1 to 25 of 242 Permanent OWASP Jobs in the UK

years of experience in Product Security, Application Security, or a related security engineering role. Deep expertise in secure software development, secure coding practices, and OWASP Top 10/CWE 25. Strong technical proficiency in modern programming languages (e.g., Python, Java, JavaScript, Go, or C#). Experience with cloud-native security More ❯

tools such as AWS CodeBuild, Jenkins, GitLab, Azure DevOps. Proficiency in scripting languages such as Python, PowerShell. Knowledge of security tools and frameworks (e.g., OWASP, SCA, SAST, DAST). Familiarity with one or more cloud platforms (AWS, Azure, GCP) and containerization technologies (Docker, Kubernetes). Excellent problem-solving skills and More ❯

Rest API knowledge Scripting and Infrastructure as Code (Terraform, CloudFormation) Experience with Jira or similar ticketing systems Technical architecture review skills Vulnerability identification (CWE, OWASP) Operating systems and hardening techniques Development concepts like CICD, Pipelines, SDLC Penetration testing knowledge (useful) Familiarity with Cloud Development Kit (CDK), GitOps Experience in DevOps More ❯

development and cloud security (CSSLP, AZ-500, SC-100/SC-200, AWS Security, GCSA, GCLD, or similar). Familiarity with secure coding standards (OWASP, SEI CERT) and SSDLC models (Microsoft SDL, NIST 800-218 SSDF). Knowledge or experience of Product Assurance Schemes (PAS) or product security frameworks (PAS More ❯

understanding of modern design principles such as clean architecture, OOP, SOLID, RESTful APIs A good understanding of web application security and awareness of the OWASP Top 10 security vulnerabilities Please note: This vacancy is advertised across 11 locations; however, Stratford and Croydon are only available to current Insolvency Service Staff. More ❯

with AWS (or other cloud-based solutions) . Strong understanding of secured Software Development Lifecycle (SDLC) and CI/CD platforms . Familiarity with OWASP, CIS frameworks, and security best practices . Infrastructure & Scripting Knowledge: Proficiency in Microsoft platforms (Office 365, IIS, .NET, SQL Server, Windows Server, Active Directory). More ❯

with AWS (or other cloud-based solutions) . Strong understanding of secured Software Development Lifecycle (SDLC) and CI/CD platforms . Familiarity with OWASP, CIS frameworks, and security best practices . Infrastructure & Scripting Knowledge: Proficiency in Microsoft platforms (Office 365, IIS, .NET, SQL Server, Windows Server, Active Directory). More ❯

Experience with cloud technologies such as Microsoft Azure or AWS. Hands-on experience with browser automation tools and writing Cucumber/Gherkin. Familiarity with OWASP Testing Tools and CI/CD pipelines. Knowledge of ISTQB/ISEB qualifications, JIRA, and Microsoft Azure DevOps. Experience in performance testing (K6 experience is More ❯

pipelines implemented in Docker, Linux & Gradle. Behaviour Driven Development (BDD), with Gherkin & SpecFlow. Atlassian Jira, Github, Bamboo, Confluence & JFrog Artifactory. Software security implementation (e.g. OWASP, PKI, X509 Certificates, TLS). Software development for regulated environments (e.g. IVD/Medical devices). In addition to salary, we work flexibly, and provide More ❯

using Terraform, CloudFormation, and enforce AWS security best practices (IAM, access control, encryption). Work with DevOps teams to integrate security testing tools (e.g., OWASP ZAP, Snyk) into CI/CD pipelines (Jenkins, GitLab). Ensure compliance with regulations (GDPR, PCI-DSS, HIPAA) through logging, auditing, and monitoring. Assist in More ❯

of security frameworks such as ISO 27001, NIST, or CIS benchmarks. Experience in application security reviews, vulnerability management, and security controls implementation. Familiarity with OWASP Top 10, CWE, and secure coding practices. Proficiency in using security tools such as static and dynamic analysis tools. Basic coding/scripting skills in More ❯

knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience More ❯

Build and maintain REST API microservices using Java 17 (and occasionally Go), deploying them on OpenShift/Kubernetes 🔹 Integrate security tools like Snyk, BlackDuck, OWASP DependencyTrack, and Artifactory into our CI/CD pipelines 🔹 Work with Jenkins, TeamCity, and Tekton to optimize and maintain our DevSecOps toolchain 🔹 Collaborate with developers More ❯

