23 of 23 Contract OWASP Jobs in England

Docker and/or Kubernetes Development Practices - Mandatory RESTful API design, development, and life cycle management Secure development - SAST/DAST tooling, code review, OWASP awareness Technical documentation to a high standard On-site in Taunton, Somerset - 2 days per week minimum Desirable Skills & Experience Legacy Windows technologies - Win32 ...

Docker and/or Kubernetes Development Practices - Mandatory RESTful API design, development, and life cycle management Secure development - SAST/DAST tooling, code review, OWASP awareness Technical documentation to a high standard On-site in Taunton, Somerset - 2 days per week minimum Desirable Skills & Experience Legacy Windows technologies - Win32 ...

GitHub Actions , CircleCI (or similar) Monitoring & logging: Prometheus , Grafana , ELK stack (or equivalent) DevSecOps: integrating security into pipelines and delivery (e.g., SonarQube , Snyk , OWASP practices) If you'd like to discuss this DevOps Engineer role in more detail, please send your updated CV to (url removed) and I will ...

similar Tools to Accelerate Engineering Workflows Deep Application Security Expertise: SAST/SCA/DAST/Secret Scanning Secure Code Review Threat Modelling (OWASP Top 10, API Top 10, LLM Security Risks) Experience Integrating Security Tooling into Developer Pipelines (GitLab/GitHub, CI/CD) Understanding of Prompt Injection, Jailbreak ...

conducting threat modelling (e.g. STRIDE, attack trees) and risk analysis Strong understanding of security frameworks and best practice such as ISO 27001, NIST, CIS, OWASP, NCSC guidance Experience working in the UK Public Sector and associated security standards and guidance including GovAssure/NCSC CAF, HMG Security Policy Framework. Knowledge ...

Essentials), and drive secure-by-design practices. Essential Skills: Designing & implementing secure cloud/infrastructure architectures Risk assessment & maintaining risk registers (ISO 31000, FAIR, OWASP) Knowledge of Gov Assure, CAF, ISO 27001, Cyber Essentials, NIST Conducting/supporting security audits & remediation Platform security (Entra ID, M365 E5, Azure IaaS/ ...

frameworks and best practices. Experience designing solutions across cloud platforms such as Microsoft Azure or AWS. Knowledge of secure architecture and development practices (e.g. OWASP, NCSC principles). Experience with DevOps, CI/CD pipelines and modern software delivery practices. Strong knowledge of microservices, APIs and web services (REST, SOAP ...

doing Lead backend architecture – Define and evolve scalable, secure, high-performance backend systems Set engineering standards – Champion best practices, secure coding (OWASP), and high-quality delivery Hands-on technical contribution – Support critical backend work and review complex code Guide teams & mentor engineers – Facilitate design discussions, code reviews, and technical decision ...

Infrastructure as Code (Terraform or CDK) Strong grounding in clean architecture, SOLID principles, and code maintainability Knowledge of API integration and secure development practices (OWASP) What you'll be doing: Delivering end-to-end software solutions in a modern tech stack Working closely with product managers, QA, and engineering leadership ...

Bases, Guardrails, and model lifecycles. AI/ML Core: Mastery of FMs, RAG, tool-use, and non-deterministic agent logic. Security Frameworks: Proficiency in OWASP LLM Top 10 and NIST AI RMF . Role 1: Identity Expert Mission: Secure the "Human-to-Agent" and "Agent-to-Resource" identity chain. ...

Experience with mobile analytics, crash reporting, and APM tools (eg Firebase, Dynatrace, App Center) Understanding of secure coding practices and mobile security frameworks (eg OWASP Mobile) Experience with mobile device management (MDM) or enterprise distribution Familiarity with cross-platform considerations, even if primarily native-focused Scope & Accountability Responsible for hands ...

lifecycle). AI/ML Foundations: Deep understanding of FMs, RAG , non-deterministic agents, and complex tool-use. Secure AI: Expert-level knowledge of OWASP LLM Top 10 and Agentic AI threats . Familiarity with NIST AI RMF is a massive plus! Your Mission: Identity & Access Specialist As our Identity ...

within Defence, Government, or other secure environments Previous experience working with Army or MOD systems Knowledge of secure development and architecture principles Understanding of OWASP, NCSC Cloud Security Principles, and GDPR Experience delivering complex technology transformation or modernisation programmes Strong communication and stakeholder management skills Desirable: Experience working within SFIA ...

accreditors to define security requirements and advise on risk mitigation strategies. Ensure adherence to security frameworks, regulatory requirements, and industry standards including GDPR, OWASP, and NCSC principles. Support the design and implementation of DevSecOps pipelines, secure CI/CD processes, and automated security tooling. Contribute to enterprise security strategy, architecture … development lifecycle (SSDLC) practices. Knowledge of secure architecture patterns, secure web application development, and API security. Experience implementing and governing security controls aligned to OWASP, NCSC Cloud Security Principles, and GDPR. Strong understanding of authentication and authorisation technologies including SAML, OAuth2, OpenID Connect, Active Directory, ADFS, and LDAP. Experience supporting ...

governance, assurance, and risk evaluation Design cloud-based solutions using Azure and/or AWS Produce architectural documentation, models, and prototypes Ensure compliance with OWASP, NCSC, and GDPR standards Contribute to architecture governance, standards, and best practices Support stakeholder engagement, bids, and technical assurance activities Mentor junior engineers and architects … Defence, Government, or secure environments Active SC Clearance (essential) Strong experience delivering complex, enterprise-scale systems Knowledge of secure development lifecycles (SSDLC) Experience with OWASP, NCSC Cloud Principles, GDPR Strong cloud experience (Azure and/or AWS) Background in microservices, APIs, and integration patterns Experience with DevOps and CI/ ...

