126 to 150 of 158 OWASP Jobs in the UK

Core Skills & Experience: Proven experience in secure system design, architecture, and cyber resilience. Strong knowledge of current cyber threats, vulnerabilities, and mitigation strategies (including OWASP). Expertise across infrastructure, network, application, and cloud security architecture. Excellent stakeholder engagement skills – able to influence, guide, and advise senior leaders. Familiarity with security More ❯

Core Skills & Experience: Proven experience in secure system design, architecture, and cyber resilience. Strong knowledge of current cyber threats, vulnerabilities, and mitigation strategies (including OWASP). Expertise across infrastructure, network, application, and cloud security architecture. Excellent stakeholder engagement skills – able to influence, guide, and advise senior leaders. Familiarity with security More ❯

managing a bug bounty program is a plus but not required). 3 years experience manual Web App testing experience. Strong technical knowledge of OWASP top 10. Comfortable using security testing tools including Burpsuite. Excellent written and verbal communication skills. Experience using frameworks such as CVSS. Self-motivated and able More ❯

Exposure, ASM, Pentesting, Application Security, Security Automation or Cloud Security solutions 2+ years of application security experience, understand security fundamentals and common vulnerabilities (e.g. OWASP Top Ten). Excellent communication, presentation, and demonstration skills. This role requires you to understand and articulate our platform's business value and technical advantages. More ❯

Experience with API development (SOAP, RESTful) and databases (e.g., MS SQL Server, Oracle Endeca). Expertise in web performance optimization and secure development practices (OWASP). Knowledge of relational databases (e.g., MS SQL Server) and document-oriented databases (e.g., Oracle Endeca). More ❯

of Security Testing: - Security Analysis and Consulting - Static Application Security Testing (SAST) - Dynamic Application Security Testing (DAST) - Infrastructure Vulnerability Assessment - Mobile Application Penetration testing OWASP More ❯

of Security Testing: - Security Analysis and Consulting - Static Application Security Testing (SAST) - Dynamic Application Security Testing (DAST) - Infrastructure Vulnerability Assessment - Mobile Application Penetration testing OWASP JBG81_UKTJ click apply for full job details More ❯

testing activities •Building and leading effective security teams Excellent technical expertise in: •Application and infrastructure security principles •Frameworks & methodologies such as CVSS, CIS Benchmarking, OWASP Beneficial qualifications include: •CISSP •CISA At WTW, we believe difference makes us stronger. We want our workforce to reflect the different and varied markets we More ❯

Who You Are You are an expert with skills in: Designing secure systems and enabling risk-based decisions. Knowledge of current cyber threats and OWASP standards. Specifying security controls across various architectures. Writing actionable cyber security advice and delivering training. Security Clearance You must meet the requirements for achieving Security More ❯

ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) If this all sounds More ❯

similar, web servers. Experience in developing secure frontend code (strong understanding of common security vulnerabilities like cross-site scripting, cross-site request forgery, other OWASP risks and best practices for testing & mitigating them) Good understanding of frontend-backend integration, e.g. familiarity with AJAX or other methods for making asynchronous backend More ❯

web applications using React.js and TypeScript. Strong knowledge of Tailwind CSS and responsive design principles is required. Experience with Storybook, GitHub, GraphQL, Jenkins, Jest, OWASP, React, Serverless, TypeScript, Web UX/UI Design, JavaScript, and frontend development is essential. More ❯

GitLab, Selenium, PowerShell, Bash Monitoring & Observability: New Relic, Elastic Stack (ELK), PRTG, ScienceLogic Performance Optimisation: Lighthouse, caching (Squid Cache, F5 Load Balancer) Security & Compliance: OWASP, UK-GDPR, PCI-DSS Infrastructure & Networking: Site Reliability Engineering (SRE), disaster recovery planning Key Responsibilities: Develop and manage CI/CD pipelines to streamline deployments. More ❯

guidance to mitigate risks and improve the organization's security posture. Compliance and Standards: Ensure testing aligns with industry regulations and security standards (e.G., OWASP, PCI-DSS). Continuous Research: Stay updated on emerging threats, tools, and techniques to enhance testing methodologies. Skills and Experience Required: Must have graduated/ More ❯

guidance to mitigate risks and improve the organization's security posture. Compliance and Standards: Ensure testing aligns with industry regulations and security standards (e.g., OWASP, PCI-DSS). Continuous Research: Stay updated on emerging threats, tools, and techniques to enhance testing methodologies. Skills and Experience Required: Must have graduated/ More ❯

