16 of 16 OWASP Jobs in the North of England

of Responsibility, Builder, SAGA, CQRS, Event Sourcing * RDBMS & NOSQL: Aurora, RDS, PostgreSQL, , MySQL, Redis * SNS, SQS * GIGYA/CIAM, APIGEE gateway, Basic, JWT token. * GitHub, Jenkin, SonarQube, Sonar lint, OWASP, Maven, STS, Git, , Jenkins, Maven, Gradle, APIGEE Gateway, Terraform, Loggly, Datadog. * AI Tools: AWS code whisperer/AmazonQ, Llama/Copilot LA International is a HMG approved ICT Recruitment and More ❯

of Responsibility, Builder, SAGA, CQRS, Event Sourcing * RDBMS & NOSQL: Aurora, RDS, PostgreSQL, , MySQL, Redis * SNS, SQS * GIGYA/CIAM, APIGEE gateway, Basic, JWT token. * GitHub, Jenkin, SonarQube, Sonar lint, OWASP, Maven, STS, Git, , Jenkins, Maven, Gradle, APIGEE Gateway, Terraform, Loggly, Datadog. * AI Tools: AWS code whisperer/AmazonQ, Llama/Copilot LA International is a HMG approved ICT Recruitment and More ❯

of Responsibility, Builder, SAGA, CQRS, Event Sourcing * RDBMS & NOSQL: Aurora, RDS, PostgreSQL, , MySQL, Redis * SNS, SQS * GIGYA/CIAM, APIGEE gateway, Basic, JWT token. * GitHub, Jenkin, SonarQube, Sonar lint, OWASP, Maven, STS, Git, , Jenkins, Maven, Gradle, APIGEE Gateway, Terraform, Loggly, Datadog. * AI Tools: AWS code whisperer/AmazonQ, Llama/Copilot LA International is a HMG approved ICT Recruitment and More ❯

of Responsibility, Builder, SAGA, CQRS, Event Sourcing * RDBMS & NOSQL: Aurora, RDS, PostgreSQL, , MySQL, Redis * SNS, SQS * GIGYA/CIAM, APIGEE gateway, Basic, JWT token. * GitHub, Jenkin, SonarQube, Sonar lint, OWASP, Maven, STS, Git, , Jenkins, Maven, Gradle, APIGEE Gateway, Terraform, Loggly, Datadog. * AI Tools: AWS code whisperer/AmazonQ, Llama/Copilot This is an excellent opportunity on a great project More ❯

public cloud security (AWS, Azure, GCP) and an understanding of security best practices in those environments Understanding of enterprise security standards and frameworks such as ISO 27001, NIST CSF, OWASP Top 10 Strong communication skills, with an ability to convey technical security issues to non-technical stakeholders Exposure to security architecture frameworks (e.g., TOGAF, SABSA) Hands-on experience with CI More ❯

maintaining Datadog Experience using GitHub and GitHub Actions Behaviour Driven Development (BDD), with Gherkin & SpecFlow Atlassian Jira, Confluence & JFrog Artifactory Ideally some software security best practices and implementation (e.g. OWASP, PKI, X509 Certificates, TLS) Software development for regulated environments (e.g. IVD/Medical devices). Not essential. Principal Software Engineer – Cloud Platform Team More ❯

EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

Experience with Azure Managed Services, Docker, Kubernetes, Terraform, Helm Experience building modern web apps using Angular and Typescript Experience working in Azure DevOps managing backlogs etc Working knowledge of OWASP security best practices Knowledge of working with FedRamp compliance Our Employer Commitment This job posting will remain active until a qualified candidate is identified. At Ivanti, we are committed to More ❯

Platform (GCP) Security & Compliance Cloud and a pplication security: Cloud posture management tools (e.g. Azure Dender, GCP SCCE), WAFs (e.g. Azure WAF, Cloud Armor AWS WAF), and protection against OWASP Top 10 and emerging threats. Network & infrastructure security: Network security principles (e.g. segmentation, monitoring, intrusion detection/prevention). Any experience in Zero Trust architecture in cloud environments would be More ❯

s recognition. His OwaspHeaders.Core library has achieved remarkable success with over 1.2 million downloads, providing essential web application security features to developers across the .NET ecosystem. The library implements OWASP Secure Headers Project recommendations, enabling developers to enhance their application security with minimal effort whilst maintaining clean, maintainable code. Beyond digital community engagement, Jamie demonstrates his commitment to developing future More ❯

design standards; review pull-requests with a security-by-design mindset Quality & Security Assurance Own post-merge QA: automated test pipelines, manual exploratory testing, performance baselines Implement penetration testing (OWASP ZAP, Burp Suite, Metasploit). Deliver security requirements into CI/CD and track remediation Guard non-functional requirements - performance, reliability, compliance - through every sprint Benefits Remote-first working with More ❯

Security Architect or similar role Strong knowledge of security standards, protocols, and best practices Experience with threat modelling, risk assessment, and incident response Familiarity with security tools (e.g., Snyk, OWASP ZAP) Excellent communication and collaboration skills Self-learner and ability to execute tasks without supervision Ability to maintain the highest level of professionalism Activities Assess and design secure system architectures More ❯

and efficient context to all customer engagements. Our ideal candidate: Able to demonstrate proven experience with technical accreditations or demonstrable experience in security and vulnerability remediation technologies: Security Tooling: OWASP ZAP, Nmap, Wireshark Assessment Tooling: Nessus, Qualys, etc Remediation Tooling: Microsoft Endpoint Management/Intune Microsoft Security/Compliance: MFA,?Conditional Access, SSPR, DLP, IPM, IRM, DKIM, MCAS Application packaging More ❯

SSDLC strategy, including short, mid, and long-term goals aligned with the group's security posture and digital transformation initiatives. Develop and maintain AppSec maturity models (e.g. based on OWASP SAMM, NIST SSDF, BSIMM) and work with business units to assess current state and define realistic improvement plans. Drive the development of a global secure development policy, including approved tools … deploy processes. Experience working in or with regulated industries or large enterprises is highly desirable. Mergers and Acquisitions integration experience is a plus Familiarity with industry frameworks and standards: OWASP SAMM, OWASP ASVS, BSIMM, NIST SSDF, ISO 27034. Lead teams and projects. This could be as an DevSecOps team lead, security architect, or manager for SSDLC initiatives. Professional certifications in More ❯

experience across our web applications. Develop and maintain complex web applications using PHP, JavaScript, HTML, and CSS. Contribute across the full development lifecycle, applying and promoting secure coding practices (OWASP, NCSC). Support ISO 27001 information security standards. What were looking for Proven experience with modern web applications (PHP, JavaScript). Strong front-end skills (HTML, CSS, UI component libraries … including accessibility and responsive design. Familiarity with Git and testing/debugging. Experience writing secure code based on OWASP/NCSC guidance. Proven experience with Linux and cloud infrastructure (e.g., Digital Ocean, AWS). Self-motivated, independent, and passionate about technology. Strong grasp of object-oriented programming and design patterns. Benefits The Compliance People is unlike any other consultancy or More ❯