1 to 25 of 68 OWASP Jobs in the UK

DevSecOps and Agile software delivery. Strong understanding of the SDLC, Agile, DevOps, and DevSecOps principles. Familiarity with modern security practices, tools, and standards (e.g., OWASP, NIST). Technical knowledge of cloud environments (AWS, Azure, GCP), containerisation (Docker, Kubernetes), and CI/CD pipelines. Excellent communication skills, with the ability ...

DevSecOps and Agile software delivery. Deep understanding of the SDLC, Agile, DevOps, and DevSecOps principles. Expertise in modern security practices, tools, and standards (e.g., OWASP, NIST, CSA). Strong technical knowledge of cloud environments (AWS, Azure, GCP), containerisation (Docker, Kubernetes), and CI/CD pipelines. Excellent communication skills, with ...

Implement secure design principles including encryption, secrets management, OAuth2/OIDC, network segmentation, and least-privilege IAM. Ensure alignment with industry standards such as OWASP, NIST, CIS Benchmarks, PCI DSS, and ISO 27001. Observability & Resilience Define logging, metrics, and tracing using OpenTelemetry and CloudWatch. Design for high availability and disaster ...

Implement secure design principles including encryption, secrets management, OAuth2/OIDC, network segmentation, and least-privilege IAM. Ensure alignment with industry standards such as OWASP, NIST, CIS Benchmarks, PCI DSS, and ISO 27001. Observability & Resilience Define logging, metrics, and tracing using OpenTelemetry and CloudWatch. Design for high availability and disaster ...

Terraform) Containerisation (Docker, AKS) and serverless (Azure Functions) Monitoring and observability (Application Insights, Log Analytics) Secrets management and vulnerability scanning (Key Vault, SonarQube, OWASP) Architecture & Design Microservices and event-driven design (Service Bus, Event Grid, Kafka) Domain-Driven Design (DDD) principles Resilient and scalable system patterns (circuit breakers, retries) Integration ...

awareness support to internal teams. Essential Skills & Experience Strong hands-on experience in application and cloud security engineering. Deep understanding of web app vulnerabilities (OWASP Top 10, CWE) and secure coding practices. Proficiency with security testing tools and vulnerability management platforms. Broad knowledge of network and infrastructure security concepts (WAFs ...

performing penetration testing, secure code review, software composition analysis, static, dynamic and manual code review Experience identifying and remediating common vulnerabilities, such as OWASP Top 10 Hands-on experience with security scanning tools Proven experience in secure coding practices and vulnerability assessment Experience securing hardware products controlled by software would ...

/CD, Docker , containerisation, Ubuntu/Linux, AWS , Serverless, CDK/CDKTF , Ansible Quality & Analytics: Postman API, testing frameworks, web analytics Patterns: Secure SDLC, OWASP Top 10 , TDD , Git-based workflows Must-have experience Proven delivery of full-stack web applications (frontend + backend + API) from design to production ...

/CD, Docker , containerisation, Ubuntu/Linux, AWS , Serverless, CDK/CDKTF , Ansible Quality & Analytics: Postman API, testing frameworks, web analytics Patterns: Secure SDLC, OWASP Top 10 , TDD , Git-based workflows Must-have experience Proven delivery of full-stack web applications (frontend + backend + API) from design to production ...

solutions and resolve complex issues. Certifications such as CISSP, CEH, OSCP, or GSEC are preferred. Knowledge of security principles, practices, and frameworks, such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk ...

systems and TCP/IP networking protocols Proven ability to perform source code reviews and application security analysis Advanced understanding of web application vulnerabilities (OWASP Top 10) and mitigation strategies Excellent report writing and executive communication skills—ability to translate technical findings into business risk Ability to work autonomously ...

