1 to 25 of 28 OWASP Jobs in the East of England

AppSec or DevSecOps, with strong experience in secure SDLC and CI/CD Hands-on knowledge of security tools like GitHub Advanced Security, Veracode, Snyk, ZAP, Burp Familiarity with OWASP, MITRE, CWE, and modern dev frameworks (C#, Java, Python, React) Knowledge of scripting languages (Python, Ruby, Rust) Excellent communication skills to bridge tech and business stakeholders Passion for building scalable More ❯

AppSec or DevSecOps, with strong experience in secure SDLC and CI/CD Hands-on knowledge of security tools like GitHub Advanced Security, Veracode, Snyk, ZAP, Burp Familiarity with OWASP, MITRE, CWE, and modern dev frameworks (C#, Java, Python, React) Knowledge of scripting languages (Python, Ruby, Rust) Excellent communication skills to bridge tech and business stakeholders Passion for building scalable More ❯

authorization practices, audit logging, encryption at rest/in transit, and other application security standards. Ensure software and infrastructure meet organizational security and compliance requirements (e.g., GDPR, ISO 27001, OWASP Top 10). Team Management & Culture Build and scale high-performance engineering teams, including backend, frontend, full-stack, data, and security engineers. Define and track KPIs for engineering productivity, quality More ❯

authorization practices, audit logging, encryption at rest/in transit, and other application security standards. Ensure software and infrastructure meet organizational security and compliance requirements (e.g., GDPR, ISO 27001, OWASP Top 10). Team Management & Culture Build and scale high-performance engineering teams, including backend, frontend, full-stack, data, and security engineers. Define and track KPIs for engineering productivity, quality More ❯

XSS, SQL injection, broken access control). Knowledge of SQL and experience verifying backend data consistency. Familiarity with containerized environments (Docker, Kubernetes). Familiarity with tools like Burp Suite, OWASP ZAP, or static analysis tools is a plus. What We Offer Competitive salary and benefits package. Opportunities for learning, growth, and contributing to a product that makes a difference. Remote More ❯

EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

frameworks (e.g. TensorFlow, PyTorch, Keras, Scikit-Learn) - Working knowledge of object-oriented programming and unit testing in Python - Working knowledge of application and information security principles and practices (e.g. OWASP for Machine Learning) - Working knowledge of Unix-based CLI commands, source control and scripting - Working knowledge of containerisation (e.g. Docker) and container orchestration (e.g. Kubernetes) - Working knowledge of a cloud More ❯

mobile, desktop apps as API consumers) Experience with background job processing systems (Sidekiq, Delayed Job, or Resque), job retries, idempotency, and queue management; Understanding of web application security principles (OWASP Top 10, rate limiting, CSRF/XSS protection, secure API design); Upper-Intermediate or higher English level. As a plus: Experience in a programming language(s) other than Ruby: JS More ❯

including AWS Lambda, Spring Boot, NodeJS, Python FastAPI, Oracle, PostgreSQL and MongoDB. Build solutions as part of a DevSecOps and Agile ecosystem supported by tooling including Atlassian, Jenkins, GitLab, OWASP and AWS componentry. Ensure your solution works in a reliable and resilient way using Site Reliability Engineering methods to increase availability while reducing costs and callouts. Help the client and More ❯

working with just 1 day/week in the office Projects that span both UK and US markets Exposure to best-in-class tools and frameworks (MITRE ATT&CK, OWASP) Supportive culture with a learning mindset and room to grow Involvement in the full security lifecycle from audits to implementation Opportunity to shape how cloud security evolves in a global More ❯

working with just 1 day/week in the office Projects that span both UK and US markets Exposure to best-in-class tools and frameworks (MITRE ATT&CK, OWASP) Supportive culture with a learning mindset and room to grow Involvement in the full security lifecycle from audits to implementation Opportunity to shape how cloud security evolves in a global More ❯

working with just 1 day/week in the office Projects that span both UK and US markets Exposure to best-in-class tools and frameworks (MITRE ATT&CK, OWASP) Supportive culture with a learning mindset and room to grow Involvement in the full security lifecycle from audits to implementation Opportunity to shape how cloud security evolves in a global More ❯

