1 to 25 of 132 Permanent OWASP Jobs in the UK excluding London

principles in customer-facing SaaS platforms. Deep understanding of application security and secure SDLC across modern stacks (JavaScript/React, C#/.NET, Azure services, containers). Knowledge of OWASP Top 10 and mitigation strategies. Experience with modern authentication and authorization protocols (OpenID Connect, OAuth2.0). Hands-on experience with SAST/DAST tools and integration into SDLC. Proficiency in More ❯

principles in customer-facing SaaS platforms. Deep understanding of application security and secure SDLC across modern stacks (JavaScript/React, C#/.NET, Azure services, containers). Knowledge of OWASP Top 10 and mitigation strategies. Experience with modern authentication and authorization protocols (OpenID Connect, OAuth2.0). Hands-on experience with SAST/DAST tools and integration into SDLC. Proficiency in More ❯

ofmodern software development approaches such as automated testing, test driven development, continuous integration, pair programming, code review and version control have understanding of common web security risks such as OWASP Top 10, and the corresponding mitigations enjoy researching and learning new programming tools and techniques and sharing their skills with others have experience working in a collaborative environment, and an More ❯

and Azure DevOps (CI/CD) Familiarity with scripting languages like PowerShell, YAML, JSON Hands-on with application security tools and DevSecOps processes Understanding of frameworks and standards like OWASP, NIST SSDF, ISO27001, NCSC Experience with threat modelling, risk assessments, and secure design reviews Confident owning security strategy and tooling across complex product landscapes A strong communicator - able to engage More ❯

through deployment, oversee secure coding and testing, and drive operational maturity and resilience against evolving threats What you'll do: Define and govern secure architecture standards, aligned with NIST, OWASP, ISO 27001, and enterprise policies Lead DevSecOps integration, embedding automated security testing (SAST, DAST, SCA, container security) into CI/CD pipelines Oversee large-scale secure development programs, ensuring SLA More ❯

/Postgres , databases DevOps: CI/CD, Docker , containerisation, Ubuntu/Linux, AWS , Serverless, CDK/CDKTF , Ansible Quality & Analytics: Postman API, testing frameworks, web analytics Patterns: Secure SDLC, OWASP Top 10 , TDD , Git-based workflows Must-have experience Proven delivery of full-stack web applications (frontend + backend + API) from design to production deployment . Hands-on with More ❯

/Postgres , databases DevOps: CI/CD, Docker , containerisation, Ubuntu/Linux, AWS , Serverless, CDK/CDKTF , Ansible Quality & Analytics: Postman API, testing frameworks, web analytics Patterns: Secure SDLC, OWASP Top 10 , TDD , Git-based workflows Must-have experience Proven delivery of full-stack web applications (frontend + backend + API) from design to production deployment . Hands-on with More ❯

/Postgres , databases DevOps: CI/CD, Docker , containerisation, Ubuntu/Linux, AWS , Serverless, CDK/CDKTF , Ansible Quality & Analytics: Postman API, testing frameworks, web analytics Patterns: Secure SDLC, OWASP Top 10 , TDD , Git-based workflows Must-have experience Proven delivery of full-stack web applications (frontend + backend + API) from design to production deployment . Hands-on with More ❯

/Postgres , databases DevOps: CI/CD, Docker , containerisation, Ubuntu/Linux, AWS , Serverless, CDK/CDKTF , Ansible Quality & Analytics: Postman API, testing frameworks, web analytics Patterns: Secure SDLC, OWASP Top 10 , TDD , Git-based workflows Must-have experience Proven delivery of full-stack web applications (frontend + backend + API) from design to production deployment . Hands-on with More ❯

. Proficient in Git or other version control systems. Desirable Knowledge, Skills and Experience: Certifications in OCI or other cloud platforms (AWS, GCP). Experience with security tools like OWASP ZAP, Burp Suite, etc. Familiarity with Jira, Confluence, or similar tools. Knowledge of compliance frameworks (e.g., GDPR, HIPAA, ISO 27001, ISO 13485). Background in start-up or scale-up More ❯

Note: this position includes participation in an on-call rotation. What we’re looking for 3+ years in software engineering plus 2+ years in application security. Strong knowledge of OWASP, application vulnerabilities, and security testing techniques. Experience with secure web application development and Agile/DevOps methodologies. Familiarity with pen testing, bug bounty, or hacker community collaboration. Strong communication skills More ❯

Note: this position includes participation in an on-call rotation. What we're looking for 3+ years in software engineering plus 2+ years in application security. Strong knowledge of OWASP, application vulnerabilities, and security testing techniques. Experience with secure web application development and Agile/DevOps methodologies. Familiarity with pen testing, bug bounty, or hacker community collaboration. Strong communication skills More ❯

