24 of 24 Permanent OWASP Jobs in Bristol

control). Knowledge of SQL and experience verifying backend data consistency. Familiarity with containerized environments (Docker, Kubernetes). Familiarity with tools like Burp Suite, OWASP ZAP, or static analysis tools is a plus. What We Offer Competitive salary and benefits package. Opportunities for learning, growth, and contributing to a product More ❯

NSPM, and architectures like SASE and Zero Trust. Application Security: Experience with SAST, DAST, RAST, IAST tools, integrating security into SDLC processes, OWASP, API security design, robust threat modelling, and containerization security. Data Security: Skilled in implementing information protection tools, key and secrets management, data loss More ❯

practices including API versioning, authentication/authorization models and techniques, and secret management. Familiarity with Entity Framework or other ORM tools. Experience in applying OWASP secure coding practices. Confident applying cloud best-practices for identity and access management, hosting, deployment and monitoring. Confident working on problems from scratch – resourceful in More ❯

practices including API versioning, authentication/authorization models and techniques, and secret management. Familiarity with Entity Framework or other ORM tools. Experience in applying OWASP secure coding practices. Confident applying cloud best-practices for identity and access management, hosting, deployment and monitoring. Confident working on problems from scratch - resourceful in More ❯

distributed and hybrid teams . Ability to effectively communicate complex technical concepts in non-technical terms to stakeholders. Familiarity with modern security frameworks like OWASP and SANS25 . Experience with Continuous Delivery and Automated Deployment using tools like Azure DevOps . More ❯

distributed and hybrid teams . Ability to effectively communicate complex technical concepts in non-technical terms to stakeholders. Familiarity with modern security frameworks like OWASP and SANS25 . Experience with Continuous Delivery and Automated Deployment using tools like Azure DevOps . More ❯

algorithm design and complexity analysis. Experience developing, deploying and maintaining APIs onto AWS or Azure. Excellent understanding of software design principles. Experience in applying OWASP secure coding practices. Confident and experienced with automated testing from unit tests to system and integration tests. Willingness to develop across multiple platforms and architectures. More ❯

Proficiency in threat modelling methodologies and tools (e.g., STRIDE, DREAD, Attack Trees) Familiarity with other standards such as ISO/IEC 27001, ISO 27005, OWASP, and MOD ISN 23/09 Ability to identify, assess and mitigate risks across software and hardware product ecosystems Strong written and verbal communication skills More ❯

Proficiency in threat modelling methodologies and tools (e.g., STRIDE, DREAD, Attack Trees) Familiarity with other standards such as ISO/IEC 27001, ISO 27005, OWASP, and MOD ISN 23/09 Ability to identify, assess and mitigate risks across software and hardware product ecosystems Strong written and verbal communication skills More ❯

security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security More ❯

design and complexity analysis. Experience developing, deploying and maintaining API’s onto AWS or Azure. Excellent understanding of software design principles. Experience in applying OWASP secure coding practices. Confident and experienced with automated testing – from unit tests to system and integration tests. Willingness to develop across multiple platforms and architectures. More ❯

algorithm design and complexity analysis. Experience developing, deploying and maintaining APIs onto AWS or Azure. Excellent understanding of software design principles. Experience in applying OWASP secure coding practices. Confident and experienced with automated testing from unit tests to system and integration tests. Willingness to develop across multiple platforms and architectures. More ❯

vulnerabilities. Requirements: 5+ years of hands-on experience in application security and secure software development. Strong knowledge of secure coding practices and common vulnerabilities (OWASP) Experience with SAST, DAST, and IAST tools and integrating them into CI/CD pipelines. Proficiency in writing and reviewing code (JavaScript, Java, Python) with More ❯

experience. Eligibility for or possession of UK Security Clearance (preferred but not required). Solid understanding of common attack techniques and vulnerability classes (e.g., OWASP Top 10, MITRE ATT&CK). Strong familiarity with tools such as Burp Suite, Nmap, Metasploit, etc. Excellent communication and reporting skills. Required Qualifications: Demonstrable More ❯

audits & penetration testing What You’ll Bring CISSP or equivalent + 6-7 years in InfoSec Experience maturing security programs & frameworks ( ISO27001, NIST CAF, OWASP ) Strong knowledge of SIEM, IDS/IPS, RBAC, vulnerability management Understanding of cloud, COTS/SaaS platforms & IoT security Ability to communicate risks & strategies at More ❯

audits & penetration testing What You’ll Bring CISSP or equivalent + 6-7 years in InfoSec Experience maturing security programs & frameworks ( ISO27001, NIST CAF, OWASP ) Strong knowledge of SIEM, IDS/IPS, RBAC, vulnerability management Understanding of cloud, COTS/SaaS platforms & IoT security Ability to communicate risks & strategies at More ❯

ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) If this all sounds More ❯

at rest/in transit, and other application security standards. Ensure software and infrastructure meet organizational security and compliance requirements (e.g., GDPR, ISO 27001, OWASP Top 10). Team Management & Culture Build and scale high-performance engineering teams, including backend, frontend, full-stack, data, and security engineers. Define and track … APIs, ETL, Azure Data Factory DevOps/Infra : CI/CD pipelines (e.g., GitHub Actions, Azure DevOps), containerization, Azure PaaS Security : Secure development lifecycle, OWASP, authentication/authorization protocols Leadership Attributes Technically credible leader with the ability to deep-dive on architecture and code when necessary. Strong decision-making skills More ❯

data Confident with using common data science tooling such as Jupyter notebooks, pandas, matplotlib, seaborn, numpy API testing and security tools: Postman, Burp Suite, OWASP ZAP, etc. Strong knowledge of database management systems (DBMS) such as MySQL Hands-on experience with security and compliance frameworks and standards. Knowledge of performance … with architects and security teams to implement best practices for compliance, data privacy, and protection, while integrating tools and frameworks to assess APIs against OWASP and other relevant security standards (NIST, ISO-27001, PCI-DSS, HIPAA, FedRAMP) Automate security and compliance controls into the platform for continuous monitoring and reporting. More ❯

data Confident with using common data science tooling such as Jupyter notebooks, pandas, matplotlib, seaborn, numpy API testing and security tools: Postman, Burp Suite, OWASP ZAP, etc. Strong knowledge of database management systems (DBMS) such as MySQL Hands-on experience with security and compliance frameworks and standards. Knowledge of performance … with architects and security teams to implement best practices for compliance, data privacy, and protection, while integrating tools and frameworks to assess APIs against OWASP and other relevant security standards (NIST, ISO-27001, PCI-DSS, HIPAA, FedRAMP) Automate security and compliance controls into the platform for continuous monitoring and reporting. More ❯

/components interact correctly. Test APIs, databases, and service flows. Security Testing & Penetration Testing (Ethical Hacking) Simulate attacks to find vulnerabilities. Tools: Burp Suite , OWASP ZAP , Metasploit . CEH , OSCP , CISSP certifications an advantage Vulnerability Testing Scan systems for known vulnerabilities. Collaborate with SecOps and DevSecOps teams. Security QA/… Secure Code Testing Test software from a secure coding perspective. Ensure compliance with secure development standards (OWASP Top 10, etc.). Test Management Oversee testing across multiple teams and or products. Handle stakeholder communication, budget, vendor selection, and process compliance. Test Architectecture Design testing frameworks, strategies, and toolchains. Advise on More ❯

ll analyse new feature code to identify security risks and work with engineers to mitigate them, working and applying modern security standards such as OWASP CI/CD, DSOMM, SAMM and Cloud Security Posture management systems such as Azure Defender and Prisma Cloud. What you'll be doing: · Analysing new … complicated Salesforce environments · Exposure to Cloud Native software development, including cloud infrastructure and API design (Azure preferred) · Proven experience applying modern standards such as OWASP CI/CD, DSOMM, SAMM etc · Strong networking protocol knowledge (TCP/IP, UDP, HTTP/3, AMQP, streaming protocols etc), cloud network design (VPNs More ❯

role will be circa £650 per day, inside IR35 Key Skills Required: Strong Security and Development background, in SDLC-focused roles Deep knowledge of OWASP API Top 10 Able to review Swagger/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as … WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's Able to translate technical risks into business language, collaborating with key stakeholders Experience in large-scale, enterprise environments More ❯

My growing defence client is seeking a Security Architect with NIST framework experience. You'll join a leading organisation that develops cutting edge products and technology. Key Accountabilities : Identify security requirements and ensure the integration of security controls during the More ❯