101 to 121 of 121 OWASP Jobs in England

of defining, implementing, measuring, and supporting the adoption of secure software development lifecycle (SSDLC) practices and secure coding standards within engineering organizations. Strong understanding of web application security vulnerabilities (OWASP Top 10 and beyond), attack vectors, and mitigation techniques. Significant experience securing Infrastructure as Code (IaC) , particularly Terraform, and implementing relevant security checks. Solid experience with container security and securing … communication and influencing skills, with the ability to articulate complex security concepts clearly to technical audiences. Strong knowledge of relevant security frameworks and standards (e.g., NIST CSF, CIS Benchmarks, OWASP ASVS). Exposure and knowledge of the MITRE ATT&CK framework. Experience effectively coordinating external penetration testing engagements and managing remediation efforts. Nice to have Relevant advanced security certifications (e.g. More ❯

Security Architect or similar role Strong knowledge of security standards, protocols, and best practices Experience with threat modelling, risk assessment, and incident response Familiarity with security tools (e.g., Snyk, OWASP ZAP) Excellent communication and collaboration skills Self-learner and ability to execute tasks without supervision Ability to maintain the highest level of professionalism Activities Assess and design secure system architectures More ❯

engagements. What We’re Looking For Strong technical background in vulnerability and security operations. Experience using scanning tools (e.g. Qualys, Nessus) and open-source analysis tools (e.g. Nmap, Wireshark, OWASP ZAP). Familiarity with Microsoft security products (Intune, Conditional Access, DLP, Defender Suite). Scripting knowledge in PowerShell or Python to automate workflows and reporting. Clear communicator with the ability More ❯

experience securing enterprise applications and infrastructure, preferably in the Crypto and FinTech space. Experience with the application of threat modeling and other risk identification techniques. Strong understanding of the OWASP top 10, including details of common vulnerabilities and emerging threats. Experience with authentication and authorization standards, including OAuth and SAML, and their weaknesses. Detailed knowledge of system security vulnerabilities and More ❯

An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) Please reach out to Lewis Dunn @ ARM if you are More ❯

An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) Please reach out to Lewis if you are interested or More ❯

Practical experience of CMS platforms, Digital Asset Management, .NET, C#, ASP.NET, MVC EPiServer EPiServer Commerce ImageValut or any Digital Asset management EPiServer Find Experience in working in PCI, DSS, OWASP compliant organizations/projects Good understanding of current application development standards, methodologies, issues etc. Good understanding REST APIs and SOAP protocols Extensive knowledge of Infrastructure components eg Hosted platform, Networking More ❯

Technologies: C++ Python TCP/IP networking Test Plans Test Execution Linux Server windows server QA ISTQB AWS Services system programming owasp security VMware debugging skills multithreaded software A Software Test Engineer is required to join the software QA test team of our Buckinghamshire based client, a manufacturer of software for the telecommunications and speech processing market. This is a More ❯

and efficient context to all customer engagements. Our ideal candidate: Able to demonstrate proven experience with technical accreditations or demonstrable experience in security and vulnerability remediation technologies: Security Tooling: OWASP ZAP, Nmap, Wireshark Assessment Tooling: Nessus, Qualys, etc Remediation Tooling: Microsoft Endpoint Management/Intune Microsoft Security/Compliance: MFA,?Conditional Access, SSPR, DLP, IPM, IRM, DKIM, MCAS Application packaging More ❯

reducing false positives, and validating control efficacy in production-like conditions. Scope Includes: Hands-on tuning experience with Akamai and F5 (minimum 1 of each). Custom rule creation , OWASP rule tuning (especially for F5), false positive reduction. Log analysis and data-driven tuning based on real traffic. Support for cloud-native WAF tuning (all three Cloud providers) -not deployment More ❯

Playwright. Solid grasp of CSS, UI design, accessibility, and cross-browser compatibility. Collaborative mindset and a focus on delivering real business impact. Bonus: Experience with GCP, FastAPI, MySQL, Docker, OWASP security practices. Why join? High-trust, inclusive engineering culture Autonomy, ownership, and impact from day one Friendly, smart team that genuinely supports growth and balance Hybrid working: 3 days/ More ❯

SSDLC strategy, including short, mid, and long-term goals aligned with the group's security posture and digital transformation initiatives. Develop and maintain AppSec maturity models (e.g. based on OWASP SAMM, NIST SSDF, BSIMM) and work with business units to assess current state and define realistic improvement plans. Drive the development of a global secure development policy, including approved tools … deploy processes. Experience working in or with regulated industries or large enterprises is highly desirable. Mergers and Acquisitions integration experience is a plus Familiarity with industry frameworks and standards: OWASP SAMM, OWASP ASVS, BSIMM, NIST SSDF, ISO 27034. Lead teams and projects. This could be as an DevSecOps team lead, security architect, or manager for SSDLC initiatives. Professional certifications in More ❯

