7 of 7 Permanent OWASP Jobs in Central London

Terraform) Containerisation (Docker, AKS) and serverless (Azure Functions) Monitoring and observability (Application Insights, Log Analytics) Secrets management and vulnerability scanning (Key Vault, SonarQube, OWASP) Architecture & Design Microservices and event-driven design (Service Bus, Event Grid, Kafka) Domain-Driven Design (DDD) principles Resilient and scalable system patterns (circuit breakers, retries) Integration ...

/CD, Docker , containerisation, Ubuntu/Linux, AWS , Serverless, CDK/CDKTF , Ansible Quality & Analytics: Postman API, testing frameworks, web analytics Patterns: Secure SDLC, OWASP Top 10 , TDD , Git-based workflows Must-have experience Proven delivery of full-stack web applications (frontend + backend + API) from design to production ...

Security & Compliance Implement secure design: encryption, secret management, secure SDLC, API security (OAuth2/OIDC), network segmentation, least privilege in IAM. Align with standards (OWASP, NIST, CIS Benchmarks, PCI/ISO 27001 where applicable). Observability & Resilience Define logging, metrics, tracing (OpenTelemetry), health checks, circuit breakers, retries, and backoff strategies. ...

vulnerability research, exploit development, threat emulation, or closely related offensive research and simulation activities Strong knowledge of security frameworks such as MITRE ATT&CK, OWASP, NIST or equivalent industry frameworks and models Hybrid working,3 days in office. Look forward to hearing from ...

legal applications such as Aderant, Intapp or iManage essential for managing firm operations, billing, and financials efficiently. Familiarity with industry-centric standards, including OWASP for security best practices and WCAG (Web Content Accessibility Guidelines) for accessibility, ensuring software is secure and usable for all audiences. This role offers hybrid/ ...

define penetration testing scope by reviewing design and interface documents. Prepare detailed test plans, scenarios, and rules of engagement aligned with CREST and OWASP standards. Conduct API penetration testing (REST, GraphQL, SOAP) focusing on authentication, authorization, and business logic flaws. Perform UI/Web application penetration testing for vulnerabilities such … including executive summaries, technical details, and risk ratings (CVSS). Support re-testing after fixes and validate remediation effectiveness. Ensure compliance with industry standards (OWASP ASVS, API Top 10, ISO 27001, PCI-DSS). Recommend security best practices and contribute to continuous improvement of testing methodologies. Maintain strong documentation ...

define penetration testing scope by reviewing design and interface documents. Prepare detailed test plans, scenarios, and rules of engagement aligned with CREST and OWASP standards. Conduct API penetration testing (REST, GraphQL, SOAP) focusing on authentication, authorization, and business logic flaws. Perform UI/Web application penetration testing for vulnerabilities such … including executive summaries, technical details, and risk ratings (CVSS). Support re-testing after fixes and validate remediation effectiveness. Ensure compliance with industry standards (OWASP ASVS, API Top 10, ISO 27001, PCI-DSS). Recommend security best practices and contribute to continuous improvement of testing methodologies. Maintain strong documentation ...