18 of 18 Permanent OWASP Jobs in Bristol

of security frameworks such as ISO 27001, NIST, or CIS benchmarks. Experience in application security reviews, vulnerability management, and security controls implementation. Familiarity with OWASP Top 10, CWE, and secure coding practices. Proficiency in using security tools such as static and dynamic analysis tools. Basic coding/scripting skills in More ❯

NSPM, and architectures like SASE and Zero Trust. Application Security: Experience with SAST, DAST, RAST, IAST tools, integrating security into SDLC processes, OWASP, API security design, robust threat modelling, and containerization security. Data Security: Skilled in implementing information protection tools, key and secrets management, data loss More ❯

in a recent .Net Framework. Project management tools such as Jira. SonarQube, GitLab, or similar for code quality analysis. Security practices and tools like OWASP and Snyk, or similar. Typescript. CI/CD tools e.g. Jenkins, Azure pipelines, GitHub actions. ELK stack, Prometheus, or Grafana. Benefits: Annual bonus scheme. More ❯

practices including API versioning, authentication/authorization models and techniques, and secret management. Familiarity with Entity Framework or other ORM tools. Experience in applying OWASP secure coding practices. Confident applying cloud best-practices for identity and access management, hosting, deployment and monitoring. Confident working on problems from scratch – resourceful in More ❯

practices including API versioning, authentication/authorization models and techniques, and secret management. Familiarity with Entity Framework or other ORM tools. Experience in applying OWASP secure coding practices. Confident applying cloud best-practices for identity and access management, hosting, deployment and monitoring. Confident working on problems from scratch - resourceful in More ❯

distributed and hybrid teams . Ability to effectively communicate complex technical concepts in non-technical terms to stakeholders. Familiarity with modern security frameworks like OWASP and SANS25 . Experience with Continuous Delivery and Automated Deployment using tools like Azure DevOps . More ❯

Proficiency in threat modelling methodologies and tools (e.g., STRIDE, DREAD, Attack Trees) Familiarity with other standards such as ISO/IEC 27001, ISO 27005, OWASP, and MOD ISN 23/09 Ability to identify, assess and mitigate risks across software and hardware product ecosystems Strong written and verbal communication skills More ❯

Proficiency in threat modelling methodologies and tools (e.g., STRIDE, DREAD, Attack Trees) Familiarity with other standards such as ISO/IEC 27001, ISO 27005, OWASP, and MOD ISN 23/09 Ability to identify, assess and mitigate risks across software and hardware product ecosystems Strong written and verbal communication skills More ❯

Proficiency in threat modelling methodologies and tools (e.g., STRIDE, DREAD, Attack Trees) Familiarity with other standards such as ISO/IEC 27001, ISO 27005, OWASP, and MOD ISN 23/09 Ability to identify, assess and mitigate risks across software and hardware product ecosystems Strong written and verbal communication skills More ❯

security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security More ❯

distributed and hybrid teams . Ability to effectively communicate complex technical concepts in non-technical terms to stakeholders. Familiarity with modern security frameworks like OWASP and SANS25 . Experience with Continuous Delivery and Automated Deployment using tools like Azure DevOps . People Source Consulting Ltd is acting as an Employment More ❯

audits & penetration testing What You’ll Bring CISSP or equivalent + 6-7 years in InfoSec Experience maturing security programs & frameworks ( ISO27001, NIST CAF, OWASP ) Strong knowledge of SIEM, IDS/IPS, RBAC, vulnerability management Understanding of cloud, COTS/SaaS platforms & IoT security Ability to communicate risks & strategies at More ❯

simultaneously. Any experience of these would be really useful Awareness of industry related security standards such as ISO 27000 series, PCI DSS, COBIT, NIST, OWASP Certifications in Security Management such as CISSP/CISM/CCSP or equivalent Certifications in technical Security domains such as CEH/OSCP or equivalent More ❯

ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) If this all sounds More ❯

ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) If this all sounds More ❯

ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) If this all sounds More ❯

ll analyse new feature code to identify security risks and work with engineers to mitigate them, working and applying modern security standards such as OWASP CI/CD, DSOMM, SAMM and Cloud Security Posture management systems such as Azure Defender and Prisma Cloud. What you'll be doing: · Analysing new … complicated Salesforce environments · Exposure to Cloud Native software development, including cloud infrastructure and API design (Azure preferred) · Proven experience applying modern standards such as OWASP CI/CD, DSOMM, SAMM etc · Strong networking protocol knowledge (TCP/IP, UDP, HTTP/3, AMQP, streaming protocols etc), cloud network design (VPNs More ❯

My growing defence client is seeking a Security Architect with NIST framework experience. You'll join a leading organisation that develops cutting edge products and technology. Key Accountabilities : Identify security requirements and ensure the integration of security controls during the More ❯