126 to 150 of 232 Permanent OWASP Jobs

risk and impact of discovered vulnerabilities. Requirements: 5+ years of hands-on experience in application security and secure software development. Strong knowledge of secure coding practices and common vulnerabilities (OWASP) Experience with SAST, DAST, and IAST tools and integrating them into CI/CD pipelines. Proficiency in writing and reviewing code (JavaScript, Java, Python) with an emphasis on secure patterns. More ❯

risk and impact of discovered vulnerabilities. Requirements: 5+ years of hands-on experience in application security and secure software development. Strong knowledge of secure coding practices and common vulnerabilities (OWASP) Experience with SAST, DAST, and IAST tools and integrating them into CI/CD pipelines. Proficiency in writing and reviewing code (JavaScript, Java, Python) with an emphasis on secure patterns. More ❯

assessment. Familiarity with Android security frameworks, libraries, and APIs. Experience with threat modeling, risk assessment, and security architecture design. Knowledge of secure coding practices and common vulnerabilities such as OWASP Top 10. Proficiency in using security tools for vulnerability scanning and code analysis. Excellent problem-solving skills and attention to detail. Strong communication and collaboration abilities, with a passion for More ❯

contribute to Red Team and social engineering operations. Support junior team members and engage in knowledge sharing. Key Skills & Experience: 3-5 years' penetration testing experience. Strong understanding of OWASP, SSL/TLS, SSH, and HTTP. Comfortable conducting black box, grey box, and white box testing. Familiar with tools like Kali, Burp Suite, Metasploit, Nmap, Nessus, and Qualys. Knowledge of More ❯

contribute to Red Team and social engineering operations. Support junior team members and engage in knowledge sharing. Key Skills & Experience: 3-5 years' penetration testing experience. Strong understanding of OWASP, SSL/TLS, SSH, and HTTP. Comfortable conducting black box, grey box, and white box testing. Familiar with tools like Kali, Burp Suite, Metasploit, Nmap, Nessus, and Qualys. Knowledge of More ❯

Stack Overflow). Flexible working hours, willing to participate in a 24x7 support organization. Positive service-oriented personality. Proven technology skills, including proficiency with Mac, Windows, Linux, knowledge of OWASP top 10, web and mobile application security. Nice to haves: Your own bug bounty profile. Certificates such as CEH, CPT, CEPT, CPEN, OSWE, EWPT, or EWPTX are a plus. What More ❯

contribute to the security engineering of our Salesforce platform especially in the context of APEX code , API design, and secure development lifecycle. Apply the DSOMM (DevSecOps Maturity Model) and OWASP security principles to assess and uplift Salesforce security maturity. Own and improve pipeline security including static code analysis (SAST), dynamic application security testing (DAST), dependency checks, and secure deployment patterns. … understanding of how engineering and security intersect. Strong grasp of secure coding practices and experience running DAST/SAST on Salesforce environments. Exposure to or working knowledge of DSOMM , OWASP, and threat modelling methodologies. Experience integrating security into CI/CD pipelines , especially in complex enterprise platforms. Ability to approach platform security from an engineering-first mindset , not just compliance. More ❯

tools like Jenkins, GitLab, or similar. Experience implementing and managing SAST/DAST tools and processes to secure application development. Deep understanding of application security, including secure coding practices, OWASP Top 10, and API security standards. Knowledge of Customer Identity and Access Management (CIAM) solutions and API security frameworks. Knowledge of one or more programming languages with the ability to … monitoring tools (e.g., SIEM, SOAR). The other stuff we are looking for We'd also love you to bring; Deep understanding of application security, including secure coding practices, OWASP Top 10, and API security standards. Knowledge of Customer Identity and Access Management (CIAM) solutions and API security frameworks. Knowledge of one or more programming languages with the ability to More ❯

and as part of a team Ability to travel to meet business needs Preferred competencies: Relevant cyber security or other qualifications, certifications such as CSX-P, CDPSE, SSCP, CAP, OWASP, PCI DSS Security Cleared with potential to gain enhanced clearances Experience implementing privacy solutions based on the requirements of the EU GDPR and UK Data Protection Act 2018 Good awareness More ❯

We are looking for a Mid Splunk Security Engineer to work in our Application SOC team. This team is part of the Service Integration unit within DNV Cyber's Managed Services department. Managed Services is a tech-savvy group of More ❯

infrastructure, cloud, and third parties. Strong grasp of insurance data models, digital workflows, and sector-specific regulatory requirements. Excellent knowledge of security frameworks and methodologies (e.g. NIST, ISO 27001, OWASP). Proficiency in security-by-design, cloud security (Azure/AWS), zero trust, and secure API design. Strong interpersonal skills with the ability to communicate complex technical matters to senior More ❯

infrastructure, cloud, and third parties. Strong grasp of insurance data models, digital workflows, and sector-specific regulatory requirements. Excellent knowledge of security frameworks and methodologies (e.g. NIST, ISO 27001, OWASP). Proficiency in security-by-design, cloud security (Azure/AWS), zero trust, and secure API design. Strong interpersonal skills with the ability to communicate complex technical matters to senior More ❯

