1 to 25 of 29 OWASP Jobs in London

Implement secure design principles including encryption, secrets management, OAuth2/OIDC, network segmentation, and least-privilege IAM. Ensure alignment with industry standards such as OWASP, NIST, CIS Benchmarks, PCI DSS, and ISO 27001. Observability & Resilience Define logging, metrics, and tracing using OpenTelemetry and CloudWatch. Design for high availability and disaster ...

Implement secure design principles including encryption, secrets management, OAuth2/OIDC, network segmentation, and least-privilege IAM. Ensure alignment with industry standards such as OWASP, NIST, CIS Benchmarks, PCI DSS, and ISO 27001. Observability & Resilience Define logging, metrics, and tracing using OpenTelemetry and CloudWatch. Design for high availability and disaster ...

Terraform) Containerisation (Docker, AKS) and serverless (Azure Functions) Monitoring and observability (Application Insights, Log Analytics) Secrets management and vulnerability scanning (Key Vault, SonarQube, OWASP) Architecture & Design Microservices and event-driven design (Service Bus, Event Grid, Kafka) Domain-Driven Design (DDD) principles Resilient and scalable system patterns (circuit breakers, retries) Integration ...

awareness support to internal teams. Essential Skills & Experience Strong hands-on experience in application and cloud security engineering. Deep understanding of web app vulnerabilities (OWASP Top 10, CWE) and secure coding practices. Proficiency with security testing tools and vulnerability management platforms. Broad knowledge of network and infrastructure security concepts (WAFs ...

/CD, Docker , containerisation, Ubuntu/Linux, AWS , Serverless, CDK/CDKTF , Ansible Quality & Analytics: Postman API, testing frameworks, web analytics Patterns: Secure SDLC, OWASP Top 10 , TDD , Git-based workflows Must-have experience Proven delivery of full-stack web applications (frontend + backend + API) from design to production ...

/CD, Docker , containerisation, Ubuntu/Linux, AWS , Serverless, CDK/CDKTF , Ansible Quality & Analytics: Postman API, testing frameworks, web analytics Patterns: Secure SDLC, OWASP Top 10 , TDD , Git-based workflows Must-have experience Proven delivery of full-stack web applications (frontend + backend + API) from design to production ...

systems and TCP/IP networking protocols Proven ability to perform source code reviews and application security analysis Advanced understanding of web application vulnerabilities (OWASP Top 10) and mitigation strategies Excellent report writing and executive communication skills—ability to translate technical findings into business risk Ability to work autonomously ...

systems and TCP/IP networking protocols Proven ability to perform source code reviews and application security analysis Advanced understanding of web application vulnerabilities (OWASP Top 10) and mitigation strategies Excellent report writing and executive communication skills—ability to translate technical findings into business risk Ability to work autonomously ...

continuously improve internal architecture patterns Share knowledge and mentor teams to elevate internal AI security capabilities Stay informed on industry standards such as OWASP LLM Top 10, NIST AI RMF, and ISO/ ...

continuously improve internal architecture patterns Share knowledge and mentor teams to elevate internal AI security capabilities Stay informed on industry standards such as OWASP LLM Top 10, NIST AI RMF, and ISO/ ...

Security & Compliance Implement secure design: encryption, secret management, secure SDLC, API security (OAuth2/OIDC), network segmentation, least privilege in IAM. Align with standards (OWASP, NIST, CIS Benchmarks, PCI/ISO 27001 where applicable). Observability & Resilience Define logging, metrics, tracing (OpenTelemetry), health checks, circuit breakers, retries, and backoff strategies. ...

Security & Compliance Implement secure design: encryption, secret management, secure SDLC, API security (OAuth2/OIDC), network segmentation, least privilege in IAM. Align with standards (OWASP, NIST, CIS Benchmarks, PCI/ISO 27001 where applicable). Observability & Resilience Define logging, metrics, tracing (OpenTelemetry), health checks, circuit breakers, retries, and backoff strategies. ...

security Hands-on experience with vulnerability management, penetration testing, and common attack vectors; familiarity with SAST, DAST, and SCA tools Strong understanding of the OWASP Top 10 Experience configuring and supporting SIEMs CISSP Certified Exceptional communication and interpersonal skills ...