Previous consultancy or client-facing experience. Eligibility for or possession of UK Security Clearance (preferred but not required). Solid understanding of common attack techniques and vulnerability classes (e.g., OWASP Top 10, MITRE ATT&CK). Strong familiarity with tools such as Burp Suite, Nmap, Metasploit, etc. Excellent communication and reporting skills. Required Qualifications: Demonstrable experience in penetration testing (minimum More ❯

senior role. The Role: Develop and maintain web apps using C#, .NET, Python and Javascript Collaborate with designers to ensure technical and visual alignment Write secure code compliant with OWASP standards The Person: Degree in Computer Science or a related field (preferred) Experience with C#,.NET, JavaScript, Python Based Basildon, happy working hybrid British Citizen Reference Number: BBBH19584 Keywords : Full More ❯

using IIS. Full understanding of the MVC pattern, REST APIs and asp.net controllers are a must. Web developers should be aware of security vulnerabilities, such as those identified in OWASP, and their code should mitigate these threats. Knowledge Required: Web Developers will need experience in the design, creation and maintenance of websites across multiple platforms as follows: Writing efficient code More ❯

using IIS. Full understanding of the MVC pattern, REST APIs and asp.net controllers are a must. Web developers should be aware of security vulnerabilities, such as those identified in OWASP, and their code should mitigate these threats. Required: Web Developers need experience in the design, creation and maintenance of websites across multiple platforms. The most important duties and responsibilities of More ❯

systems for known vulnerabilities. Collaborate with SecOps and DevSecOps teams. Security QA/Secure Code Testing Test software from a secure coding perspective. Ensure compliance with secure development standards (OWASP Top 10, etc.). Test Management Oversee testing across multiple teams/products. Handle stakeholder communication, budget, vendor selection, process compliance. Design testing frameworks, strategies, and toolchains. Advise on tool More ❯

systems for known vulnerabilities. Collaborate with SecOps and DevSecOps teams. Security QA/Secure Code Testing Test software from a secure coding perspective. Ensure compliance with secure development standards (OWASP Top 10, etc.). Test Management Oversee testing across multiple teams and or products. Handle stakeholder communication, budget, vendor selection, and process compliance. Design testing frameworks, strategies, and toolchains. Advise More ❯

. Key Responsibilities Perform static code analysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years … in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development principles. Strong technical writing and communication skills. Preferred certifications: OSCP , CSSLP , GWAPT , CEH , or equivalent. Executive summary for non-technical stakeholders. Technical breakdown of findings with severity and More ❯

. Key Responsibilities Perform static code analysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years … in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development principles. Strong technical writing and communication skills. Preferred certifications: OSCP , CSSLP , GWAPT , CEH , or equivalent. Executive summary for non-technical stakeholders. Technical breakdown of findings with severity and More ❯

. Key Responsibilities Perform static code analysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years … in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development principles. Strong technical writing and communication skills. Preferred certifications: OSCP , CSSLP , GWAPT , CEH , or equivalent. Executive summary for non-technical stakeholders. Technical breakdown of findings with severity and More ❯

. Key Responsibilities Perform static code analysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years … in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development principles. Strong technical writing and communication skills. Preferred certifications: OSCP , CSSLP , GWAPT , CEH , or equivalent. Executive summary for non-technical stakeholders. Technical breakdown of findings with severity and More ❯

. Key Responsibilities Perform static code analysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years … in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development principles. Strong technical writing and communication skills. Preferred certifications: OSCP , CSSLP , GWAPT , CEH , or equivalent. Executive summary for non-technical stakeholders. Technical breakdown of findings with severity and More ❯

. Key Responsibilities Perform static code analysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years … in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development principles. Strong technical writing and communication skills. Preferred certifications: OSCP , CSSLP , GWAPT , CEH , or equivalent. Executive summary for non-technical stakeholders. Technical breakdown of findings with severity and More ❯

. Key Responsibilities Perform static code analysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4+ years … in Application Security , AppSec consulting , or Secure Code Review roles. Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development principles. Strong technical writing and communication skills. Preferred certifications: OSCP , CSSLP , GWAPT , CEH , or equivalent. Executive summary for non-technical stakeholders. Technical breakdown of findings with severity and More ❯