1 to 25 of 236 Permanent OWASP Jobs

tools, including: Jenkins GitLab CI/CD Security Tools Experience with security tools, including: Static Application Security Testing (SAST) tools (e.g., Sonare) Dynamic Application Security Testing (DAST) tools (e.g., OWASP ZAP, Burp Suite) Container security tools (e.g., Docker, Kubernetes) Cloud security tools (e.g., AWS IAM, Azure Security Center) Cloud Platforms Knowledge of cloud platforms, including: Amazon Web Services (AWS) Microsoft … pipelines, including: Jenkins Pipelines GitLab CI/CD Pipelines CircleCI Pipelines Azure DevOps Pipelines Security Frameworks and Compliance: Knowledge of security frameworks and compliance regulations, including: NIST Cybersecurity Framework OWASP Security Cheat Sheet Minimum Education Requirements: BA/BS or MA/MS preferred Clearance Requirements: TS/SCI Here's your chance to join a small but growing team More ❯

automation and integration. Proficiency with static code analysis, dynamic application security testing (DAST), and vulnerability scanning tools like Fortify and Acunetix. Knowledge: In-depth understanding of security frameworks (e.g., OWASP, NIST) and best practices for mitigating vulnerabilities. Familiarity with common threat vectors and experience addressing them in development and operations environments. Additional Information GoldenTech is a systems integrator firm, focusing More ❯

Acunetix, and Prisma Cloud • Proficiency in scripting languages (e.g., Python, Bash) for automation and tool integration. • Knowledge of security best practices, common vulnerabilities, and exposure to security frameworks (e.g., OWASP, NIST). • Strong problem-solving skills and the ability to work effectively in a fast-paced, collaborative environment. • Excellent communication skills, both written and verbal, with the ability to convey More ❯

GCP, including securing cloud-based applications. Advanced scripting skills in Python, Bash, or similar languages for automation. Knowledge: In-depth understanding of security best practices, vulnerabilities, and frameworks like OWASP and NIST. Additional Information GoldenTech is a systems integrator firm, focusing on solving complex problems in the areas of DevOps, Cloud and Cyber domains. In addition to offering Cloud based More ❯

vendors and coordinate feedback with teams to ensure actions are followed to mitigate identified risks Skills: Software engineering background is a must with knowledge of Application Security Frameworks e.g. OWASP SAMM/DSOMM etc Hands-on knowledge of information security processes such as security design review, threat modelling, OWASP Top 10, risk analysis, and software testing techniques Strong understanding of … activities - identifying, assessing and providing remediation options for application and technology risks Knowledge of Agile methodologies is a must Knowledge of backend and frontend web application vulnerabilities Knowledge of OWASP Top 10, SANS Top 25 etc Experience working in AWS/Azure/GCP would be beneficial Knowledge of Ci/CD pipelines Thorough understanding of SAST, DAST (including fuzzing More ❯

supporting CI/CD pipeline tools such as Jira, Confluence, Bitbucket, Jenkins, Artifactory, and GitLab Exposure to cloud-based web services, particularly AWS Knowledge of secure coding practices, including OWASP, secrets management, and vulnerability remediation Strong understanding of networking concepts and architectures Experience working with scanning tools, such as Nessus, Fortify, and Anchore Broad infrastructure knowledge, including computer, networking, storage More ❯

operations teams on bug fixes, retesting, and verifying patches in staging and production-mirroring environments. Quality & Best Practices • Champion infrastructure and security testing best practices, including vulnerability scanning (e.g., OWASP ZAP, Nessus), compliance checks, and disaster-recovery validations. • Contribute to continuous improvement by proposing new testing tools, frameworks, and process enhancements to raise overall system reliability and observability. Agile & Cross More ❯

Knowledge of cloud security frameworks Rest API knowledge Scripting and Infrastructure as Code (Terraform, CloudFormation) Experience with Jira or similar ticketing systems Technical architecture review skills Vulnerability identification (CWE, OWASP) Operating systems and hardening techniques Development concepts like CICD, Pipelines, SDLC Penetration testing knowledge (useful) Familiarity with Cloud Development Kit (CDK), GitOps Experience in DevOps/agile environments Docker, Kubernetes More ❯

teams and business stakeholders is essential. Experience working with security issues in software architecture, software development, e.g. static and/or dynamic code analysis and tools, software dependency check, OWASP Top10 testing, application threat modelling. In-depth experience working in an Agile software development environment, with classic applications as well as microservices, using modern code processing and continuous integration and … Security Architect, SDLC, Secure by Design, Architecture, Software Development, Engineering, DevOps, InfoSec, Security, Security Strategy, Best Practice, Programming, Code, C++, C#, C, .NET Core, Java, JavaScript, Node.js, Angular, React, OWASP, Agile, Application Threat Modelling, Security Policy, Security Controls, ISO 27001, NIST, GDPR, Cloud, Azure. Please note that due to a high level of applications, we can only respond to applicants More ❯

