operations teams on bug fixes, retesting, and verifying patches in staging and production-mirroring environments. Quality & Best Practices • Champion infrastructure and security testing best practices, including vulnerability scanning (e.g., OWASP ZAP, Nessus), compliance checks, and disaster-recovery validations. • Contribute to continuous improvement by proposing new testing tools, frameworks, and process enhancements to raise overall system reliability and observability. Agile & Cross More ❯
Reading, Berkshire, South East, United Kingdom Hybrid / WFH Options
Bowerford Associates
teams and business stakeholders is essential. Experience working with security issues in software architecture, software development, e.g. static and/or dynamic code analysis and tools, software dependency check, OWASP Top10 testing, application threat modelling. In-depth experience working in an Agile software development environment, with classic applications as well as microservices, using modern code processing and continuous integration and … Security Architect, SDLC, Secure by Design, Architecture, Software Development, Engineering, DevOps, InfoSec, Security, Security Strategy, Best Practice, Programming, Code, C++, C#, C, .NET Core, Java, JavaScript, Node.js, Angular, React, OWASP, Agile, Application Threat Modelling, Security Policy, Security Controls, ISO 27001, NIST, GDPR, Cloud, Azure. Please note that due to a high level of applications, we can only respond to applicants More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
Akkodis
and Azure DevOps (CI/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in applicationsecurity tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
Harvey Nash
audit and privacy policies and regulations General knowledge of security technology Nice to have: Experience with PowerBI Programming skills and experience (python, java, SQL) Technical network skills Knowledge of OWASP, SANS, NIST, ISO 27001, ISF or other security-related practices Previous Banking/Financial Industry experience CISSP, CISA, CRISC, CSSLP, SABSA certifications Skills & Competencies: Vulnerability management Risk reporting Programming Data More ❯
EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯
EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯
Bracknell, Berkshire, United Kingdom Hybrid / WFH Options
Ivanti
Experience with Azure Managed Services, Docker, Kubernetes, Terraform, Helm Experience building modern web apps using Angular and Typescript Experience working in Azure DevOps managing backlogs etc Working knowledge of OWASPsecurity best practices Knowledge of working with FedRamp compliance Our Employer Commitment This job posting will remain active until a qualified candidate is identified. At Ivanti, we are committed to More ❯
Contribute to the development of security policies, procedures, and best practices. Requirements: Proven experience in applicationsecurity, penetration testing, and secure software development practices. Strong understanding of security vulnerabilities (OWASP Top 10, etc.) and secure coding techniques. Experience with security tools (e.g., static/dynamic analysis tools, vulnerability scanners). Familiarity with common web technologies (e.g., Java, Python, JavaScript, SQL More ❯
Farnborough, Hampshire, South East, United Kingdom
Gama Group Limited
or preferably SOC2 Type 2 Strong understanding of applicationsecurity, cloud infrastructure, and DevOps practices Awareness of industry frameworks, such as NCSC Cyber Assessment Framework, Cyber Essentials Plus and OWASP Experience managing and selecting 3rd party vendors for audit and penetration testing Experience interacting with customer security and data privacy teams Experience conducting or managing penetration tests and security audits More ❯
testing and ethical hacking. Strong understanding of cloud security (AWS, Azure, GCP). Familiarity with Go and Node.js application security. Experience with TEE technologies or confidential computing. Knowledge of OWASP Top 10, CVEs, and secure coding practices. Proficiency with tools like Burp Suite, Metasploit, Nmap, Wireshark, etc. Certifications such as OSCP, CEH, or GIAC are a plus. Nice to Have More ❯
restore, user management, RDS troubleshooting Web & Security Concepts: NGINX, web servers, reverse proxies, path-based/host-based routing Session handling, load balancing (stateful vs stateless) Security best practices, OWASP Top 10, WAF (configuration/training), network-level security, RBAC, IAM policies Candidate Expectations: The ideal candidate should be able to: Explain best practices around CI/CD pipeline design More ❯
Tunbridge Wells, Kent, England, United Kingdom Hybrid / WFH Options
FPSG Connect
maturity frameworks such as DSOMM, including hands-on delivery (code, configuration, documentation, tooling) Designing, building, operate, monitoring secure solutions across complex platforms Ensuring internal and industry security standards (e.g. OWASP CI/CD, SAMM) are adhered to across systems Managing and improving cloud security posture (Azure Defender, Prisma Cloud etc) Implementing and optimising observability platforms for holistic system monitoring Supporting … software estates, including deployment pipelines, rollback strategies, and uptime monitoring Practical experience building automated security test suites into CI/CD workflows Familiarity with security frameworks such as DSOMM, OWASP, and SAMM Suitability: This role is a technical hands-on security engineering role, it is NOT GRC focused. It would be well-suited to experienced Security Engineers or Developers with … annual leave with buy/sell options + Private healthcare + Extensive Wellbeing services and employee discounts Key Technical Terms Security Engineering, Cybersecurity Engineer, Information Security Specialist, Salesforce, Azure, OWASP CI/CD, DSOMM, SAMM, Cloud Security Posture Management, Prisma Cloud, Azure Defender, Snyk, Checkmarx, OpenZAP, Qualys, DAST, SAST, CI/CD, Infrastructure Security, Auth0, Secure APIs, Networking Protocols, DevSecOps More ❯