Cloud: IaaS, PaaS, SaaS, M365, Azure, Cloud Security, Azure DevOps Applications: .NET, MS Dynamics, SQL Server, SSRS, M365 Apps, Exchange, SharePoint, IIS, Apache Security: OWASP, Firewalls, ISO27001, Azure Security Benchmark, Microsoft Defender, zScaler Networking: Switches, Firewalls, ExpressRoute, MPLS, Routing Protocols, CASB, Azure FrontDoor Servers: VMware, Windows Server (2008–2025), Linux ...

continuously improve internal architecture patterns Share knowledge and mentor teams to elevate internal AI security capabilities Stay informed on industry standards such as OWASP LLM Top 10, NIST AI RMF, and ISO/ ...

junior consultants through mentoring and peer review. Essential Skills and Experience: Proven experience delivering penetration tests in commercial or consultancy settings. Strong understanding of OWASP Top 10/ASVS, common exploitation techniques and mitigations, network protocols, Active Directory, and Windows/Linux environments, and cloud security fundamentals. Hands-on ability ...

development is required. Maintain awareness of web application security and building applications which meet high standards of security, pass penetration tests and align with OWASP recommendations. Taking an active part in the whole Software Development Lifecycle end-to-end - including conception, design, architecture, build and deployment. Producing accurate estimates ...

competency - Cloud security awareness (AWS/Azure/GCP + IAM principles) - Scripting/automation skills (Python, PowerShell, Bash) - Understanding of secure coding/OWASP Top 10 - Working knowledge of ISO 27001, NIST, Cyber Essentials - Incident triage, log analysis, and threat investigation capability - Strong communication, problem solving, and teamwork skills ...

with a range of third-party systems and APIs to deliver seamless payment experiences. Writing clean, maintainable, and secure code, following best practice and OWASP principles. Supporting continuous improvement through code reviews, automation, and DevOps processes. Contributing to team discussions, sharing ideas, and helping drive technical innovation. Skills and Experience ...

Lambda, Spring Boot, NodeJS, Python FastAPI, Oracle, PostgreSQL and MongoDB Contributing to DevSecOps delivery pipelines, using tooling such as Atlassian, Jenkins, GitLab, OWASP and AWS services Applying Site Reliability Engineering principles to ensure solutions are resilient, reliable and cost-effective Supporting clients and end users in making technical product decisions ...

across diverse teams and projects. Experience in managing and mentoring technical security professionals. Desirable Familiarity with secure development practices and application security frameworks (e.g. OWASP). Experience with using Akamai. Knowledge of Zero Trust architecture principles. Certifications such as CISSP, CCSP, or SABSA. Additional Responsibilities Drive security architecture reviews ...

across diverse teams and projects. · Experience in managing and mentoring technical security professionals. Desirable · Familiarity with secure development practices and application security frameworks (e.g. OWASP). · Experience with using Akamai. · Knowledge of Zero Trust architecture principles. · Certifications such as CISSP, CCSP, or SABSA. Additional Responsibilities · Drive security architecture reviews ...

security Hands-on experience with vulnerability management, penetration testing, and common attack vectors; familiarity with SAST, DAST, and SCA tools Strong understanding of the OWASP Top 10 Experience configuring and supporting SIEMs CISSP Certified Exceptional communication and interpersonal skills ...

. You'll be hands-on with GCP, Terraform, and Python scripting, working closely with Security Operations (SOC) teams to enhance web security and OWASP protection. Key Responsibilities Design, implement, and maintain GCP WAF solutions across various cloud workloads. Integrate WAF solutions with CI/CD pipelines and automate security ...

technical security concepts to technical and non-technical audiences including executives. Perform technical quality reviews and conduct technical conversations directly with clients. Confident with OWASP Top 10 and SANS Top 25 vulnerabilities; ability to effectively communicate methodologies and techniques with development teams. Utilize tools such as BurpSuite, Nessus, Nmap, Kali ...

monitoring tools (e.g., Prometheus, Grafana) and scripting languages (e.g., Python, Bash). - Understanding of security best practises and experience with security frameworks (e.g., OWASP). - Strong communication, collaboration, and problem-solving skills. - Active SC Clearance is required for this position ...

monitoring tools (e.g., Prometheus, Grafana) and scripting languages (e.g., Python, Bash). - Understanding of security best practises and experience with security frameworks (e.g., OWASP). - Strong communication, collaboration, and problem-solving skills. - Active SC Clearance is required for this position ...