1 to 25 of 186 Remote OWASP Jobs in the UK

Knowledge of cloud security frameworks Rest API knowledge Scripting and Infrastructure as Code (Terraform, CloudFormation) Experience with Jira or similar ticketing systems Technical architecture review skills Vulnerability identification (CWE, OWASP) Operating systems and hardening techniques Development concepts like CICD, Pipelines, SDLC Penetration testing knowledge (useful) Familiarity with Cloud Development Kit (CDK), GitOps Experience in DevOps/agile environments Docker, Kubernetes More ❯

or application security. You should also have a proven experience and knowledge with any combination of the following: Threat modelling and risk assessments, Working knowledge of secure coding principles (OWASP and OWASP mobile, SANS ), Experience with designing and administering identity management (authentication and authorisation including policy enforcement points, token services, protocols such as OAuth2), Working knowledge of cryptography including encryption More ❯

or application security. You should also have a proven experience and knowledge with any combination of the following: Threat modelling and risk assessments Working knowledge of secure coding principles (OWASP and OWASP mobile, SANS ) Experience with designing and administering identity management (authentication and authorisation including policy enforcement points, token services, protocols such as OAuth2) Working knowledge of cryptography including encryption More ❯

more languages (Rust, Python, Go, Nodejs, etc.) Minimum 1 year experience with public/private cloud environments (Openshift, Rancher, K8s, AWS, GCP, Azure, etc.) Experience in running assessments using OWASP MASVS and ASVS. Working knowledge on exploiting and fixing application vulnerabilities. Strong background in threat modeling. In-depth knowledge of common web application vulnerabilities (i.e. OWASP Top 10). Familiarity More ❯

more languages (Rust, Python, Go, Nodejs, etc.) Minimum 1 year experience with public/private cloud environments (Openshift, Rancher, K8s, AWS, GCP, Azure, etc.) Experience in running assessments using OWASP MASVS and ASVS. Working knowledge on exploiting and fixing application vulnerabilities. Strong background in threat modeling. In-depth knowledge of common web application vulnerabilities (i.e. OWASP Top 10). Familiarity More ❯

teams and business stakeholders is essential. Experience working with security issues in software architecture, software development, e.g. static and/or dynamic code analysis and tools, software dependency check, OWASP Top10 testing, application threat modelling. In-depth experience working in an Agile software development environment, with classic applications as well as microservices, using modern code processing and continuous integration and … Security Architect, SDLC, Secure by Design, Architecture, Software Development, Engineering, DevOps, InfoSec, Security, Security Strategy, Best Practice, Programming, Code, C++, C#, C, .NET Core, Java, JavaScript, Node.js, Angular, React, OWASP, Agile, Application Threat Modelling, Security Policy, Security Controls, ISO 27001, NIST, GDPR, Cloud, Azure. Please note that due to a high level of applications, we can only respond to applicants More ❯

and Azure DevOps (CI/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage More ❯

application security Experience working with large-scale multi-cloud, multi-account architecture CISSP, CISM, AWS Solutions Architect Professional, Azure Solutions Architect, or equivalent certification, is preferred Thorough understanding of OWASP Top 10 and Secure Development Expertise in automating security tools and integrations, including simple scripting Experience with application security tools (SAST, DAST, IAST and SCA) Strong technical knowledge of development More ❯

pure product or application security Strong expertise in offensive security techniques and methodologies, including ethical security testing Deep understanding of secure coding practices, common vulnerabilities and risk scoring methodologies (OWASP Top 10, CWE, CVSS scoring etc.) Strong experience communicating to stakeholders of varying technical skill levels Your experience should include: Using offensive security tooling, including tools such as Burp Suite More ❯

Understanding of current testing trends and Agile methodologies Degree in computer science, software engineering, or related field preferred Experience with API testing tools like Postman or SoapUI Knowledge of OWASP vulnerabilities and security testing ISTQB certification Experience with source control tools like Git or Bitbucket Strong problem-solving, communication, and time management skills Minimum of 5 years in a Software More ❯

been a UK resident for at least 5 years). Experience conducting penetration tests (web, infrastructure, external/internal). Strong knowledge of security testing methodologies and frameworks (e.g., OWASP, NIST). Proficiency with industry-standard tools (e.g., Burp Suite, Nmap, Metasploit, Kali Linux). Excellent written and verbal communication skills. Desirable Skills OSCP, OSWE, or other relevant certifications. Experience More ❯

been a UK resident for at least 5 years). Experience conducting penetration tests (web, infrastructure, external/internal). Strong knowledge of security testing methodologies and frameworks (e.g., OWASP, NIST). Proficiency with industry-standard tools (e.g., Burp Suite, Nmap, Metasploit, Kali Linux). Excellent written and verbal communication skills. Desirable Skills OSCP, OSWE, or other relevant certifications. Experience More ❯

not limited to the following core areas: Build verification Alert and Monitoring Backup and Restore Resilience and Recovery Logging, Audit and House Keeping Release Management Config Management Work Instructions OWASP "top ten" security tests Experience with CI/CD pipelines, Jenkins, and test automation frameworks. Knowledge of cloud platforms (AWS/Azure), infrastructure monitoring, and IT service management. Familiarity with More ❯

the following technical competencies: Solid grounding in OS and network fundamentals (Linux, Windows, Mac, TCP/IP stack). Knowledge of common attack techniques and mitigations (MITRE ATT&CK, OWASP Top 10). Familiarity with scripting and automation using Python, Bash, or PowerShell. Strong understanding of Active Directory attack chains and common privilege escalation paths. Experience interpreting logs and event More ❯