or application security. You should also have a proven experience and knowledge with any combination of the following: Threat modelling and risk assessments, Working knowledge of secure coding principles (OWASP and OWASP mobile, SANS ), Experience with designing and administering identity management (authentication and authorisation including policy enforcement points, token services, protocols such as OAuth2), Working knowledge of cryptography including encryption More ❯

software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience with Azure DevOps, particularly CI More ❯

defences. Technologies and Soft Skills required: Advanced technical knowledge of penetration testing techniques, security assessments, and vulnerability exploitation. Expertise in security testing tools (such as Burp Suite, Metasploit, Nmap, OWASP ZAP, etc.), as well as manual testing methods. Strong understanding of common application security vulnerabilities (such as SQL injection, XSS, CSRF, insecure deserialization, etc.) and OWASP Top 10. Proficiency in More ❯

MongoDB, DocumentDB) data stores. Have first-hand understanding of Agile development methodologies. Exposure to cloud platforms like AWS and containerization technologies like Docker. Experience in implementing best security practices (OWASP, SAMM or any equivalent) An ability to produce reports, documentation, and presentations as per business requirements. Excellent written, verbal communication skills, problem-solving skills and attention to detail. Proactive and More ❯

MongoDB, DocumentDB) data stores. Have first-hand understanding of Agile development methodologies. Exposure to cloud platforms like AWS and containerization technologies like Docker. Experience in implementing best security practices (OWASP, SAMM or any equivalent) An ability to produce reports, documentation, and presentations as per business requirements. Excellent written, verbal communication skills, problem-solving skills and attention to detail. Proactive and More ❯

and Azure DevOps (CI/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage More ❯

and Azure DevOps (CI/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage More ❯

cybersecurity, with extensive experience in threat management, vulnerability management, offensive security practices and security testing. Strong knowledge of common security vulnerabilities, attack vectors, and security testing frameworks, such as OWASP, MITRE ATT&CK, CVE/CVSS, and NIST SP 800-53. Experience of vulnerability scanning tools, penetration testing tools, and security testing frameworks (e.g., Nessus, Metasploit, Burp Suite, Nmap More ❯

application security Experience working with large-scale multi-cloud, multi-account architecture CISSP, CISM, AWS Solutions Architect Professional, Azure Solutions Architect, or equivalent certification, is preferred Thorough understanding of OWASP Top 10 and Secure Development Expertise in automating security tools and integrations, including simple scripting Experience with application security tools (SAST, DAST, IAST and SCA) Strong technical knowledge of development More ❯

pure product or application security Strong expertise in offensive security techniques and methodologies, including ethical security testing Deep understanding of secure coding practices, common vulnerabilities and risk scoring methodologies (OWASP Top 10, CWE, CVSS scoring etc.) Strong experience communicating to stakeholders of varying technical skill levels Your experience should include: Using offensive security tooling, including tools such as Burp Suite More ❯

Requirements Bachelor’s degree in IT or equivalent experience. 5+ years in information/application security roles. Experience working in agile environments. Deep understanding of cloud security (Azure, AWS), OWASP, MITRE. Proven experience with policy interpretation and security implementation in real-world projects. Preferred Skills Certifications such as CISSP, CCSP, CEH, Microsoft Azure/AWS Security. Working knowledge of GDPR More ❯

firewalls, IPS, DDoS, WAF, DLP, DNS, NAC, NSPM, and architectures like SASE and Zero Trust. Application Security: Experience with SAST, DAST, RAST, IAST tools, integrating security into SDLC processes, OWASP, API security design, robust threat modelling, and containerization security. Data Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. More ❯

firewalls, IPS, DDoS, WAF, DLP, DNS, NAC, NSPM, and architectures like SASE and Zero Trust. Application Security: Experience with SAST, DAST, RAST, IAST tools, integrating security into SDLC processes, OWASP, API security design, robust threat modelling, and containerization security. Data Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. More ❯

firewalls, IPS, DDoS, WAF, DLP, DNS, NAC, NSPM, and architectures like SASE and Zero Trust. Application Security: Experience with SAST, DAST, RAST, IAST tools, integrating security into SDLC processes, OWASP, API security design, robust threat modelling, and containerization security. Data Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. More ❯

development. Experience with Infrastructure as Code (IaC) tools, particularly Terraform. Solid understanding of security monitoring, logging, and alerting concepts. Familiarity with common security frameworks (e.g., NIST, MITRE ATT&CK, OWASP Top 10). Preferred Qualifications Google Professional Cloud Security Engineer certification or equivalent (e.g., CISSP, CISM, AWS/Azure Security Certs). Experience with incident response, threat intelligence integration, and More ❯

development. Experience with Infrastructure as Code (IaC) tools, particularly Terraform. Solid understanding of security monitoring, logging, and alerting concepts. Familiarity with common security frameworks (e.g., NIST, MITRE ATT&CK, OWASP Top 10). Preferred Qualifications Google Professional Cloud Security Engineer certification or equivalent (e.g., CISSP, CISM, AWS/Azure Security Certs). Experience with incident response, threat intelligence integration, and More ❯