1 to 25 of 43 Permanent OWASP Jobs in London

and Azure DevOps (CI/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage More ❯

and Azure DevOps (CI/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage More ❯

Conduct secure code reviews and support remediation efforts. Threat Modelling & Architecture Review Requirements (Primarily Essential) 2+ years of experience in application security or secure software development. Strong knowledge of OWASP Top 10, secure coding principles, and threat modelling. Hands-on experience with SAST, DAST, SCA, and vulnerability management tools. Familiarity with cloud platforms (Azure or AWS), CI/CD pipelines More ❯

Conduct secure code reviews and support remediation efforts. Threat Modelling & Architecture Review Requirements (Primarily Essential) 2 years of experience in application security or secure software development. Strong knowledge of OWASP Top 10, secure coding principles, and threat modelling. Hands-on experience with SAST, DAST, SCA, and vulnerability management tools. Familiarity with cloud platforms (Azure or AWS), CI/CD pipelines More ❯

EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

/CD pipelines, plus scripting languages such as PowerShell, YAML, or JSON Knowledge of application security tools, threat modelling, and risk assessments Familiarity with standards/frameworks such as OWASP, NIST SSDF, ISO27001, NCSC Experience guiding engineering teams and influencing security culture Excellent communication skills, able to engage confidently with developers and senior leadership Why join them? You'll be More ❯

/CD pipelines, plus scripting languages such as PowerShell, YAML, or JSON Knowledge of application security tools, threat modelling, and risk assessments Familiarity with standards/frameworks such as OWASP, NIST SSDF, ISO27001, NCSC Experience guiding engineering teams and influencing security culture Excellent communication skills, able to engage confidently with developers and senior leadership Why join them? You'll be More ❯

command-line interfaces or scripting tools in cloud environments is a plus Cloud Security skills (desired) Secure software development practices, including SecDevOps Sound knowledge of applicable frameworks & standards, including OWASP, MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM & ISO 27107 Relevant industry certifications including CSCP Understanding of cyber risk frameworks or industry standards such as 800-53, ISO More ❯

command-line interfaces or scripting tools in cloud environments is a plus Cloud Security skills (desired) Secure software development practices, including SecDevOps Sound knowledge of applicable frameworks & standards, including OWASP, MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM & ISO 27107 Relevant industry certifications including CSCP Understanding of cyber risk frameworks or industry standards such as 800-53, ISO More ❯

Experience with scalable applications, design patterns, and asynchronous programming (e.g. queuing, caching, logging). Familiarity with Windows services, DevOps, Azure OR AWS, CI/CD, and security best practices (OWASP, ISO standards). Strong communication skills, with the ability to explain technical ideas to non-technical stakeholders. Organised, motivated, and able to prioritise effectively under pressure. A relevant degree would More ❯

at mkodo ✨ 📝 What You'll Be Doing... Technical Leadership Define and evolve backend architecture to ensure scalability, maintainability, and performance. Set coding standards and champion secure development practices (e.g. OWASP). Influence technology choices, frameworks, and tools to support engineering excellence. Oversee improvements to CI/CD pipelines, build processes, and operational workflows. Can clearly and confidently articulate risk of More ❯

at mkodo ✨ 📝 What You'll Be Doing... Technical Leadership Define and evolve backend architecture to ensure scalability, maintainability, and performance. Set coding standards and champion secure development practices (e.g. OWASP). Influence technology choices, frameworks, and tools to support engineering excellence. Oversee improvements to CI/CD pipelines, build processes, and operational workflows. Can clearly and confidently articulate risk of More ❯

at mkodo ✨ 📝 What You'll Be Doing... Technical Leadership Define and evolve backend architecture to ensure scalability, maintainability, and performance. Set coding standards and champion secure development practices (e.g. OWASP). Influence technology choices, frameworks, and tools to support engineering excellence. Oversee improvements to CI/CD pipelines, build processes, and operational workflows. Can clearly and confidently articulate risk of More ❯

at mkodo ✨ 📝 What You'll Be Doing... Technical Leadership Define and evolve backend architecture to ensure scalability, maintainability, and performance. Set coding standards and champion secure development practices (e.g. OWASP). Influence technology choices, frameworks, and tools to support engineering excellence. Oversee improvements to CI/CD pipelines, build processes, and operational workflows. Can clearly and confidently articulate risk of More ❯

containerised applications using technologies such as AWS Lambda, Spring Boot, NodeJS, Python FastAPI, Oracle, PostgreSQL and MongoDB Contributing to DevSecOps delivery pipelines, using tooling such as Atlassian, Jenkins, GitLab, OWASP and AWS services Applying Site Reliability Engineering principles to ensure solutions are resilient, reliable and cost-effective Supporting clients and end users in making technical product decisions by clearly explaining More ❯

