1 to 25 of 34 OWASP Jobs in the South East

securing Enterprise IT and/or Operational technology (OT) platforms and systems . Knowledge and practical experience of applying security standards and guidance (e.g. OWASP, ISA/IEC 62443, ISO/IEC 27001). Knowledge and practical experience of securing cloud hosted solutions, preferably Azure or AWS, DevSecOps Engineering Platforms more »

learn what the team has to offer will be an important part of your long term presence in the EHT Understanding of basic security OWASP Top10: SQL injection, XSS, SSRF, RCE Applied knowledge of cryptographic algorithms and standards Basic knowledge of security standards such as FIPS-140 and ISO more »

and programming languages, including: How to test for/exploit them, Real world mitigations that can be applied Familiarity with vulnerability classification frameworks (e.g. OWASP Top 10, CVSS, MITRE CVE) Ability to threat model systems/applications/platforms to assess design and find flaws that can be exploited What more »

of repositories, code controls and development tools such as JIRA, Confluence and similar tools Application and Web Service security, Identity Management and Protocols (e.g. OWASP, WS-Security, SAML, OAuth2, OpenID Connect) Knowledge of or have worked with Cloud technologies. Azure preferred Working with: Agile development methodology, SAFe or SCRUM Understanding more »

to implement best practices. Debugging within Visual Studio (or an IDE of your preference) Experience in Data Security within the application and familiarity with OWASP top 10 threats. (desirable) Experience with CI/CD pipelines and cloud technologies such as Azure (desirable) Experience working in an Agile environment (desirable) Strong more »

tests with an attacker's mindset. Expertise in using Kali, Burp Suite, Nmap, Nessus, Qualys, Metasploit and other security tools. Strong knowledge of the OWASP Testing Methodology. Strong understanding of security protocols, such as SSL/TLS, SSH, and HTTP. Knowledge of cloud security platforms, such as AWS, Azure, and more »

SCA/SAST/DAST/IaC Security) into DevOps environments. Deep understanding of application security across Web, API, and Mobile platforms. Knowledge of OWASP Top 10, Mitre Top 25, and CVSS frameworks, with the ability to map to business risk. Experience implementing security into different stages of a DevOps more »

true necessity and business enabler. Top be successful in this role you will need experience with: Security engineering Working with dev teams Project work OWASP principles T... more »

Manager – Key Skills: Proven API Development experience In depth knowledge of API Integration Technologies, e.g. REST, SOAP Extensive exposure to secure coding principles e.g. OWASP, Threat Modelling High skills level in the ASP.NET and the .NET ecosystem and tools e.g. C#, Visual Studio, dotnet CLI Deep understanding of SOLID principles more »

M.Inst.ISP, CISA by a recognised professional body Technical certifications by a recognised professional body in network or systems engineering Fundamental Cloud Concepts for AWS. OWASP Top 10: API Security Playbook. Ways of Working This role is based out of our London Bridge office. Our hybrid model way of working offers more »

ISO27001 standards and maintaining the accreditation within an organisation Risk management Any experience in the following areas would be advantageous but is not essential OWASP DevSecOps Application security Cloud security Any other relevant standards ie ISO22301, ISO310000 etc If you are seeking a role of this nature please get in more »

to deliver better business and security outcomes. Experience in assuring and advising on secure systems design. Strong grasp of application security issues, familiar with OWASP Top 10 and API security. Knowledge of SAP basics, especially from the standpoint of migrating legacy systems (preferably Mainframe) to SAP. Understanding of SAP security more »

OpenVAS, and penetration testing frameworks like Metasploit. Knowledge of security and risk frameworks, plus regulatory compliance frameworks e.g. NIST, Cobit, ISO 27001. Understanding of OWASP, MITRE, CVSS and other standards/frameworks relevant to application security and vulnerability management. Experience with cloud technologies, preferably Azure and AWS. Familiarity with security more »

and Ping Castel experience SCCM or enterprise patch management tools TenableOne or enterprise vulnerability management tools Sound knowledge of industry best practices such as OWASP, Cyber security framework and NCSC guidance Security legislation and regulatory frameworks exposure and awareness FCA or equivalent GDPR - General Data Protection Regulation PCI DSS - Payment more »

appropriate security tools including automated cloud-based tooling Up-to-date understanding of network security (e.g. OSI, TCP/IP), web application security (e.g. OWASP) and cryptographic controls (e.g. PKI, TLS) Up-to-date understanding of identity management and authentication/authorisation products and patterns Evidence of self-development – we more »

in Microsoft Dynamics 365 Finance and Operations development. Strong knowledge of X++, C#, .NET, SQL Server, and Azure DevOps. Familiar with and develops to OWASP standards. Experience with Dynamics 365 F&O integrations and data migrations. Understanding of finance and operations business processes. Excellent problem-solving and analytical skills. Strong more »

challenge to deliver better business and security outcomes; Good grasp of application security issues, knowing XSS vs SSRF for example. Know their way around OWASP T10 + API etc Good knowledge of cryptography Able to keep up with conversations around common CI/CD topics Person Specification: Previous experience in more »

Lambda, Spring Boot, NodeJS, PostgreSQL, MongoDB, and ELK. Building solutions as part of a DevOps and Agile ecosystem supported by tooling including Atlassian, Jenkins, OWASP, and AWS componentry. Benefits: Base Salary: £45,000 - £75,000 (DoE) Discretionary Bonus - 5% DV Bonus £7,000 Flex Fund: £5,000 Health: Private Medical more »

Lambda, Spring Boot, NodeJS, PostgreSQL, MongoDB and ELK Build solutions as part of a DevOps and Agile ecosystem supported by tooling including Atlassian, Jenkins, OWASP and AWS componentry Apply now to find out more more »

knowledge of ISO 27001 standards and any other relevant standards e.g. ISO31000 & ISO22301. Good knowledge of industry best practice such as security maturity models, OWASP and NCSC Experience of working within an InfoSec focused role. Able to solve problems identified through audit, risk assessment or incidents. Proven experience of Risk more »

outcomes with external partners, including resolving conflicts arising from changing priorities. · Familiarity with common information security management frameworks like NIST, PCI, GDPR, ISO Series, OWASP, ITIL, ISF Standards of Good Practice (SoGP), and ISACA’s Control Objectives for Information and related Technology (COBIT) frameworks. Areti Group – Carbon positive tech recruitment more »

and Ping Castel experience SCCM or enterprise patch management tools TenableOne or enterprise vulnerability management tools Sound knowledge of industry best practices such as OWASP, Cyber security framework and NCSC guidance more »

or more of the following: TDD Automated acceptance testing/BDD/Cucumber Performance and scalability testing, e.g. JMeter Penetration testing knowledge/OWASP Kubernetes/Container orchestration platform experience Designing, creating and calling HTTP APIs SQL Databases, e.g. Postgres, MySQL, MariaDB Experience in using AWS services - 3+ of the more »

Security certifications such as CISM, CISSP, M.Inst.ISP, or CISA from a recognized professional body. Understanding of fundamental cloud concepts, particularly for AWS. Familiarity with OWASP Top 10 and the API Security Playbook more »

M.Inst.ISP, CISA by a recognised professional body Technical certifications by a recognised professional body in network or systems engineering Fundamental Cloud Concepts for AWS. OWASP Top 10: API Security Playbook. Operational On-Call Requirement This role has a shared, rotational 24/7 on-call requirement and forms part of more »