metrics and continuous testing for core AI risks, including hallucinations, memorisation, algorithmic bias, uncertainty, and model drift . Regulatory Compliance Evidence: Map threat models (OWASP LLM Top 10, Agentic threats) to automated test cases. Produce the technical testing evidence required by EU AI Act Article 15 , DORA , and FCA Operational … configuring, testing, and bypassing Bedrock Guardrails, Agents, and Knowledge Bases (RAG) . AI Security & Fundamentals: Solid understanding of Foundation Models, tool use (function calling), OWASP LLM Top 10 , and NIST AI RMF . Automation Stack: Strong Python development skills, experience with AI eval tools (Garak, Pyrit, Ragas), and building complex ...

metrics and continuous testing for core AI risks, including hallucinations, memorisation, algorithmic bias, uncertainty, and model drift . Regulatory Compliance Evidence: Map threat models (OWASP LLM Top 10, Agentic threats) to automated test cases. Produce the technical testing evidence required by EU AI Act Article 15 , DORA , and FCA Operational … configuring, testing, and bypassing Bedrock Guardrails, Agents, and Knowledge Bases (RAG) . AI Security & Fundamentals: Solid understanding of Foundation Models, tool use (function calling), OWASP LLM Top 10 , and NIST AI RMF . Automation Stack: Strong Python development skills, experience with AI eval tools (Garak, Pyrit, Ragas), and building complex ...

Centralised Eval Platform: Operate a firm-wide service to measure success rates, uncertainty, hallucination, and bias across all non-deterministic systems. Secure Architecture: Map OWASP LLM Top 10 and agentic threats to technical controls; manage AWS Bedrock Guardrails and Knowledge Bases. AI Supply Chain: Own the AI-BOM , ensuring supply … Depth: Strong grasp of FMs, RAG, tool-use, and the failure modes of agentic workflows. Security & Compliance: Deep knowledge of NIST AI RMF, OWASP LLM Top 10, and UK/EU financial regulations (FCA/DORA). Testing Automation: Proven ability to build measurement frameworks for drift, memorization, and adversarial ...

Centralised Eval Platform: Operate a firm-wide service to measure success rates, uncertainty, hallucination, and bias across all non-deterministic systems. Secure Architecture: Map OWASP LLM Top 10 and agentic threats to technical controls; manage AWS Bedrock Guardrails and Knowledge Bases. AI Supply Chain: Own the AI-BOM , ensuring supply … Depth: Strong grasp of FMs, RAG, tool-use, and the failure modes of agentic workflows. Security & Compliance: Deep knowledge of NIST AI RMF, OWASP LLM Top 10, and UK/EU financial regulations (FCA/DORA). Testing Automation: Proven ability to build measurement frameworks for drift, memorization, and adversarial ...

Centralised Eval Platform: Operate a firm-wide service to measure success rates, uncertainty, hallucination, and bias across all non-deterministic systems. Secure Architecture: Map OWASP LLM Top 10 and agentic threats to technical controls; manage AWS Bedrock Guardrails and Knowledge Bases. AI Supply Chain: Own the AI-BOM , ensuring supply … Depth: Strong grasp of FMs, RAG, tool-use, and the failure modes of agentic workflows. Security & Compliance: Deep knowledge of NIST AI RMF, OWASP LLM Top 10, and UK/EU financial regulations (FCA/DORA). Testing Automation: Proven ability to build measurement frameworks for drift, memorization, and adversarial ...

Centralised Eval Platform: Operate a firm-wide service to measure success rates, uncertainty, hallucination, and bias across all non-deterministic systems. Secure Architecture: Map OWASP LLM Top 10 and agentic threats to technical controls; manage AWS Bedrock Guardrails and Knowledge Bases. AI Supply Chain: Own the AI-BOM , ensuring supply … Depth: Strong grasp of FMs, RAG, tool-use, and the failure modes of agentic workflows. Security & Compliance: Deep knowledge of NIST AI RMF, OWASP LLM Top 10, and UK/EU financial regulations (FCA/DORA). Testing Automation: Proven ability to build measurement frameworks for drift, memorization, and adversarial ...

Expert, you will lead the organisation's Generative AI security strategy. Key responsibilities include: Advanced Threat Modelling: Leading structured sessions using STRIDE and OWASP LLM/Agentic frameworks to map out attack trees for complex, non-deterministic systems. Adversarial Engineering: Translating emerging threats-such as Prompt Injection, Sleeper Agents … deep knowledge of FCA compliance and DORA. Solid grasp of Foundation Models (FMs), RAG, and the risks of non-deterministic agentic behavior. Mastery of OWASP LLM Top 10 and the NIST AI Risk Management Framework. Hands-on experience securing AWS Bedrock and governing the full AI model lifecycle. Ability ...

Expert, you will lead the organisation's Generative AI security strategy. Key responsibilities include: Advanced Threat Modelling: Leading structured sessions using STRIDE and OWASP LLM/Agentic frameworks to map out attack trees for complex, non-deterministic systems. Adversarial Engineering: Translating emerging threats-such as Prompt Injection, Sleeper Agents … deep knowledge of FCA compliance and DORA. Solid grasp of Foundation Models (FMs), RAG, and the risks of non-deterministic agentic behavior. Mastery of OWASP LLM Top 10 and the NIST AI Risk Management Framework. Hands-on experience securing AWS Bedrock and governing the full AI model lifecycle. Ability ...