Entity Framework. Experience with scalable applications, design patterns, and asynchronous programming (e.g. queuing, caching, logging). Familiarity with Windows services, DevOps, Azure, CI/CD, and security best practices (OWASP, ISO standards). Strong communication skills, with the ability to explain technical ideas to non-technical stakeholders. Organised, motivated, and able to prioritise effectively under pressure. A relevant degree would More ❯

Entity Framework. Experience with scalable applications, design patterns, and asynchronous programming (e.g. queuing, caching, logging). Familiarity with Windows services, DevOps, Azure, CI/CD, and security best practices (OWASP, ISO standards). Strong communication skills, with the ability to explain technical ideas to non-technical stakeholders. Organised, motivated, and able to prioritise effectively under pressure. A relevant degree would More ❯

and support the development of threat processes Essential Skills & Experience Strong technical background with scripting ability (e.g. Python) Proven threat hunting experience and malware analysis skills Good understanding of OWASP Top 10, DevSecOps threats, and cloud architectures (Azure, AWS) Experience with vulnerability management, incident response, and security operations tools (e.g. ServiceNow, Remedy) Familiarity with operating systems (Windows, Linux, Unix), databases More ❯

Contribute to a collaborative and pragmatic security culture, documenting risks and communicating trade-offs to the business. 🛠️ What They’re Looking For Strong knowledge of application and product security (OWASP Top 10, secure coding practices). Experience with CI/CD pipelines, IaC, and SAST tools . Cloud security expertise - AWS preferred (Azure, GCP also welcome). Some software development More ❯

Contribute to a collaborative and pragmatic security culture, documenting risks and communicating trade-offs to the business. 🛠️ What They’re Looking For Strong knowledge of application and product security (OWASP Top 10, secure coding practices). Experience with CI/CD pipelines, IaC, and SAST tools . Cloud security expertise - AWS preferred (Azure, GCP also welcome). Some software development More ❯

Contribute to a collaborative and pragmatic security culture, documenting risks and communicating trade-offs to the business. 🛠️ What They’re Looking For Strong knowledge of application and product security (OWASP Top 10, secure coding practices). Experience with CI/CD pipelines, IaC, and SAST tools . Cloud security expertise - AWS preferred (Azure, GCP also welcome). Some software development More ❯

Contribute to a collaborative and pragmatic security culture, documenting risks and communicating trade-offs to the business. 🛠️ What They’re Looking For Strong knowledge of application and product security (OWASP Top 10, secure coding practices). Experience with CI/CD pipelines, IaC, and SAST tools . Cloud security expertise - AWS preferred (Azure, GCP also welcome). Some software development More ❯

experience interfacing with disparate systems. Excellent communicator with a self-starter attitude and comfort working autonomously. Applicable understanding of software security, common exploits and secure development practices, including the OWASP Top 10. Proven and demonstrable understanding of testing methodologies and frameworks. Commercial experience with AWS and IaC (Terraform/CDK/CloudFormation) Commercial experience with Linux, Docker, Docker Compose, Git More ❯

internal teams, promoting knowledge sharing within and across teams. A good understanding of security frameworks including ISO27001/2, Cyber Essentials Plus, CIS Top 20, Data Protection Act 2018, OWASP Top 10. Have or be working towards relevant industry certification such as CISSP, CISM, CRISC or similar. Good understanding of governance and decision making in complex organisations Knowledge and experience More ❯

Proven commercial experience in a penetration testing role. Deep technical knowledge of networking protocols, operating systems (Windows, Linux), and common infrastructure vulnerabilities. Strong experience in web application penetration testing (OWASP Top 10). Proficiency with common penetration testing tools (e.g., Burp Suite Pro, Metasploit, Nmap, Cobalt Strike, etc.). Excellent written and verbal communication skills, with a proven ability to More ❯