Royal Tunbridge Wells, Kent, UK Hybrid / WFH Options
FPSG
maturity frameworks such as DSOMM, including hands-on delivery (code, configuration, documentation, tooling) Designing, building, operate, monitoring secure solutions across complex platforms Ensuring internal and industry security standards (e.g. OWASP CI/CD, SAMM) are adhered to across systems Managing and improving cloud security posture (Azure Defender, Prisma Cloud etc) Implementing and optimising observability platforms for holistic system monitoring Supporting …/IP, UDP, and cloud network architecture (VPNs, subnets, zones) Practical experience building automated security test suites into CI/CD workflows Familiarity with security frameworks such as DSOMM, OWASP, and SAMM Suitability: This role is a technical hands-on security engineering role, it is NOT GRC focused. It would be well-suited to experienced Security Engineers or Developers with … buy/sell options + Private healthcare + Extensive Wellbeing services and employee discounts Key Technical Terms Security Engineering, Cybersecurity Engineer, Information Security Specialist, Salesforce, Vlocity, Salesforce INdustries, Azure, OWASP CI/CD, DSOMM, SAMM, Cloud Security Posture Management, Prisma Cloud, Azure Defender, Snyk, Checkmarx, OpenZAP, Qualys, DAST, SAST, CI/CD, Infrastructure Security, Auth0, Secure APIs, Networking Protocols, DevSecOps More ❯
Minimum 5 years of practical penetration testing experience (web, infrastructure, external/internal). Experience in scoping penetration testing assessments. Strong knowledge of security testing methodologies and frameworks (eg, OWASP, NIST). Proficiency with industry-standard tools (eg, Burp Suite, Nmap, Metasploit, Kali Linux). Excellent written and verbal communication skills. O ne of the following qualifications is essential: OSCP More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
SR2
harden complex systems against evolving threats. Required Skills and Experience: Proven experience conducting penetration testing across web apps, APIs, infrastructure, and cloud environments (AWS, Azure, GCP) Strong understanding of OWASP Top 10 , CVSS, and secure coding principles Experience with tools such as Burp Suite , Nmap , Metasploit , Kali , and custom scripts Familiarity with MITRE ATT&CK , red teaming methodologies, and reporting More ❯
will help you succeed Technical Skills: Experience with Governance, Risk, and Compliance (GRC) tools (preferred: OneTrust). Familiarity with AGILE methodologies, preferably Atlassian/Jira. Understanding of ApplicationSecurity (OWASP Top 10). Knowledge of web development technologies and programming languages. Proficiency with security assessment tools and techniques. Understanding of legal and regulatory obligations related to information security. Risk Management More ❯
/negotiate technical outcomes with 3rd parties, including conflict resolution due to changing priorities. Experience of using common information security management frameworks, such as NIST, PCI, GDPR, ISO Series, OWASP the IT Infrastructure Library (ITIL), the ISF Standards of Good Practice (SoGP) and ISACA's Control Objectives for Information and related Technology (COBIT) frameworks. Actively represent the security organisation within More ❯
using IIS. Full understanding of the MVC pattern, REST APIs and asp.net controllers are a must. Web developers should be aware of security vulnerabilities, such as those identified in OWASP, and their code should mitigate these threats. Knowledge Required: You will need experience in the design, creation and maintenance of websites across multiple platforms. The most important duties and responsibilities More ❯
teams Skills You’ll Need: 2-5+ years in penetration testing (network, web, cloud, etc.) Mastery of tools like Burp Suite, Metasploit, Cobalt Strike, Nmap Deep knowledge of OWASP Top 10, MITRE ATT&CK, and exploitation techniques Strong communication skills (you’ll explain risks to both tech & non-tech stakeholders) Certifications like OSCP, eCPPT, CREST CPSA/CRT, or More ❯
Technologies: C++ Python TCP/IP networking Test Plans Test Execution Linux Server windows server QA ISTQB AWS Services system programming owaspsecurity VMware debugging skills multithreaded software A Software Test Engineer is required to join the software QA test team of our Buckinghamshire based client, a manufacturer of software for the telecommunications and speech processing market. This is a More ❯
Brighton, Sussex, United Kingdom Hybrid / WFH Options
Tillo Inc
you have experience with PHP testing frameworks and methodologies API testing Creating and executing performance load testing strategies Creating and executing security testing strategies Testing in a fintech business OWASP Top 10 and secure development principles AWS services Benefits We offer all our employees trust and empower our team to work with flexibility and autonomy. We're a close-knit More ❯
Jam Management Consultancy Limited T/A JAM RECRUITMENT
equivalent) 3+ years’ experience in professional software development Deep expertise in C# , SQL , and Microsoft SQL Server Solid understanding of Git and experience in Agile environments Bonus: Familiarity with OWASP ASVS , secure development standards, and modern UI frameworks like React Why Apply Work on worldwide projects with real impact. Be part of a collaborative, agile team focused on innovation. Gain More ❯
Basic Knowledge on security models such as ITIL, ISO27002, PCI DSS and Cobit 5 Experience on Security tools & Technologies Integration of testing mechanisms with industry best practices such as OWASP & NIST Good Understanding of IT security policy, procedure, design, and implementation. Behavioral Skills – Ability to handle multiple strategic & critical projects/deliveries simultaneously Effective interpersonal, Coaching, team building and communication More ❯
Information Security Engineer Buckinghamshire – 1 or 2 days a week in the office Up to £70,000 salary plus a discretionary bonus of up to 15% After a transformative 3-year change initiative, they have outlined a strategic 5-year More ❯