cloud solutions. Strong understanding of application and infrastructure architecture. Background in network and web application security (OSI, TCP/IP, OWASP, PKI, TLS). Knowledge of governance, risk, and compliance practices. Relevant certifications (OSCP, CREST, TIGER, etc.) are beneficial. Benefits Include: Up to £120,000 base ...

designing and implementing secure cloud solutions. Strong understanding of application and infrastructure architecture. Background in network and web application security (OSI, TCP/IP, OWASP, PKI, TLS). Knowledge of governance, risk, and compliance practices. Relevant certifications (OSCP, CREST, TIGER, etc.) are beneficial. Benefits Include: Up to £120,000 base ...

code quality. Governance and Compliance Follow coding standards and security policies, maintaining and supporting compliance with security standards/guidelines such as PCI v4, OWASP etc. Keep training and knowledge on application security practices up to date. Strategy Support long-term technical planning, identify areas for improvement in existing systems ...

with Next-Gen Firewalls (Palo Alto, Fortinet, Check Point, Cisco, etc.) Strong background in network security, traffic flows, segmentation, and application security Understanding of OWASP, threat mitigation, and secure configuration principles Experience in incident response, troubleshooting, and performance tuning Excellent communication and documentation skills Click apply to be considered. ...

domains. Strong knowledge of TOGAF or similar frameworks (Zachman, MODAF). Experience working in secure environments and applying best practice for solution security (e.g., OWASP, NCSC cloud security principles). Familiarity with Secure Software Development Lifecycle processes. Ability to work with multi-disciplinary teams and influence senior stakeholders. Excellent communication ...

block activities. Hands-on experience with VMware AVI or similar technologies such as F5, Imperva, or AWS WAF. Security Knowledge: Deep understanding of OWASP Top 10 vulnerabilities and web application security principles. Familiarity with SSL/TLS, HTTP protocols, and application-layer security. Additional Information Interview Process: 2-3 rounds ...

applications (iOS & Android) using frameworks such as React Native or Flutter. Implement secure authentication flows, protect against common vulnerabilities (XSS, CSRF), and adhere to OWASP best practices. Integrate e-commerce tools and APIs (e.g., Klaviyo, Yotpo) for personalised content and loyalty features. Manage complex application state using libraries like Redux ...

applications (iOS & Android) using frameworks such as React Native or Flutter. Implement secure authentication flows, protect against common vulnerabilities (XSS, CSRF), and adhere to OWASP best practices. Integrate e-commerce tools and APIs (e.g., Klaviyo, Yotpo) for personalised content and loyalty features. Manage complex application state using libraries like Redux ...

applications (iOS & Android) using frameworks such as React Native or Flutter. Implement secure authentication flows, protect against common vulnerabilities (XSS, CSRF), and adhere to OWASP best practices. Integrate e-commerce tools and APIs (e.g., Klaviyo, Yotpo) for personalised content and loyalty features. Manage complex application state using libraries like Redux ...

content and operational playbooks would be a bonus. Skills You’ll Need: Advanced understanding of attacker tools, techniques, and procedures. Knowledge of security frameworks: OWASP, NIST, MITRE ATT&CK, Unified Kill Chain. Proficient in risk analysis and information systems best practices. Expertise in intelligence gathering and analysis tools, including OSINT. ...

technology, and data decisions are fully aligned with the overarching Enterprise Architecture strategy. Champion and apply best-practice principles for solution and data security (OWASP, NCSC, GDPR) at every stage of the delivery lifecycle. Required Skills: Active SC Security Clearance is a strict necessity, coupled with extensive, hands-on experience ...

infrastructure security using least-privilege and zero-trust principles Build and maintain secure CI/CD pipelines with automated security gates (Snyk, SonarQube, OWASP ZAP) Conduct and coordinate penetration testing (internal and third-party); triage and drive remediation Deploy runtime threat detection (GuardDuty, Falco, Wazuh) Manage secrets detection and scanning … agents, and anomaly alerting What success looks like: 3 months Deploy SAST tooling (SonarQube) across all repositories with automated PR scanning Implement DAST scanning (OWASP ZAP) for staging environments with scheduled scans Deploy secrets detection tooling (e.g., GitLeaks, TruffleHog) across all repositories Establish a baseline security posture through initial penetration ...