environments. You'll be hands-on with GCP, Terraform, and Python scripting, working closely with Security Operations (SOC) teams to enhance web security and OWASP protection. Key Responsibilities Design, implement, and maintain GCP WAF solutions across various cloud workloads. Integrate WAF solutions with CI/CD pipelines and automate security ...

environments. You'll be hands-on with GCP, Terraform, and Python scripting, working closely with Security Operations (SOC) teams to enhance web security and OWASP protection. Key Responsibilities Design, implement, and maintain GCP WAF solutions across various cloud workloads. Integrate WAF solutions with CI/CD pipelines and automate security ...

infrastructure, preferably in the Crypto and FinTech space. Experience with the application of threat modeling and other risk identification techniques. Strong understanding of the OWASP top 10, including details of common vulnerabilities and emerging threats. Experience with authentication and authorization standards, including OAuth and SAML, and their weaknesses. Detailed knowledge ...

vulnerability research, exploit development, threat emulation, or closely related offensive research and simulation activities Strong knowledge of security frameworks such as MITRE ATT&CK, OWASP, NIST or equivalent industry frameworks and models Hybrid working,3 days in office. Look forward to hearing from ...

vulnerability research, exploit development, threat emulation, or closely related offensive research and simulation activities Strong knowledge of security frameworks such as MITRE ATT&CK, OWASP, NIST or equivalent industry frameworks and models Hybrid working,3 days in office. Look forward to hearing from ...

Code principles. Familiarity with Enterprise Design Thinking or Agile methodologies. Knowledge of code quality tools (e.g., linters, etc.) and nonfunctional standards (e.g., WCAG 2.2, OWASP). Experience with AI coding assistants like GitHub Copilot or Cursor. Excellent collaboration skills for multidisciplinary teams. All profiles will be reviewed against the required ...

programming languages, including How to test for/exploit them Real world mitigations that can be applied Familiarity with vulnerability classification frameworks (e.g. OWASP Top 10) What We'll Give You A team of very skilled and diverse personnel across the globe Ability to work in a flexible work from ...

programming languages, including How to test for/exploit them Real world mitigations that can be applied Familiarity with vulnerability classification frameworks (e.g. OWASP Top 10) What We'll Give You A team of very skilled and diverse personnel across the globe Ability to work in a flexible work from ...

guidance to mitigate risks and improve the organization's security posture. Compliance and Standards: Ensure testing aligns with industry regulations and security standards (e.g., OWASP, PCI-DSS). Continuous Research: Stay updated on emerging threats, tools, and techniques to enhance testing methodologies. Skills and Experience Required: Must have graduated/ ...

services Carry out exploratory testing to identify functional, UX, and edge-case issues Execute performance and security testing aligned to best practices (e.g. OWASP) Support production incident investigation and root cause analysis Collaborate with Engineers and Product Managers on test strategy, code quality, and requirements Improve testability through CI/… modern frameworks and tools (e.g. Playwright, Postman or similar) Hands-on experience with performance testing (e.g. K6) and security testing, with an understanding of OWASP principles and security within the SDLC Experience building, configuring, and maintaining CI/CD pipelines and managing deployments (e.g. Azure DevOps) Ability to analyse telemetry ...

ideal candidate would look like Less hands-on and strong planning, team, project, risk and stakeholder management Experienced designing SDLC and SSDLC, knowledge of OWASP Experience managing the application support and application development teams Job Responsibilities To lead the management and continuous improvement of the firms' business applications portfolio, ensuring … Applications Team, promoting technical excellence, secure development practices, and adherence to quality standards. Oversee application governance, lifecycle management, and secure development aligned with OWASP ASVS. Provide strategic guidance on architecture, integrations, and data integrity, aligned with firm-wide enterprise architecture. Stay abreast of emerging tech trends, such as artificial intelligence ...

ideal candidate would look like Less hands-on and strong planning, team, project, risk and stakeholder management Experienced designing SDLC and SSDLC, knowledge of OWASP Experience managing the application support and application development teams Job Responsibilities To lead the management and continuous improvement of the firms' business applications portfolio, ensuring … Applications Team, promoting technical excellence, secure development practices, and adherence to quality standards. Oversee application governance, lifecycle management, and secure development aligned with OWASP ASVS. Provide strategic guidance on architecture, integrations, and data integrity, aligned with firm-wide enterprise architecture. Stay abreast of emerging tech trends, such as artificial intelligence ...