1 to 25 of 30 Permanent OWASP Jobs in England

segmentation, and host security. Hands on experience with the following security products Trellix, Ivanti, ClearSwift, Yubikey Understanding of secure coding practices and common vulnerabilities (OWASP Top 10, SANS Top 25). Expertise in identity and access management (IAM), including RBAC, ABAC, JWT and Cookie based authentication. Incident detection and response ...

Secure architecture design and secure-by-design principles Risk assessment, threat modelling, and vulnerability management Security frameworks: ISO 27001, NIST 800-30/53, OWASP Cloud security architecture (AWS, Azure, GCP) Incident response, penetration testing, and remediation concepts Persuasive communication skills across technical and non-technical stakeholders Excellent analytical, documentation ...

reviewing academic literature on AI failure modes and red teaming. Continuous Learning: Develop a deep understanding of AI risk frameworks (NIST, MITRE ATLAS, OWASP) and learn how to deploy testing infrastructure within AWS and Kubernetes (EKS). Minimum Qualifications A degree in a quantitative subject (such as Mathematics, Computer Science ...

conducting threat modelling (e.g. STRIDE, attack trees) and risk analysis Strong understanding of security frameworks and best practice such as ISO 27001, NIST, CIS, OWASP, NCSC guidance Experience working in the UK Public Sector and associated security standards and guidance including GovAssure/NCSC CAF, HMG Security Policy Framework. Knowledge ...

experience with cloud-native environments—preferably GCP and Azure. Skilled in performance optimisation techniques. Deep understanding of web and mobile security best practices, including OWASP guidelines, secure authentication and authorisation. Experience with containerisation and infrastructure tools such as Docker, Kubernetes, Helm, and Terraform. Familiarity with mobile frameworks such as Ionic ...

design and distributed systems Knowledge of modern engineering practices, including CI/CD and DevSecOps Understanding of secure development practices such as OWASP Top 10 Experience with testing methodologies such as TDD or BDD Bonus experience: PostgreSQL or NoSQL databases Large-scale platform migrations or re-architecture initiatives Experience ...

understanding of Cloud security (AWS, Azure or GCP), hybrid cloud design, and modern DevSecOps principles Strong knowledge of frameworks such as NIST, ISO 27001, OWASP, and CIS Solid grounding in tools and technologies like SIEM, IDS/IPS, DLP, endpoint protection, IAM, and encryption This is an autonomous role which ...

Score remediation Vulnerability Management Tools such as Tenable , Pentera , Varonis , Secure Score Experience coordinating remediation with technical teams Frameworks & Security Models MITRE ATT&CK, OWASP Top 10 Exposure to zero-trust principles Understanding of encryption, certificate management, secrets management Scripting & Automation PowerShell (essential) Python or Bash desirable Security automation experience ...

protocols (e.g. A2A) Familiarity with MCPs for tool and context integration in agentic systems Familiarity with secure-by-design development principles (ISO 27001, NIST, OWASP) Experience in defence, national security, or similarly regulated environments Contributions to open-source AI/ML projects Soft Skills Delivery-focused - you ship working systems ...

responsibilities are: Technical Leadership Define and evolve backend architecture to ensure scalability, maintainability, and performance. Set coding standards and champion secure development practices (e.g. OWASP). Influence technology choices, frameworks, and tools to support engineering excellence. Oversee improvements to CI/CD pipelines, build processes, and operational workflows. Can clearly ...

knowledge of security products including WAFs, SIEM, AV, email/web gateways, firewalls, load balancers, ACLs, TCP/IP, routing, and switching Familiarity with OWASP, SASE, zero-trust, and risk-based vulnerability management Background in infrastructure and networks Working towards or holding CISSP, SANS GCIA, CompTIA Security+, CCNA/CCNP ...

security governance frameworks CISSP (or equivalent certification) Experience with risk assessments, threat modelling, and security design reviews Broad technical understanding across: Application security (e.g. OWASP, IAM, cryptography) Infrastructure security (networks, endpoints, cloud) Operational security (incident management, DR/BCP, patching) Experience managing or supporting vulnerability assessments and penetration testing Ability ...

ceremonies and continuous improvement Support BAU activities, troubleshooting and resolving complex technical issues Ensure applications meet web and cloud security best practices (e.g. OWASP) Produce clear technical documentation and share knowledge across the team What are we looking for? Strong experience with Angular, HTML, CSS, JavaScript and TypeScript Hands ...

