1 to 25 of 72 OWASP Jobs in the North of England

a challenge. Preferred Skills: Hands-on experience with penetration testing tools (Metasploit, Burp Suite, Nessus, Nmap). Experience in AI red teaming, adversarial ML, LLM security testing. Knowledge of OWASP Top Ten, MITRE ATT&CK, and other security frameworks. Relevant security certifications (OSCP, CEH, CISSP, OSWE, API Security Architect). Experience in automating security tasks, securing DevOps workflows, and integrating More ❯

a challenge. Preferred Skills: Hands-on experience with penetration testing tools (Metasploit, Burp Suite, Nessus, Nmap). Experience in AI red teaming, adversarial ML, LLM security testing. Knowledge of OWASP Top Ten, MITRE ATT&CK, and other security frameworks. Relevant security certifications (OSCP, CEH, CISSP, OSWE, API Security Architect). Experience in automating security tasks, securing DevOps workflows, and integrating More ❯

more languages (Rust, Python, Go, Nodejs, etc.) Minimum 1 year experience with public/private cloud environments (Openshift, Rancher, K8s, AWS, GCP, Azure, etc.) Experience in running assessments using OWASP MASVS and ASVS. Working knowledge on exploiting and fixing application vulnerabilities. Strong background in threat modeling. In-depth knowledge of common web application vulnerabilities (i.e. OWASP Top 10). Familiarity More ❯

more languages (Rust, Python, Go, Nodejs, etc.) Minimum 1 year experience with public/private cloud environments (Openshift, Rancher, K8s, AWS, GCP, Azure, etc.) Experience in running assessments using OWASP MASVS and ASVS. Working knowledge on exploiting and fixing application vulnerabilities. Strong background in threat modeling. In-depth knowledge of common web application vulnerabilities (i.e. OWASP Top 10). Familiarity More ❯

secure, Bash, RHEL Collaboration tools - Jira, Confluence, Slack Behaviour Driven Development - Cucumber Micro-Service Architecture - Develop API design and open standards RESTful APIs Swagger Open API Cloud computing Security OWASP Top Ten Denial of Service SQL Injection Cross Site Request Forgery High Availability products - EDB failover manager RPC concepts and transport mechanisms - HTTP, Shared memory Containerisation - Docker, Kubernetes The role More ❯

firewalls, IPS, DDoS, WAF, DLP, DNS, NAC, NSPM, and architectures like SASE and Zero Trust. Application Security: Experience with SAST, DAST, RAST, IAST tools, integrating security into SDLC processes, OWASP, API security design, robust threat modelling, and containerization security. Data Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. More ❯

Competitive salary available upon request Hybrid working from a Manchester office (must be based in the UK without visa/sponsorship requirements) Permanent We are awaze, the largest managed vacation rentals and holiday resorts business in Europe, which brings together More ❯

Understanding of current testing trends and Agile methodologies Degree in computer science, software engineering, or related field preferred Experience with API testing tools like Postman or SoapUI Knowledge of OWASP vulnerabilities and security testing ISTQB certification Experience with source control tools like Git or Bitbucket Strong problem-solving, communication, and time management skills Minimum of 5 years in a Software More ❯

Ability to work collaboratively with cross-functional teams and build strong relationships. Desired: Proven experience in program management, technical training, and employee engagement. Deep understanding of security frameworks including OWASP and applicability in software development. Analytical Skills: Ability to assess program performance and identify areas for improvement. Certification in information security (e.g., CISSP, CISM, CEH) or relevant technical certifications (e.g. More ❯

maintaining Datadog Experience using GitHub and GitHub Actions Behaviour Driven Development (BDD), with Gherkin & SpecFlow Atlassian Jira, Confluence & JFrog Artifactory Ideally some software security best practices and implementation (e.g. OWASP, PKI, X509 Certificates, TLS) Software development for regulated environments (e.g. IVD/Medical devices). Not essential More ❯

EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

tasks simultaneously. Experience in data analysis. Write & execute restful API testing using tools such as Postman, Soap UI. Can implement & maintain soak, stress and system tests. Knows top 10 OWASP software vulnerabilities and how to exploit them. Ensures all code is reviewed before changes are checked into master. ISTQB certified. Can push, pull source code into the appropriate repo such More ❯

