1 to 25 of 66 Permanent OWASP Jobs in England

segmentation, and host security. Hands on experience with the following security products Trellix, Ivanti, ClearSwift, Yubikey Understanding of secure coding practices and common vulnerabilities (OWASP Top 10, SANS Top 25). Expertise in identity and access management (IAM), including RBAC, ABAC, JWT and Cookie based authentication. Incident detection and response ...

Docker and/or Kubernetes Development Practices - Mandatory RESTful API design, development, and life cycle management Secure development - SAST/DAST tooling, code review, OWASP awareness Technical documentation to a high standard On-site in Taunton, Somerset - 2 days per week minimum Desirable Skills & Experience Legacy Windows technologies - Win32 ...

scripting (Bash). Mettre en place et suivre le monitoring applicatif (logs, métriques, alerting) pour assurer observabilité ,sécurisation et performance en production. La certification OWASP est un +. Faire le lien entre les besoins métier, la tech et l’industrialisation : priorisation, roadmap, arbitrages techniques. Vous êtes passionné par la Data ...

application risks are clearly understood, prioritised, and effectively managed. Required Skills: Strong experience in Application Security, DevSecOps, or Secure Software Engineering Deep understanding of OWASP Top 10 and exploitation techniques Hands-on experience with SAST, DAST, and SCA tools Experience integrating security into CI/CD and SDLC Cloud experience ...

application risks are clearly understood, prioritised, and effectively managed. Required Skills: Strong experience in Application Security, DevSecOps, or Secure Software Engineering Deep understanding of OWASP Top 10 and exploitation techniques Hands-on experience with SAST, DAST, and SCA tools Experience integrating security into CI/CD and SDLC Cloud experience ...

application risks are clearly understood, prioritised, and effectively managed. Required Skills: Strong experience in Application Security, DevSecOps, or Secure Software Engineering Deep understanding of OWASP Top 10 and exploitation techniques Hands-on experience with SAST, DAST, and SCA tools Experience integrating security into CI/CD and SDLC Cloud experience ...

application risks are clearly understood, prioritised, and effectively managed. Required Skills: Strong experience in Application Security, DevSecOps, or Secure Software Engineering Deep understanding of OWASP Top 10 and exploitation techniques Hands-on experience with SAST, DAST, and SCA tools Experience integrating security into CI/CD and SDLC Cloud experience ...

experience with CI/CD security integration (GitLab CI or similar) Familiarity with SAST/DAST tooling and dependency scanning Understanding of common vulnerabilities (OWASP Top 10) and remediation Previous experience working as a back end or full stack developer Knowledge of GDPR and data protection legislation Strong communicator; able ...

risks and provide remediation strategies. Ensure compliance with industry standards (ISO 27001, GDPR, SOC 2, etc.). Implement best practices for secure software development (OWASP, encryption, IAM, etc.). 6. Performance Optimisation & Scaling Analyse system bottlenecks and recommend performance tuning strategies. Support database optimisations, caching mechanisms, and load balancing strategies. ...

Cloud & DevOps: AWS architecture and CI/CD automation (e.g., GitHub Actions), with emphasis on deployment efficiency and reliability. Security Engineering: Applied knowledge of OWASP, OAuth2, MFA, and secure identity patterns, embedded within end‐to‐end system design. Quality & Assurance: Experience with unit testing and security testing practices (SAST, DAST ...

conducting threat modelling (e.g. STRIDE, attack trees) and risk analysis Strong understanding of security frameworks and best practice such as ISO 27001, NIST, CIS, OWASP, NCSC guidance Experience working in the UK Public Sector and associated security standards and guidance including GovAssure/NCSC CAF, HMG Security Policy Framework. Knowledge ...

native architectures, CI/CD automation using GitHub Actions, infrastructure and deployment optimisation. Security Engineering: Security‐by‐design mindset with applied knowledge of OWASP Top 10, WCAG, OAuth2, MFA, and secure identity patterns. Quality & Assurance: Proficient in unit testing frameworks; governance and execution of SAST, DAST, SCA, and penetration testing ...

