1 to 25 of 75 OWASP Jobs in England

segmentation, and host security. Hands on experience with the following security products Trellix, Ivanti, ClearSwift, Yubikey Understanding of secure coding practices and common vulnerabilities (OWASP Top 10, SANS Top 25). Expertise in identity and access management (IAM), including RBAC, ABAC, JWT and Cookie based authentication. Incident detection and response ...

Guidance: Act as the primary security resource for development teams, providing technical advice on vulnerability fixes and secure coding practices (e.g., adherence to the OWASP Top 10). Threat Modelling: Conduct formal threat modelling exercises for new features and application architectures to proactively identify and mitigate design flaws. B. Systems ...

Guidance: Act as the primary security resource for development teams, providing technical advice on vulnerability fixes and secure coding practices (e.g., adherence to the OWASP Top 10). Threat Modelling: Conduct formal threat modelling exercises for new features and application architectures to proactively identify and mitigate design flaws. B. Systems ...

Secure architecture design and secure-by-design principles Risk assessment, threat modelling, and vulnerability management Security frameworks: ISO 27001, NIST 800-30/53, OWASP Cloud security architecture (AWS, Azure, GCP) Incident response, penetration testing, and remediation concepts Persuasive communication skills across technical and non-technical stakeholders Excellent analytical, documentation ...

everything listed, but exposure to some of the following would be highly beneficial: Testing & Automation: JUnit, Playwright, Selenium, Cucumber, Postman Non-Functional Testing: Gatling, OWASP ZAP DevOps & Platforms: Git/GitLab, Docker, Kubernetes, Azure and/or AWS Accessibility: WCAG, WAVE, Axe About you You’ll be someone ...

information security, with at least 5 years leading cross-functional security teams at Director or VP level* Deep hands-on expertise in application security — OWASP, SAST/DAST, threat modelling, secure code review* Proven experience helping mature a SOC at enterprise scale, including detection engineering and incident response* Strong cloud ...

Excellent communication and coaching skills Stakeholder engagement and collaboration Experience with some of the following is highly desirable: JUnit, Playwright, Selenium, Cucumber Postman, Gatling, OWASP ZAP Docker/Kubernetes Azure and/or AWS Accessibility standards and tooling (WCAG, Wave, Axe) About you Passionate about quality and engineering excellence Comfortable ...

platforms (AWS preferred). Familiarity with microservices and containerisation. Experience with DevSecOps tooling (e.g. GitLab, Jenkins, Atlassian). Understanding of security best practices and OWASP principles. Experience with relational and NoSQL databases (e.g. PostgreSQL, Oracle, MongoDB) is beneficial. ...

similar Tools to Accelerate Engineering Workflows Deep Application Security Expertise: SAST/SCA/DAST/Secret Scanning Secure Code Review Threat Modelling (OWASP Top 10, API Top 10, LLM Security Risks) Experience Integrating Security Tooling into Developer Pipelines (GitLab/GitHub, CI/CD) Understanding of Prompt Injection, Jailbreak ...

conducting threat modelling (e.g. STRIDE, attack trees) and risk analysis Strong understanding of security frameworks and best practice such as ISO 27001, NIST, CIS, OWASP, NCSC guidance Experience working in the UK Public Sector and associated security standards and guidance including GovAssure/NCSC CAF, HMG Security Policy Framework. Knowledge ...

architectures . Proven experience with risk assessment methodologies and maintaining enterprise risk registers . Working knowledge of risk assessment methodologies (e.g. ISO 31000, FAIR, OWASP risk rating). Strong understanding of Gov Assure, CAF, ISO 27001, Cyber Essentials, and NIST frameworks. Experience conducting or supporting security audits and implementing remediation ...

cloud architectures. Proven experience with risk assessment methodologies and maintaining enterprise risk registers. Working knowledge of risk assessment methodologies (e.g. ISO 31000, FAIR, OWASP risk rating). Strong understanding of Gov Assure, CAF, ISO 27001, Cyber Essentials, and NIST frameworks. Experience conducting or supporting security audits and implementing remediation plans. ...

