Birmingham, West Midlands, West Midlands (County), United Kingdom
ARM
utilisation. * Secure Architecture and DevSecOps Integration o Define and govern secure architecture standards across development teams, ensuring alignment with enterprise security policies, regulatory requirements, and industry frameworks (e.g., NIST, OWASP, ISO 27001). o Lead the strategic integration of security into DevOps pipelines, embedding security controls and automated testing into CI/CD workflows to enable secure-by-design delivery. More ❯
EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯
EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯
Birmingham, Staffordshire, United Kingdom Hybrid / WFH Options
Square One Resources
traffic patterns using tools such as Splunk, Wireshark, or custom scripts. Experience working with at least three major WAF vendors (e.g., Akamai, F5, AWS, GCP). Familiarity with the OWASP Top 10 and modern web attack techniques. Desirable Skills/Experience Experience in DevSecOps practices and pipeline automation. Security engineering expertise alongside WAF specialism. Experience reverse-engineering exploits to develop More ❯
reducing false positives, and validating control efficacy in production-like conditions. Scope Includes: Hands-on tuning experience with Akamai and F5 (minimum 1 of each). Custom rule creation , OWASP rule tuning (especially for F5), false positive reduction. Log analysis and data-driven tuning based on real traffic. Support for cloud-native WAF tuning (all three Cloud providers) -not deployment More ❯
A focus on tuning rules, analysing data, reducing false positives, and validating control efficacy in production-like conditions. Scope Includes: Hands-on tuning experience with Akamai. Custom rule creation , OWASP rule tuning (especially for F5), false positive reduction. Log analysis and data-driven tuning based on real traffic. Support for cloud-native WAF tuning (all three Cloud providers) -not deployment More ❯
