1 to 25 of 232 OWASP Jobs in England

tools such as SAST, DAST, SCA, and CI/CD security integrations. Investigate security incidents, prioritise remediation and guide teams on secure development practices. Ensure applications meet industry standards (OWASP Top 10, NIST, ISO 27001) and regulatory requirements (GDPR, PCI-DSS, etc.) Educate engineers and stakeholders on security threats, vulnerabilities and secure coding practices. Skills 5+ years of experience in … on experience with SAST, DAST, SCA and security automation in CI/CD pipelines. Familiarity with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top 10, CWE, CVSS, MITRE ATT&CK and NIST frameworks. Experience conducting threat modelling, code reviews and penetration testing. Excellent communication skills with the ability to influence and educate development More ❯

tools such as SAST, DAST, SCA, and CI/CD security integrations. Investigate security incidents, prioritise remediation and guide teams on secure development practices. Ensure applications meet industry standards (OWASP Top 10, NIST, ISO 27001) and regulatory requirements (GDPR, PCI-DSS, etc.) Educate engineers and stakeholders on security threats, vulnerabilities and secure coding practices. Skills 5+ years of experience in … on experience with SAST, DAST, SCA and security automation in CI/CD pipelines. Familiarity with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top 10, CWE, CVSS, MITRE ATT&CK and NIST frameworks. Experience conducting threat modelling, code reviews and penetration testing. Excellent communication skills with the ability to influence and educate development More ❯

tools such as SAST, DAST, SCA, and CI/CD security integrations. Investigate security incidents, prioritise remediation and guide teams on secure development practices. Ensure applications meet industry standards (OWASP Top 10, NIST, ISO 27001) and regulatory requirements (GDPR, PCI-DSS, etc.) Educate engineers and stakeholders on security threats, vulnerabilities and secure coding practices. Skills 5+ years of experience in … on experience with SAST, DAST, SCA and security automation in CI/CD pipelines. Familiarity with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top 10, CWE, CVSS, MITRE ATT&CK and NIST frameworks. Experience conducting threat modelling, code reviews and penetration testing. Excellent communication skills with the ability to influence and educate development More ❯

Knowledge of cloud security frameworks Rest API knowledge Scripting and Infrastructure as Code (Terraform, CloudFormation) Experience with Jira or similar ticketing systems Technical architecture review skills Vulnerability identification (CWE, OWASP) Operating systems and hardening techniques Development concepts like CICD, Pipelines, SDLC Penetration testing knowledge (useful) Familiarity with Cloud Development Kit (CDK), GitOps Experience in DevOps/agile environments Docker, Kubernetes More ❯

or application security. You should also have a proven experience and knowledge with any combination of the following: Threat modelling and risk assessments, Working knowledge of secure coding principles (OWASP and OWASP mobile, SANS ), Experience with designing and administering identity management (authentication and authorisation including policy enforcement points, token services, protocols such as OAuth2), Working knowledge of cryptography including encryption More ❯

or application security. You should also have a proven experience and knowledge with any combination of the following: Threat modelling and risk assessments Working knowledge of secure coding principles (OWASP and OWASP mobile, SANS ) Experience with designing and administering identity management (authentication and authorisation including policy enforcement points, token services, protocols such as OAuth2) Working knowledge of cryptography including encryption More ❯

operations teams on bug fixes, retesting, and verifying patches in staging and production-mirroring environments. Quality & Best Practices • Champion infrastructure and security testing best practices, including vulnerability scanning (e.g., OWASP ZAP, Nessus), compliance checks, and disaster-recovery validations. • Contribute to continuous improvement by proposing new testing tools, frameworks, and process enhancements to raise overall system reliability and observability. Agile & Cross More ❯

more languages (Rust, Python, Go, Nodejs, etc.) Minimum 1 year experience with public/private cloud environments (Openshift, Rancher, K8s, AWS, GCP, Azure, etc.) Experience in running assessments using OWASP MASVS and ASVS. Working knowledge on exploiting and fixing application vulnerabilities. Strong background in threat modeling. In-depth knowledge of common web application vulnerabilities (i.e. OWASP Top 10). Familiarity More ❯

teams and business stakeholders is essential. Experience working with security issues in software architecture, software development, e.g. static and/or dynamic code analysis and tools, software dependency check, OWASP Top10 testing, application threat modelling. In-depth experience working in an Agile software development environment, with classic applications as well as microservices, using modern code processing and continuous integration and … Security Architect, SDLC, Secure by Design, Architecture, Software Development, Engineering, DevOps, InfoSec, Security, Security Strategy, Best Practice, Programming, Code, C++, C#, C, .NET Core, Java, JavaScript, Node.js, Angular, React, OWASP, Agile, Application Threat Modelling, Security Policy, Security Controls, ISO 27001, NIST, GDPR, Cloud, Azure. Please note that due to a high level of applications, we can only respond to applicants More ❯

in maintaining security assurance across the SDLC in line with MoJ and NCSC guidelines. Essential Criteria Penetration testing, ethical hacking, or vulnerability assessments. Security testing tools (e.g., Burp Suite, OWASP ZAP, Nikto, Nmap, Metasploit, etc.). DevSecOps principles and tools (e.g., Veracode, SonarQube, GitHub Advanced Security, IaC scanning, etc.). Secure Cloud Infrastructure, specifically AWS and Azure. Scripting and automation More ❯

software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience with Azure DevOps, particularly CI More ❯

and Azure DevOps (CI/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage More ❯

