14 of 14 Permanent OWASP Jobs in the East Midlands

junior consultants through mentoring and peer review. Essential Skills and Experience: Proven experience delivering penetration tests in commercial or consultancy settings. Strong understanding of OWASP Top 10/ASVS, common exploitation techniques and mitigations, network protocols, Active Directory, and Windows/Linux environments, and cloud security fundamentals. Hands-on ability ...

OSCP, OSCE, OSEP, GWAPT, GXPN, or similar certifications Experience with cloud security testing (AWS, Azure, GCP) Strong understanding of security frameworks and vulnerabilities (e.g., OWASP, CVSS, NIST) Experience using tools like Burp Suite, Nmap, Metasploit, Kali Linux, etc. Solid scripting skills in Python, Bash, or PowerShell (for tool development ...

OSCP, OSCE, OSEP, GWAPT, GXPN, or similar certifications Experience with cloud security testing (AWS, Azure, GCP) Strong understanding of security frameworks and vulnerabilities (e.g., OWASP, CVSS, NIST) Experience using tools like Burp Suite, Nmap, Metasploit, Kali Linux, etc. Solid scripting skills in Python, Bash, or PowerShell (for tool development ...

OSCP, OSCE, OSEP, GWAPT, GXPN, or similar certifications Experience with cloud security testing (AWS, Azure, GCP) Strong understanding of security frameworks and vulnerabilities (e.g., OWASP, CVSS, NIST) Experience using tools like Burp Suite, Nmap, Metasploit, Kali Linux, etc. Solid scripting skills in Python, Bash, or PowerShell (for tool development ...

competency - Cloud security awareness (AWS/Azure/GCP + IAM principles) - Scripting/automation skills (Python, PowerShell, Bash) - Understanding of secure coding/OWASP Top 10 - Working knowledge of ISO 27001, NIST, Cyber Essentials - Incident triage, log analysis, and threat investigation capability - Strong communication, problem solving, and teamwork skills ...

environments. You'll be hands-on with GCP, Terraform, and Python scripting, working closely with Security Operations (SOC) teams to enhance web security and OWASP protection. Key Responsibilities Design, implement, and maintain GCP WAF solutions across various cloud workloads. Integrate WAF solutions with CI/CD pipelines and automate security ...

environments. You'll be hands-on with GCP, Terraform, and Python scripting, working closely with Security Operations (SOC) teams to enhance web security and OWASP protection. Key Responsibilities Design, implement, and maintain GCP WAF solutions across various cloud workloads. Integrate WAF solutions with CI/CD pipelines and automate security ...

based on applicable skillset (e.g., Kali Linux, Burp Suite, Metasploit, Nessus) Familiarity with offensive and defensive IT concepts and protocols Extensive understanding of the OWASP Top 10, MITRE ATT&CK framework, and various security frameworks. Working knowledge of Windows, Linux and MacOS operating systems internals Experience mentoring or coaching ...

based on applicable skillset (e.g., Kali Linux, Burp Suite, Metasploit, Nessus) Familiarity with offensive and defensive IT concepts and protocols Extensive understanding of the OWASP Top 10, MITRE ATT&CK framework, and various security frameworks. Working knowledge of Windows, Linux and MacOS operating systems internals Experience mentoring or coaching ...

based on applicable skillset (e.g., Kali Linux, Burp Suite, Metasploit, Nessus) Familiarity with offensive and defensive IT concepts and protocols Extensive understanding of the OWASP Top 10, MITRE ATT&CK framework, and various security frameworks. Working knowledge of Windows, Linux and MacOS operating systems internals Experience mentoring or coaching ...

such as: Qualys, Rapid7, Tanium, Axonius, Armis, or other. Experience applying the following models to an enterprise security program: CMMI, ISO/IEC 2700, OWASP SAMM, NIST, SMM SANS Security Maturity Model. Experience developing security reports, trends, and metrics analysis. Experience with the application of some of the following frameworks ...

CHECK-approved penetration tests across infrastructure, web applications, APIs, and cloud environments. Perform manual, high-depth testing and advanced exploitation aligned with industry standards (OWASP, NCSC, CREST). Support adversarial validation engagements, collaborating with internal and client security teams. Produce clear, actionable reports and present findings to technical and executive ...

CHECK-approved penetration tests across infrastructure, web applications, APIs, and cloud environments. Perform manual, high-depth testing and advanced exploitation aligned with industry standards (OWASP, NCSC, CREST). Support adversarial validation engagements, collaborating with internal and client security teams. Produce clear, actionable reports and present findings to technical and executive ...

CHECK-approved penetration tests across infrastructure, web applications, APIs, and cloud environments. Perform manual, high-depth testing and advanced exploitation aligned with industry standards (OWASP, NCSC, CREST). Support adversarial validation engagements, collaborating with internal and client security teams. Produce clear, actionable reports and present findings to technical and executive ...