and cloud security vulnerabilities (e.g., XSS, SSRF, CSRF, CORS, SQL Injection, broken authentication/authorization, encryption flaws). Provide expert guidance on secure coding practices, common vulnerability classes (e.g., OWASP Top 10), and threat modeling for modern web applications. Conduct security reviews of design and architecture documents; lead threat modeling exercises using frameworks such as STRIDE, PASTA, MITRE ATT&CK … developers, write clear documentation, and engage stakeholders. Nice to have: Certifications such as OSCP, GCIH, GWAPT, or CISSP. Familiarity with security frameworks such as NIST CSF, MITRE ATT&CK, OWASP ASVS, or ISO 27001. Experience with commercial security tools such as EDR, SIEM, CSPM, CNAPP, vulnerability scanners, bug bounty platforms, WAFs, or compliance automation platforms. Prior experience driving security engineering More ❯

Management, Cosmos DB, and SQL and Cloud networking architecture: VNets, application gateways, private and service endpoints, and firewalls. Secure Software Development: Deep experience implementing effective secure coding practices (e.g., OWASP Top 10, SAST, DAST, SonarCloud). You can seamlessly integrate security into the SDLC with a shift-left approach. Cloud Security Tools: Practical experience with Azure Sentinel, Defender, and tools More ❯

to prioritise tasks effectively under pressure, meeting deadlines and delivering results with strong attention to detail. Familiarity with Windows services, DevOps, Azure environments, continuous integration, and security best practices (OWASP, ISO 27001/27032). Knowledge of scalable applications, design patterns, and asynchronous programming techniques like queuing, caching, and logging. Excellent interpersonal and motivational skills with the ability to inspire More ❯

to prioritise tasks effectively under pressure, meeting deadlines and delivering results with strong attention to detail. Familiarity with Windows services, DevOps, Azure environments, continuous integration, and security best practices (OWASP, ISO 27001/27032). Knowledge of scalable applications, design patterns, and asynchronous programming techniques like queuing, caching, and logging. Excellent interpersonal and motivational skills with the ability to inspire More ❯

AWS or Azure). Assist with containerisation (Docker/Kubernetes). Support implementation of authentication systems (OAuth 2.0, Auth0, AWS Cognito). Gain exposure to security best practices (e.g., OWASP). Work on RESTful API design and consumption. Collaborate on version control practices using Git, documentation, and code reviews. Desired Skills: Passion for software development and continuous learning. Some frontend More ❯

AWS or Azure). Assist with containerisation (Docker/Kubernetes). Support implementation of authentication systems (OAuth 2.0, Auth0, AWS Cognito). Gain exposure to security best practices (e.g., OWASP). Work on RESTful API design and consumption. Collaborate on version control practices using Git, documentation, and code reviews. Desired Skills: Passion for software development and continuous learning. Some frontend More ❯

AWS or Azure). Assist with containerisation (Docker/Kubernetes). Support implementation of authentication systems (OAuth 2.0, Auth0, AWS Cognito). Gain exposure to security best practices (e.g., OWASP). Work on RESTful API design and consumption. Collaborate on version control practices using Git, documentation, and code reviews. Desired Skills: Passion for software development and continuous learning. Some frontend More ❯

solving skills and attention to detail. 3+ years of professional PHP development experience. Solid understanding of object-oriented programming and SOLID principles. Solid knowledge of secure coding practices (e.g. OWASP). Experience with modern PHP frameworks (preferably Laravel or Symfony). Familiarity with relational databases (MySQL) and writing performant queries. Comfortable working with Git, Composer and modern development workflows. Strong More ❯

with public/private cloud environments ( Openshift, Rancher, K8s, AWS, GCP, Azure, etc. ) In-depth knowledge of security principles, compliance regulations, and change management. Experience in running assessments using OWASP MASVS and ASVS. Working knowledge on exploiting and fixing application vulnerabilities. Proven expertise in architectural threat modeling and conducting secure design reviews. In-depth knowledge of common web application vulnerabilities … i.e. OWASP Top 10 or SANS top 25). Familiarity with automated dynamic scanners, fuzzers, and proxy tools. An analytical mind for problem solving, abstract thought, and offensive security tactics. Highly effective communication skills, in both verbal and written forms, to effectively convey technical and non-technical concepts to a wide variety of audiences Exposure to advanced AI and Large More ❯

with public/private cloud environments ( Openshift, Rancher, K8s, AWS, GCP, Azure, etc. ) In-depth knowledge of security principles, compliance regulations, and change management. Experience in running assessments using OWASP MASVS and ASVS. Working knowledge on exploiting and fixing application vulnerabilities. Proven expertise in architectural threat modeling and conducting secure design reviews. In-depth knowledge of common web application vulnerabilities … i.e. OWASP Top 10 or SANS top 25). Familiarity with automated dynamic scanners, fuzzers, and proxy tools. An analytical mind for problem solving, abstract thought, and offensive security tactics. Highly effective communication skills, in both verbal and written forms, to effectively convey technical and non-technical concepts to a wide variety of audiences Exposure to advanced AI and Large More ❯

into application design Lead security architecture reviews and provide expert technical guidance on complex security challenges Keep up-to date with the latest security threat assessment frameworks such as OWASP, MITRE ATT&CK Assess security posture against industry regulations and compliance requirements Identify and mitigate security risks associated with new technologies and initiatives Perform security assessments to identify vulnerabilities Communicate More ❯