1 to 25 of 48 OWASP Jobs in the UK

DAST, and API security tools as part of a structured AppSec programme. Strong understanding of secure coding fundamentals and common software weaknesses, including the OWASP Top 10 and MITRE CWE Top 25. Demonstrated experience triaging, validating, and prioritising vulnerabilities, working directly with software engineers to support remediation. Ability to read ...

DAST, and API security tools as part of a structured AppSec programme. Strong understanding of secure coding fundamentals and common software weaknesses, including the OWASP Top 10 and MITRE CWE Top 25. Demonstrated experience triaging, validating, and prioritising vulnerabilities, working directly with software engineers to support remediation. Ability to read ...

Burp Suite, Nmap, Metasploit, Kali Linux, and associated frameworks. Knowledge of web technologies (HTTP, REST, authentication flows, common web vulnerabilities). Familiarity with OWASP Top 10, MITRE ATT&CK, and secure coding concepts. Ability to analyse and break down complex technical systems. Strong written communication skills, particularly in producing structured ...

Terraform) Containerisation (Docker, AKS) and serverless (Azure Functions) Monitoring and observability (Application Insights, Log Analytics) Secrets management and vulnerability scanning (Key Vault, SonarQube, OWASP) Architecture & Design Microservices and event-driven design (Service Bus, Event Grid, Kafka) Domain-Driven Design (DDD) principles Resilient and scalable system patterns (circuit breakers, retries) Integration ...

hardware hacking (JTAG, FPGA, USB). Experience with security testing tools: Kali Linux, Nessus, Metasploit, BurpSuite, Wireshark, etc. Familiarity with secure coding practices (OWASP), SDLC, and security frameworks (ISO 2700x, NIST). Understanding of medical device regulations and quality system requirements. Agile/Digital Experience Passion for Agile processes, data ...

Secure architecture design and secure-by-design principles Risk assessment, threat modelling, and vulnerability management Security frameworks: ISO 27001, NIST 800-30/53, OWASP Cloud security architecture (AWS, Azure, GCP) Incident response, penetration testing, and remediation concepts Persuasive communication skills across technical and non-technical stakeholders Excellent analytical, documentation ...

templates, Bicep, Terraform) Exposure to PowerShell or Python scripting Experience with API design principles and RESTful services Knowledge of security best practices and OWASP guidelines Previous experience in fintech, SaaS, or high-growth startups Benefits ✅ Hybrid role - 1 day in office and the rest from home Free on-site parking ...

tooling. * Proficiency in Python, with the ability to develop automation, security tooling, and data driven scripts. * Strong understanding of secure software development practices, including OWASP principles and DevSecOps methodologies integrated into CI/CD workflows. * Experience securing cloud and AI workloads on major cloud platforms such as AWS and Azure. ...

RBAC, ABAC, PAM, SSO) Strong analytical skills with the ability to interpret complex technical information Good understanding of threat modelling and threat intelligence methodologies (OWASP, STRIDE, MITRE) For more details, please reach out to . Reasonable Adjustments: Respect and equality are core values to us. We are proud ...

development is required. Maintain awareness of web application security and building applications which meet high standards of security, pass penetration tests and align with OWASP recommendations. Taking an active part in the whole Software Development Lifecycle end-to-end - including conception, design, architecture, build and deployment. Producing accurate estimates ...

automated testing using tools such as NUnit, Jasmine and Selenium Good knowledge of SOLID principles Desirable Skills: Containers (docker, K8s) Security best practice (OWASP top ten) OpenIDConnect/Identity server Micro service architecture MS SQL Server Azure DevOps, TeamCity Infrastructure as Code (Bicep, ARM templates, Terraform) Please apply ...

edge AI or constrained/offline deployments. MLOps experience (Sagemaker, Kubeflow, ZenML). Experience building RESTful services around AI pipelines. ISO 27001, NIST SSDF, OWASP SAMM, or GDPR compliance literacy. Experience with AWS Karpenter, Prometheus, or similar observability stacks. Soft Skills Research-driven mindset, eager to experiment and iterate. Able ...

similar. Experience building documentation dashboards, status dashboards, or admin-style interfaces. Understanding of basic secure coding practices or awareness of concepts like the OWASP Top 10. Experience working on products that interact with hardware, embedded systems, or IoT devices. Comfort using AI coding tools to speed up development while still ...

similar. Experience building documentation dashboards, status dashboards, or admin-style interfaces. Understanding of basic secure coding practices or awareness of concepts like the OWASP Top 10. Experience working on products that interact with hardware, embedded systems, or IoT devices. Comfort using AI coding tools to speed up development while still ...

