13 of 13 OWASP Jobs in the Midlands

utilisation. * Secure Architecture and DevSecOps Integration o Define and govern secure architecture standards across development teams, ensuring alignment with enterprise security policies, regulatory requirements, and industry frameworks (e.g., NIST, OWASP, ISO 27001). o Lead the strategic integration of security into DevOps pipelines, embedding security controls and automated testing into CI/CD workflows to enable secure-by-design delivery. More ❯

EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

the following technical competencies: Solid grounding in OS and network fundamentals (Linux, Windows, Mac, TCP/IP stack). Knowledge of common attack techniques and mitigations (MITRE ATT&CK, OWASP Top 10). Familiarity with scripting and automation using Python, Bash, or PowerShell. Strong understanding of Active Directory attack chains and common privilege escalation paths. Experience interpreting logs and event More ❯

with C# or .NET Familiarity with AWS services Experience working with Jira and Confluence GitHub workflows and pull request management Experience of React Secure programming techniques and awareness of OWASP best practices Exposure to CI/CD pipelines and DevOps practices QUALIFICATIONS: Ideally hold a degree in Computer Science, Software Engineering, or a related discipline Minimum of 2-4 years More ❯

support and report on QA progress and milestones. Skills & Experience Strong background in test management and Agile delivery. Hands-on experience with CI/CD (GitLab), automation tools (Playwright, OWASP Zap, Gatling), and monitoring (Grafana, Splunk). Familiarity with cloud (AWS/Azure), Kubernetes, and databases (Oracle RDS, SQL, MongoDB). Technical knowledge of Java 21 and Spring Boot. Deep More ❯

the techniques to except Ideally some AppSec/DevSecOps or Ethical Hacking experience - with a good understanding of Web Application attacks and security; they must be familiar with the OWASP Top 10 If they have Security Engineering skills too, this a bonus Key Responsibilities: Identification and crafting of complex custom WAF rules & features to mitigate MVP and security posture gaps. More ❯

troubleshooting) Experience with Git and version control workflows Comfortable deploying to or managing applications on Linux and/or Windows servers Awareness of web security best practices (e.g., SSL, OWASP) Desirable Skills Experience working with ERP systems (Navision a bonus) WordPress development or customisation experience Front-end development with Bootstrap and Angular Exposure to Docker, CI/CD tools, or More ❯

troubleshooting) Experience with Git and version control workflows Comfortable deploying to or managing applications on Linux and/or Windows servers Awareness of web security best practices (e.g., SSL, OWASP) Desirable Skills Experience working with ERP systems (Navision a bonus) WordPress development or customisation experience Front-end development with Bootstrap and Angular Exposure to Docker, CI/CD tools, or More ❯

Excellent communication and collaboration skills within an Agile team. Preferred skills & experience: Experience with performance testing tools like JMeter or LoadRunner. Knowledge of security testing practices and tools like OWASP ZAP. Understanding of mocking frameworks and dependency injection in test automation. Experience with cloud-based testing platforms such as BrowserStack or Sauce Labs. Previous experience conducting code reviews. In addition More ❯

traffic patterns using tools such as Splunk, Wireshark, or custom scripts. Experience working with at least three major WAF vendors (eg, Akamai, F5, AWS, GCP). Familiarity with the OWASP Top 10 and modern web attack techniques. Desirable Skills/Experience Experience in DevSecOps practices and pipeline automation. Security engineering expertise alongside WAF specialism. Experience reverse-engineering exploits to develop More ❯

traffic patterns using tools such as Splunk, Wireshark, or custom scripts. Experience working with at least three major WAF vendors (e.g., Akamai, F5, AWS, GCP). Familiarity with the OWASP Top 10 and modern web attack techniques. Desirable Skills/Experience Experience in DevSecOps practices and pipeline automation. Security engineering expertise alongside WAF specialism. Experience reverse-engineering exploits to develop More ❯

reducing false positives, and validating control efficacy in production-like conditions. Scope Includes: Hands-on tuning experience with Akamai and F5 (minimum 1 of each). Custom rule creation , OWASP rule tuning (especially for F5), false positive reduction. Log analysis and data-driven tuning based on real traffic. Support for cloud-native WAF tuning (all three Cloud providers) -not deployment More ❯