public cloud security (AWS, Azure, GCP) and an understanding of security best practices in those environments Understanding of enterprise security standards and frameworks such as ISO 27001, NIST CSF, OWASP Top 10 Strong communication skills, with an ability to convey technical security issues to non-technical stakeholders Exposure to security architecture frameworks (e.g., TOGAF, SABSA) Hands-on experience with CI More ❯
maintaining Datadog Experience using GitHub and GitHub Actions Behaviour Driven Development (BDD), with Gherkin & SpecFlow Atlassian Jira, Confluence & JFrog Artifactory Ideally some software security best practices and implementation (e.g. OWASP, PKI, X509 Certificates, TLS) Software development for regulated environments (e.g. IVD/Medical devices). Not essential. Principal Software Engineer – Cloud Platform Team More ❯
EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯
s recognition. His OwaspHeaders.Core library has achieved remarkable success with over 1.2 million downloads, providing essential webapplicationsecurity features to developers across the .NET ecosystem. The library implements OWASP Secure Headers Project recommendations, enabling developers to enhance their applicationsecurity with minimal effort whilst maintaining clean, maintainable code. Beyond digital community engagement, Jamie demonstrates his commitment to developing future More ❯
Security Architect or similar role Strong knowledge of security standards, protocols, and best practices Experience with threat modelling, risk assessment, and incident response Familiarity with security tools (e.g., Snyk, OWASP ZAP) Excellent communication and collaboration skills Self-learner and ability to execute tasks without supervision Ability to maintain the highest level of professionalism Activities Assess and design secure system architectures More ❯
and efficient context to all customer engagements. Our ideal candidate: Able to demonstrate proven experience with technical accreditations or demonstrable experience in security and vulnerability remediation technologies: Security Tooling: OWASP ZAP, Nmap, Wireshark Assessment Tooling: Nessus, Qualys, etc Remediation Tooling: Microsoft Endpoint Management/Intune Microsoft Security/Compliance: MFA,?Conditional Access, SSPR, DLP, IPM, IRM, DKIM, MCAS Application packaging More ❯
Leeds, Yorkshire, United Kingdom Hybrid / WFH Options
Junglee Games India Private Limited
SSDLC strategy, including short, mid, and long-term goals aligned with the group's security posture and digital transformation initiatives. Develop and maintain AppSec maturity models (e.g. based on OWASP SAMM, NIST SSDF, BSIMM) and work with business units to assess current state and define realistic improvement plans. Drive the development of a global secure development policy, including approved tools … deploy processes. Experience working in or with regulated industries or large enterprises is highly desirable. Mergers and Acquisitions integration experience is a plus Familiarity with industry frameworks and standards: OWASP SAMM, OWASP ASVS, BSIMM, NIST SSDF, ISO 27034. Lead teams and projects. This could be as an DevSecOps team lead, security architect, or manager for SSDLC initiatives. Professional certifications in More ❯
Sheffield, South Yorkshire, Yorkshire, United Kingdom Hybrid / WFH Options
Networking People (UK) Limited
in Sheffield/Birmingham or Edinburgh 3 days a week) Rate: Negotiable depending on experience (deemed inside IR35) Reference: 19542 You will either be a F5 WAF tuning specialists (OWASP experience required OR Cloud-native WAF engineers (minimum 2 of 3 CSPs) (AWS & GCP as preference)/OR Generic WAF tuning resource (cross-skill utility) Immediate contract for experienced WAF … A focus on tuning rules, analysing data, reducing false positives, and validating control efficacy in production-like conditions. Scope Includes: Hands-on tuning experience with F5. Custom rule creation , OWASP rule tuning (especially for F5), false positive reduction. Log analysis and data-driven tuning based on real traffic. Support for cloud-native WAF tuning (all three Cloud providers) -not deployment More ❯
