EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯
s recognition. His OwaspHeaders.Core library has achieved remarkable success with over 1.2 million downloads, providing essential webapplicationsecurity features to developers across the .NET ecosystem. The library implements OWASP Secure Headers Project recommendations, enabling developers to enhance their applicationsecurity with minimal effort whilst maintaining clean, maintainable code. Beyond digital community engagement, Jamie demonstrates his commitment to developing future More ❯
Leeds, Yorkshire, United Kingdom Hybrid / WFH Options
Junglee Games India Private Limited
SSDLC strategy, including short, mid, and long-term goals aligned with the group's security posture and digital transformation initiatives. Develop and maintain AppSec maturity models (e.g. based on OWASP SAMM, NIST SSDF, BSIMM) and work with business units to assess current state and define realistic improvement plans. Drive the development of a global secure development policy, including approved tools … deploy processes. Experience working in or with regulated industries or large enterprises is highly desirable. Mergers and Acquisitions integration experience is a plus Familiarity with industry frameworks and standards: OWASP SAMM, OWASP ASVS, BSIMM, NIST SSDF, ISO 27034. Lead teams and projects. This could be as an DevSecOps team lead, security architect, or manager for SSDLC initiatives. Professional certifications in More ❯
handsworth, yorkshire and the humber, united kingdom Hybrid / WFH Options
Networking People (UK) Limited
in Sheffield/Birmingham or Edinburgh 3 days a week) Rate: Negotiable depending on experience (deemed inside IR35) Reference: 19542 You will either be a F5 WAF tuning specialists (OWASP experience required OR Cloud-native WAF engineers (minimum 2 of 3 CSPs) (AWS & GCP as preference)/OR Generic WAF tuning resource (cross-skill utility) Immediate contract for experienced WAF … A focus on tuning rules, analysing data, reducing false positives, and validating control efficacy in production-like conditions. Scope Includes: Hands-on tuning experience with F5. Custom rule creation , OWASP rule tuning (especially for F5), false positive reduction. Log analysis and data-driven tuning based on real traffic. Support for cloud-native WAF tuning (all three Cloud providers) -not deployment More ❯
