1 to 25 of 26 Remote/Hybrid Permanent OWASP Jobs

segmentation, and host security. Hands on experience with the following security products Trellix, Ivanti, ClearSwift, Yubikey Understanding of secure coding practices and common vulnerabilities (OWASP Top 10, SANS Top 25). Expertise in identity and access management (IAM), including RBAC, ABAC, JWT and Cookie based authentication. Incident detection and response ...

pipelines, dependencies, infrastructure as code, and third party components. Identify and mitigate risks such as: Injection, authentication/authorization, injection and session management flaws (OWASP Top 10, ASVS) Insecure handling of NPI, PII, and payment data Management of open source dependency vulnerabilities and software supply chain risks Insecure cloud configurations … code review. Preferred: Experience securing modern web, mobile, and API based applications in a regulated industry (e.g., financial services, healthcare). Familiarity with the OWASP Top 10, OWASP ASVS, and OWASP SAMM, and with software supply chain frameworks such as SLSA. Experience with cloud platforms (e.g., AWS, Azure ...

conducting threat modelling (e.g. STRIDE, attack trees) and risk analysis Strong understanding of security frameworks and best practice such as ISO 27001, NIST, CIS, OWASP, NCSC guidance Experience working in the UK Public Sector and associated security standards and guidance including GovAssure/NCSC CAF, HMG Security Policy Framework. Knowledge ...

strong differentiator but not essential: Security exposure in any of the following areas will set you apart: threat modelling, Zero Trust architecture, IAM, OWASP, secure-by-design, or API security. The details: Salary: £90,000 Location: Belfast Working pattern: Hybrid, no set minimum in-office days but a preference ...

architecture principles Leading Infrastructure as Code implementation using Bicep Driving CI/CD maturity (Bitbucket preferred) with strict SDK and dependency version control Ensuring OWASP-aligned secure coding practices and GDPR compliance Collaborating with QA to support automated and manual test strategies Documenting architectural decisions (ADRs) and maintaining clear technical ...

fintech knowledge (reconciliation, idempotency, auditability, ledger concepts). Experience with distributed systems patterns (queues, background jobs, retries, rate limiting). Security experience (threat modelling, OWASP-style concerns, secure API design). Familiarity with Terraform. Our stack Backend: Python, Flask Data: Postgres Cloud: AWS Edge: Cloudflare Infrastructure as Code: Terraform Delivery ...

fintech knowledge (reconciliation, idempotency, auditability, ledger concepts). Experience with distributed systems patterns (queues, background jobs, retries, rate limiting). Security experience (threat modelling, OWASP-style concerns, secure API design). Familiarity with Terraform. Our stack Backend: Python, Flask Data: Postgres Cloud: AWS Edge: Cloudflare Infrastructure as Code: Terraform Delivery ...

fintech knowledge (reconciliation, idempotency, auditability, ledger concepts). Experience with distributed systems patterns (queues, background jobs, retries, rate limiting). Security experience (threat modelling, OWASP-style concerns, secure API design). Familiarity with Terraform. Our stack Backend: Python, Flask Data: Postgres Cloud: AWS Edge: Cloudflare Infrastructure as Code: Terraform Delivery ...

fintech knowledge (reconciliation, idempotency, auditability, ledger concepts). Experience with distributed systems patterns (queues, background jobs, retries, rate limiting). Security experience (threat modelling, OWASP-style concerns, secure API design). Familiarity with Terraform. Our stack Backend: Python, Flask Data: Postgres Cloud: AWS Edge: Cloudflare Infrastructure as Code: Terraform Delivery ...

fintech knowledge (reconciliation, idempotency, auditability, ledger concepts). Experience with distributed systems patterns (queues, background jobs, retries, rate limiting). Security experience (threat modelling, OWASP-style concerns, secure API design). Familiarity with Terraform. Our stack Backend: Python, Flask Data: Postgres Cloud: AWS Edge: Cloudflare Infrastructure as Code: Terraform Delivery ...

fintech knowledge (reconciliation, idempotency, auditability, ledger concepts). Experience with distributed systems patterns (queues, background jobs, retries, rate limiting). Security experience (threat modelling, OWASP-style concerns, secure API design). Familiarity with Terraform. Our stack Backend: Python, Flask Data: Postgres Cloud: AWS Edge: Cloudflare Infrastructure as Code: Terraform Delivery ...

fintech knowledge (reconciliation, idempotency, auditability, ledger concepts). Experience with distributed systems patterns (queues, background jobs, retries, rate limiting). Security experience (threat modelling, OWASP-style concerns, secure API design). Familiarity with Terraform. Our stack Backend: Python, Flask Data: Postgres Cloud: AWS Edge: Cloudflare Infrastructure as Code: Terraform Delivery ...

