14 of 14 Permanent OWASP Jobs in London

Score remediation Vulnerability Management Tools such as Tenable , Pentera , Varonis , Secure Score Experience coordinating remediation with technical teams Frameworks & Security Models MITRE ATT&CK, OWASP Top 10 Exposure to zero-trust principles Understanding of encryption, certificate management, secrets management Scripting & Automation PowerShell (essential) Python or Bash desirable Security automation experience ...

design and distributed systems Knowledge of modern engineering practices, including CI/CD and DevSecOps Understanding of secure development practices such as OWASP Top 10 Experience with testing methodologies such as TDD or BDD Bonus experience: PostgreSQL or NoSQL databases Large-scale platform migrations or re-architecture initiatives Experience ...

Proven, hands-on experience working specifically in Application Security, Penetration Testing, or as a Security-Focused Software Engineer. Vulnerability Expertise : Absolute fluency in the OWASP Top 10. You must be able to explain how vulnerabilities work, how they are exploited, and exactly how to remediate them. Developer Collaboration : Demonstrable experience ...

experience with cloud-native environments—preferably GCP and Azure. Skilled in performance optimisation techniques. Deep understanding of web and mobile security best practices, including OWASP guidelines, secure authentication and authorisation. Experience with containerisation and infrastructure tools such as Docker, Kubernetes, Helm, and Terraform. Familiarity with mobile frameworks such as Ionic ...

responsibilities are: Technical Leadership Define and evolve backend architecture to ensure scalability, maintainability, and performance. Set coding standards and champion secure development practices (e.g. OWASP). Influence technology choices, frameworks, and tools to support engineering excellence. Oversee improvements to CI/CD pipelines, build processes, and operational workflows. Can clearly ...

security governance frameworks CISSP (or equivalent certification) Experience with risk assessments, threat modelling, and security design reviews Broad technical understanding across: Application security (e.g. OWASP, IAM, cryptography) Infrastructure security (networks, endpoints, cloud) Operational security (incident management, DR/BCP, patching) Experience managing or supporting vulnerability assessments and penetration testing Ability ...

Security & Access Control – Implement and enhance secure authentication and authorisation models (e.g. RBAC, SSO, secure API handling) and apply modern web security best practices (OWASP). API Integrations – Design, build, and maintain integrations with DSPs and external ad tech platforms, including secure data ingestion and outbound data workflows. Data Collaboration ...

Infrastructure Web applications and APIs Cloud, mobile and wireless environments Familiar with tools such as: Nmap Burp Suite SQLmap Kali Linux Metasploit Knowledge of OWASP testing methodologies Experience with vulnerability management tools (Tenable, Rapid7 or Qualys) Strong technical reporting and communication skills Desirable 3+ years penetration testing experience Public sector ...

escalation and ensuring their posture remains within our risk appetite. Knowledge/Skills/Experience: Solid understanding of frameworks such as NIST, ISO27001, OWASP, CVSS. Formal security certifications desirable: CompTIA Security+, CISM/CISSP/CRISC beneficial. Working knowledge of regulatory requirements including DORA, CBEST, and BoE Operational Resilience. Degree ...

M365 security tooling and firewalls Understanding of vulnerability management, incident response, endpoint protection and identity & access management Familiarity with frameworks such as NIST, ISO27001, OWASP, MITRE, CIS Benchmarks Experience operating within a regulated environment (Financial Services preferred) Ability to take ownership, work independently and make risk-based security decisions Desirable ...

customer and internal team interactions. Bonus Points: Experience with helpdesk or ticketing software (e.g., Zendesk, ZohoDesk). Experience with security best practices (e.g., OWASP, STRIDE). Interest in automating repetitive tasks using AI tools and techniques. Experience in high-volume production environments with strict availability SLAs. Knowledge of the financial ...

years’ commercial experience in penetration testing or offensive security Broad exposure across multiple testing domains (infrastructure, application, cloud) Strong understanding of common vulnerabilities (e.g. OWASP Top 10) Ability to work with limited information and still deliver structured, effective outcomes Excellent written and verbal communication skills Desirable Experience Experience working within ...

version control . Collaborate closely with Product Managers and business users in an Agile SCRUM environment. Ensure quality assurance and compliance with OWASP Top 10 and security standards. Support Provide 2nd and 3rd line support across Dynamics CRM applications. Manage incidents, service requests, and changes following ITIL processes. Monitor …/CD , DevOps , and GIT version control. Proficient in SQL , SSIS , and Azure Data Factory (ADF) . Working knowledge of Agile/SCRUM and OWASP principles. Excellent stakeholder management, communication, and problem-solving skills. Desirable Exposure to Copilot and AI-driven tools . ITIL certification or experience working in ITIL ...

acceptance requirements set by the government agencies. The security assessment task includes testing applications in line with well-known industry standards including: OWASP MASVS testing, threat modelling, tool relating to data flow analysis within the device and to the network; static and dynamic testing using tools such as MobSF, Frida … related discipline (an equivalent period of industrial experience may be substituted). Experience with application testing using various methods and tools including OWASP MASVS, MobfSF, Frida and tools to conduct static and dynamic testing. Knowledge of various device security attack vectors including apps, browsers, connectivity, device management, networking, local storage. ...