25 of 25 OWASP Jobs in the South East

and Azure DevOps (CI/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator. Able to engage More ❯

and Azure DevOps (CI/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator. Able to engage More ❯

and Azure DevOps (CI/CD)- Familiar with scripting languages like PowerShell, YAML, JSON- Expertise in application security tools and DevSecOps processes- Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC)- Experience with threat modelling, risk assessments, and secure design reviews- Comfortable owning security strategy and tooling across complex, modern product landscapes- Strong communicator - able to engage More ❯

and Azure DevOps (CI/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage More ❯

operations teams on bug fixes, retesting, and verifying patches in staging and production-mirroring environments. Quality & Best Practices • Champion infrastructure and security testing best practices, including vulnerability scanning (e.g., OWASP ZAP, Nessus), compliance checks, and disaster-recovery validations. • Contribute to continuous improvement by proposing new testing tools, frameworks, and process enhancements to raise overall system reliability and observability. Agile & Cross More ❯

testing and ethical hacking. Strong understanding of cloud security (AWS, Azure, GCP). Familiarity with Go and Node.js application security. Experience with TEE technologies or confidential computing. Knowledge of OWASP Top 10, CVEs, and secure coding practices. Proficiency with tools like Burp Suite, Metasploit, Nmap, Wireshark, etc. Certifications such as OSCP, CEH, or GIAC are a plus. Nice to Have More ❯

audit and privacy policies and regulations General knowledge of security technology Nice to have: Experience with PowerBI Programming skills and experience (python, java, SQL) Technical network skills Knowledge of OWASP, SANS, NIST, ISO 27001, ISF or other security-related practices Previous Banking/Financial Industry experience CISSP, CISA, CRISC, CSSLP, SABSA certifications Skills & Competencies: Vulnerability management Risk reporting Programming Data More ❯

EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

or preferably SOC2 Type 2 Strong understanding of application security, cloud infrastructure, and DevOps practices Awareness of industry frameworks, such as NCSC Cyber Assessment Framework, Cyber Essentials Plus and OWASP Experience managing and selecting 3rd party vendors for audit and penetration testing Experience interacting with customer security and data privacy teams Experience conducting or managing penetration tests and security audits More ❯

maturity frameworks such as DSOMM, including hands-on delivery (code, configuration, documentation, tooling) Designing, building, operate, monitoring secure solutions across complex platforms Ensuring internal and industry security standards (e.g. OWASP CI/CD, SAMM) are adhered to across systems Managing and improving cloud security posture (Azure Defender, Prisma Cloud etc) Implementing and optimising observability platforms for holistic system monitoring Supporting … software estates, including deployment pipelines, rollback strategies, and uptime monitoring Practical experience building automated security test suites into CI/CD workflows Familiarity with security frameworks such as DSOMM, OWASP, and SAMM Suitability: This role is a technical hands-on security engineering role, it is NOT GRC focused. It would be well-suited to experienced Security Engineers or Developers with … annual leave with buy/sell options + Private healthcare + Extensive Wellbeing services and employee discounts Key Technical Terms Security Engineering, Cybersecurity Engineer, Information Security Specialist, Salesforce, Azure, OWASP CI/CD, DSOMM, SAMM, Cloud Security Posture Management, Prisma Cloud, Azure Defender, Snyk, Checkmarx, OpenZAP, Qualys, DAST, SAST, CI/CD, Infrastructure Security, Auth0, Secure APIs, Networking Protocols, DevSecOps More ❯

Experience with Azure Managed Services, Docker, Kubernetes, Terraform, Helm Experience building modern web apps using Angular and Typescript Experience working in Azure DevOps managing backlogs etc Working knowledge of OWASP security best practices Knowledge of working with FedRamp compliance Our Employer Commitment This job posting will remain active until a qualified candidate is identified. At Ivanti, we are committed to More ❯

restore, user management, RDS troubleshooting Web & Security Concepts: NGINX, web servers, reverse proxies, path-based/host-based routing Session handling, load balancing (stateful vs stateless) Security best practices, OWASP Top 10, WAF (configuration/training), network-level security, RBAC, IAM policies Candidate Expectations: The ideal candidate should be able to: Explain best practices around CI/CD pipeline design More ❯