ViTest) Contributing to CI/CD pipeline improvements and secure deployment practices Participating in architecture and technical design reviews Ensuring all development aligns with OWASP security best practices Tech Stack & Environment Core technologies: .NET 10/ASP.NET Core Angular 21 (mandatory) DevExpress DevExtreme v25 (mandatory) Entity Framework Core TypeScript/ ...

ViTest) Contributing to CI/CD pipeline improvements and secure deployment practices Participating in architecture and technical design reviews Ensuring all development aligns with OWASP security best practices Tech Stack & Environment Core technologies: .NET 10/ASP.NET Core Angular 21 (mandatory) DevExpress DevExtreme v25 (mandatory) Entity Framework Core TypeScript/ ...

ViTest) Contributing to CI/CD pipeline improvements and secure deployment practices Participating in architecture and technical design reviews Ensuring all development aligns with OWASP security best practices Tech Stack & Environment Core technologies: .NET 10/ASP.NET Core Angular 21 (mandatory) DevExpress DevExtreme v25 (mandatory) Entity Framework Core TypeScript/ ...

technical documentation. Experience in supporting and developing environments and applications within Azure (e.g., WAMP/LAMP). Familiarity with cloud-based solutions adhering to OWASP developer best practices. Proficiency in languages/middleware such as Asp.Net, Python, PHP, Apache. Experience managing SQL databases (Azure DB, Managed SQL, MS SQL & MySQL ...

years’ commercial experience in penetration testing or offensive security Broad exposure across multiple testing domains (infrastructure, application, cloud) Strong understanding of common vulnerabilities (e.g. OWASP Top 10) Ability to work with limited information and still deliver structured, effective outcomes Excellent written and verbal communication skills Desirable Experience Experience working within ...

strong attention to detail A solid understanding of how web applications work including security, session management, and best development practices Full understanding of the OWASP framework. Enforcement of the framework throughout all coding Create, maintain and coordinate backup mechanisms for the purposes of business continuity while maintaining a high level ...

APIs, cloud, network, infrastructure, and more. Ensure consistent, high-quality client deliverables and maintain professional standards in line with industry frameworks (e.g., CREST, OSSTMM, OWASP). Scope and plan multifaceted security engagements, supporting commercial teams on proposals and resource planning. Drive practice innovation, building out AI security testing capabilities ...

APIs, cloud, network, infrastructure, and more. Ensure consistent, high-quality client deliverables and maintain professional standards in line with industry frameworks (e.g., CREST, OSSTMM, OWASP). Scope and plan multifaceted security engagements, supporting commercial teams on proposals and resource planning. Drive practice innovation, building out AI security testing capabilities ...

security testing experience Proven leadership or practice-level responsibility Strong capability across web, API, cloud, infrastructure, and network testing Experience with industry methodologies (OWASP, PTES, OSSTMM) Relevant certifications (e.g. CREST, OSCP, CISSP, CHECK) Strong communication and commercial awareness Nice to have Red team or AI/LLM security testing experience ...

version control systems, particularly Git Desirable Skills/Experience: Demonstrable knowledge of web security principles - including authentication, authorisation, data protection, and vulnerability mitigation (e.g. OWASP standards) Familiarity with databases (SQL and/or NoSQL ...

C#, MVC, ASP.NET Core, JavaScript, HTML & CSS Experience debugging, profiling and deploying web applications Solid understanding of MVC patterns, ASP.NET controllers & web security (OWASP) Comfortable working with IIS Exposure to frameworks like React, Vue, Angular or Knockout is a plus Degree in Computer Science or related field preferred from ...

Key responsibilities Find out exactly what skills, experience, and qualifications you will need to succeed in this role before applying below. Ability to develop, design secure solutions and produce a Security Design documenting the controls. ...