1 to 25 of 83 OWASP Jobs in the South East

operations teams on bug fixes, retesting, and verifying patches in staging and production-mirroring environments. Quality & Best Practices • Champion infrastructure and security testing best practices, including vulnerability scanning (e.g., OWASP ZAP, Nessus), compliance checks, and disaster-recovery validations. • Contribute to continuous improvement by proposing new testing tools, frameworks, and process enhancements to raise overall system reliability and observability. Agile & Cross More ❯

teams and business stakeholders is essential. Experience working with security issues in software architecture, software development, e.g. static and/or dynamic code analysis and tools, software dependency check, OWASP Top10 testing, application threat modelling. In-depth experience working in an Agile software development environment, with classic applications as well as microservices, using modern code processing and continuous integration and … Security Architect, SDLC, Secure by Design, Architecture, Software Development, Engineering, DevOps, InfoSec, Security, Security Strategy, Best Practice, Programming, Code, C++, C#, C, .NET Core, Java, JavaScript, Node.js, Angular, React, OWASP, Agile, Application Threat Modelling, Security Policy, Security Controls, ISO 27001, NIST, GDPR, Cloud, Azure. Please note that due to a high level of applications, we can only respond to applicants More ❯

You will also have: Experience creating application security strategies, standards, and best practices. Experience working with security issues in software architecture, development, including static/dynamic analysis, dependency checks, OWASP Top10, and threat modeling. Experience in an Agile environment with modern CI/CD tools like GitHub, Jenkins, Bamboo. Ability to translate security policies into effective security controls. Knowledge of … more. Remote working, training, career progression, and family-friendly policies. Keywords Senior Software Security Architect, SDLC, Secure by Design, Application Security, Architecture, Software Development, DevOps, InfoSec, Security, Programming Languages, OWASP, Agile, Cloud, Azure, GDPR, ISO 27001, NIST. Due to high application volumes, only suitable candidates will be contacted. We promote equality and diversity in the workplace. Additional Details Seniority level More ❯

frameworks (e.g. TensorFlow, PyTorch, Keras, Scikit-Learn) Working knowledge of object-oriented programming and unit testing in Python Working knowledge of application and information security principles and practices (e.g. OWASP for Machine Learning) Working knowledge of Unix-based CLI commands, source control and scripting Working knowledge of containerisation (e.g. Docker) and container orchestration (e.g. Kubernetes) Working knowledge of a cloud More ❯

Umbrella solution. Essential skills/experience required: Certifications: OSCP or CREST/TIGER Scheme. Experience penetration testing, ethical hacking, or completing vulnerability assessments. Security testing tools (e.g., Burp Suite, OWASP ZAP, Nikto, Nmap, Metasploit, etc.). DevSecOps principles and tools (e.g., Veracode, SonarQube, GitHub Advanced Security, IaC scanning, etc.). Secure Cloud Infrastructure, specifically AWS and Azure. Scripting and automation More ❯

and Azure DevOps (CI/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage More ❯

audit and privacy policies and regulations General knowledge of security technology Nice to have: Experience with PowerBI Programming skills and experience (python, java, SQL) Technical network skills Knowledge of OWASP, SANS, NIST, ISO 27001, ISF or other security-related practices Previous Banking/Financial Industry experience CISSP, CISA, CRISC, CSSLP, SABSA certifications Skills & Competencies: Vulnerability management Risk reporting Programming Data More ❯

EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

Experience with Azure Managed Services, Docker, Kubernetes, Terraform, Helm Experience building modern web apps using Angular and Typescript Experience working in Azure DevOps managing backlogs etc Working knowledge of OWASP security best practices Knowledge of working with FedRamp compliance Our Employer Commitment This job posting will remain active until a qualified candidate is identified. At Ivanti, we are committed to More ❯

EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

with their opinions. Desirable qualifications, capabilities, and skills: Experience in a software engineering role, ideally with focus on security. Working knowledge of offensive security, Application and Infrastructure penetration testing (OWASP top 10, OWASP ASVS). Understanding of security vulnerabilities and remediation options in codebases & containers. Working knowledge of methods for authentication and authorization (ODIC, OAuth 2, FIDO 2, etc) Don More ❯

Experience with Azure Managed Services, Docker, Kubernetes, Terraform, Helm Experience building modern web apps using Angular and Typescript Experience working in Azure DevOps managing backlogs etc Working knowledge of OWASP security best practices Knowledge of working with FedRamp compliance Our Employer Commitment This job posting will remain active until a qualified candidate is identified. At Ivanti, we are committed to More ❯