Comfortable operating independently while collaborating with multiple teams. Familiarity with cloud security, microservices, and modern architectures is a plus. Experience with tools such as OWASP ZAP, Burp Suite, Acunetix, Netsparker, Checkmarx, Veracode, Fortify, or SonarQube is highly desirable. Why Apply? Influence the security posture of a leading UK Bank ...

Score remediation Vulnerability Management Tools such as Tenable , Pentera , Varonis , Secure Score Experience coordinating remediation with technical teams Frameworks & Security Models MITRE ATT&CK, OWASP Top 10 Exposure to zero-trust principles Understanding of encryption, certificate management, secrets management Scripting & Automation PowerShell (essential) Python or Bash desirable Security automation experience ...

techniques and supply-chain risks. Cloud & Frameworks: Familiarity with AWS/Azure/GCP security and industry standards (NIST AI RMF, ISO 27001, OWASP Top 10 for LLMs, MITRE ATLAS). Consulting Skills: Ability to translate complex technical risks into actionable guidance for senior stakeholders. Preferred Skills Certifications: CISSP, CCSP ...

technical security concepts to technical and non-technical audiences including executives. Perform technical quality reviews and conduct technical conversations directly with clients. Confident with OWASP Top 10 and SANS Top 25 vulnerabilities and ability to effectively communicate methodologies and techniques with development teams. Utilize tools such as BurpSuite, Nessus, Nmap ...

practices . Strong understanding of Web Applications, Microservices, APIs, authentication/authorization protocols , and data architecture . Knowledge of secure software development practices , GDPR, OWASP, and NCSC cloud security principles. Experience delivering AI-based solutions, real-time data integration, or IoT solutions is advantageous. Consultancy & Leadership Skills Excellent communication skills ...

practices . Strong understanding of Web Applications, Microservices, APIs, authentication/authorization protocols , and data architecture . Knowledge of secure software development practices , GDPR, OWASP, and NCSC cloud security principles. Experience delivering AI-based solutions, real-time data integration, or IoT solutions is advantageous. Consultancy & Leadership Skills Excellent communication skills ...

plan and prioritise workloads You might also have (Desirable) Experience with cloud technologies, including Google or AWS certification Experience with Web Security best practices (OWASP) Behaviors we value in our team: You will possess strong communication skills, with the ability to multiple priorities and deadlines In a collaborative and effective ...

Doing... Technical Leadership Define and evolve backend architecture to ensure scalability, maintainability, and performance. Set coding standards and champion secure development practices (e.g. OWASP). Influence technology choices, frameworks, and tools to support engineering excellence. Oversee improvements to CI/CD pipelines, build processes, and operational workflows. Can clearly ...

risk treatment plans, ensuring digital services operate within defined risk appetites. Advise on Secure by Design policies, covering secure coding, regulatory compliance frameworks (e.g., OWASP, DPIA, GovAssure), and safe AI use. Coordinate cross-platform activities to support secure delivery of digital services, including incident management and ongoing improvements. Provide regular ...

Zero Trust and micro-segmentation. Demonstrate a strong understanding of IAM including RBAC, ABAC, PAM, provisioning, compliance and SSO. Apply threat-modelling approaches including OWASP, PASTA, STRIDE, MITRE ATT&CK, threat intelligence and threat hunting. Desirable Experience Design and assure secure network architectures and enterprise security solutions. Designing or assuring ...

technical documentation. Experience in supporting and developing environments and applications within Azure (e.g., WAMP/LAMP). Familiarity with cloud-based solutions adhering to OWASP developer best practices. Proficiency in languages/middleware such as Asp.Net, Python, PHP, Apache. Experience managing SQL databases (Azure DB, Managed SQL, MS SQL & MySQL ...