Provide mentoring, training, and security awareness support to internal teams. Essential Skills & Experience Strong hands-on experience in application and cloud security engineering. Deep understanding of web app vulnerabilities (OWASP Top 10, CWE) and secure coding practices. Proficiency with security testing tools and vulnerability management platforms. Broad knowledge of network and infrastructure security concepts (WAFs, ACLs, VPNs, etc.). Familiarity More ❯

Provide mentoring, training, and security awareness support to internal teams. Essential Skills & Experience Strong hands-on experience in application and cloud security engineering. Deep understanding of web app vulnerabilities (OWASP Top 10, CWE) and secure coding practices. Proficiency with security testing tools and vulnerability management platforms. Broad knowledge of network and infrastructure security concepts (WAFs, ACLs, VPNs, etc.). Familiarity More ❯

embedding security in agile development environments Hands-on knowledge of cloud platforms , CI/CD pipelines , and scripting (PowerShell, YAML, JSON, etc.) Familiarity with frameworks and standards such as OWASP , NIST SSDF , ISO27001 , or NCSC Practical experience with threat modelling , security tooling , and risk assessments Excellent communication skills, able to influence and engage at all levels from developers to execs More ❯

certifications: CISSP, CISM, CISA, or equivalent Higher education sector experience Multi-tenant SaaS architecture security experience DevSecOps and CI/CD security integration knowledge Security frameworks: NIST, CIS Controls, OWASP Multi-jurisdictional data protection knowledge Enterprise sales cycle support experience Key Attributes Strategic thinker who can balance security with business needs Pragmatic approach to security implementation Detail-oriented with strong More ❯

certifications: CISSP, CISM, CISA, or equivalent Higher education sector experience Multi-tenant SaaS architecture security experience DevSecOps and CI/CD security integration knowledge Security frameworks: NIST, CIS Controls, OWASP Multi-jurisdictional data protection knowledge Enterprise sales cycle support experience Key Attributes Strategic thinker who can balance security with business needs Pragmatic approach to security implementation Detail-oriented with strong More ❯

certifications: CISSP, CISM, CISA, or equivalent Higher education sector experience Multi-tenant SaaS architecture security experience DevSecOps and CI/CD security integration knowledge Security frameworks: NIST, CIS Controls, OWASP Multi-jurisdictional data protection knowledge Enterprise sales cycle support experience Key Attributes Strategic thinker who can balance security with business needs Pragmatic approach to security implementation Detail-oriented with strong More ❯

certifications: CISSP, CISM, CISA, or equivalent Higher education sector experience Multi-tenant SaaS architecture security experience DevSecOps and CI/CD security integration knowledge Security frameworks: NIST, CIS Controls, OWASP Multi-jurisdictional data protection knowledge Enterprise sales cycle support experience Key Attributes: Strategic thinker who can balance security with business needs Pragmatic approach to security implementation Detail-oriented with strong More ❯

certifications: CISSP, CISM, CISA, or equivalent Higher education sector experience Multi-tenant SaaS architecture security experience DevSecOps and CI/CD security integration knowledge Security frameworks: NIST, CIS Controls, OWASP Multi-jurisdictional data protection knowledge Enterprise sales cycle support experience Key Attributes: Strategic thinker who can balance security with business needs Pragmatic approach to security implementation Detail-oriented with strong More ❯

or supporting the higher education sector. Strong understanding of multi-tenant SaaS security. Knowledge of DevSecOps and integrating security in CI/CD pipelines. Familiarity with NIST, CIS Controls, OWASP, and other security frameworks. Awareness of global data protection and multi-jurisdictional privacy requirements. Experience supporting enterprise sales cycles with security expertise and assurance. Benefits: 25 days' holiday plus bank More ❯

profile with working samples of previously produced code * Docker * Laravel Livewire/Inertia * DevOps * Experience with security, form validation, XSS prevention, database security, session management, input validation and other OWASP guidelines You will be able to be part of something special. As the Lead, you will be given so much autonomy, and it is a true green field project. Job More ❯

Security & Compliance Assess application security risks and provide remediation strategies. Ensure compliance with industry standards (ISO 27001, GDPR, SOC 2, etc.). Implement best practices for secure software development (OWASP, encryption, IAM, etc.). 6. Performance Optimisation & Scaling Analyse system bottlenecks and recommend performance tuning strategies. Support database optimisations, caching mechanisms, and load balancing strategies. Assist in designing auto-scaling More ❯

reliable deployments. Collaborate with engineering teams to embed best practices for monitoring, security, and performance. Contribute to architectural decisions and technical design reviews. Ensure compliance with secure coding standards (OWASP, API security, web application best practices). Support automation, observability, and continuous improvement initiatives across the engineering organisation. You'll Be a Great Fit If You Have strong coding experience More ❯

reliable deployments. Collaborate with engineering teams to embed best practices for monitoring, security, and performance. Contribute to architectural decisions and technical design reviews. Ensure compliance with secure coding standards (OWASP, API security, web application best practices). Support automation, observability, and continuous improvement initiatives across the engineering organisation. ✅ You’ll Be a Great Fit If You... Have strong coding experience More ❯