22 of 22 OWASP Jobs in the South East

experience with CI/CD security integration (GitLab CI or similar) Familiarity with SAST/DAST tooling and dependency scanning Understanding of common vulnerabilities (OWASP Top 10) and remediation Previous experience working as a back end or full stack developer Knowledge of GDPR and data protection legislation Strong communicator; able ...

programmes Desirable Skills Experience with AKS/Kubernetes Experience with Sitecore XM Cloud or headless architectures Knowledge of Zero Trust security principles Familiarity with OWASP and secure development practices Microsoft Azure certifications Experience within financial services or public sector organisations Technology Environment Microsoft Azure Sitecore Azure DevOps/GitHub Actions ...

Operations role within a large or complex enterprise environment. Strong understanding of cybersecurity standards and frameworks, including ISO 27001, NIST 800 53, CIS Controls, OWASP, and SOC1/2. Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy. ...

protocols (e.g. A2A) Familiarity with MCPs for tool and context integration in agentic systems Familiarity with secure-by-design development principles (ISO 27001, NIST, OWASP) Experience in defence, national security, or similarly regulated environments Contributions to open-source AI/ML projects Soft Skills Delivery-focused - you ship working systems ...

automated testing using tools such as NUnit, Jasmine and Selenium Good knowledge of SOLID principles Desirable Skills: Containers (docker, K8s) Security best practice (OWASP top ten) OpenIDConnect/Identity server MS SQL Server Azure DevOps, TeamCity Infrastructure as Code (Bicep, ARM templates, Terraform) Please apply now or contact for more ...

knowledge of security products including WAFs, SIEM, AV, email/web gateways, firewalls, load balancers, ACLs, TCP/IP, routing, and switching Familiarity with OWASP, SASE, zero-trust, and risk-based vulnerability management Background in infrastructure and networks Working towards or holding CISSP, SANS GCIA, CompTIA Security+, CCNA/CCNP ...

Essentials), and drive secure-by-design practices. Essential Skills: Designing & implementing secure cloud/infrastructure architectures Risk assessment & maintaining risk registers (ISO 31000, FAIR, OWASP) Knowledge of Gov Assure, CAF, ISO 27001, Cyber Essentials, NIST Conducting/supporting security audits & remediation Platform security (Entra ID, M365 E5, Azure IaaS/ ...

frameworks and best practices. Experience designing solutions across cloud platforms such as Microsoft Azure or AWS. Knowledge of secure architecture and development practices (e.g. OWASP, NCSC principles). Experience with DevOps, CI/CD pipelines and modern software delivery practices. Strong knowledge of microservices, APIs and web services (REST, SOAP ...

experience in secure software development, particularly with Java or .NET frameworks. Solid understanding of secure development lifecycle practices and industry security standards (e.g., GDPR, OWASP, NCSC cloud security principles). Demonstrated ability to work collaboratively within multi-disciplinary teams and influence at senior levels. Proficiency in modern technologies such ...

doing Lead backend architecture – Define and evolve scalable, secure, high-performance backend systems Set engineering standards – Champion best practices, secure coding (OWASP), and high-quality delivery Hands-on technical contribution – Support critical backend work and review complex code Guide teams & mentor engineers – Facilitate design discussions, code reviews, and technical decision ...

framework, and security maturity models such as OpenSAMM and C2M2. Strong working knowledge of recognised security frameworks and standards, including NIST Cybersecurity Framework, OWASP, SANS Top 25, and regulatory requirements such as GDPR and PCI DSS. Demonstrated technical expertise across modern technologies and architectures, including virtualisation, cloud computing, and serverless ...

adversarial TTPs • Proven ability to identify, validate, and clearly articulate vulnerabilities and risk • Experience producing high-quality reports with clear remediation guidance • Knowledge of OWASP and application security principles • Experience with automated, dynamic, and static security testing tools • Ability to perform threat modelling and attack surface analysis • Experience working with ...

years of hands-on penetration testing experience across network, web, cloud, internal, red team, or purple team environments Excellent knowledge of: MITRE ATT&CK OWASP Threat modelling Attack surface analysis Experience with automated, dynamic, and static security testing tools Knowledge of regulatory frameworks including GDPR, PCI-DSS, and related compliance ...

within Defence, Government, or other secure environments Previous experience working with Army or MOD systems Knowledge of secure development and architecture principles Understanding of OWASP, NCSC Cloud Security Principles, and GDPR Experience delivering complex technology transformation or modernisation programmes Strong communication and stakeholder management skills Desirable: Experience working within SFIA ...

principles and deployment automation Experience with front-end technologies (HTML, JavaScript, CSS) Experience with REST/web services Familiarity with security best practices (e.g. OWASP) and code quality tooling Key Screening Points We are particularly interested in candidates who can demonstrate: Hands-on experience setting up DevOps pipelines ...