implement secure software development practices Integrate security gates into CI/CD pipelines following DevSecOps principles Establish security quality gates and acceptance criteria Develop secure coding standards based on OWASP guidelines Create security architecture patterns and reference implementations Security Code Reviews & Testing Conduct in-depth security code reviews for critical features Implement automated security testing (SAST, DAST, IAST, SCA) Configure … and tune security scanning tools (Aquasec, Trivy, Dependabot, etc) Review cryptographic implementations against industry standards Validate authentication and authorization implementations Ensure compliance with OWASP ASVS (Application Security Verification Standard) Lead threat modeling sessions using STRIDE, PASTA, or similar frameworks Create threat models for new products and architectural changes Identify attack vectors specific to web and mobile platforms Develop abuse cases … and security test scenarios Maintain threat intelligence for fintech-specific risks Document security requirements derived from threat models Platform-Specific Security Mobile Applications: Apply OWASP MASVS and platform-specific guidelines (iOS App Transport Security, Android Network Security Config) APIs: Implement API security best practices (rate limiting, authentication, input validation) Cross-platform session management and secure data storage Security Tooling & Automation More ❯

risk activities Skills & Experience Understanding of securing micro-service architectures Working knowledge of modern secure SDLC practices - embedding security into CI/CD piplines Understanding of application security principles (OWASP top 10, OWASP ASVS) AWS, GCP or Azure knowledge Previous experience in software development Robert Half Ltd acts as an employment business for temporary positions and an employment agency for More ❯

mentor and advocate, fostering a culture of security awareness across engineering and business teams. Compliance and Standards : Ensure product security practices align with relevant security frameworks and standards (e.g., OWASP, NIST, ISO 27001, GDPR, PCI DSS). Support regulatory compliance efforts and maintain evidence to meet audit requirements. Collaboration and Communication : Function as the primary interface between security, development, and … modelling, security reviews, and penetration testing. Proven ability to secure cloud-native architectures, containerization technologies, and Infrastructure as Code (IaC) environments. Familiarity with industry standards and frameworks such as OWASP, BSIMM, PCI DSS, ISO 27001, and GDPR. Security Integration experience: Demonstrated ability to seamlessly integrate secure development practices into SDLC/SSDLC workflows. Skilled in implementing technical security controls and More ❯

Skilled in SQL Server – database design, development, and optimisation Experience with Angular, HTML, CSS, and TypeScript Ability to work with Web API web services Awareness of security best practices (OWASP) Appetite to learn, improve, and stay up-to-date with new technologies Excellent communication and problem-solving skills Beneficial experience: Leading small development teams to deliver functionality on time Migrating … Engineer/C#/.NET/SQL Server/Angular/HTML/CSS/TypeScript/Web API/Azure/ASP.NET MVC/WinForms/WPF/OWASP/Computer Science/Software Engineering/Information Technology/Mathematics/Physics/Engineering More ❯

️ Lead the Charge in Securing Global Animal Health Are you ready to take the lead in defending a global veterinary business from evolving cyber threats? As our Cyber Defense Manager, you'll head up the Cyber Defence "Blue Team," driving More ❯

internal and industry regulations. You’ll analyse new feature code to identify security risks and work with engineers to mitigate them, working and applying modern security standards such as OWASP CI/CD, DSOMM, SAMM and Cloud Security Posture management systems such as Azure Defender and Prisma Cloud. Our client empowers their people to balance their time between home and … SUCCESSFUL APPLICANT Engineering expertise in complicated Salesforce environments Exposure to Cloud Native software development, including cloud infrastructure and API design (Azure preferred) Proven experience applying modern standards such as OWASP CI/CD, DSOMM, SAMM etc Strong networking protocol knowledge (TCP/IP, UDP, HTTP/3, AMQP, streaming protocols etc), cloud network design (VPNs, subnets, regions/zones etc More ❯

in Sheffield/Birmingham or Edinburgh 3 days a week) Rate: Negotiable depending on experience (deemed inside IR35) Reference: 19542 You will either be a F5 WAF tuning specialists (OWASP experience required OR Cloud-native WAF engineers (minimum 2 of 3 CSPs) (AWS & GCP as preference)/OR Generic WAF tuning resource (cross-skill utility) Immediate contract for experienced WAF … A focus on tuning rules, analysing data, reducing false positives, and validating control efficacy in production-like conditions. Scope Includes: Hands-on tuning experience with F5. Custom rule creation , OWASP rule tuning (especially for F5), false positive reduction. Log analysis and data-driven tuning based on real traffic. Support for cloud-native WAF tuning (all three Cloud providers) -not deployment More ❯

in Sheffield/Birmingham or Edinburgh 3 days a week) Rate: Negotiable depending on experience (deemed inside IR35) Reference: 19542 You will either be a F5 WAF tuning specialists (OWASP experience required OR Cloud-native WAF engineers (minimum 2 of 3 CSPs) (AWS & GCP as preference)/OR Generic WAF tuning resource (cross-skill utility) Immediate contract for experienced WAF … A focus on tuning rules, analysing data, reducing false positives, and validating control efficacy in production-like conditions. Scope Includes: Hands-on tuning experience with F5. Custom rule creation , OWASP rule tuning (especially for F5), false positive reduction. Log analysis and data-driven tuning based on real traffic. Support for cloud-native WAF tuning (all three Cloud providers) -not deployment More ❯

determining the materiality of AI initiatives. Material projects undergo in-depth risk analysis, with high-risk items escalated to governance committees. Analysts will use frameworks such as the AI OWASP Top 10 to identify and assess security risks beyond standard assessments. Key Responsibilities: Perform AI-specific risk assessments to ensure regulatory compliance. Evaluate AI solutions for prohibited use cases and … with AI Governance and local risk management teams. Requirements: Strong IT and cybersecurity background. Expertise in AI technologies, including model development and deployment. Experience in risk assessment frameworks (e.g., OWASP AI Top 10). Must be based in the UK to meet regulatory and operational requirements. More ❯