Experience working with CI/CD practices Microservice infrastructure Beneficial: Experience working in the cyber security industry Working knowledge of SCRUM DevOps SDLC and use of frameworks, such as OWASP SAMM Behaviours: Client-Focused: Prioritizes client needs and expectations, ensuring that all actions and decisions lead to client satisfaction and success. Collaborates as ‘One NCC’: Works in unison with all More ❯

with public/private cloud environments ( Openshift, Rancher, K8s, AWS, GCP, Azure, etc. ) In-depth knowledge of security principles, compliance regulations, and change management. Experience in running assessments using OWASP MASVS and ASVS. Working knowledge on exploiting and fixing application vulnerabilities. Proven expertise in architectural threat modeling and conducting secure design reviews. In-depth knowledge of common web application vulnerabilities … i.e. OWASP Top 10 or SANS top 25). Familiarity with automated dynamic scanners, fuzzers, and proxy tools. An analytical mind for problem solving, abstract thought, and offensive security tactics. Highly effective communication skills, in both verbal and written forms, to effectively convey technical and non-technical concepts to a wide variety of audiences Exposure to advanced AI and Large More ❯

or internal testing roles considered) OSCP certification is essential (OSEP, OSCE3, or other advanced Offensive Security certifications also accepted) Demonstrable knowledge of Web Application security , including common vulnerabilities (e.g., OWASP Top 10) Strong desire to deepen technical capabilities across various domains, including infrastructure, cloud, and red teaming Excellent written and verbal communication skills Full right to work in the UK More ❯

frameworks (e.g. TensorFlow, PyTorch, Keras, Scikit-Learn) - Working knowledge of object-oriented programming and unit testing in Python - Working knowledge of application and information security principles and practices (e.g. OWASP for Machine Learning) - Working knowledge of Unix-based CLI commands, source control and scripting - Working knowledge of containerisation (e.g. Docker) and container orchestration (e.g. Kubernetes) - Working knowledge of a cloud More ❯

software architects, engineers QA teams and digital experience owners to improve DevOps best practices and workflows within an Agile framework. Implementing security measures, compliance policies, and vulnerability assessments following OWASP guidelines and applicable UK regulations such as UK-GDPR, UK Payment Services Regulations and PCI-DSS. Supporting disaster recovery planning and backup strategies. Keeping up to date with emerging DevOps … with Selenium for test automation. Knowledge of scripting and automation languages such as Powershell, Bash. Familiarity with networking and security best practices. Knowledge of application secure coding principles (e.g., OWASP) for protection against vulnerabilities and the ability to implement secure coding and deployment best practices. Experience in Agile software development methodologies and how DevOps practices integrate within Agile teams. Familiarity More ❯

systems (e.g., Git) and continuous integration/deployment (CI/CD) practices. · Solid understanding of web security practices, including JWT authentication, secure API design, rate limiting, and familiarity with OWASP vulnerabilities. · Ability to troubleshoot and find solutions without needing hand-holding. Salary & Benefits 🎁 No two days are the same at Arcube. In a high-performing and tight-knit team, the More ❯

Experience with Azure Managed Services, Docker, Kubernetes, Terraform, Helm Experience building modern web apps using Angular and Typescript Experience working in Azure DevOps managing backlogs etc Working knowledge of OWASP security best practices Knowledge of working with FedRamp compliance Our Employer Commitment This job posting will remain active until a qualified candidate is identified. At Ivanti, we are committed to More ❯

offers, and knowledge of its limitations. • Good understanding of the configuration of Power Pages • An understanding of security best practices around Power Pages, with knowledge of items such as OWASP • Hands on experience with Dataverse and Dataverse for Teams as part of implementing Power Platform solutions. • Hands on experience in the setup of Continuous Integration (CI) and Continuous Delivery (CD More ❯

systems (e.g., Git) and continuous integration/deployment (CI/CD) practices. ·Solid understanding of web security practices, including JWT authentication, secure API design, rate limiting, and familiarity with OWASP vulnerabilities. ·Ability to troubleshoot and find solutions without needing hand-holding. Salary & Benefits? No two days are the same at Arcube. In a high-performing and tight-knit team, the More ❯

systems (e.g., Git) and continuous integration/deployment (CI/CD) practices. ·Solid understanding of web security practices, including JWT authentication, secure API design, rate limiting, and familiarity with OWASP vulnerabilities. ·Ability to troubleshoot and find solutions without needing hand-holding. Salary & Benefits? No two days are the same at Arcube. In a high-performing and tight-knit team, the More ❯

including AWS Lambda, Spring Boot, NodeJS, Python FastAPI, Oracle, PostgreSQL and MongoDB. Build solutions as part of a DevSecOps and Agile ecosystem supported by tooling including Atlassian, Jenkins, GitLab, OWASP and AWS componentry. Ensure your solution works in a reliable and resilient way using Site Reliability Engineering methods to increase availability while reducing costs and callouts. Help the client and More ❯

including AWS Lambda, Spring Boot, NodeJS, Python FastAPI, Oracle, PostgreSQL and MongoDB. Build solutions as part of a DevSecOps and Agile ecosystem supported by tooling including Atlassian, Jenkins, GitLab, OWASP and AWS componentry. Ensure your solution works in a reliable and resilient way using Site Reliability Engineering methods to increase availability while reducing costs and callouts. Help the client and More ❯

working with just 1 day/week in the office Projects that span both UK and US markets Exposure to best-in-class tools and frameworks (MITRE ATT&CK, OWASP) Supportive culture with a learning mindset and room to grow Involvement in the full security lifecycle from audits to implementation Opportunity to shape how cloud security evolves in a global More ❯