Infrastructure as Code (Terraform), observability tooling (Grafana, Kibana, Datadog, CloudWatch), automated testing (NUnit, xUnit, Cypress, Playwright), Git-based workflows, and secure development practices including OWASP, secrets management and Vault. Ways of Working , Comfortable in Scrum/Kanban environments with strong communication skills; experienced with Jira, Confluence, Slack and MS Teams ...

Proven, hands-on experience working specifically in Application Security, Penetration Testing, or as a Security-Focused Software Engineer. Vulnerability Expertise : Absolute fluency in the OWASP Top 10. You must be able to explain how vulnerabilities work, how they are exploited, and exactly how to remediate them. Developer Collaboration : Demonstrable experience ...

experience as an IT Security Architect or secure systems engineer in complex cloud environments, creating technical designs for Azure security architecture, application security (e.g., OWASP, DevSecOps), and network segmentation. Strong knowledge of Azure-specific security tools (e.g., Azure Security Center, Key Vault, Policy, Private Link), threat modelling, secure SDLC ...

PubSub+ (topics, queues, guaranteed delivery, replay) Implement and own RESTful APIs ; contribute to API design standards Apply secure coding principles throughout the development lifecycle (OWASP Top 10, input validation, secrets management, least privilege) Write high-quality, testable code with unit and integration test coverage (JUnit, Mockito, Cucumber/BDD ) Manage ...

Operations role within a large or complex enterprise environment. Strong understanding of cybersecurity standards and frameworks, including ISO 27001, NIST 800 53, CIS Controls, OWASP, and SOC1/2. ...

Operations role within a large or complex enterprise environment. Strong understanding of cybersecurity standards and frameworks, including ISO 27001, NIST 800 53, CIS Controls, OWASP, and SOC1/2. Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy. ...

testing experience Strong understanding of web application and infrastructure testing methodologies Experience with tools such as Burp Suite, Nmap, Nessus, Metasploit, etc. Understanding of OWASP Top 10 and common attack vectors Strong report writing and communication skills Consultancy/client-facing experience beneficial Additional certifications such as CPSA or cloud ...

protocols (e.g. A2A) Familiarity with MCPs for tool and context integration in agentic systems Familiarity with secure-by-design development principles (ISO 27001, NIST, OWASP) Experience in defence, national security, or similarly regulated environments Contributions to open-source AI/ML projects Soft Skills Delivery-focused - you ship working systems ...

DDoS mitigation, web proxy, vulnerability management) Understanding of Information Security principles, frameworks and regulatory requirements (e.g. ISO27001, FCA, PRA, ICO) Working knowledge of OWASP Top 10 and build/integration tools (e.g. Maven, Jenkins, Chef, TFS) Effective communication skills, including the ability to explain technical concepts and impacts ...

Essentials), and drive secure-by-design practices. Essential Skills: Designing & implementing secure cloud/infrastructure architectures Risk assessment & maintaining risk registers (ISO 31000, FAIR, OWASP) Knowledge of Gov Assure, CAF, ISO 27001, Cyber Essentials, NIST Conducting/supporting security audits & remediation Platform security (Entra ID, M365 E5, Azure IaaS/ ...

assurance/risk/governance roles Proven background in secure cloud or infrastructure design (Azure/M365) Experience with risk frameworks (ISO 31000, NIST, OWASP etc.) Knowledge of GovAssure, CAF, ISO27001, Cyber Essentials Entra ID/Azure/M365 SIEM/EDR/vulnerability management tools Access control models (RBAC ...

assurance/risk/governance roles Proven background in secure cloud or infrastructure design (Azure/M365) Experience with risk frameworks (ISO 31000, NIST, OWASP etc.) Knowledge of GovAssure, CAF, ISO27001, Cyber Essentials Entra ID/Azure/M365 SIEM/EDR/vulnerability management tools Access control models (RBAC ...

frameworks and best practices. Experience designing solutions across cloud platforms such as Microsoft Azure or AWS. Knowledge of secure architecture and development practices (e.g. OWASP, NCSC principles). Experience with DevOps, CI/CD pipelines and modern software delivery practices. Strong knowledge of microservices, APIs and web services (REST, SOAP ...