looking for Cloud engineering experience with security tooling and cloud workload protection Skilled in DevOps, AWS, Infrastructure as Code (Terraform), and scripting (Python, Bash) Knowledge of secure engineering standards (OWASP, CIS, NIST) and Agile/DevOps practices Experienced with CSPM, CNAPP, security incident response, and SIEM tools Ability to evaluate and recommend new security technologies Clear communicator focused on enhancing More ❯

experience with AWS (or similar cloud platforms) and Cloudflare. Infrastructure as Code: Proficiency with Terraform or similar IaC tools. Vulnerability Knowledge: Solid understanding of common vulnerability classes and the OWASP Top 10. Coding & Scripting: Proficient in reading code (e.g., Python, Scala) and using Git for version control of code and configuration changes. Familiarity with iOS or Android security. Experience of More ❯

stack (AWS, K8, Python/Django, React, Postgres) Experience/passion in building scalable, enterprise-grade applications. Experience with large scale web frontend applications Experience with web security (eg. OWASP top 10) Familiarity with AI development tools such as Cursor, GitHub Copilot, or Claude. Ready to be part of AI transformation at Abnormal AI? Apply Now! Once you apply, you More ❯

with React Knowledge of feature flagging tools like LaunchDarkly Familiarity with Agile methodologies API development with ASP.NET Core (C#) Experience with OAuth2.0/OpenID Connect in Angular Knowledge of OWASP top 10 and web security best practices. Company Benefits Competitive salary - accredited Living Wage employer 25 days holiday plus bank holidays, with options to purchase additional days Discretionary annual bonus More ❯

hands-on penetration testing experience across network, web, wireless, and cloud environments. Expert with core tools: Burp Suite, Metasploit, Cobalt Strike, Nmap , and custom scripting. Deep understanding of vulnerabilities (OWASP Top 10, MITRE ATT&CK) and exploitation methods. Experience delivering reports aligned to PTES, OWASP, NIST, or OSSTMM standards. Exceptional communicator who can translate complex technical issues for diverse audiences. More ❯

facing consultancy or in-house red teaming Proficiency with offensive tools and frameworks: Burp Suite, Nmap, Metasploit, BloodHound, Sliver , etc. Strong understanding of vulnerability classes , exploit development, and the OWASP Top 10 Comfortable scripting in Python, Bash, or PowerShell to automate testing workflows Familiarity with cloud security concepts and infrastructure (AWS, Azure, or GCP) CTF experience, GitHub projects, or relevant More ❯

CA certificates, DNS routing Databases: Web & Security Concepts: NGINX, web servers, reverse proxies, path-based/host-based routing Session handling, load balancing (stateful vs stateless) Security best practices, OWASP Top 10, WAF (configuration/training), network-level security, RBAC, IAM policies Candidate Expectations: The ideal candidate should be able to: Explain best practices around CI/CD pipeline design More ❯

Adversary Simulation, risk and compliance frameworks ISO 27001, NIST, DORA, CREST. TIBER etc.) Willingness to travel to regular F2F end user meetings Familiarity with tools and standards such as OWASP, MITRE ATT&CK etc Self-starter with a results-oriented mindset and the ability to work independently Experience using CRM and sales analytics platforms Ability to thrive in a fast More ❯

senior role. The Role: Develop and maintain web apps using C#, .NET, Python and Javascript Collaborate with designers to ensure technical and visual alignment Write secure code compliant with OWASP standards The Person: Degree in Computer Science or a related field (preferred) Experience with C#,.NET, JavaScript, Python Based Basildon, happy working hybrid British Citizen Reference Number: BBBH19584 Keywords : Full More ❯

backend code to identify security flaws, misconfigurations, or vulnerabilities. Threat Modelling: Lead and contribute to threat modeling sessions - analyse how our products handle data, map potential attack vectors (especially OWASP Top 10), and design mitigation strategies. Secure Development Practices: Help the development team adopt secure coding practices, identify systematic security issues, and uplift the overall engineering team's security awareness. … improvement. Mandatory Experience: Solid experience as a developerhaving utilised (JavaScript/Python) Ability to read and understand code quickly, including unfamiliar codebases Familiarity with modern security tools (e.g., Snyk, OWASP ZAP, Burp Suite) Strong understanding of common web vulnerabilities (OWASP Top 10) Experience with threat modeling and secure design principles Comfortable translating technical findings into prioritised improvements for the engineering More ❯

/negotiate technical outcomes with 3rd parties, including conflict resolution due to changing priorities. Experience of using common information security management frameworks, such as NIST, PCI, GDPR, ISO Series, OWASP the IT Infrastructure Library (ITIL), the ISF Standards of Good Practice (SoGP) and ISACA's Control Objectives for Information and related Technology (COBIT) frameworks. Actively represent the security organisation within More ❯

security. Good Knowledge of information security principles and best practices and experience in managing information security risk. Familiar with information security frameworks such as NIST, SANS Top 20 CSC, OWASP, ISO27001, CyberEssentials or other similar frameworks. Good knowledge of industry IT compliance standards, particularly in design and implementation. Good Understanding of Operational Technology and the challenges involved in securing access. More ❯

using IIS. Full understanding of the MVC pattern, REST APIs and asp.net controllers are a must. Web developers should be aware of security vulnerabilities, such as those identified in OWASP, and their code should mitigate these threats. Knowledge Required: You will need experience in the design, creation and maintenance of websites across multiple platforms. The most important duties and responsibilities More ❯