fintech knowledge (reconciliation, idempotency, auditability, ledger concepts). Experience with distributed systems patterns (queues, background jobs, retries, rate limiting). Security experience (threat modelling, OWASP-style concerns, secure API design). Familiarity with Terraform. Our stack Backend: Python, Flask Data: Postgres Cloud: AWS Edge: Cloudflare Infrastructure as Code: Terraform Delivery ...

fintech knowledge (reconciliation, idempotency, auditability, ledger concepts). Experience with distributed systems patterns (queues, background jobs, retries, rate limiting). Security experience (threat modelling, OWASP-style concerns, secure API design). Familiarity with Terraform. Our stack Backend: Python, Flask Data: Postgres Cloud: AWS Edge: Cloudflare Infrastructure as Code: Terraform Delivery ...

fintech knowledge (reconciliation, idempotency, auditability, ledger concepts). Experience with distributed systems patterns (queues, background jobs, retries, rate limiting). Security experience (threat modelling, OWASP-style concerns, secure API design). Familiarity with Terraform. Our stack Backend: Python, Flask Data: Postgres Cloud: AWS Edge: Cloudflare Infrastructure as Code: Terraform Delivery ...

fintech knowledge (reconciliation, idempotency, auditability, ledger concepts). Experience with distributed systems patterns (queues, background jobs, retries, rate limiting). Security experience (threat modelling, OWASP-style concerns, secure API design). Familiarity with Terraform. Why join us? £60k salary + equity 40 days holiday (incl. bank holidays) Pension scheme ...

fintech knowledge (reconciliation, idempotency, auditability, ledger concepts). Experience with distributed systems patterns (queues, background jobs, retries, rate limiting). Security experience (threat modelling, OWASP-style concerns, secure API design). Familiarity with Terraform. Why join us? £60k salary + equity 40 days holiday (incl. bank holidays) Pension scheme ...

fintech knowledge (reconciliation, idempotency, auditability, ledger concepts). Experience with distributed systems patterns (queues, background jobs, retries, rate limiting). Security experience (threat modelling, OWASP-style concerns, secure API design). Familiarity with Terraform. Why join us? £60k salary + equity 40 days holiday (incl. bank holidays) Pension scheme ...

fintech knowledge (reconciliation, idempotency, auditability, ledger concepts). Experience with distributed systems patterns (queues, background jobs, retries, rate limiting). Security experience (threat modelling, OWASP-style concerns, secure API design). Familiarity with Terraform. Why join us? £60k salary + equity 40 days holiday (incl. bank holidays) Pension scheme ...

fintech knowledge (reconciliation, idempotency, auditability, ledger concepts). Experience with distributed systems patterns (queues, background jobs, retries, rate limiting). Security experience (threat modelling, OWASP-style concerns, secure API design). Familiarity with Terraform. Why join us? £60k salary + equity 40 days holiday (incl. bank holidays) Pension scheme ...

common vulnerabilities (XSS, CSRF, SQL Injection); experience building AppSec programs. Experience with any of the following: C#, React, JavaScript, REST APIs Participation in OWASP, BSides, open-source security projects, etc The ability to effectively communicate security concepts to both technical and non-technical audiences. What You'll Do: Establish ...

practical "shift-left" model that enhances developer workflows rather than blocking them. Key Responsibilities Maturity Assessment and Strategy: Conduct an evidence-based audit against OWASP SAMM and NIST SSDF frameworks, translating findings into a prioritised 12-month risk-reduction roadmap. Pipeline Optimisation: Tuned tool signal-to-noise ratios (SAST … fluency in code, Infrastructure-as-Code (Terraform, Ansible), and YAML pipelines to maintain immediate credibility with senior software engineers. Framework Mastery: Practical application of OWASP SAMM, NIST SSDF, STRIDE, and MITRE ATTandCK. Cloud and Containers: Strong grounding in securing cloud workloads (AWS or Azure) and environments (Docker, Kubernetes). £600.00 ...

experience delivering web application, API, and/or infrastructure penetration tests in a professional consultancy setting. Strong understanding of common vulnerability classes (e.g. OWASP Top 10), exploitation techniques, and remediation guidance. Confident client-facing communication skills, with the ability to explain technical findings to both technical and non-technical audiences. ...

Hands-on experience delivering web application, API, and/or infrastructure penetration tests in a professional setting. Strong understanding of common vulnerability classes (e.g. OWASP Top 10), exploitation techniques, and remediation guidance. Confident client-facing communication skills, with the ability to explain technical findings to both technical and non-technical ...

delivery teams in Agile and DevOps environments to embed security by design. Support compliance with security and regulatory frameworks including ISO 27001, PCI DSS, OWASP and internal standards. Review security posture of vendors and outsourced services, providing due diligence and third-party risk assurance. Present security findings, risk opinions … security, secure application delivery, third-party risk management and access management practices. Experience applying recognised frameworks and standards such as ISO 27001, PCI DSS, OWASP, NIST and enterprise security control frameworks. Ability to translate complex technical risks into business language and provide clear, evidence-based recommendations. Exposure to contemporary architectures. ...