1 to 25 of 53 Permanent OWASP Jobs in the UK

DAST, and API security tools as part of a structured AppSec programme. Strong understanding of secure coding fundamentals and common software weaknesses, including the OWASP Top 10 and MITRE CWE Top 25. Demonstrated experience triaging, validating, and prioritising vulnerabilities, working directly with software engineers to support remediation. Ability to read ...

DAST, and API security tools as part of a structured AppSec programme. Strong understanding of secure coding fundamentals and common software weaknesses, including the OWASP Top 10 and MITRE CWE Top 25. Demonstrated experience triaging, validating, and prioritising vulnerabilities, working directly with software engineers to support remediation. Ability to read ...

Burp Suite, Nmap, Metasploit, Kali Linux, and associated frameworks. Knowledge of web technologies (HTTP, REST, authentication flows, common web vulnerabilities). Familiarity with OWASP Top 10, MITRE ATT&CK, and secure coding concepts. Ability to analyse and break down complex technical systems. Strong written communication skills, particularly in producing structured ...

Terraform) Containerisation (Docker, AKS) and serverless (Azure Functions) Monitoring and observability (Application Insights, Log Analytics) Secrets management and vulnerability scanning (Key Vault, SonarQube, OWASP) Architecture & Design Microservices and event-driven design (Service Bus, Event Grid, Kafka) Domain-Driven Design (DDD) principles Resilient and scalable system patterns (circuit breakers, retries) Integration ...

hardware hacking (JTAG, FPGA, USB). Experience with security testing tools: Kali Linux, Nessus, Metasploit, BurpSuite, Wireshark, etc. Familiarity with secure coding practices (OWASP), SDLC, and security frameworks (ISO 2700x, NIST). Understanding of medical device regulations and quality system requirements. Agile/Digital Experience Passion for Agile processes, data ...

solutions and resolve complex issues. Certifications such as CISSP, CEH, OSCP, or GSEC are preferred. Knowledge of security principles, practices, and frameworks, such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk ...

Secure architecture design and secure-by-design principles Risk assessment, threat modelling, and vulnerability management Security frameworks: ISO 27001, NIST 800-30/53, OWASP Cloud security architecture (AWS, Azure, GCP) Incident response, penetration testing, and remediation concepts Persuasive communication skills across technical and non-technical stakeholders Excellent analytical, documentation ...

templates, Bicep, Terraform) Exposure to PowerShell or Python scripting Experience with API design principles and RESTful services Knowledge of security best practices and OWASP guidelines Previous experience in fintech, SaaS, or high-growth startups Benefits ✅ Hybrid role - 1 day in office and the rest from home Free on-site parking ...

RBAC, ABAC, PAM, SSO) Strong analytical skills with the ability to interpret complex technical information Good understanding of threat modelling and threat intelligence methodologies (OWASP, STRIDE, MITRE) For more details, please reach out to . Reasonable Adjustments: Respect and equality are core values to us. We are proud ...

development is required. Maintain awareness of web application security and building applications which meet high standards of security, pass penetration tests and align with OWASP recommendations. Taking an active part in the whole Software Development Lifecycle end-to-end - including conception, design, architecture, build and deployment. Producing accurate estimates ...

Dynatrace and Catchpoint. Understanding of .NET applications and experience making small code changes when required. Knowledge of Akamai or similar CDNs, perimeter security, and OWASP security guidelines. Strong networking experience across DNS, routing, load balancers, and firewalls. Skilled with enterprise level deployments across microservices and multi server environments. Experience with ...

automated testing using tools such as NUnit, Jasmine and Selenium Good knowledge of SOLID principles Desirable Skills: Containers (docker, K8s) Security best practice (OWASP top ten) OpenIDConnect/Identity server Micro service architecture MS SQL Server Azure DevOps, TeamCity Infrastructure as Code (Bicep, ARM templates, Terraform) Please apply ...

Lambda, Spring Boot, NodeJS, Python FastAPI, Oracle, PostgreSQL, and MongoDB . Work within Agile and DevSecOps environments, utilising tooling such as Atlassian, Jenkins, GitLab, OWASP and AWS services. Apply Site Reliability Engineering principles to enhance reliability, resilience, and performance. Support technical decision-making, explaining trade-offs and best practices ...