Infrastructure as Code (Terraform), observability tooling (Grafana, Kibana, Datadog, CloudWatch), automated testing (NUnit, xUnit, Cypress, Playwright), Git‐based workflows, and secure development practices including OWASP, secrets management and Vault. Ways of Working, Comfortable in Scrum/Kanban environments with strong communication skills; experienced with Jira, Confluence, Slack and MS Teams ...

automated testing using tools such as NUnit, Jasmine and Selenium Good knowledge of SOLID principles Desirable Skills: Containers (docker, K8s) Security best practice (OWASP top ten) OpenIDConnect/Identity server MS SQL Server Azure DevOps, TeamCity Infrastructure as Code (Bicep, ARM templates, Terraform) Please apply now or contact ...

automated testing using tools such as NUnit, Jasmine and Selenium Good knowledge of SOLID principles Desirable Skills: Containers (docker, K8s) Security best practice (OWASP top ten) OpenIDConnect/Identity server MS SQL Server Azure DevOps, TeamCity Infrastructure as Code (Bicep, ARM templates, Terraform) Please apply now or contact (url removed ...

native architectures, CI/CD automation using GitHub Actions, infrastructure and deployment optimisation. Security Engineering: Security‐by‐design mindset with applied knowledge of OWASP Top 10, WCAG, OAuth2, MFA, and secure identity patterns. Quality & Assurance: Proficient in unit testing frameworks; governance and execution of SAST, DAST, SCA, and penetration testing ...

Senior Cyber Security Analyst (OWASP/SAST/DAST – Banking Client Application Security | Secure Design | Threat Modelling | DevSecOps) Locations: London, Paris, Brussels, Amsterdam Rate: Flexible Duration: 12 months We are looking for a Cyber Security Analyst specialising in Application Security and Secure Architecture to join a high-performing security team … alignment with secure-by-design principles, embed security into the software development lifecycle (SDLC), support development teams in implementing secure coding practices aligned with OWASP guidelines. Security Testing & DevSecOps – Define and review security testing activities including SAST, DAST and software composition analysis (SCA), work with engineering teams to integrate security ...

enterprise security domains Experience with threat modelling frameworks (STRIDE/MITRE ATT&CK) Understanding of security standards such as ISO 27001, NIST, PCI DSS, OWASP Strong stakeholder management and communication skills Desirable Security certifications (CISSP, CISM, CCSP, CEH, OSCP or equivalent) Experience with public or private cloud environments #J ...

tooling. In‐depth knowledge of secure coding practices in Node.js, TypeScript, Python, and/or React. Familiarity with security frameworks and standards (e.g. OWASP, NIST, CIS Benchmarks). Strong communication skills, with the ability to translate risk for both technical and non‐technical audiences. Nice to Have Experience with Semgrep ...

testing experience Strong understanding of web application and infrastructure testing methodologies Experience with tools such as Burp Suite, Nmap, Nessus, Metasploit, etc. Understanding of OWASP Top 10 and common attack vectors Strong report writing and communication skills Consultancy/client-facing experience beneficial Additional certifications such as CPSA or cloud ...

practices . Strong understanding of Web Applications, Microservices, APIs, authentication/authorization protocols , and data architecture . Knowledge of secure software development practices , GDPR, OWASP, and NCSC cloud security principles. Experience delivering AI-based solutions, real-time data integration, or IoT solutions is advantageous. Consultancy & Leadership Skills Excellent communication skills ...

Operations role within a large or complex enterprise environment. Strong understanding of cybersecurity standards and frameworks, including ISO 27001, NIST 800 53, CIS Controls, OWASP, and SOC1/2. ...

Google Cloud Platform (GCP) Cloud Security and Zero Trust architectures Enterprise and Security Architecture frameworks ISO 27001, NIST 800-53, CIS Controls, and OWASP Identity & Access Management (IAM) and Privileged Access Management (PAM) Security Monitoring, SIEM, Threat Detection, and Response Risk Management and Governance frameworks SaaS platforms including Salesforce ...

experience in secure software development, particularly with Java or .NET frameworks. Solid understanding of secure development lifecycle practices and industry security standards (e.g., GDPR, OWASP, NCSC cloud security principles). Demonstrated ability to work collaboratively within multi-disciplinary teams and influence at senior levels. Proficiency in modern technologies such ...

Experience with mobile analytics, crash reporting, and APM tools (e.g. Firebase, Dynatrace, App Center) • Understanding of secure coding practices and mobile security frameworks (e.g. OWASP Mobile) • Experience with mobile device management (MDM) or enterprise distribution • Familiarity with cross-platform considerations, even if primarily native-focused Scope & Accountability • Responsible for hands ...