Requirements Bachelor’s degree in IT or equivalent experience. 5+ years in information/application security roles. Experience working in agile environments. Deep understanding of cloud security (Azure, AWS), OWASP, MITRE. Proven experience with policy interpretation and security implementation in real-world projects. Preferred Skills Certifications such as CISSP, CCSP, CEH, Microsoft Azure/AWS Security. Working knowledge of GDPR More ❯

Requirements Bachelor’s degree in IT or equivalent experience. 5+ years in information/application security roles. Experience working in agile environments. Deep understanding of cloud security (Azure, AWS), OWASP, MITRE. Proven experience with policy interpretation and security implementation in real-world projects. Preferred Skills Certifications such as CISSP, CCSP, CEH, Microsoft Azure/AWS Security. Working knowledge of GDPR More ❯

defences. Technologies and Soft Skills required: Advanced technical knowledge of penetration testing techniques, security assessments, and vulnerability exploitation. Expertise in security testing tools (such as Burp Suite, Metasploit, Nmap, OWASP ZAP, etc.), as well as manual testing methods. Strong understanding of common application security vulnerabilities (such as SQL injection, XSS, CSRF, insecure deserialization, etc.) and OWASP Top 10. Proficiency in More ❯

firewalls, IPS, DDoS, WAF, DLP, DNS, NAC, NSPM, and architectures like SASE and Zero Trust. Application Security: Experience with SAST, DAST, RAST, IAST tools, integrating security into SDLC processes, OWASP, API security design, robust threat modelling, and containerization security. Data Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. More ❯

firewalls, IPS, DDoS, WAF, DLP, DNS, NAC, NSPM, and architectures like SASE and Zero Trust. Application Security: Experience with SAST, DAST, RAST, IAST tools, integrating security into SDLC processes, OWASP, API security design, robust threat modelling, and containerization security. Data Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. More ❯

languages and Infrastructure as Code (Terraform, CloudFormation) •Familiarity with Jira or other ticketing systems – essential •Technical architecture design and review skills – essential •Ability to identify vulnerabilities using CWE or OWASP •Knowledge of operating systems and their hardening techniques •Understanding of development concepts such as CICD, Pipelines, and SDLC •Penetration testing knowledge is also super useful •Familiarity with Cloud Development Kit More ❯

languages and Infrastructure as Code (Terraform, CloudFormation) •Familiarity with Jira or other ticketing systems – essential •Technical architecture design and review skills – essential •Ability to identify vulnerabilities using CWE or OWASP •Knowledge of operating systems and their hardening techniques •Understanding of development concepts such as CICD, Pipelines, and SDLC •Penetration testing knowledge is also super useful •Familiarity with Cloud Development Kit More ❯

languages and Infrastructure as Code (Terraform, CloudFormation) •Familiarity with Jira or other ticketing systems – essential •Technical architecture design and review skills – essential •Ability to identify vulnerabilities using CWE or OWASP •Knowledge of operating systems and their hardening techniques •Understanding of development concepts such as CICD, Pipelines, and SDLC •Penetration testing knowledge is also super useful •Familiarity with Cloud Development Kit More ❯

Understanding of current testing trends and Agile methodologies Degree in computer science, software engineering, or related field preferred Experience with API testing tools like Postman or SoapUI Knowledge of OWASP vulnerabilities and security testing ISTQB certification Experience with source control tools like Git or Bitbucket Strong problem-solving, communication, and time management skills Minimum of 5 years in a Software More ❯

been a UK resident for at least 5 years). Experience conducting penetration tests (web, infrastructure, external/internal). Strong knowledge of security testing methodologies and frameworks (e.g., OWASP, NIST). Proficiency with industry-standard tools (e.g., Burp Suite, Nmap, Metasploit, Kali Linux). Excellent written and verbal communication skills. Desirable Skills OSCP, OSWE, or other relevant certifications. Experience More ❯

been a UK resident for at least 5 years). Experience conducting penetration tests (web, infrastructure, external/internal). Strong knowledge of security testing methodologies and frameworks (e.g., OWASP, NIST). Proficiency with industry-standard tools (e.g., Burp Suite, Nmap, Metasploit, Kali Linux). Excellent written and verbal communication skills. Desirable Skills OSCP, OSWE, or other relevant certifications. Experience More ❯

/CD tools (e.g., Azure DevOps) Experience working in agile environments and cross-functional teams Familiarity with SEO, multilingual site setup and content strategy Understanding of security best practices (OWASP, GDPR, ISO27001) Experience deploying on Azure App Services or similar cloud platforms Ability to work under pressure and manage multiple tasks effectively BENEFITS: Competitive Salary: Base salary commensurate with experience More ❯

/CD tools (e.g., Azure DevOps) Experience working in agile environments and cross-functional teams Familiarity with SEO, multilingual site setup and content strategy Understanding of security best practices (OWASP, GDPR, ISO27001) Experience deploying on Azure App Services or similar cloud platforms Ability to work under pressure and manage multiple tasks effectively BENEFITS: Competitive Salary: Base salary commensurate with experience More ❯