1 to 25 of 44 Permanent OWASP Jobs

appropriate security tools including automated cloud-based tooling Up-to-date understanding of network security (e.g. OSI, TCP/IP), web application security (e.g. OWASP) and cryptographic controls (e.g. PKI, TLS) Evidence of self-development Experience with cloud solutions such as Azure and AWS preferred. Excellent analytical, problem-solving, and more »

changing priorities and requirements Experience of Secure Software Development Lifecycle processes and methodologies Knowledge and experience of applying best practice for solution security (e.g., OWASP, NCSC cloud security principles) Strong understanding and practical experience of performing security threat modelling and articulating risk profiles Deep understanding of security concepts and demonstrated more »

Security Engineering. Able to demonstrate a good understanding of information security frameworks, standards and security best practice (ISO27001, NIST CSF, Mitre Att&ck Framework, OWASP). Experience in designing secure components (e.g. networks, systems, applications, security technologies) Knowledge of and skills in at least one scripting language such as PowerShell. more »

. Ability to work with diverse, remote, and distributed teams across multiple regions and time zones. SSDLC practices in DevOps, CI/CD environment. OWASP Top 10, SANS CWE, OpenSAMM, BSIMM, etc. Penetration testing, vulnerability scanning Implementation of security monitoring tools. Implementing pipelines that make use of SCA, SAST, DAST more »

and drive consensus. Preferred Qualifications: Familiarity with big data security solutions Leadership Experience Knowledge of Open Security Architecture (OSA), The Well Architected Framework, and OWASP Application Security Verification Standard (ASVS) Demonstrated ability to act as a thought leader in Cloud security for your existing organization Commitment to continuous improvement and more »

of recognised information security management and governance frameworks (ISF (Information Security Forum) SOGP (Standards of Good Practice), NIST 800-53 & CSF, CIS 7.1 and OWASP Top 10) A recognised information security qualification (CISSP, CISM etc.). The following qualifications, or associated experience, are also desirable: Microsoft Certified: Azure Security Engineer more »

point security controls Vulnerability management Configuration and compliance management Risk management Policy and standards management Incident handling Application security (WAFs, Static and Dynamic analysis, OWASP) Security event monitoring Data protection and encryption (HSM, SEDS, Database encryption ) Disaster Recovery Business Continuity Planning and Execution Vendor Management KPIs and KRIs Control Testing more »

tests with an attacker's mindset. Expertise in using tools like Kali, Burp Suite, Nmap, Nessus, Qualys, Metasploit, and others. Strong knowledge of the OWASP Testing Methodology. Solid understanding of security protocols such as SSL/TLS, SSH, and HTTP. Knowledge of cloud security platforms like AWS, Azure, and Google more »

SQL Server and Oracle JavaScript frameworks such as AngularJS, NodeJS REST/SOAP services Authentication methods such as OIDC/JWT Secure coding standards (OWASP, STRIDE) and penetration testing (Burp Suite) Software development principles and architecture patterns Knowledge of testing methodologies (unit, integration tests) and tools Knowledge of DevOps with more »

of repositories, code controls and development tools such as JIRA, Confluence and similar tools Application and Web Service security, Identity Management and Protocols (e.g. OWASP, WS-Security, SAML, OAuth2, OpenID Connect) Knowledge of or have worked with Cloud technologies. Azure preferred Working with: Agile development methodology, SAFe or SCRUM Understanding more »

in leading diverse and inclusive teams.Cyber Security:Experience in architecting secure, cloud-based (AWS) applications, including CI/CD.Familiar with Zero Trust Architecture, SBD, OWASP, NIST, CIS, and NCSC baselines.Strong foundation across the cybersecurity technology stack.Desirable:Prior experience working in agile delivery teams.Familiarity with the GDS Service Manual.About the Client more »

of application security (Web, API, Mobile) An understanding of microservices and container orchestration Experience Solid grasp of Application Security Tooling (SCASASTDASTIaC Security) Knowledge of OWASP Top 10, Mitre Top 25 and CVSS frameworks, mapping to business risk Experience in implementing security into different stages of a DevOps lifecycle Soft Skills more »

