24 of 24 Permanent OWASP Jobs in the Thames Valley

Implement secure design principles including encryption, secrets management, OAuth2/OIDC, network segmentation, and least-privilege IAM. Ensure alignment with industry standards such as OWASP, NIST, CIS Benchmarks, PCI DSS, and ISO 27001. Observability & Resilience Define logging, metrics, and tracing using OpenTelemetry and CloudWatch. Design for high availability and disaster ...

equivalent Higher education sector experience Multi-tenant SaaS architecture security experience DevSecOps and CI/CD security integration knowledge Security frameworks: NIST, CIS Controls, OWASP Multi-jurisdictional data protection knowledge Enterprise sales cycle support experience Key Attributes: Strategic thinker who can balance security with business needs Pragmatic approach to security ...

systems and TCP/IP networking protocols Proven ability to perform source code reviews and application security analysis Advanced understanding of web application vulnerabilities (OWASP Top 10) and mitigation strategies Excellent report writing and executive communication skills—ability to translate technical findings into business risk Ability to work autonomously ...

systems and TCP/IP networking protocols Proven ability to perform source code reviews and application security analysis Advanced understanding of web application vulnerabilities (OWASP Top 10) and mitigation strategies Excellent report writing and executive communication skills—ability to translate technical findings into business risk Ability to work autonomously ...

systems and TCP/IP networking protocols Proven ability to perform source code reviews and application security analysis Advanced understanding of web application vulnerabilities (OWASP Top 10) and mitigation strategies Excellent report writing and executive communication skills—ability to translate technical findings into business risk Ability to work autonomously ...

continuously improve internal architecture patterns Share knowledge and mentor teams to elevate internal AI security capabilities Stay informed on industry standards such as OWASP LLM Top 10, NIST AI RMF, and ISO/ ...

continuously improve internal architecture patterns Share knowledge and mentor teams to elevate internal AI security capabilities Stay informed on industry standards such as OWASP LLM Top 10, NIST AI RMF, and ISO/ ...

Security & Compliance Implement secure design: encryption, secret management, secure SDLC, API security (OAuth2/OIDC), network segmentation, least privilege in IAM. Align with standards (OWASP, NIST, CIS Benchmarks, PCI/ISO 27001 where applicable). Observability & Resilience Define logging, metrics, tracing (OpenTelemetry), health checks, circuit breakers, retries, and backoff strategies. ...

security Hands-on experience with vulnerability management, penetration testing, and common attack vectors; familiarity with SAST, DAST, and SCA tools Strong understanding of the OWASP Top 10 Experience configuring and supporting SIEMs CISSP Certified Exceptional communication and interpersonal skills ...

environments. You'll be hands-on with GCP, Terraform, and Python scripting, working closely with Security Operations (SOC) teams to enhance web security and OWASP protection. Key Responsibilities Design, implement, and maintain GCP WAF solutions across various cloud workloads. Integrate WAF solutions with CI/CD pipelines and automate security ...

environments. You'll be hands-on with GCP, Terraform, and Python scripting, working closely with Security Operations (SOC) teams to enhance web security and OWASP protection. Key Responsibilities Design, implement, and maintain GCP WAF solutions across various cloud workloads. Integrate WAF solutions with CI/CD pipelines and automate security ...

technical security concepts to technical and non-technical audiences including executives. Perform technical quality reviews and conduct technical conversations directly with clients. Confident with OWASP Top 10 and SANS Top 25 vulnerabilities; ability to effectively communicate methodologies and techniques with development teams. Utilize tools such as BurpSuite, Nessus, Nmap, Kali ...

experience testing distributed systems and microservices architectures. Knowledge of resilience patterns with ability to design and execute resilience testing scenarios. Working knowledge of OWASP standards, common security vulnerabilities, and experience conducting or coordinating security testing including SAST, DAST, and penetration testing. Understanding of authentication and authorization frameworks (OAuth, JWT, SAML ...

databases, ideally SQL Server Server side development experience using C# or a similar object oriented language Strong understanding of secure development practices aligned with OWASP guidelines Comfortable working with Git based version control workflows Experience with common front end tools and frameworks such as jQuery and SASS Confidence engaging directly ...

deliver the following: Web application testing API testing External & Internal Infrastructure testing (including build reviews) Mobile application testing (including knowledge of standards such as OWASP MASVS) Experience testing in any of the following areas is also desirable: Compiled application testing Cloud security reviews (including AWS & Azure) Kubernetes reviews Knowledge ...

deliver the following: Web application testing API testing External & Internal Infrastructure testing (including build reviews) Mobile application testing (including knowledge of standards such as OWASP MASVS) Experience testing in any of the following areas is also desirable: Compiled application testing Cloud security reviews (including AWS & Azure) Kubernetes reviews Knowledge ...

available to start within a few weeks. Essential Skills BrowserStack for cross-device testing Experience with Ruby Cucumber/Gherkin WAVE, pa11y OWASP ZAP/Dependency Check Selenium for automation Lighthouse, Javascript debug console Knowledge of RESTful APIs and proficiency in using tools like Postman or Newman to validate data ...

available to start within a few weeks. Essential Skills BrowserStack for cross-device testing Experience with Ruby Cucumber/Gherkin WAVE, pa11y OWASP ZAP/Dependency Check Selenium for automation Lighthouse, Javascript debug console Knowledge of RESTful APIs and proficiency in using tools like Postman or Newman to validate data ...

available to start within a few weeks. Essential Skills BrowserStack for cross-device testing Experience with Ruby Cucumber/Gherkin WAVE, pa11y OWASP ZAP/Dependency Check Selenium for automation Lighthouse, Javascript debug console Knowledge of RESTful APIs and proficiency in using tools like Postman or Newman to validate data ...

available to start within a few weeks. Essential Skills BrowserStack for cross-device testing Experience with Ruby Cucumber/Gherkin WAVE, pa11y OWASP ZAP/Dependency Check Selenium for automation Lighthouse, Javascript debug console Knowledge of RESTful APIs and proficiency in using tools like Postman or Newman to validate data ...

available to start within a few weeks. Essential Skills BrowserStack for cross-device testing Experience with Ruby Cucumber/Gherkin WAVE, pa11y OWASP ZAP/Dependency Check Selenium for automation Lighthouse, Javascript debug console Knowledge of RESTful APIs and proficiency in using tools like Postman or Newman to validate data ...

programming languages, including How to test for/exploit them Real world mitigations that can be applied Familiarity with vulnerability classification frameworks (e.g. OWASP Top 10) What We'll Give You A team of very skilled and diverse personnel across the globe Ability to work in a flexible work from ...

programming languages, including How to test for/exploit them Real world mitigations that can be applied Familiarity with vulnerability classification frameworks (e.g. OWASP Top 10) What We'll Give You A team of very skilled and diverse personnel across the globe Ability to work in a flexible work from ...

programming languages, including How to test for/exploit them Real world mitigations that can be applied Familiarity with vulnerability classification frameworks (e.g. OWASP Top 10) What We'll Give You A team of very skilled and diverse personnel across the globe Ability to work in a flexible work from ...