76 to 100 of 212 OWASP Jobs in London

into application design Lead security architecture reviews and provide expert technical guidance on complex security challenges Keep up-to date with the latest security threat assessment frameworks such as OWASP, MITRE ATT&CK Assess security posture against industry regulations and compliance requirements Identify and mitigate security risks associated with new technologies and initiatives Perform security assessments to identify vulnerabilities Communicate More ❯

Experience working with ISO 27001, Cyber Essentials, and preferably NIST CSF, SOC 2, or SWIFT frameworks. Strong understanding of security in the context of software development and application security (OWASP, SDLC, DevSecOps). Hands-on, pragmatic approach with the ability to operate in a lean, fast-paced environment. Excellent communication skills, with the ability to engage both technical and non More ❯

communication skills to communicate effectively at all levels to technical and non-technical audiences. Internal team engagement, working collaboratively, sharing knowledge, advising, and training colleagues. Knowledge of common vulnerabilities OWASP Top 10, CVE databases etc Understanding of Agile and DevOps practices for continuous testing and delivery Knowledge of integrating security testing into test automation and CI/CD pipelines Desirable More ❯

record of successes. Understanding of security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. An understanding of application security principals, best practices, OWASP/related standards. Knowledge of security frameworks & controls, hardening standards & security best practices. An understanding of network protocols & practices, firewalls, intrusion detection/prevention systems and WAFs. We look for More ❯

etc. Working knowledge of core networking concepts Common ports/protocols, NAT, Public/Private IPs, VLANs, etc. Working knowledge of web technologies and concepts Web servers/applications, OWASP top 10, etc. Effective communication skills, with the ability to explain complex events to less technical audiences, enabling effective cross-functional collaboration within the SOC and across departments Dedicated to More ❯

record of successes. Knowledge of security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. An understanding of application security principles, best practices, OWASP/related standards. Some knowledge/experience in scoping/undertaking internal pen testing and creation of external penetration testing scopes. Knowledge of security frameworks & controls, hardening standards & security best More ❯

with securing network and enterprise cloud applications - ideally GCP, Azure or AWS You have strong knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-53 or OWASP You have knowledge of host hardening, auditing, logging and monitoring, network security, SEIM deployments, security analytics, anomaly detections, PKI You have proven implementation of cloud security models, particularly identity, network More ❯

all documentation is clear, concise, and user-friendly. Framework Mapping and Analysis: Map each lab to relevant vulnerabilities, techniques, and frameworks such as MITRE ATT&CK, NIST/NICE, OWASP Top 10, etc. Maintain a centralized database to track mappings and content alignment. Gap Analysis and Content Enhancement: Evaluate gaps between existing labs and industry frameworks to identify areas for … experience points required to unlock the role of Cyber Security Content Analyst at Hack The Box Deep understanding of cybersecurity frameworks such as MITRE ATT&CK, NIST/NICE, OWASP Top 10, etc. Familiarity with threat intelligence platforms and feeds. Strong organizational and analytical skills, with attention to detail. Excellent knowledge of the English language (speaking, reading, writing). Excellent More ❯

and an understanding of infrastructure-as-code, networking, and API design. Salesforce Exposure: Familiarity with complex Salesforce environments and their associated security considerations. Modern Security Frameworks: Deep familiarity with OWASP CI/CD, DSOMM, SAMM, and Cloud Security Posture Management tools (e.g. Azure Defender, Prisma Cloud). Security Tooling Expertise: Strong hands-on experience with security scanning tools, including SAST More ❯

junior team members and support Red Team and social engineering exercises Stay current with trends and contribute to internal methodologies and marketing efforts Must-Have Skills Strong knowledge of OWASP testing methodologies and common protocols (SSL/TLS, SSH, HTTP) Proficient with tools such as Kali Linux, Burp Suite, Nmap, Nessus, Qualys, and Metasploit Skilled in mobile and cloud security More ❯

junior team members and support Red Team and social engineering exercises Stay current with trends and contribute to internal methodologies and marketing efforts Must-Have Skills Strong knowledge of OWASP testing methodologies and common protocols (SSL/TLS, SSH, HTTP) Proficient with tools such as Kali Linux, Burp Suite, Nmap, Nessus, Qualys, and Metasploit Skilled in mobile and cloud security More ❯