the business. Actively contribute to incident response , security training , supplier reviews , and client security assurance Stay ahead of evolving threats, and help shape our strategy using frameworks such as OWASP, SASE, and Zero Trust. What We're Looking For Essential: Right to work in the UK. Proven experience in cyber security engineering, including vulnerability management, SIEM, WAFs, and secure infrastructure More ❯

the business. Actively contribute to incident response , security training , supplier reviews , and client security assurance Stay ahead of evolving threats, and help shape our strategy using frameworks such as OWASP, SASE, and Zero Trust. What We're Looking For Essential: Right to work in the UK. Proven experience in cyber security engineering, including vulnerability management, SIEM, WAFs, and secure infrastructure More ❯

dashboards. Develop and maintain test suites using tools like TestRail . Log and track defects; collaborate with developers pre-release. Contribute to wider compliance initiatives including ISO 9001 and OWASP ASVS . Communicate posture and risk to senior stakeholders and influence roadmap decisions. ? Ideal Candidate 2+ years in a QA or compliance role, ideally in cybersecurity or enterprise software. Proven … an ISMS internal auditor or lead. Solid knowledge of QA methodologies and the software development lifecycle . Familiarity with tools like TestRail or similar. Bonus points for exposure to OWASP or security testing techniques. ?? What You Bring Meticulous attention to detail and a structured approach to auditing and documentation. Excellent communication skills and a proactive, self-directed attitude. Comfortable working More ❯

Join a leading global investment bank as a Senior Cyber Security Analyst, where you'll play a critical role in safeguarding a world-class financial institution. What You'll Do: Responsible for end-to-end incident response operations, including triage More ❯

/negotiate technical outcomes with 3rd parties, including conflict resolution due to changing priorities. Experience of using common information security management frameworks, such as NIST, PCI, GDPR, ISO Series, OWASP the IT Infrastructure Library (ITIL), the ISF Standards of Good Practice (SoGP) and ISACA's Control Objectives for Information and related Technology (COBIT) frameworks. Actively represent the security organisation within More ❯

equivalent) 3+ years’ experience in professional software development Deep expertise in C# , SQL , and Microsoft SQL Server Solid understanding of Git and experience in Agile environments Bonus: Familiarity with OWASP ASVS , secure development standards, and modern UI frameworks like React Why Apply Work on worldwide projects with real impact. Be part of a collaborative, agile team focused on innovation. Gain More ❯

Basic Knowledge on security models such as ITIL, ISO27002, PCI DSS and Cobit 5  Experience on Security tools & Technologies  Integration of testing mechanisms with industry best practices such as OWASP & NIST  Good Understanding of IT security policy, procedure, design, and implementation. Behavioral Skills –  Ability to handle multiple strategic & critical projects/deliveries simultaneously  Effective interpersonal, Coaching, team building and communication More ❯

through training, supplier reviews, and client security assessments. What You Bring Strong knowledge of security tools and infrastructure: WAFs, SIEM, AV, firewalls, TCP/IP, and more. Familiarity with OWASP, zero-trust, SASE, and risk-based vulnerability management. A background in infrastructure or networks. Working towards or holding certifications like CISSP, GCIA, Security+, CCNA/CCNP. Understanding of ISO27001, Cyber More ❯

using IIS. Full understanding of the MVC pattern, REST APIs and asp.net controllers are a must. Web developers should be aware of security vulnerabilities, such as those identified in OWASP, and their code should mitigate these threats. Knowledge Required: You will need experience in the design, creation and maintenance of websites across multiple platforms. The most important duties and responsibilities More ❯

Technologies: C++ Python TCP/IP networking Test Plans Test Execution Linux Server windows server QA ISTQB AWS Services system programming owasp security VMware debugging skills multithreaded software A Software Test Engineer is required to join the software QA test team of our Buckinghamshire based client, a manufacturer of software for the telecommunications and speech processing market. This is a More ❯

Security Engineer - Azure Buckinghamshire – 1 or 2 days a week in the office Up to £70,000 salary plus a discretionary bonus of up to 15% After a transformative 3-year change initiative, they have outlined a strategic 5-year More ❯

Enterprise Architect Permanent Location: Home/Hampshire (Hybrid) Salary: £100,000 - £110,000 (+ benefits) Skills: TOGAF, Zachman, Sparx, OWASP, NCSC Are you a seasoned Enterprise Architect with a passion for designing modular, scalable, and future-ready technology solutions? We're working with a leading technology consultancy delivering a high-impact transformation programme within central government. This is an opportunity More ❯