20 of 20 OWASP Jobs in the North of England

of Responsibility, Builder, SAGA, CQRS, Event Sourcing * RDBMS & NOSQL: Aurora, RDS, PostgreSQL, , MySQL, Redis * SNS, SQS * GIGYA/CIAM, APIGEE gateway, Basic, JWT token. * GitHub, Jenkin, SonarQube, Sonar lint, OWASP, Maven, STS, Git, , Jenkins, Maven, Gradle, APIGEE Gateway, Terraform, Loggly, Datadog. * AI Tools: AWS code whisperer/AmazonQ, Llama/Copilot LA International is a HMG approved ICT Recruitment and More ❯

of Responsibility, Builder, SAGA, CQRS, Event Sourcing * RDBMS & NOSQL: Aurora, RDS, PostgreSQL, , MySQL, Redis * SNS, SQS * GIGYA/CIAM, APIGEE gateway, Basic, JWT token. * GitHub, Jenkin, SonarQube, Sonar lint, OWASP, Maven, STS, Git, , Jenkins, Maven, Gradle, APIGEE Gateway, Terraform, Loggly, Datadog. * AI Tools: AWS code whisperer/AmazonQ, Llama/Copilot LA International is a HMG approved ICT Recruitment and More ❯

of Responsibility, Builder, SAGA, CQRS, Event Sourcing * RDBMS & NOSQL: Aurora, RDS, PostgreSQL, , MySQL, Redis * SNS, SQS * GIGYA/CIAM, APIGEE gateway, Basic, JWT token. * GitHub, Jenkin, SonarQube, Sonar lint, OWASP, Maven, STS, Git, , Jenkins, Maven, Gradle, APIGEE Gateway, Terraform, Loggly, Datadog. * AI Tools: AWS code whisperer/AmazonQ, Llama/Copilot LA International is a HMG approved ICT Recruitment and More ❯

of Responsibility, Builder, SAGA, CQRS, Event Sourcing * RDBMS & NOSQL: Aurora, RDS, PostgreSQL, , MySQL, Redis * SNS, SQS * GIGYA/CIAM, APIGEE gateway, Basic, JWT token. * GitHub, Jenkin, SonarQube, Sonar lint, OWASP, Maven, STS, Git, , Jenkins, Maven, Gradle, APIGEE Gateway, Terraform, Loggly, Datadog. * AI Tools: AWS code whisperer/AmazonQ, Llama/Copilot This is an excellent opportunity on a great project More ❯

maintaining Datadog Experience using GitHub and GitHub Actions Behaviour Driven Development (BDD), with Gherkin & SpecFlow Atlassian Jira, Confluence & JFrog Artifactory Ideally some software security best practices and implementation (e.g. OWASP, PKI, X509 Certificates, TLS) Software development for regulated environments (e.g. IVD/Medical devices). Not essential. Principal Software Engineer – Cloud Platform Team More ❯

EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

ofmodern software development approaches such as automated testing, test driven development, continuous integration, pair programming, code review and version control have understanding of common web security risks such as OWASP Top 10, and the corresponding mitigations enjoy researching and learning new programming tools and techniques and sharing their skills with others have experience working in a collaborative environment, and an More ❯

s recognition. His OwaspHeaders.Core library has achieved remarkable success with over 1.2 million downloads, providing essential web application security features to developers across the .NET ecosystem. The library implements OWASP Secure Headers Project recommendations, enabling developers to enhance their application security with minimal effort whilst maintaining clean, maintainable code. Beyond digital community engagement, Jamie demonstrates his commitment to developing future More ❯

Platform (GCP) Security & Compliance Cloud and a pplication security: Cloud posture management tools (e.g. Azure Dender, GCP SCCE), WAFs (e.g. Azure WAF, Cloud Armor AWS WAF), and protection against OWASP Top 10 and emerging threats. Network & infrastructure security: Network security principles (e.g. segmentation, monitoring, intrusion detection/prevention). Any experience in Zero Trust architecture in cloud environments would be More ❯

software development approaches such as automated testing, test driven development (TDD), continuous integration, pair programming, code review, observability and version control understanding of common web security risks such as OWASP Top 10, and the corresponding mitigations enjoy researching and learning new programming tools and techniques and sharing their skills with others have experience working in a collaborative environment, and an More ❯

