design and enforce patch windows and remediation SLAs. DevSecOps Toolchain Proficient with CI/CD tooling in Azure DevOps or GitHub Actions. Experience integrating SAST (e.g. SonarQube), DAST (e.g. OWASP ZAP) and SCA (e.g. Dependabot, Snyk) into pipelines. Infrastructure as Code: Terraform, ARM or Bicep. Container & Cloud Security Knowledge of containerisation (Docker, Kubernetes/AKS) and container security best practices. More ❯
developer guidance, and response runbooks. What will you bring? 4 years in security engineering, DevSecOps, applicationsecurity, or related software engineering roles. Strong foundational knowledge of secure coding and OWASP Top 10 risks. Experience with at least one modern programming language (e.g., Python, Java, JavaScript, Go, or C#). Familiarity with cloud platforms (AWS, Azure, or GCP) and container technologies More ❯
What will you bring? 7+ years of experience in Product Security, ApplicationSecurity, or a related security engineering role. Deep expertise in secure software development, secure coding practices, and OWASP Top 10/CWE 25. Strong technical proficiency in modern programming languages (e.g., Python, Java, JavaScript, Go, or C#). Experience with cloud-native security (AWS, Azure, GCP) and securing More ❯
principles and challenges; Hands-on experience integrating security tools into CI/CD pipelines (e.g., Jenkins, Azure DevOps, GitLab CI, GitHub Actions); Strong understanding of common applicationsecurity vulnerabilities (OWASP Top 10, CWE) and their exploitation and remediation; Proficiency in at least one major programming language (e.g., Java, C#, Python, JavaScript, Go); Experience working in agile development environments; Exceptional communication More ❯
Huntingdon, Cambridgeshire, East Anglia, United Kingdom Hybrid / WFH Options
Leidos Innovations UK Limited
firewalls, IDS/IPS, micro-segmentation, and host security. Hands on experience with the following security products Trellix, Ivanti, ClearSwift, Yubikey Understanding of secure coding practices and common vulnerabilities (OWASP Top 10, SANS Top 25). Expertise in identity and access management (IAM), including RBAC, ABAC, JWT and Cookie based authentication. Incident detection and response in MOD environments. Security compliance More ❯
relationship with the VP of TechOps. Responsibilities Security Strategy & Governance - Define and continuously refine the technical security roadmap that aligns with business objectives, industry best practice (e.g., NIST CSF, OWASP SAMM), and compliance frameworks (SOC 2, ISO 27001, GDPR). Secure SDLC & DevSecOps - Build and maintain guardrails for static/dynamic analysis, container and IaC scanning, SBOM management, and supply More ❯
automation testing in an Agile Software environment Close familiarity with some or all of: Network management and optimisation Postgresql Database management and optimisation With common security frameworks CIS, NIST, OWASP Familiarity with Public Cloud Services like AWS GCP Azure Familiarity with co-located physical infrastructure (we're currently hybrid) Solid understanding of Continuous Integration (CI) and Continuous Deployment (CD) Close More ❯
language Experience working with or recommending security tools and technologies Ability to build strong working relationships and influence non-security stakeholders Working knowledge of cybersecurity standards and frameworks (e.g. OWASP, NIST, CIS) Analytical mindset with strong problem-solving skills Excellent written and verbal communication skills Qualifications: 3+ years of experience in information security, with a focus on application and/ More ❯
language Experience working with or recommending security tools and technologies Ability to build strong working relationships and influence non-security stakeholders Working knowledge of cybersecurity standards and frameworks (e.g. OWASP, NIST, CIS) Analytical mindset with strong problem-solving skills Excellent written and verbal communication skills Qualifications: 3+ years of experience in information security, with a focus on application and/ More ❯
language Experience working with or recommending security tools and technologies Ability to build strong working relationships and influence non-security stakeholders Working knowledge of cybersecurity standards and frameworks (e.g. OWASP, NIST, CIS) Analytical mindset with strong problem-solving skills Excellent written and verbal communication skills Qualifications: 3+ years of experience in information security, with a focus on application and/ More ❯
. Proficient in Git or other version control systems. Desirable Knowledge, Skills and Experience: Certifications in OCI or other cloud platforms (AWS, GCP). Experience with security tools like OWASP ZAP, Burp Suite, etc. Familiarity with Jira, Confluence, or similar tools. Knowledge of compliance frameworks (e.g., GDPR, HIPAA, ISO 27001, ISO 13485). Background in start-up or scale-up More ❯