accreditors to define security requirements and advise on risk mitigation strategies. Ensure adherence to security frameworks, regulatory requirements, and industry standards including GDPR, OWASP, and NCSC principles. Support the design and implementation of DevSecOps pipelines, secure CI/CD processes, and automated security tooling. Contribute to enterprise security strategy, architecture … development lifecycle (SSDLC) practices. Knowledge of secure architecture patterns, secure web application development, and API security. Experience implementing and governing security controls aligned to OWASP, NCSC Cloud Security Principles, and GDPR. Strong understanding of authentication and authorisation technologies including SAML, OAuth2, OpenID Connect, Active Directory, ADFS, and LDAP. Experience supporting ...

metrics and continuous testing for core AI risks, including hallucinations, memorisation, algorithmic bias, uncertainty, and model drift . Regulatory Compliance Evidence: Map threat models (OWASP LLM Top 10, Agentic threats) to automated test cases. Produce the technical testing evidence required by EU AI Act Article 15 , DORA , and FCA Operational … configuring, testing, and bypassing Bedrock Guardrails, Agents, and Knowledge Bases (RAG) . AI Security & Fundamentals: Solid understanding of Foundation Models, tool use (function calling), OWASP LLM Top 10 , and NIST AI RMF . Automation Stack: Strong Python development skills, experience with AI eval tools (Garak, Pyrit, Ragas), and building complex ...

maintain scalable, secure systems Improve and modernise existing architecture with a focus on DevSecOps Lead and support the transition to microservices on AWS Ensure OWASP security standards across the codebase Participate in Agile ceremonies, code reviews, and sprint planning Mentor junior developers and uphold high engineering standards Collaborate closely with … Laravel, MySQL, JavaScript, CSS, Tailwind, Livewire Experience with React/NextJS or similar frameworks Strong AWS experience (EC2, ECS, S3, Lambda) Solid understanding of OWASP, DevSecOps, and RESTful APIs Experience with Git, CI/CD pipelines, and Agile (Scrum, Jira) Strong problem-solving skills and a collaborative mindset Nice ...

Centralised Eval Platform: Operate a firm-wide service to measure success rates, uncertainty, hallucination, and bias across all non-deterministic systems. Secure Architecture: Map OWASP LLM Top 10 and agentic threats to technical controls; manage AWS Bedrock Guardrails and Knowledge Bases. AI Supply Chain: Own the AI-BOM , ensuring supply … Depth: Strong grasp of FMs, RAG, tool-use, and the failure modes of agentic workflows. Security & Compliance: Deep knowledge of NIST AI RMF, OWASP LLM Top 10, and UK/EU financial regulations (FCA/DORA). Testing Automation: Proven ability to build measurement frameworks for drift, memorization, and adversarial ...

Centralised Eval Platform: Operate a firm-wide service to measure success rates, uncertainty, hallucination, and bias across all non-deterministic systems. Secure Architecture: Map OWASP LLM Top 10 and agentic threats to technical controls; manage AWS Bedrock Guardrails and Knowledge Bases. AI Supply Chain: Own the AI-BOM , ensuring supply … Depth: Strong grasp of FMs, RAG, tool-use, and the failure modes of agentic workflows. Security & Compliance: Deep knowledge of NIST AI RMF, OWASP LLM Top 10, and UK/EU financial regulations (FCA/DORA). Testing Automation: Proven ability to build measurement frameworks for drift, memorization, and adversarial ...

version control . Collaborate closely with Product Managers and business users in an Agile SCRUM environment. Ensure quality assurance and compliance with OWASP Top 10 and security standards. Support Provide 2nd and 3rd line support across Dynamics CRM applications. Manage incidents, service requests, and changes following ITIL processes. Monitor …/CD , DevOps , and GIT version control. Proficient in SQL , SSIS , and Azure Data Factory (ADF) . Working knowledge of Agile/SCRUM and OWASP principles. Excellent stakeholder management, communication, and problem-solving skills. Desirable Exposure to Copilot and AI-driven tools . ITIL certification or experience working in ITIL ...

Expert, you will lead the organisation's Generative AI security strategy. Key responsibilities include: Advanced Threat Modelling: Leading structured sessions using STRIDE and OWASP LLM/Agentic frameworks to map out attack trees for complex, non-deterministic systems. Adversarial Engineering: Translating emerging threats-such as Prompt Injection, Sleeper Agents … deep knowledge of FCA compliance and DORA. Solid grasp of Foundation Models (FMs), RAG, and the risks of non-deterministic agentic behavior. Mastery of OWASP LLM Top 10 and the NIST AI Risk Management Framework. Hands-on experience securing AWS Bedrock and governing the full AI model lifecycle. Ability ...