23 of 23 Permanent OWASP Jobs in Wales

control). Knowledge of SQL and experience verifying backend data consistency. Familiarity with containerized environments (Docker, Kubernetes). Familiarity with tools like Burp Suite, OWASP ZAP, or static analysis tools is a plus. What We Offer Competitive salary and benefits package. Opportunities for learning, growth, and contributing to a product More ❯

control). Knowledge of SQL and experience verifying backend data consistency. Familiarity with containerized environments (Docker, Kubernetes). Familiarity with tools like Burp Suite, OWASP ZAP, or static analysis tools is a plus. What We Offer Competitive salary and benefits package. Opportunities for learning, growth, and contributing to a product More ❯

communication skills * Proven team engagement skills * Proven coaching skills * Quality Driven * Adaptable/ability to context switch * Stakeholder Management Optional Skills: * Junit * Playwright * Gatling * OWASP Zap * SonarQube * GitHub Copilot * Wiremock * Wave * Axe * Kubernetes * Docker * Micro-services * AWS * Open API * WCAG * Cucumber/Gherkin * Selenium * Agile Scrum * Agile Practices All profiles More ❯

distributed and hybrid teams . Ability to effectively communicate complex technical concepts in non-technical terms to stakeholders. Familiarity with modern security frameworks like OWASP and SANS25 . Experience with Continuous Delivery and Automated Deployment using tools like Azure DevOps . More ❯

Proficiency in threat modelling methodologies and tools (e.g., STRIDE, DREAD, Attack Trees) Familiarity with other standards such as ISO/IEC 27001, ISO 27005, OWASP, and MOD ISN 23/09 Ability to identify, assess and mitigate risks across software and hardware product ecosystems Strong written and verbal communication skills More ❯

vulnerabilities. Requirements: 5+ years of hands-on experience in application security and secure software development. Strong knowledge of secure coding practices and common vulnerabilities (OWASP) Experience with SAST, DAST, and IAST tools and integrating them into CI/CD pipelines. Proficiency in writing and reviewing code (JavaScript, Java, Python) with More ❯

vulnerabilities. Requirements: 5+ years of hands-on experience in application security and secure software development. Strong knowledge of secure coding practices and common vulnerabilities (OWASP) Experience with SAST, DAST, and IAST tools and integrating them into CI/CD pipelines. Proficiency in writing and reviewing code (JavaScript, Java, Python) with More ❯

Cyber risk assessments, which follow frameworks such as CSF. Interpret and advise on current standards and guidance such as, but not limited to NCSC, OWASP and NIST. Good analytical skills and ability to demonstrate discretion and confidentiality in highly sensitive situations. The ability to work independently and as part of More ❯

Cyber risk assessments, which follow frameworks such as CSF. Interpret and advise on current standards and guidance such as, but not limited to NCSC, OWASP and NIST. Good analytical skills and ability to demonstrate discretion and confidentiality in highly sensitive situations. The ability to work independently and as part of More ❯

experience. Eligibility for or possession of UK Security Clearance (preferred but not required). Solid understanding of common attack techniques and vulnerability classes (e.g., OWASP Top 10, MITRE ATT&CK). Strong familiarity with tools such as Burp Suite, Nmap, Metasploit, etc. Excellent communication and reporting skills. Required Qualifications: Demonstrable More ❯

experience. Eligibility for or possession of UK Security Clearance (preferred but not required). Solid understanding of common attack techniques and vulnerability classes (e.g., OWASP Top 10, MITRE ATT&CK). Strong familiarity with tools such as Burp Suite, Nmap, Metasploit, etc. Excellent communication and reporting skills. Required Qualifications: Demonstrable More ❯

audits & penetration testing What You’ll Bring CISSP or equivalent + 6-7 years in InfoSec Experience maturing security programs & frameworks ( ISO27001, NIST CAF, OWASP ) Strong knowledge of SIEM, IDS/IPS, RBAC, vulnerability management Understanding of cloud, COTS/SaaS platforms & IoT security Ability to communicate risks & strategies at More ❯

and develop policies in line with regulatory standards. Conduct cyber risk assessments following frameworks like CSF. Interpret and advise on standards such as NCSC, OWASP, and NIST. Maintain discretion and confidentiality in sensitive situations. Work independently and collaboratively within the security team. We are passionate about creating an inclusive workplace More ❯

ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) If this all sounds More ❯

at rest/in transit, and other application security standards. Ensure software and infrastructure meet organizational security and compliance requirements (e.g., GDPR, ISO 27001, OWASP Top 10). Team Management & Culture Build and scale high-performance engineering teams, including backend, frontend, full-stack, data, and security engineers. Define and track … APIs, ETL, Azure Data Factory DevOps/Infra : CI/CD pipelines (e.g., GitHub Actions, Azure DevOps), containerization, Azure PaaS Security : Secure development lifecycle, OWASP, authentication/authorization protocols Leadership Attributes Technically credible leader with the ability to deep-dive on architecture and code when necessary. Strong decision-making skills More ❯

at rest/in transit, and other application security standards. Ensure software and infrastructure meet organizational security and compliance requirements (e.g., GDPR, ISO 27001, OWASP Top 10). Team Management & Culture Build and scale high-performance engineering teams, including backend, frontend, full-stack, data, and security engineers. Define and track … APIs, ETL, Azure Data Factory DevOps/Infra : CI/CD pipelines (e.g., GitHub Actions, Azure DevOps), containerization, Azure PaaS Security : Secure development lifecycle, OWASP, authentication/authorization protocols Leadership Attributes Technically credible leader with the ability to deep-dive on architecture and code when necessary. Strong decision-making skills More ❯

Company Overview The SPTS division of KLA designs, manufactures and markets wafer processing solutions for the global semiconductor and related industries. SPTS provides industry leading etch and deposition process technologies on a range of single wafer handling platforms. End-market More ❯

/components interact correctly. Test APIs, databases, and service flows. Security Testing & Penetration Testing (Ethical Hacking) Simulate attacks to find vulnerabilities. Tools: Burp Suite , OWASP ZAP , Metasploit . CEH , OSCP , CISSP certifications an advantage Vulnerability Testing Scan systems for known vulnerabilities. Collaborate with SecOps and DevSecOps teams. Security QA/… Secure Code Testing Test software from a secure coding perspective. Ensure compliance with secure development standards (OWASP Top 10, etc.). Test Management Oversee testing across multiple teams and or products. Handle stakeholder communication, budget, vendor selection, and process compliance. Test Architectecture Design testing frameworks, strategies, and toolchains. Advise on More ❯

/components interact correctly. Test APIs, databases, and service flows. Security Testing & Penetration Testing (Ethical Hacking) Simulate attacks to find vulnerabilities. Tools: Burp Suite , OWASP ZAP , Metasploit . CEH , OSCP , CISSP certifications an advantage Vulnerability Testing Scan systems for known vulnerabilities. Collaborate with SecOps and DevSecOps teams. Security QA/… Secure Code Testing Test software from a secure coding perspective. Ensure compliance with secure development standards (OWASP Top 10, etc.). Test Management Oversee testing across multiple teams and or products. Handle stakeholder communication, budget, vendor selection, and process compliance. Test Architectecture Design testing frameworks, strategies, and toolchains. Advise on More ❯

vulnerabilities and non-trivial security issues. Support technical teams in resolving vulnerabilities and strengthening security measures. Develop and maintain security testing methodologies aligned with OWASP, NIST, and CIS Controls . Integrate security testing into the CI/CD pipeline to detect and fix vulnerabilities early. Ensure compliance with industry security … continuous improvements. What You Bring to TLScontact Demonstrable experience in penetration testing and security testing . Hands-on expertise with security tools (Burp Suite, OWASP ZAP) and scripting languages (Python, Bash, PowerShell, Metasploit, Checkmarx). Experience with CI/CD tools (GitLab, Jenkins, GitHub Actions). Deep understanding of secure More ❯

vulnerabilities and non-trivial security issues. Support technical teams in resolving vulnerabilities and strengthening security measures. Develop and maintain security testing methodologies aligned with OWASP, NIST, and CIS Controls . Integrate security testing into the CI/CD pipeline to detect and fix vulnerabilities early. Ensure compliance with industry security … continuous improvements. What You Bring to TLScontact Demonstrable experience in penetration testing and security testing . Hands-on expertise with security tools (Burp Suite, OWASP ZAP) and scripting languages (Python, Bash, PowerShell, Metasploit, Checkmarx). Experience with CI/CD tools (GitLab, Jenkins, GitHub Actions). Deep understanding of secure More ❯

role will be circa £650 per day, inside IR35 Key Skills Required: Strong Security and Development background, in SDLC-focused roles Deep knowledge of OWASP API Top 10 Able to review Swagger/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as … WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's Able to translate technical risks into business language, collaborating with key stakeholders Experience in large-scale, enterprise environments More ❯

role will be circa £650 per day, inside IR35 Key Skills Required: Strong Security and Development background, in SDLC-focused roles Deep knowledge of OWASP API Top 10 Able to review Swagger/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as … WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's Able to translate technical risks into business language, collaborating with key stakeholders Experience in large-scale, enterprise environments More ❯