Deep understanding of the full software development lifecycle (SDLC) and agile methodologies. Experience with relational databases (e.g., MySQL, SQL Server, Oracle). Strong knowledge of security best practices (e.g. OWASP, PCI, SOC2, HIPAA). Proficiency with Google Cloud Platform (GCP), Amazon Web Services (AWS), or similar cloud environments. Demonstrated experience applying modern software development practices in a collaborative, agile environment. More ❯

frameworks (e.g. TensorFlow, PyTorch, Keras, Scikit-Learn) - Working knowledge of object-oriented programming and unit testing in Python - Working knowledge of application and information security principles and practices (e.g. OWASP for Machine Learning) - Working knowledge of Unix-based CLI commands, source control and scripting - Working knowledge of containerisation (e.g. Docker) and container orchestration (e.g. Kubernetes) - Working knowledge of a cloud More ❯

junior team members and support collaborative delivery of projects. Occasionally support the creation of marketing materials such as research papers and articles. Skills/Must have: Strong knowledge of OWASP methodologies and offensive testing across black/grey/white-box approaches. Proficiency in tools like Burp Suite, Kali, Nmap, Nessus, Qualys, Metasploit. Familiarity with cloud platform security testing (AWS More ❯

LoadRunner). Experience with database testing and SQL query language. Experience testing AWS services like Lambda, API Gateway, DynamoDB, and S3. Understanding of security testing concepts and tools (e.g., OWASP ZAP, Burp Suite). Knowledge of usability testing and user experience (UX) principles. Start-up experience Attributes: Effective collaboration skills, able to work with cross-functional teams and stakeholders. Excellent More ❯

minimal supervision Excellent problem-solving skills Strong written and verbal communication skills Ability to multi-task and handle competing deadlines in a fast-paced dynamic environment. Desirable: Familiarity with OWASP would be advantageous Competitive salary Generous 28 days holiday allowance, in addition to public holidays. For every year of service you complete, we'll give you an additional days holiday More ❯

building secure software across multiple types of projects. Significant experience working in highly regulated environments, with previous involvement in cryptocurrency-related projects being a strong plus. Strong knowledge of OWASP standards, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) tools. Familiarity with integrating these tools into CI/CD pipelines is highly desirable. More ❯

Contribute to the development of security policies, procedures, and best practices. Requirements: Proven experience in application security, penetration testing, and secure software development practices. Strong understanding of security vulnerabilities (OWASP Top 10, etc.) and secure coding techniques. Experience with security tools (e.g., static/dynamic analysis tools, vulnerability scanners). Familiarity with common web technologies (e.g., Java, Python, JavaScript, SQL More ❯

you'll bring Experience: 5+ years of experience in application security, with a proven track record of identifying and remediating vulnerabilities Expertise: Strong understanding of secure coding practices, including OWASP Top 10 and SANS 25 Most Critical Software Errors Automated Testing: Experience with static and dynamic application security testing tools Penetration Testing: Proficiency in penetration testing methodologies, including black-box More ❯

ISO 27001/2. Working knowledge of Cloud provider security architecture design patterns, and key control methods - Bring your own key, Hold your own key, partitioned HSMs. Experience with OWASP Web/API vulnerabilities and compensating controls (CSRF, XSS, SQLI, etc.) Understand how business, engineering, IT, and security processes align, and how to research, test, and implement solutions to complex More ❯

particularly Scrum, and applying supporting practices. Experience with frontend frameworks and libraries, particularly React.js. Server-side web development experience, particularly in C# or PHP. Knowledge and experience working to OWASP ASVS or equivalent application security standards. Knowledge and experience working with accessibility standards. Experience in developing and containerizing applications with Docker and using orchestration such as Kubernetes. Experience in using More ❯

management tools, reporting, and assessments. Strong communication skills for engaging stakeholders at all levels. Ability to work collaboratively within teams, sharing knowledge and advising colleagues. Knowledge of common vulnerabilities (OWASP Top 10, CVE databases). Understanding of Agile and DevOps practices, integrating security into CI/CD pipelines. Desirable Criteria Knowledge of penetration testing tools and techniques. Experience with security More ❯

with other teams to drive improvements in security across our entire organisation. What you'll have: Excellent security and technology background Strong understanding of web application security concepts, including OWASP Top 10 vulnerabilities, secure coding practices, and application security testing tools Experience with security tools and technologies, such as web application firewalls (WAFs), and static and dynamic application security testing More ❯

Experience working with ISO 27001, Cyber Essentials, and preferably NIST CSF, SOC 2, or SWIFT frameworks. Strong understanding of security in the context of software development and application security (OWASP, SDLC, DevSecOps). Hands-on, pragmatic approach with the ability to operate in a lean, fast-paced environment. Excellent communication skills, with the ability to engage both technical and non More ❯

contribute to Red Team and social engineering operations. Support junior team members and engage in knowledge sharing. Key Skills & Experience: 3-5 years' penetration testing experience. Strong understanding of OWASP, SSL/TLS, SSH, and HTTP. Comfortable conducting black box, grey box, and white box testing. Familiar with tools like Kali, Burp Suite, Metasploit, Nmap, Nessus, and Qualys. Knowledge of More ❯