design standards; review pull-requests with a security-by-design mindset Quality & Security Assurance Own post-merge QA: automated test pipelines, manual exploratory testing, performance baselines Implement penetration testing (OWASP ZAP, Burp Suite, Metasploit). Deliver security requirements into CI/CD and track remediation Guard non-functional requirements - performance, reliability, compliance - through every sprint Benefits Remote-first working with More ❯

forward and see them implemented. Experience; Good understanding of the configuration of Power Pages An understanding of security best practices around Power Pages, with knowledge of items such as OWASP Hands on experience with Dataverse and Dataverse for Teams as part of implementing Power Platform solutions. Hands on experience in the setup of Continuous Integration (CI) and Continuous Delivery (CD More ❯

Security Architect or similar role Strong knowledge of security standards, protocols, and best practices Experience with threat modelling, risk assessment, and incident response Familiarity with security tools (e.g., Snyk, OWASP ZAP) Excellent communication and collaboration skills Self-learner and ability to execute tasks without supervision Ability to maintain the highest level of professionalism Activities Assess and design secure system architectures More ❯

engagements. What We’re Looking For Strong technical background in vulnerability and security operations. Experience using scanning tools (e.g. Qualys, Nessus) and open-source analysis tools (e.g. Nmap, Wireshark, OWASP ZAP). Familiarity with Microsoft security products (Intune, Conditional Access, DLP, Defender Suite). Scripting knowledge in PowerShell or Python to automate workflows and reporting. Clear communicator with the ability More ❯

and efficient context to all customer engagements. Our ideal candidate: Able to demonstrate proven experience with technical accreditations or demonstrable experience in security and vulnerability remediation technologies: Security Tooling: OWASP ZAP, Nmap, Wireshark Assessment Tooling: Nessus, Qualys, etc Remediation Tooling: Microsoft Endpoint Management/Intune Microsoft Security/Compliance: MFA,?Conditional Access, SSPR, DLP, IPM, IRM, DKIM, MCAS Application packaging More ❯

SSDLC strategy, including short, mid, and long-term goals aligned with the group's security posture and digital transformation initiatives. Develop and maintain AppSec maturity models (e.g. based on OWASP SAMM, NIST SSDF, BSIMM) and work with business units to assess current state and define realistic improvement plans. Drive the development of a global secure development policy, including approved tools … deploy processes. Experience working in or with regulated industries or large enterprises is highly desirable. Mergers and Acquisitions integration experience is a plus Familiarity with industry frameworks and standards: OWASP SAMM, OWASP ASVS, BSIMM, NIST SSDF, ISO 27034. Lead teams and projects. This could be as an DevSecOps team lead, security architect, or manager for SSDLC initiatives. Professional certifications in More ❯

in Sheffield/Birmingham or Edinburgh 3 days a week) Rate: Negotiable depending on experience (deemed inside IR35) Reference: 19542 You will either be a F5 WAF tuning specialists (OWASP experience required OR Cloud-native WAF engineers (minimum 2 of 3 CSPs) (AWS & GCP as preference)/OR Generic WAF tuning resource (cross-skill utility) Immediate contract for experienced WAF … A focus on tuning rules, analysing data, reducing false positives, and validating control efficacy in production-like conditions. Scope Includes: Hands-on tuning experience with F5. Custom rule creation , OWASP rule tuning (especially for F5), false positive reduction. Log analysis and data-driven tuning based on real traffic. Support for cloud-native WAF tuning (all three Cloud providers) -not deployment More ❯

in Sheffield/Birmingham or Edinburgh 3 days a week) Rate: Negotiable depending on experience (deemed inside IR35) Reference: 19542 You will either be a F5 WAF tuning specialists (OWASP experience required OR Cloud-native WAF engineers (minimum 2 of 3 CSPs) (AWS & GCP as preference)/OR Generic WAF tuning resource (cross-skill utility) Immediate contract for experienced WAF … A focus on tuning rules, analysing data, reducing false positives, and validating control efficacy in production-like conditions. Scope Includes: Hands-on tuning experience with F5. Custom rule creation , OWASP rule tuning (especially for F5), false positive reduction. Log analysis and data-driven tuning based on real traffic. Support for cloud-native WAF tuning (all three Cloud providers) -not deployment More ❯