Lambda, Spring Boot, NodeJS, Python FastAPI, Oracle, PostgreSQL, and MongoDB . Work within Agile and DevSecOps environments, utilising tooling such as Atlassian, Jenkins, GitLab, OWASP and AWS services. Apply Site Reliability Engineering principles to enhance reliability, resilience, and performance. Support technical decision-making, explaining trade-offs and best practices ...

Lambda, Spring Boot, NodeJS, Python FastAPI, Oracle, PostgreSQL, and MongoDB . Work within Agile and DevSecOps environments, utilising tooling such as Atlassian, Jenkins, GitLab, OWASP and AWS services. Apply Site Reliability Engineering principles to enhance reliability, resilience, and performance. Support technical decision-making, explaining trade-offs and best practices ...

similar. Experience building documentation dashboards, status dashboards, or admin-style interfaces. Understanding of basic secure coding practices or awareness of concepts like the OWASP Top 10. Experience working on products that interact with hardware, embedded systems, or IoT devices. Comfort using AI coding tools to speed up development while still ...

similar. Experience building documentation dashboards, status dashboards, or admin-style interfaces. Understanding of basic secure coding practices or awareness of concepts like the OWASP Top 10. Experience working on products that interact with hardware, embedded systems, or IoT devices. Comfort using AI coding tools to speed up development while still ...

Score remediation Vulnerability Management Tools such as Tenable , Pentera , Varonis , Secure Score Experience coordinating remediation with technical teams Frameworks & Security Models MITRE ATT&CK, OWASP Top 10 Exposure to zero-trust principles Understanding of encryption, certificate management, secrets management Scripting & Automation PowerShell (essential) Python or Bash desirable Security automation experience ...

techniques and supply-chain risks. Cloud & Frameworks: Familiarity with AWS/Azure/GCP security and industry standards (NIST AI RMF, ISO 27001, OWASP Top 10 for LLMs, MITRE ATLAS). Consulting Skills: Ability to translate complex technical risks into actionable guidance for senior stakeholders. Preferred Skills Certifications: CISSP, CCSP ...

objectives. The role will oversee the development and implementation of a Software Development Lifecycle (SDLC), including a Secure Software Development Lifecycle (SSDLC) aligned to OWASP ASVS, and balance operational support, releases, and project delivery Lead the planning and continuous improvement of the firms application landscape in house development ...

practices . Strong understanding of Web Applications, Microservices, APIs, authentication/authorization protocols , and data architecture . Knowledge of secure software development practices , GDPR, OWASP, and NCSC cloud security principles. Experience delivering AI-based solutions, real-time data integration, or IoT solutions is advantageous. Consultancy & Leadership Skills Excellent communication skills ...

Doing... Technical Leadership Define and evolve backend architecture to ensure scalability, maintainability, and performance. Set coding standards and champion secure development practices (e.g. OWASP). Influence technology choices, frameworks, and tools to support engineering excellence. Oversee improvements to CI/CD pipelines, build processes, and operational workflows. Can clearly ...

modern API-driven architectures Experience embedding security into CI/CD pipelines and cloud-native workflows Knowledge of secure development frameworks and practices (e.g. OWASP-based approaches) Experience with application security tooling such as SAST, SCA, DAST, or container security Understanding of cloud networking, identity, access management, and secure integrations ...

modern API-driven architectures Experience embedding security into CI/CD pipelines and cloud-native workflows Knowledge of secure development frameworks and practices (e.g. OWASP-based approaches) Experience with application security tooling such as SAST, SCA, DAST, or container security Understanding of cloud networking, identity, access management, and secure integrations ...

modern API-driven architectures Experience embedding security into CI/CD pipelines and cloud-native workflows Knowledge of secure development frameworks and practices (e.g. OWASP-based approaches) Experience with application security tooling such as SAST, SCA, DAST, or container security Understanding of cloud networking, identity, access management, and secure integrations ...