Contribute to the development of security policies, procedures, and best practices. Requirements: Proven experience in application security, penetration testing, and secure software development practices. Strong understanding of security vulnerabilities (OWASP Top 10, etc.) and secure coding techniques. Experience with security tools (e.g., static/dynamic analysis tools, vulnerability scanners). Familiarity with common web technologies (e.g., Java, Python, JavaScript, SQL More ❯

or preferably SOC2 Type 2 Strong understanding of application security, cloud infrastructure, and DevOps practices Awareness of industry frameworks, such as NCSC Cyber Assessment Framework, Cyber Essentials Plus and OWASP Experience managing and selecting 3rd party vendors for audit and penetration testing Experience interacting with customer security and data privacy teams Experience conducting or managing penetration tests and security audits More ❯

testing and ethical hacking. Strong understanding of cloud security (AWS, Azure, GCP). Familiarity with Go and Node.js application security. Experience with TEE technologies or confidential computing. Knowledge of OWASP Top 10, CVEs, and secure coding practices. Proficiency with tools like Burp Suite, Metasploit, Nmap, Wireshark, etc. Certifications such as OSCP, CEH, or GIAC are a plus. Nice to Have More ❯

restore, user management, RDS troubleshooting Web & Security Concepts: NGINX, web servers, reverse proxies, path-based/host-based routing Session handling, load balancing (stateful vs stateless) Security best practices, OWASP Top 10, WAF (configuration/training), network-level security, RBAC, IAM policies Candidate Expectations: The ideal candidate should be able to: Explain best practices around CI/CD pipeline design More ❯

teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for code analysis and runtime protection. Qualifications: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modeling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools like SAST More ❯

maturity frameworks such as DSOMM, including hands-on delivery (code, configuration, documentation, tooling) Designing, building, operate, monitoring secure solutions across complex platforms Ensuring internal and industry security standards (e.g. OWASP CI/CD, SAMM) are adhered to across systems Managing and improving cloud security posture (Azure Defender, Prisma Cloud etc) Implementing and optimising observability platforms for holistic system monitoring Supporting … software estates, including deployment pipelines, rollback strategies, and uptime monitoring Practical experience building automated security test suites into CI/CD workflows Familiarity with security frameworks such as DSOMM, OWASP, and SAMM Suitability: This role is a technical hands-on security engineering role, it is NOT GRC focused. It would be well-suited to experienced Security Engineers or Developers with … annual leave with buy/sell options + Private healthcare + Extensive Wellbeing services and employee discounts Key Technical Terms Security Engineering, Cybersecurity Engineer, Information Security Specialist, Salesforce, Azure, OWASP CI/CD, DSOMM, SAMM, Cloud Security Posture Management, Prisma Cloud, Azure Defender, Snyk, Checkmarx, OpenZAP, Qualys, DAST, SAST, CI/CD, Infrastructure Security, Auth0, Secure APIs, Networking Protocols, DevSecOps More ❯

Minimum 5 years of practical penetration testing experience (web, infrastructure, external/internal). Experience in scoping penetration testing assessments. Strong knowledge of security testing methodologies and frameworks (eg, OWASP, NIST). Proficiency with industry-standard tools (eg, Burp Suite, Nmap, Metasploit, Kali Linux). Excellent written and verbal communication skills. O ne of the following qualifications is essential: OSCP More ❯

harden complex systems against evolving threats. Required Skills and Experience: Proven experience conducting penetration testing across web apps, APIs, infrastructure, and cloud environments (AWS, Azure, GCP) Strong understanding of OWASP Top 10 , CVSS, and secure coding principles Experience with tools such as Burp Suite , Nmap , Metasploit , Kali , and custom scripts Familiarity with MITRE ATT&CK , red teaming methodologies, and reporting More ❯

teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for code analysis and runtime protection. Qualifications: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modeling methodologies such as STRIDE. Hands-on experience with tools like SAST, DAST, IAST, Snyk, SonarQube More ❯

and implement security tools for secure code analysis and runtime protection. To be considered for this role, you should have: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as More ❯

to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis and runtime protection. Qualifications: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modeling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools like SAST More ❯

teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for code analysis and runtime protection. Qualifications: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding practices. Familiarity with threat modeling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools like SAST/ More ❯

teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for code analysis and runtime protection. Requirements: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding practices. Familiarity with threat modeling methodologies like STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/ More ❯