1 to 25 of 104 Permanent OWASP Jobs in London

Rest API knowledge Scripting and Infrastructure as Code (Terraform, CloudFormation) Experience with Jira or similar ticketing systems Technical architecture review skills Vulnerability identification (CWE, OWASP) Operating systems and hardening techniques Development concepts like CICD, Pipelines, SDLC Penetration testing knowledge (useful) Familiarity with Cloud Development Kit (CDK), GitOps Experience in DevOps More ❯

control). Knowledge of SQL and experience verifying backend data consistency. Familiarity with containerized environments (Docker, Kubernetes). Familiarity with tools like Burp Suite, OWASP ZAP, or static analysis tools is a plus. What We Offer Competitive salary and benefits package. Opportunities for learning, growth, and contributing to a product More ❯

control). Knowledge of SQL and experience verifying backend data consistency. Familiarity with containerized environments (Docker, Kubernetes). Familiarity with tools like Burp Suite, OWASP ZAP, or static analysis tools is a plus. What We Offer Competitive salary and benefits package. Opportunities for learning, growth, and contributing to a product More ❯

control). Knowledge of SQL and experience verifying backend data consistency. Familiarity with containerized environments (Docker, Kubernetes). Familiarity with tools like Burp Suite, OWASP ZAP, or static analysis tools is a plus. What We Offer Competitive salary and benefits package. Opportunities for learning, growth, and contributing to a product More ❯

with AWS (or other cloud-based solutions) . Strong understanding of secured Software Development Lifecycle (SDLC) and CI/CD platforms . Familiarity with OWASP, CIS frameworks, and security best practices . Infrastructure & Scripting Knowledge: Proficiency in Microsoft platforms (Office 365, IIS, .NET, SQL Server, Windows Server, Active Directory). More ❯

with AWS (or other cloud-based solutions) . Strong understanding of secured Software Development Lifecycle (SDLC) and CI/CD platforms . Familiarity with OWASP, CIS frameworks, and security best practices . Infrastructure & Scripting Knowledge: Proficiency in Microsoft platforms (Office 365, IIS, .NET, SQL Server, Windows Server, Active Directory). More ❯

Build and maintain REST API microservices using Java 17 (and occasionally Go), deploying them on OpenShift/Kubernetes 🔹 Integrate security tools like Snyk, BlackDuck, OWASP DependencyTrack, and Artifactory into our CI/CD pipelines 🔹 Work with Jenkins, TeamCity, and Tekton to optimize and maintain our DevSecOps toolchain 🔹 Collaborate with developers More ❯

Build and maintain REST API microservices using Java 17 (and occasionally Go), deploying them on OpenShift/Kubernetes 🔹 Integrate security tools like Snyk, BlackDuck, OWASP DependencyTrack, and Artifactory into our CI/CD pipelines 🔹 Work with Jenkins, TeamCity, and Tekton to optimize and maintain our DevSecOps toolchain 🔹 Collaborate with developers More ❯

or Gradle, code management tools like git. Using and implementing unit test frameworks like JUnit, assertion libraries, data serialisation tools, security best practices like OWASP Top 10 and standards such as WCAG to design automated accessibility tests. Extensively using CI/CD tools for pipeline automation and a solid understanding More ❯

solid understanding of data security principles and mechanisms, including encryption and masking and familiarity with major security standards and frameworks (e.g., ISO 27001, NIST, OWASP). Any experience with programming languages like Python, Go, or Java would be a distinct advantage. More ❯

knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience More ❯

CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes More ❯

experience in the design, development, and support of software products. Knowledge of best practices for coding defensively against possible attack vectors, and testing with OWASP tooling (e.g. ZAP). Desirable skills/knowledge/experience: Test experience: unit, integration, performance, security § Java (1.8) (including Spring Boot, Drop Wizard, Jersey, CXF More ❯

experience in the design, development, and support of software products. Knowledge of best practices for coding defensively against possible attack vectors, and testing with OWASP tooling (e.g. ZAP). Desirable skills/knowledge/experience: Test experience: unit, integration, performance, security § Java (1.8) (including Spring Boot, Drop Wizard, Jersey, CXF More ❯

Docker, Kubernetes, Terraform, Helm Experience building modern web apps using Angular and Typescript Experience working in Azure DevOps managing backlogs etc Working knowledge of OWASP security best practices Knowledge of working with FedRamp compliance Our Employer Commitment This job posting will remain active until a qualified candidate is identified. At More ❯

CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes More ❯

and Cloud networking architecture: VNets, application gateways, private and service endpoints, and firewalls. Secure Software Development: Deep experience implementing effective secure coding practices (e.g., OWASP Top 10, SAST, DAST, SonarCloud). You can seamlessly integrate security into the SDLC with a shift-left approach. Cloud Security Tools: Practical experience with More ❯

DNS, NAC, NSPM, and architectures like SASE and Zero Trust. Application Security: Experience with SAST, DAST, RAST, IAST tools, integrating security into SDLC processes, OWASP, API security design, robust threat modelling, and containerization security. Data Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and More ❯

Terraform, CloudFormation) •Familiarity with Jira or other ticketing systems – essential •Technical architecture design and review skills – essential •Ability to identify vulnerabilities using CWE or OWASP •Knowledge of operating systems and their hardening techniques •Understanding of development concepts such as CICD, Pipelines, and SDLC •Penetration testing knowledge is also super useful More ❯

Terraform, CloudFormation) •Familiarity with Jira or other ticketing systems – essential •Technical architecture design and review skills – essential •Ability to identify vulnerabilities using CWE or OWASP •Knowledge of operating systems and their hardening techniques •Understanding of development concepts such as CICD, Pipelines, and SDLC •Penetration testing knowledge is also super useful More ❯

skills Strong written and verbal communication skills Ability to multi-task and handle competing deadlines in a fast-paced dynamic environment. Desirable: Familiarity with OWASP would be advantageous Benefits: Competitive salary Generous 28 days holiday allowance, in addition to public holidays. For every year of service you complete, we'll More ❯

systems such as Elastic APM or DataDog to track and diagnose issues in production A solid understanding of security principles and secure coding including OWASP Top 10 Desirable Skills: Experience in VOIP, (SIP and RTP advantageous) Experience of TDD/BDD/DDD principles Knowledge of PCI compliance and associated More ❯

systems such as Elastic APM or DataDog to track and diagnose issues in production A solid understanding of security principles and secure coding including OWASP Top 10 Desirable Skills: Experience in VOIP, (SIP and RTP advantageous) Experience of TDD/BDD/DDD principles Knowledge of PCI compliance and associated More ❯

systems such as Elastic APM or DataDog to track and diagnose issues in production A solid understanding of security principles and secure coding including OWASP Top 10 Desirable Skills: Experience in VOIP, (SIP and RTP advantageous) Experience of TDD/BDD/DDD principles Knowledge of PCI compliance and associated More ❯

Code (Terraform) Scripting: Python, Bash, PowerShell OS & Tooling: Linux, Docker, Kubernetes, GitLab CI/CD testing & automation (GitLab, JMeter, PyTest) ✅ Domain Expertise: Security Products : OWASP, encryption (AES, RSA), PKI, SIEM Identity & Directory Tech : Active Directory, GPOs, IAM, SSO, OAuth2, SAML More ❯