1 to 25 of 83 Permanent OWASP Jobs in England

technical knowledge of application security architecture, cloud platforms (AWS, Azure, GCP), microservices, APIs, and identity/access management. Strong familiarity with modern programming languages, frameworks, and security vulnerabilities (e.g., OWASP Top Ten, SANS 25). Proven experience driving digital transformation initiatives, including migration of legacy applications to cloud-native platforms and adoption of SaaS/PaaS solutions. Understanding of UK More ❯

and Azure DevOps (CI/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage More ❯

and Azure DevOps (CI/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage More ❯

Conduct secure code reviews and support remediation efforts. Threat Modelling & Architecture Review Requirements (Primarily Essential) 2+ years of experience in application security or secure software development. Strong knowledge of OWASP Top 10, secure coding principles, and threat modelling. Hands-on experience with SAST, DAST, SCA, and vulnerability management tools. Familiarity with cloud platforms (Azure or AWS), CI/CD pipelines More ❯

Conduct secure code reviews and support remediation efforts. Threat Modelling & Architecture Review Requirements (Primarily Essential) 2 years of experience in application security or secure software development. Strong knowledge of OWASP Top 10, secure coding principles, and threat modelling. Hands-on experience with SAST, DAST, SCA, and vulnerability management tools. Familiarity with cloud platforms (Azure or AWS), CI/CD pipelines More ❯

EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

. Proficient in Git or other version control systems. Desirable Knowledge, Skills and Experience: Certifications in OCI or other cloud platforms (AWS, GCP). Experience with security tools like OWASP ZAP, Burp Suite, etc. Familiarity with Jira, Confluence, or similar tools. Knowledge of compliance frameworks (e.g., GDPR, HIPAA, ISO 27001, ISO 13485). Background in start-up or scale-up More ❯

CD pipelines, Docker/Kubernetes, and IaC tools. Ops mindset: Proficiency with monitoring/observability tools (Prometheus, Grafana, ELK, Splunk). Security awareness: Knowledge of secure coding practices and OWASP considerations in Java applications. Financial acumen: Able to manage budgets and optimise spend on tools/services. Client-facing ability: Comfortable explaining technical issues in plain language to non-technical More ❯

/CD pipelines, plus scripting languages such as PowerShell, YAML, or JSON Knowledge of application security tools, threat modelling, and risk assessments Familiarity with standards/frameworks such as OWASP, NIST SSDF, ISO27001, NCSC Experience guiding engineering teams and influencing security culture Excellent communication skills, able to engage confidently with developers and senior leadership Why join them? You'll be More ❯

/CD pipelines, plus scripting languages such as PowerShell, YAML, or JSON Knowledge of application security tools, threat modelling, and risk assessments Familiarity with standards/frameworks such as OWASP, NIST SSDF, ISO27001, NCSC Experience guiding engineering teams and influencing security culture Excellent communication skills, able to engage confidently with developers and senior leadership Why join them? You'll be More ❯

command-line interfaces or scripting tools in cloud environments is a plus Cloud Security skills (desired) Secure software development practices, including SecDevOps Sound knowledge of applicable frameworks & standards, including OWASP, MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM & ISO 27107 Relevant industry certifications including CSCP Understanding of cyber risk frameworks or industry standards such as 800-53, ISO More ❯

command-line interfaces or scripting tools in cloud environments is a plus Cloud Security skills (desired) Secure software development practices, including SecDevOps Sound knowledge of applicable frameworks & standards, including OWASP, MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM & ISO 27107 Relevant industry certifications including CSCP Understanding of cyber risk frameworks or industry standards such as 800-53, ISO More ❯

command-line interfaces or scripting tools in cloud environments is a plus Cloud Security skills (desired) Secure software development practices, including SecDevOps Sound knowledge of applicable frameworks & standards, including OWASP, MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM & ISO 27107 Relevant industry certifications including CSCP Understanding of cyber risk frameworks or industry standards such as 800-53, ISO More ❯

through training, documentation, and direct engagement. DevSecOps Engineer - Requirements: 3-5+ years of experience in application security or secure software development. Strong understanding of vulnerabilities and prevention techniques (OWASP Top 10). Experience with CI/CD pipelines and integrating AppSec tooling. Strong understanding of modern programming languages (JavaScript, Java, Python). Strong communication skills and ability to collaborate More ❯

Excellent problem-solving skills and attention to detail Commercial experience in professional PHP development Strong understanding of object-oriented programming and SOLID principles Knowledge of secure coding practices (e.g., OWASP) Strong experience with modern PHP frameworks (preferably Laravel or Symfony) Familiarity with relational databases (MySQL) and writing performant queries Comfortable working with Git, Composer, and modern development workflows Strong verbal More ❯

efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. More ❯

efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. More ❯

Experience with scalable applications, design patterns, and asynchronous programming (e.g. queuing, caching, logging). Familiarity with Windows services, DevOps, Azure OR AWS, CI/CD, and security best practices (OWASP, ISO standards). Strong communication skills, with the ability to explain technical ideas to non-technical stakeholders. Organised, motivated, and able to prioritise effectively under pressure. A relevant degree would More ❯

at mkodo ✨ 📝 What You'll Be Doing... Technical Leadership Define and evolve backend architecture to ensure scalability, maintainability, and performance. Set coding standards and champion secure development practices (e.g. OWASP). Influence technology choices, frameworks, and tools to support engineering excellence. Oversee improvements to CI/CD pipelines, build processes, and operational workflows. Can clearly and confidently articulate risk of More ❯

at mkodo ✨ 📝 What You'll Be Doing... Technical Leadership Define and evolve backend architecture to ensure scalability, maintainability, and performance. Set coding standards and champion secure development practices (e.g. OWASP). Influence technology choices, frameworks, and tools to support engineering excellence. Oversee improvements to CI/CD pipelines, build processes, and operational workflows. Can clearly and confidently articulate risk of More ❯

at mkodo ✨ 📝 What You'll Be Doing... Technical Leadership Define and evolve backend architecture to ensure scalability, maintainability, and performance. Set coding standards and champion secure development practices (e.g. OWASP). Influence technology choices, frameworks, and tools to support engineering excellence. Oversee improvements to CI/CD pipelines, build processes, and operational workflows. Can clearly and confidently articulate risk of More ❯

at mkodo ✨ 📝 What You'll Be Doing... Technical Leadership Define and evolve backend architecture to ensure scalability, maintainability, and performance. Set coding standards and champion secure development practices (e.g. OWASP). Influence technology choices, frameworks, and tools to support engineering excellence. Oversee improvements to CI/CD pipelines, build processes, and operational workflows. Can clearly and confidently articulate risk of More ❯

at mkodo ✨ 📝 What You'll Be Doing... Technical Leadership Define and evolve backend architecture to ensure scalability, maintainability, and performance. Set coding standards and champion secure development practices (e.g. OWASP). Influence technology choices, frameworks, and tools to support engineering excellence. Oversee improvements to CI/CD pipelines, build processes, and operational workflows. Can clearly and confidently articulate risk of More ❯

containerised applications using technologies such as AWS Lambda, Spring Boot, NodeJS, Python FastAPI, Oracle, PostgreSQL and MongoDB Contributing to DevSecOps delivery pipelines, using tooling such as Atlassian, Jenkins, GitLab, OWASP and AWS services Applying Site Reliability Engineering principles to ensure solutions are resilient, reliable and cost-effective Supporting clients and end users in making technical product decisions by clearly explaining More ❯