7 of 7 Permanent OWASP Jobs in Bristol

design and enforce patch windows and remediation SLAs. DevSecOps Toolchain Proficient with CI/CD tooling in Azure DevOps or GitHub Actions. Experience integrating SAST (e.g. SonarQube), DAST (e.g. OWASP ZAP) and SCA (e.g. Dependabot, Snyk) into pipelines. Infrastructure as Code: Terraform, ARM or Bicep. Container & Cloud Security Knowledge of containerisation (Docker, Kubernetes/AKS) and container security best practices. More ❯

language Experience working with or recommending security tools and technologies Ability to build strong working relationships and influence non-security stakeholders Working knowledge of cybersecurity standards and frameworks (e.g. OWASP, NIST, CIS) Analytical mindset with strong problem-solving skills Excellent written and verbal communication skills Qualifications: 3+ years of experience in information security, with a focus on application and/ More ❯

ofmodern software development approaches such as automated testing, test driven development, continuous integration, pair programming, code review and version control have understanding of common web security risks such as OWASP Top 10, and the corresponding mitigations enjoy researching and learning new programming tools and techniques and sharing their skills with others have experience working in a collaborative environment, and an More ❯

fundamentals in data structures, algorithm design and complexity analysis. Experience developing, deploying and maintaining API's onto AWS or Azure. Excellent understanding of software design principles. Experience in applying OWASP secure coding practices. Confident and experienced with automated testing - from unit tests to system and integration tests. Willingness to develop across multiple platforms and architectures. Genuinely passionate about changing lives More ❯

scanning, exploitation) Security Operations (e.g., SIEM, SOC analysis) Incident Response and Digital Forensics Cryptography and Secure Communications Cloud Security (e.g., AWS, Azure, GCP security best practices) Application Security (e.g., OWASP Top 10) Compliance and Governance (e.g., GDPR, ISO 27001) Security Tools (e.g., Wireshark, Nmap, Metasploit, Kali Linux) Person Specification: Experience delivering cybersecurity training or mentoring professionals in a security capacity More ❯

An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) Please reach out to Lewis Dunn @ ARM if you are More ❯

An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) Please reach out to Lewis if you are interested or More ❯