22 of 22 OWASP Jobs in the South East

experience with CI/CD security integration (GitLab CI or similar) Familiarity with SAST/DAST tooling and dependency scanning Understanding of common vulnerabilities (OWASP Top 10) and remediation Previous experience working as a back end or full stack developer Knowledge of GDPR and data protection legislation Strong communicator; able ...

Infrastructure as Code (Terraform), observability tooling (Grafana, Kibana, Datadog, CloudWatch), automated testing (NUnit, xUnit, Cypress, Playwright), Git-based workflows, and secure development practices including OWASP, secrets management and Vault. Ways of Working , Comfortable in Scrum/Kanban environments with strong communication skills; experienced with Jira, Confluence, Slack and MS Teams ...

automated testing using tools such as NUnit, Jasmine and Selenium Good knowledge of SOLID principlesDesirable Skills: Containers xkybehq (docker, K8s) Security best practice (OWASP top ten) OpenIDConnect/Identity server MS SQL Server Azure DevOps, TeamCity Infrastructure as Code (Bicep, ARM templates, Terraform) Please apply now or contact for more ...

automated testing using tools such as NUnit, Jasmine and Selenium Good knowledge of SOLID principles Desirable Skills: Containers (docker, K8s) Security best practice (OWASP top ten) OpenIDConnect/Identity server MS SQL Server Azure DevOps, TeamCity Infrastructure as Code (Bicep, ARM templates, Terraform) Please apply now or contact for more ...

Operations role within a large or complex enterprise environment. Strong understanding of cybersecurity standards and frameworks, including ISO 27001, NIST 800 53, CIS Controls, OWASP, and SOC1/2. Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy. ...

frameworks and best practices. Experience designing solutions across cloud platforms such as Microsoft Azure or AWS. Knowledge of secure architecture and development practices (e.g. OWASP, NCSC principles). Experience with DevOps, CI/CD pipelines and modern software delivery practices. Strong knowledge of microservices, APIs and web services (REST, SOAP ...

experience in secure software development, particularly with Java or .NET frameworks. Solid understanding of secure development lifecycle practices and industry security standards (e.g., GDPR, OWASP, NCSC cloud security principles). Demonstrated ability to work collaboratively within multi-disciplinary teams and influence at senior levels. Proficiency in modern technologies such ...

doing Lead backend architecture – Define and evolve scalable, secure, high-performance backend systems Set engineering standards – Champion best practices, secure coding (OWASP), and high-quality delivery Hands-on technical contribution – Support critical backend work and review complex code Guide teams & mentor engineers – Facilitate design discussions, code reviews, and technical decision ...

knowledge of security products including WAFs, SIEM, AV, email/web gateways, firewalls, load balancers, ACLs, TCP/IP, routing, and switching Familiarity with OWASP, SASE, zero-trust, and risk-based vulnerability management Background in infrastructure and networks Working towards or holding CISSP, SANS GCIA, CompTIA Security+, CCNA/CCNP ...

years' experience in Information Security and Data Protection, with a good understanding of IT systems, web operations, cloud platforms, and secure coding practices (including OWASP). Comfortable engaging at all levels of the organisation and externally, with the gravitas to influence security and privacy outcomes and reduce the impact ...

Essentials), and drive secure-by-design practices. Essential Skills: Designing & implementing secure cloud/infrastructure architectures Risk assessment & maintaining risk registers (ISO 31000, FAIR, OWASP) Knowledge of Gov Assure, CAF, ISO 27001, Cyber Essentials, NIST Conducting/supporting security audits & remediation Platform security (Entra ID, M365 E5, Azure IaaS/ ...

adversarial TTPs • Proven ability to identify, validate, and clearly articulate vulnerabilities and risk • Experience producing high-quality reports with clear remediation guidance • Knowledge of OWASP and application security principles • Experience with automated, dynamic, and static security testing tools • Ability to perform threat modelling and attack surface analysis • Experience working with ...

years of hands-on penetration testing experience across network, web, cloud, internal, red team, or purple team environments Excellent knowledge of: MITRE ATT&CK OWASP Threat modelling Attack surface analysis Experience with automated, dynamic, and static security testing tools Knowledge of regulatory frameworks including GDPR, PCI-DSS, and related compliance ...

