15 of 15 Permanent OWASP Jobs in London

platforms (AWS preferred). Familiarity with microservices and containerisation. Experience with DevSecOps tooling (e.g. GitLab, Jenkins, Atlassian). Understanding of security best practices and OWASP principles. Experience with relational and NoSQL databases (e.g. PostgreSQL, Oracle, MongoDB) is beneficial. ...

Application Security and Secure Software Development • Experience performing security assessments and design reviews • Strong knowledge of Azure and AWS cloud security • Experience with OWASP, NIST CSF, CIS and related frameworks • Understanding of threat modelling and secure coding practices • Experience supporting pentesting and remediation activities • Knowledge of containers and serverless technologies ...

conducting threat modelling (e.g. STRIDE, attack trees) and risk analysis Strong understanding of security frameworks and best practice such as ISO 27001, NIST, CIS, OWASP, NCSC guidance Experience working in the UK Public Sector and associated security standards and guidance including GovAssure/NCSC CAF, HMG Security Policy Framework. Knowledge ...

Proven, hands-on experience working specifically in Application Security, Penetration Testing, or as a Security-Focused Software Engineer. Vulnerability Expertise : Absolute fluency in the OWASP Top 10. You must be able to explain how vulnerabilities work, how they are exploited, and exactly how to remediate them. Developer Collaboration : Demonstrable experience ...

Operations role within a large or complex enterprise environment. Strong understanding of cybersecurity standards and frameworks, including ISO 27001, NIST 800 53, CIS Controls, OWASP, and SOC1/2. ...

fintech knowledge (reconciliation, idempotency, auditability, ledger concepts). Experience with distributed systems patterns (queues, background jobs, retries, rate limiting). Security experience (threat modelling, OWASP-style concerns, secure API design). Familiarity with Terraform. Why join us? £60k salary + equity 40 days holiday (incl. bank holidays) Pension scheme ...

fintech knowledge (reconciliation, idempotency, auditability, ledger concepts). Experience with distributed systems patterns (queues, background jobs, retries, rate limiting). Security experience (threat modelling, OWASP-style concerns, secure API design). Familiarity with Terraform. Why join us? £60k salary + equity 40 days holiday (incl. bank holidays) Pension scheme ...

framework, and security maturity models such as OpenSAMM and C2M2. Strong working knowledge of recognised security frameworks and standards, including NIST Cybersecurity Framework, OWASP, SANS Top 25, and regulatory requirements such as GDPR and PCI DSS. Demonstrated technical expertise across modern technologies and architectures, including virtualisation, cloud computing, and serverless ...

lead the implementation of security controls across the Azure estate, including: Designing and deploying perimeter protection using Azure Front Door with WAF policies (OWASP Top 10, bot protection). Analysing traffic, tuning WAF rules, and working with stakeholders to reduce false positives. Defining and enforcing governance through Azure Policy, particularly ...

architecture, dev-sec-ops, and network security. Experience in browser security or mobile app security is desirable. Good understanding of industry standards such as OWASP ASVS, OWASP Top-10, CIS benchmarks. Hands-on experience with complex Azure and AWS architectures with an emphasis on containerised workloads. Command-line/ ...

prompt injection, goal hijacking, memory poisoning, non-human identity abuse, and multi-agent attack surfaces. Understanding of EU AI Act, NCSC AI security guidelines, OWASP GenAI Security Project, and MITRE ATLAS. Ideally involved in academic and/or industry research on AI Security Leadership behaviours: Strategic thinking: able to translate ...

Excellence for secure engineering, driving consistency and best practice Develop and embed SDLC frameworks, policies, and guardrails aligned to leading standards (NIST SSDF, OWASP, ISO) Create and scale a pan-European virtual capability, influencing without direct authority Partner with senior stakeholders across engineering, product, legal, and commercial teams to embed … complex environment. You’ll bring: Proven experience leading secure development or DevSecOps transformation at scale Deep knowledge of SDLC security frameworks (e.g. NIST SSDF, OWASP SAMM/ASVS, ISO 27034) Strong understanding of modern engineering practices (Agile, CI/CD, cloud, automation) Expertise in application security, threat modelling, and secure ...

Bedrock (Agents, Knowledge Bases, Guardrails, model lifecycle). Solid AI/ML fundamentals : FMs, RAG, non‐deterministic agents, tool use. Secure AI knowledge: OWASP LLM Top 10 , agentic AI threats; NIST AI RMF exposure preferred. Able to work across security, engineering and risk; clear written and verbal communication. Role … actions to human identity (EU AI Act Articles 12 & 14). Role 2 – Threat & Adversarial AI Expert Lead AI threat modelling (STRIDE for AI, OWASP LLM/Agentic, attack trees). Maintain priority threat scenarios (Prompt Injection, Sleeper Agents, Denial‐of‐Wallet). Translate threats into adversarial test cases ...

Centralised Eval Platform: Operate a firm-wide service to measure success rates, uncertainty, hallucination, and bias across all non-deterministic systems. Secure Architecture: Map OWASP LLM Top 10 and agentic threats to technical controls; manage AWS Bedrock Guardrails and Knowledge Bases. AI Supply Chain: Own the AI-BOM, ensuring supply … Depth: Strong grasp of FMs, RAG, tool-use, and the failure modes of agentic workflows. Security & Compliance: Deep knowledge of NIST AI RMF, OWASP LLM Top 10, and UK/EU financial regulations (FCA/DORA). Testing Automation: Proven ability to build measurement frameworks for drift, memorization, and adversarial ...

version control . Collaborate closely with Product Managers and business users in an Agile SCRUM environment. Ensure quality assurance and compliance with OWASP Top 10 and security standards. Support Provide 2nd and 3rd line support across Dynamics CRM applications. Manage incidents, service requests, and changes following ITIL processes. Monitor …/CD , DevOps , and GIT version control. Proficient in SQL , SSIS , and Azure Data Factory (ADF) . Working knowledge of Agile/SCRUM and OWASP principles. Excellent stakeholder management, communication, and problem-solving skills. Desirable Exposure to Copilot and AI-driven tools . ITIL certification or experience working in ITIL ...