11 of 11 Contract OWASP Jobs in England

cycles. Advise on secrets management, IAM, and secure deployment practices. Educate and collaborate with development and operations teams on security best practices. Required Skills & Experience Strong application security knowledge (OWASP Top 10, API security). Manual pentesting experience on modern web apps, APIs, and CI/CD pipelines. Deep understanding of DevSecOps practices, secure SDLC, threat modeling, and secure design More ❯

communication and coaching skills Strong stakeholder management abilities Quality-first mindset Preferred Skills Experience with automation tools (JUnit, Playwright, Selenium, Cucumber) Familiarity with performance testing (Gatling) and security testing (OWASP Zap) Knowledge of containerisation (Docker, Kubernetes) and cloud environments (AWS) Accessibility testing expertise (WCAG, Wave, Axe More ❯

the techniques to except * Ideally some AppSec/DevSecOps or Ethical Hacking experience - with a good understanding of Web Application attacks and security; they must be familiar with the OWASP Top 10 * Identification and crafting of complex custom WAF rules & features to mitigate MVP and security posture gaps. * Crafting efficacy testing for baseline & custom rules and features and integrating testing More ❯

Keep up to date with latest vulnerabilities, exploit techniques, and pentesting tools. Essential Skills & Experience 37+ years in penetration testing, red teaming, or offensive security. Strong application security knowledge (OWASP Top 10, API security). Proven end-to-end pentest experience: internal, external, cloud, AD, web apps, APIs. Familiarity with pentest reporting formats (CVSS, MITRE ATT&CK mapping). Comfortable More ❯

WAF PoCs, new features, and cost-effective solutions Maintain clear documentation of tuning procedures and configurations Experience Required: Strong background in SOC, AppSec, or Ethical Hacking Deep understanding of OWASP Top 10 and web security principles Hands-on experience with WAF platforms (e.g. Akamai, F5, AWS, GCP) Skilled in log analysis tools (e.g. Splunk, Wireshark) Excellent problem-solving and communication More ❯

designs, and ensure integration with SIEM and monitoring systems. Demonstrated proficiency in network/system security (firewalls, IDS/IPS, micro-segmentation), IAM (RBAC, ABAC, JWT), secure coding practices (OWASP, SANS), and hands-on experience with tools like Trellix, Ivanti, ClearSwift. Deep knowledge of Kubernetes and container security (RBAC, network policies, runtime protection), CI/CD pipeline hardening (Git, SonarQube More ❯

perform sample-based and full reconciliations, prove data quality and completeness before/after cutover Non-functional support: Contribute to performance, reliability and basic security test activities (e.g., JMeter, OWASP awareness). Environment & test data: Coordinate environments, seed/refresh masked datasets, maintain repeatable test data sets. Readiness & cutover: Support go/no-go criteria, warranty/hypercare defect burn More ❯

perform sample-based and full reconciliations, prove data quality and completeness before/after cutover Non-functional support: Contribute to performance, reliability and basic security test activities (e.g., JMeter, OWASP awareness). Environment & test data: Coordinate environments, seed/refresh masked datasets, maintain repeatable test data sets. Readiness & cutover: Support go/no-go criteria, warranty/hypercare defect burn More ❯

and data visualizations for AI-powered tools. Skilled in integrating front-end applications with APIs (REST, GraphQL, WebSockets) and backend services. Deep understanding of front-end security practices (e.g., OWASP, CSP, input sanitization, role-based access). Familiarity with secure API design, token management, and data privacy obligations (e.g., GDPR, ISO 27001). Ability to build modular, reusable components aligned … OpenAI, Azure App Services, Azure AD authentication Cybersecurity: CSP headers, XSS/CSRF protection, OAuth2 flows, JWT encryption Front-end logging for anomaly detection and audit trails Familiarity with OWASP guidelines and secure SDLC practices DevOps: GitHub Actions, Docker, Terraform, security scans in CI/CD (e.g., Snyk, Dependabot or similar). Monitoring: Google Cloud Operations Suite, Azure Monitor More ❯

and data visualizations for AI-powered tools. Skilled in integrating front-end applications with APIs (REST, GraphQL, WebSockets) and backend services. Deep understanding of front-end security practices (e.g., OWASP, CSP, input sanitization, role-based access). Familiarity with secure API design, token management, and data privacy obligations (e.g., GDPR, ISO 27001). Ability to build modular, reusable components aligned … OpenAI, Azure App Services, Azure AD authentication Cybersecurity: CSP headers, XSS/CSRF protection, OAuth2 flows, JWT encryption Front-end logging for anomaly detection and audit trails Familiarity with OWASP guidelines and secure SDLC practices DevOps: GitHub Actions, Docker, Terraform, security scans in CI/CD (e.g., Snyk, Dependabot or similar). Monitoring: Google Cloud Operations Suite, Azure Monitor More ❯

techniques to except Ideally some AppSec/DevSecOps or Ethical Hacking experience - need a good understanding of Web Application attacks and security; they must have deep knowledge of the OWASP Top 10 If they have Hands-on tuning experience with F5. Custom rule creation , OWASP rule tuning (especially for F5), false positive reduction. Log analysis and data-driven tuning based More ❯