training and awareness initiatives. Act as a security champion within development squads and mentor junior engineers. Requirements Broad experience in applicationsecurity or secure software development. Strong understanding of OWASP Top 10, secure coding techniques, and threat modelling. Experience with security tools such as SAST, DAST, SCA, and vulnerability scanners. Familiarity with cloud platforms (Azure or AWS), CI/CD More ❯
applicationsecurity Experience working with large-scale multi-cloud, multi-account architecture CISSP, CISM, AWS Solutions Architect Professional, Azure Solutions Architect, or equivalent certification, is preferred Thorough understanding of OWASP Top 10 and Secure Development Expertise in automating security tools and integrations, including simple scripting Experience with applicationsecurity tools (SAST, DAST, IAST and SCA) Strong technical knowledge of development More ❯
. Bonus Points For: Cloud wizardry (AWS, Azure, GCP) Knowledge of AI tools (OpenAI, Document Intelligence) Experience with CI/CD pipelines and modern DevOps practices Security know-how (OWASP, data protection) Agile team experience - or just loving the fast-paced, sprint-style vibe About Us We are an international engineering and construction company delivering state-of-the-art infrastructure More ❯
. Bonus Points For: Cloud wizardry (AWS, Azure, GCP) Knowledge of AI tools (OpenAI, Document Intelligence) Experience with CI/CD pipelines and modern DevOps practices Security know-how (OWASP, data protection) Agile team experience About Us We are an international engineering and construction company delivering state-of-the-art infrastructure and buildings projects for clients in the UK, Middle More ❯
SSO, Cloud IAM, HashiCorp Vault). Proficiency in applied cryptography (e.g., mTLS, E2EE, AEAD, key derivation, key wrapping, remote attestation). Ability to identify security vulnerabilities across platforms (e.g., OWASP Top 10, misconfigurations, transport security gaps). Excellent documentation and communication skills, able to articulate technical risks and findings to diverse audiences. Experience in collaborative proposal development and interfacing with More ❯
software development lifecycle. Hands-on involvement supporting vulnerability management and incident response functions. Familiarity with authentication and authorization protocols and mechanisms (OAuth, SAML, JWT, IAM) Experience identifying and mitigating OWASP Top 10 vulnerabilities in web applications and APIs. Clear and effective communication skills. Ability to articulate security risks and tradeoffs to both technical and semi-technical audiences. A proactive, growth More ❯
DevSecOps or Secure SDLC programmes within enterprise environments Strong technical and commercial acumen – able to engage with both CTOs and procurement teams Experience with regulated environments and frameworks (NIST, OWASP, ISO 27001) Hands-on experience with secure engineering practices, security toolchains, and automation strategy Excellent stakeholder management, crisis leadership, and communication skills Relevant certifications (e.g. CISSP, CSSLP, CISM) Eligibility for More ❯
DevSecOps or Secure SDLC programmes within enterprise environments Strong technical and commercial acumen - able to engage with both CTOs and procurement teams Experience with regulated environments and frameworks (NIST, OWASP, ISO 27001) Hands-on experience with secure engineering practices, security toolchains, and automation strategy Excellent stakeholder management, crisis leadership, and communication skills Relevant certifications (e.g. CISSP, CSSLP, CISM) Eligibility for More ❯
Bristol, Avon, England, United Kingdom Hybrid / WFH Options
Xpertise Recruitment Ltd
world problems with stakeholders and customers What You’ll Bring: 5+ years of experience in C# and .NET Core Strong grasp of software design principles and secure coding practices (OWASP) Experience with REST API development and deployment in AWS or Azure Familiarity with Entity Framework , SQL/NoSQL databases, and cloud architecture Confidence in automated testing (unit, integration, system) Versatility More ❯
Newton Abbot, Devon, England, United Kingdom Hybrid / WFH Options
Reed
Excellent problem-solving skills and attention to detail Commercial experience in professional PHP development Strong understanding of object-oriented programming and SOLID principles Knowledge of secure coding practices (e.g., OWASP) Strong experience with modern PHP frameworks (preferably Laravel or Symfony) Familiarity with relational databases (MySQL) and writing performant queries Comfortable working with Git, Composer, and modern development workflows Strong verbal More ❯
