10 of 10 OWASP Jobs in the City of London

Implement secure design principles including encryption, secrets management, OAuth2/OIDC, network segmentation, and least-privilege IAM. Ensure alignment with industry standards such as OWASP, NIST, CIS Benchmarks, PCI DSS, and ISO 27001. Observability & Resilience Define logging, metrics, and tracing using OpenTelemetry and CloudWatch. Design for high availability and disaster ...

Terraform) Containerisation (Docker, AKS) and serverless (Azure Functions) Monitoring and observability (Application Insights, Log Analytics) Secrets management and vulnerability scanning (Key Vault, SonarQube, OWASP) Architecture & Design Microservices and event-driven design (Service Bus, Event Grid, Kafka) Domain-Driven Design (DDD) principles Resilient and scalable system patterns (circuit breakers, retries) Integration ...

/CD, Docker , containerisation, Ubuntu/Linux, AWS , Serverless, CDK/CDKTF , Ansible Quality & Analytics: Postman API, testing frameworks, web analytics Patterns: Secure SDLC, OWASP Top 10 , TDD , Git-based workflows Must-have experience Proven delivery of full-stack web applications (frontend + backend + API) from design to production ...

Security & Compliance Implement secure design: encryption, secret management, secure SDLC, API security (OAuth2/OIDC), network segmentation, least privilege in IAM. Align with standards (OWASP, NIST, CIS Benchmarks, PCI/ISO 27001 where applicable). Observability & Resilience Define logging, metrics, tracing (OpenTelemetry), health checks, circuit breakers, retries, and backoff strategies. ...

vulnerability research, exploit development, threat emulation, or closely related offensive research and simulation activities Strong knowledge of security frameworks such as MITRE ATT&CK, OWASP, NIST or equivalent industry frameworks and models Hybrid working,3 days in office. Look forward to hearing from ...

legal applications such as Aderant, Intapp or iManage essential for managing firm operations, billing, and financials efficiently. Familiarity with industry-centric standards, including OWASP for security best practices and WCAG (Web Content Accessibility Guidelines) for accessibility, ensuring software is secure and usable for all audiences. This role offers hybrid/ ...

Lambda, RDS, Route53, ELBs, EKS), Terraform, Kubernetes, Docker, CI/CD (Jenkins, GitHub Actions, CodePipeline), Python/Bash, Ansible, Security frameworks (CIS, OWASP), ** Sponsorship and offshore remote are not available for this position** Immersum continue to support one of the leading media businesses in the UK. They … Infrastructure as Code: Terraform, Ansible Containers & Orchestration: Kubernetes, Docker CI/CD: Jenkins, GitHub Actions, AWS CodePipeline Monitoring: Prometheus, Grafana, ELK, CloudWatch Security: CIS, OWASP frameworks, SAST/DAST tools, dependency scanning Web & Systems: LAMP stack (Varnish, Nginx, Apache), MySQL/Postgres, MongoDB Networking & Security: SSL/TLS, TCP/ ...

ideal candidate would look like Less hands-on and strong planning, team, project, risk and stakeholder management Experienced designing SDLC and SSDLC, knowledge of OWASP Experience managing the application support and application development teams Job Responsibilities To lead the management and continuous improvement of the firms' business applications portfolio, ensuring … Applications Team, promoting technical excellence, secure development practices, and adherence to quality standards. Oversee application governance, lifecycle management, and secure development aligned with OWASP ASVS. Provide strategic guidance on architecture, integrations, and data integrity, aligned with firm-wide enterprise architecture. Stay abreast of emerging tech trends, such as artificial intelligence ...

define penetration testing scope by reviewing design and interface documents. Prepare detailed test plans, scenarios, and rules of engagement aligned with CREST and OWASP standards. Conduct API penetration testing (REST, GraphQL, SOAP) focusing on authentication, authorization, and business logic flaws. Perform UI/Web application penetration testing for vulnerabilities such … including executive summaries, technical details, and risk ratings (CVSS). Support re-testing after fixes and validate remediation effectiveness. Ensure compliance with industry standards (OWASP ASVS, API Top 10, ISO 27001, PCI-DSS). Recommend security best practices and contribute to continuous improvement of testing methodologies. Maintain strong documentation ...

define penetration testing scope by reviewing design and interface documents. Prepare detailed test plans, scenarios, and rules of engagement aligned with CREST and OWASP standards. Conduct API penetration testing (REST, GraphQL, SOAP) focusing on authentication, authorization, and business logic flaws. Perform UI/Web application penetration testing for vulnerabilities such … including executive summaries, technical details, and risk ratings (CVSS). Support re-testing after fixes and validate remediation effectiveness. Ensure compliance with industry standards (OWASP ASVS, API Top 10, ISO 27001, PCI-DSS). Recommend security best practices and contribute to continuous improvement of testing methodologies. Maintain strong documentation ...