Routing) Desirable CCIE Knowledge and Skills Essential In-depth understanding of ISO27001, PCI DSS, Management, CISSP, Security, Strategy, Pen Testing In-depth knowledge of OWASP Top 10, CWE/SANS Top 25, WASC Demonstrates understanding of vulnerability remediation Expert knowledge in IT security best practice and solutions. Good understanding of more »

of: GDPR, Business Continuity and Disaster Recovery Planning, Information Security Policies, Creating Education and Awareness programmes, Security Incident Response and Secure Development Processes (including OWASP). Third Party Supplier Management, Antivirus, Malware, threat hunting techniques and technologies are also highly sought after for this role. If you have experience of more »

working on multiple challenging projects simultaneously.The nice to haves:· Awareness of industry related security standards such as ISO 27000 series, PCI DSS, COBIT, NIST, OWASP · Certifications in Security Management such as CISSP/CISM/CCSP or equivalent· Certifications in technical Security domains such as CEH/OSCP or equivalent more »

complex issues. Certifications such as CISSP, CEH, OSCP, or GSEC are preferred but not required. Knowledge of security principles, practices, and frameworks, such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modeling and risk more »

skilled at influencing and negotiating. Certifications such as CISSP, CEH, OSCP, or GSEC are preferrable. Knowledge of security principles, practices, and frameworks, such as OWASP, NIST, and ISO Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk more »

WAF Event risk management and triage Zero Trust configuration and management Security best practices and experience conforming to standards such as: ISO27001:2022 Framework OWASP NIST CSF PCI DSS 4.0 SOC-2 NCSC Best Practices more »

of benefit: •Experience with .Net 8 with C# 12 •Standard design patterns such as singleton, repository, decorator, facade and Mediator •CI/CD processes •OWASP, SANS25, Kritis standards or equivalent security development framework •Development tools like Telerik, Resharper etc. •PowerShell and batch scripting •A.I. tools and development •RPA, Ideally with more »

SCA/SAST/DAST/IaC Security) into DevOps environments. Deep understanding of application security across Web, API, and Mobile platforms. Knowledge of OWASP Top 10, Mitre Top 25, and CVSS frameworks, with the ability to map to business risk. Experience implementing security into different stages of a DevOps more »

Miro and Confluence * Consumer-driven contract testing methodologies (i.e. PACT) * Infrastructure as Code (IaC) practices (ideally Terraform) * Core hardening and security practices, including adherence OWASP guidelines more »

penetration testing. Strong knowledge of web technologies and the OSI model, including HTTP & TCP protocols, JSON, XML, and HTML. Familiarity with web security concepts, OWASP Top 10 vulnerabilities, and common attack vectors. Experience with penetration testing tools such as Burp Suite, Metasploit, Nmap, Wireshark, and Postman. Understanding of encryption and more »

or more of the following: TDD Automated acceptance testing/BDD/Cucumber Performance and scalability testing, e.g. JMeter Penetration testing knowledge/OWASP Kubernetes/Container orchestration platform experience Designing, creating and calling HTTP APIs SQL Databases, e.g. Postgres, MySQL, MariaDB Experience in using AWS services - 3 of the more »

environment. Required Skills & Qualifications: Proven experience in API development and integration technologies such as REST and SOAP. Extensive knowledge of secure coding principles, including OWASP and Threat Modelling. Excellent hands-on coding skills using ASP.NET, the .NET ecosystem, and tools like C#, Visual Studio, and dotnet CLI. A deep understanding more »

Experience Proven C# development experience. Experience in building and consuming web APIs and microservices. Strong experience in software design and best practices such as OWASP and SOLID principles. Knowledgeable about security principles and integrations with OAuth2 and Azure AD. Strong analytical and problem-solving skills. Excellent communication and teamwork abilities. more »