Build and maintain REST API microservices using Java 17 (and occasionally Go), deploying them on OpenShift/Kubernetes 🔹 Integrate security tools like Snyk, BlackDuck, OWASP DependencyTrack, and Artifactory into our CI/CD pipelines 🔹 Work with Jenkins, TeamCity, and Tekton to optimize and maintain our DevSecOps toolchain 🔹 Collaborate with developers More ❯

Experience with cloud technologies such as Microsoft Azure or AWS. Hands-on experience with browser automation tools and writing Cucumber/Gherkin. Familiarity with OWASP Testing Tools and CI/CD pipelines. Knowledge of ISTQB/ISEB qualifications, JIRA, and Microsoft Azure DevOps. Experience in performance testing (K6 experience is More ❯

in a recent .Net Framework. Project management tools such as Jira. SonarQube, GitLab, or similar for code quality analysis. Security practices and tools like OWASP and Snyk, or similar. Typescript. CI/CD tools e.g. Jenkins, Azure pipelines, GitHub actions. ELK stack, Prometheus, or Grafana. Benefits: Annual bonus scheme. More ❯

in a recent .Net Framework. Project management tools such as Jira. SonarQube, GitLab, or similar for code quality analysis. Security practices and tools like OWASP and Snyk, or similar. Typescript. CI/CD tools e.g. Jenkins, Azure pipelines, GitHub actions. ELK stack, Prometheus, or Grafana. Benefits: Annual bonus scheme. More ❯

in a recent .Net Framework. Project management tools such as Jira. SonarQube, GitLab, or similar for code quality analysis. Security practices and tools like OWASP and Snyk, or similar. Typescript. CI/CD tools e.g. Jenkins, Azure pipelines, GitHub actions. ELK stack, Prometheus, or Grafana. Benefits: Annual bonus scheme. More ❯

CI/CD: TeamCity, Octopus, BitBucket Pipelines, GitHub Actions, Docker, Kubernetes. Software Architecture & Testing: Microservices, TDD, unit testing (xUnit, NUnit, Moq). Security Practices: OWASP, Wiz, Snyk for improving security posture. A Bit About Us When it comes to appliances and electricals, we've got the lot. Washing machines? Yep. More ❯

both strategic needs and day-to-day challenges, unblocking the team as needed. Skills, Knowledge and Expertise Experience with tools like Serenity, Selenium, RestAssured, Owasp ZAP, AXE, Locust and JMeter, build tools like Maven or Gradle, and Git for version control. Experience with unit test frameworks like JUnit or similar More ❯

core areas: Build verification Alert and Monitoring Backup and Restore Resilience and Recovery Logging, Audit and House Keeping Release Management Config Management Work Instructions OWASP "top ten" security tests Experience with CI/CD pipelines, Jenkins, and test automation frameworks. Knowledge of cloud platforms (AWS/Azure), infrastructure monitoring, and More ❯

with REST APIs and Microservices. - Confident using CI/CD tools (Git, GitLab CI, Jenkins, SonarQube, etc.). - Solid understanding of secure coding and OWASP tools (e.g. ZAP). - Proven experience in full software development lifecycle. JBRP1_UKTJ More ❯

Exchange/Agreement, Key Derivation, Key Wrapping and Remote Key Attestation. Experience in identifying and mitigating security vulnerabilities on software running on cloud platforms (OWASP Web Top10 vulnerabilities, data encryption, transport layer protections, insecure configurations, secrets management, etc.). Experience with cloud confidential computing, virtualization, enclaves, containers, and workload attestation More ❯

Exchange/Agreement, Key Derivation, Key Wrapping and Remote Key Attestation. Experience in identifying and mitigating security vulnerabilities on software running on cloud platforms (OWASP Web Top10 vulnerabilities, data encryption, transport layer protections, insecure configurations, secrets management, etc.). Experience with cloud confidential computing, virtualization, enclaves, containers, and workload attestation More ❯

solid understanding of data security principles and mechanisms, including encryption and masking and familiarity with major security standards and frameworks (e.g., ISO 27001, NIST, OWASP). Any experience with programming languages like Python, Go, or Java would be a distinct advantage. More ❯