within Defence, Government, or other secure environments Previous experience working with Army or MOD systems Knowledge of secure development and architecture principles Understanding of OWASP, NCSC Cloud Security Principles, and GDPR Experience delivering complex technology transformation or modernisation programmes Strong communication and stakeholder management skills Desirable: Experience working within SFIA ...

architecture, dev-sec-ops, and network security. Experience in browser security or mobile app security is desirable. Good understanding of industry standards such as OWASP ASVS, OWASP Top-10, CIS benchmarks. Hands-on experience with complex Azure and AWS architectures with an emphasis on containerised workloads. Command-line/ ...

knowledge of SOLID principles. Experience creating RESTful APIs and ensuring API extensibility. You will have an advantage if you also have: Security best practice (OWASP top ten). Windows services experience. What’s in it for you? Learn more about the Benefits at NICE. Join an ever-growing, market‐disrupting ...

accreditors to define security requirements and advise on risk mitigation strategies. Ensure adherence to security frameworks, regulatory requirements, and industry standards including GDPR, OWASP, and NCSC principles. Support the design and implementation of DevSecOps pipelines, secure CI/CD processes, and automated security tooling. Contribute to enterprise security strategy, architecture … development lifecycle (SSDLC) practices. Knowledge of secure architecture patterns, secure web application development, and API security. Experience implementing and governing security controls aligned to OWASP, NCSC Cloud Security Principles, and GDPR. Strong understanding of authentication and authorisation technologies including SAML, OAuth2, OpenID Connect, Active Directory, ADFS, and LDAP. Experience supporting ...

Play a key role within a leading investment bank, partnering with technical and business stakeholders to deliver secure solutions across networks, applications, and cloud environments. Utilise expertise in IAM, cryptography, secure development, information management, and ...

metrics and continuous testing for core AI risks, including hallucinations, memorisation, algorithmic bias, uncertainty, and model drift . Regulatory Compliance Evidence: Map threat models (OWASP LLM Top 10, Agentic threats) to automated test cases. Produce the technical testing evidence required by EU AI Act Article 15 , DORA , and FCA Operational … configuring, testing, and bypassing Bedrock Guardrails, Agents, and Knowledge Bases (RAG) . AI Security & Fundamentals: Solid understanding of Foundation Models, tool use (function calling), OWASP LLM Top 10 , and NIST AI RMF . Automation Stack: Strong Python development skills, experience with AI eval tools (Garak, Pyrit, Ragas), and building complex ...

Centralised Eval Platform: Operate a firm-wide service to measure success rates, uncertainty, hallucination, and bias across all non-deterministic systems. Secure Architecture: Map OWASP LLM Top 10 and agentic threats to technical controls; manage AWS Bedrock Guardrails and Knowledge Bases. AI Supply Chain: Own the AI-BOM , ensuring supply … Depth: Strong grasp of FMs, RAG, tool-use, and the failure modes of agentic workflows. Security & Compliance: Deep knowledge of NIST AI RMF, OWASP LLM Top 10, and UK/EU financial regulations (FCA/DORA). Testing Automation: Proven ability to build measurement frameworks for drift, memorization, and adversarial ...

Centralised Eval Platform: Operate a firm-wide service to measure success rates, uncertainty, hallucination, and bias across all non-deterministic systems. Secure Architecture: Map OWASP LLM Top 10 and agentic threats to technical controls; manage AWS Bedrock Guardrails and Knowledge Bases. AI Supply Chain: Own the AI-BOM , ensuring supply … Depth: Strong grasp of FMs, RAG, tool-use, and the failure modes of agentic workflows. Security & Compliance: Deep knowledge of NIST AI RMF, OWASP LLM Top 10, and UK/EU financial regulations (FCA/DORA). Testing Automation: Proven ability to build measurement frameworks for drift, memorization, and adversarial ...

Expert, you will lead the organisation's Generative AI security strategy. Key responsibilities include: Advanced Threat Modelling: Leading structured sessions using STRIDE and OWASP LLM/Agentic frameworks to map out attack trees for complex, non-deterministic systems. Adversarial Engineering: Translating emerging threats-such as Prompt Injection, Sleeper Agents … deep knowledge of FCA compliance and DORA. Solid grasp of Foundation Models (FMs), RAG, and the risks of non-deterministic agentic behavior. Mastery of OWASP LLM Top 10 and the NIST AI Risk Management Framework. Hands-on experience securing AWS Bedrock and governing the full AI model lifecycle. Ability ...