12 of 12 OWASP Jobs in Berkshire

Implement secure design principles including encryption, secrets management, OAuth2/OIDC, network segmentation, and least-privilege IAM. Ensure alignment with industry standards such as OWASP, NIST, CIS Benchmarks, PCI DSS, and ISO 27001. Observability & Resilience Define logging, metrics, and tracing using OpenTelemetry and CloudWatch. Design for high availability and disaster ...

systems and TCP/IP networking protocols Proven ability to perform source code reviews and application security analysis Advanced understanding of web application vulnerabilities (OWASP Top 10) and mitigation strategies Excellent report writing and executive communication skills—ability to translate technical findings into business risk Ability to work autonomously ...

Security & Compliance Implement secure design: encryption, secret management, secure SDLC, API security (OAuth2/OIDC), network segmentation, least privilege in IAM. Align with standards (OWASP, NIST, CIS Benchmarks, PCI/ISO 27001 where applicable). Observability & Resilience Define logging, metrics, tracing (OpenTelemetry), health checks, circuit breakers, retries, and backoff strategies. ...

technical security concepts to technical and non-technical audiences including executives. Perform technical quality reviews and conduct technical conversations directly with clients. Confident with OWASP Top 10 and SANS Top 25 vulnerabilities; ability to effectively communicate methodologies and techniques with development teams. Utilize tools such as BurpSuite, Nessus, Nmap, Kali ...

phases. Experience working in Agile and/or Waterfall delivery models. Understanding of API technologies, integration patterns, and associated testing approaches. Working knowledge of OWASP standards and secure testing practices. Hands-on experience delivering end-to-end test solutions across distributed software ecosystems. Experience embedding testing within modern CI/ ...

experience testing distributed systems and microservices architectures. Knowledge of resilience patterns with ability to design and execute resilience testing scenarios. Working knowledge of OWASP standards, common security vulnerabilities, and experience conducting or coordinating security testing including SAST, DAST, and penetration testing. Understanding of authentication and authorization frameworks (OAuth, JWT, SAML ...

experience testing distributed systems and microservices architectures. Knowledge of resilience patterns with ability to design and execute resilience testing scenarios. Working knowledge of OWASP standards, common security vulnerabilities, and experience conducting or coordinating security testing including SAST, DAST, and penetration testing. Understanding of authentication and authorization frameworks (OAuth, JWT, SAML ...

Understanding of API technologies and integration patterns (synchronous, asynchronous, event-driven) with hands-on experience testing distributed systems and microservices architectures. Working knowledge of OWASP standards, common security vulnerabilities, and experience conducting or coordinating security testing including SAST, DAST, and penetration testing. Understanding of authentication and authorization frameworks (OAuth ...

deliver the following: Web application testing API testing External & Internal Infrastructure testing (including build reviews) Mobile application testing (including knowledge of standards such as OWASP MASVS) Experience testing in any of the following areas is also desirable: Compiled application testing Cloud security reviews (including AWS & Azure) Kubernetes reviews Knowledge ...

available to start within a few weeks. Essential Skills BrowserStack for cross-device testing Experience with Ruby Cucumber/Gherkin WAVE, pa11y OWASP ZAP/Dependency Check Selenium for automation Lighthouse, Javascript debug console Knowledge of RESTful APIs and proficiency in using tools like Postman or Newman to validate data ...

available to start within a few weeks. Essential Skills BrowserStack for cross-device testing Experience with Ruby Cucumber/Gherkin WAVE, pa11y OWASP ZAP/Dependency Check Selenium for automation Lighthouse, Javascript debug console Knowledge of RESTful APIs and proficiency in using tools like Postman or Newman to validate data ...

define penetration testing scope by reviewing design and interface documents. Prepare detailed test plans, scenarios, and rules of engagement aligned with CREST and OWASP standards. Conduct API penetration testing (REST, GraphQL, SOAP) focusing on authentication, authorization, and business logic flaws. Perform UI/Web application penetration testing for vulnerabilities such … including executive summaries, technical details, and risk ratings (CVSS). Support re-testing after fixes and validate remediation effectiveness. Ensure compliance with industry standards (OWASP ASVS, API Top 10, ISO 27001, PCI-DSS). Recommend security best practices and contribute to continuous improvement of testing methodologies. Maintain strong documentation ...