guidance to mitigate risks and improve the organization's security posture. Compliance and Standards: Ensure testing aligns with industry regulations and security standards (e.g., OWASP, PCI-DSS). Continuous Research: Stay updated on emerging threats, tools, and techniques to enhance testing methodologies. Skills and Experience Required: Must have graduated/ More ❯

essential. Experience working with security issues in software architecture, software development, e.g. static and/or dynamic code analysis and tools, software dependency check, OWASP Top10 testing, application threat modelling. In-depth experience working in an Agile software development environment, with classic applications as well as microservices, using modern code … Design, Architecture, Software Development, Engineering, DevOps, InfoSec, Security, Security Strategy, Best Practice, Programming, Code, C++, C#, C, .NET Core, Java, JavaScript, Node.js, Angular, React, OWASP, Agile, Application Threat Modelling, Security Policy, Security Controls, ISO 27001, NIST, GDPR, Cloud, Azure. Please note that due to a high level of applications, we More ❯

supporting the adoption of secure software development lifecycle (SSDLC) practices and secure coding standards within engineering organizations. Strong understanding of web application security vulnerabilities (OWASP Top 10 and beyond), attack vectors, and mitigation techniques. Significant experience securing Infrastructure as Code (IaC), particularly Terraform, and implementing relevant security checks. Solid experience … the ability to articulate complex security concepts clearly to technical audiences. Strong knowledge of relevant security frameworks and standards (e.g., NIST CSF, CIS Benchmarks, OWASP ASVS). Exposure and knowledge of the MITRE ATT&CK framework. Experience effectively coordinating external penetration testing engagements and managing remediation efforts. Nice to have More ❯

Competitive salary available upon request Hybrid working from a Manchester office (must be based in the UK without visa/sponsorship requirements) Permanent We are awaze, the largest managed vacation rentals and holiday resorts business in Europe, which brings together More ❯

Company Overview The SPTS division of KLA designs, manufactures and markets wafer processing solutions for the global semiconductor and related industries. SPTS provides industry leading etch and deposition process technologies on a range of single wafer handling platforms. End-market More ❯

SDLC) processes Works with engineering and development team to ensure in-house technologies comply with relevant security standards, regulations, and industry certifications, such as OWASP, CIS, PCI-DSS, ISO27001 to ensure security is prioritised throughout the development lifecycle Maintains current understanding of policy, regulations, and compliance standards that affect assigned … senior technology and information security executives and in influencing stakeholders to achieve strategic objectives Experience in working with industry frameworks and standards such as OWASP, PCIDSS, ISO27001/27002, CIS and NIST Information Security (CISSP, CISA, Security +) and cloud certification (preferably GCP/AWS) What’s In It For More ❯

required: Advanced technical knowledge of penetration testing techniques, security assessments, and vulnerability exploitation. Expertise in security testing tools (such as Burp Suite, Metasploit, Nmap, OWASP ZAP, etc.), as well as manual testing methods. Strong understanding of common application security vulnerabilities (such as SQL injection, XSS, CSRF, insecure deserialization, etc.) and … OWASP Top 10. Proficiency in using and configuring vulnerability scanners (Nessus, Qualys, or similar) and interpreting their results. Familiarity with cloud security testing and testing applications hosted on platforms like AWS, Azure, or Google Cloud. Understanding of DevSecOps practices and experience integrating security testing into CI/CD pipelines. Experience More ❯

and digital experience owners to improve DevOps best practices and workflows within an Agile framework. Implementing security measures, compliance policies, and vulnerability assessments following OWASP guidelines and applicable UK regulations such as UK-GDPR, UK Payment Services Regulations and PCI-DSS. Supporting disaster recovery planning and backup strategies. Keeping up … Knowledge of scripting and automation languages such as Powershell, Bash. Familiarity with networking and security best practices. Knowledge of application secure coding principles (e.g., OWASP) for protection against vulnerabilities and the ability to implement secure coding and deployment best practices. Experience in Agile software development methodologies and how DevOps practices More ❯

of applications to key stakeholders, including customers. What You Bring 5+ years of experience in application security or a related field. Strong understanding of OWASP Top 10 and common application vulnerabilities. Proficiency in at least one programming language ( C# (.NET preferred), JavaScript frameworks, SQL Server, or mobile development languages ). … Hands-on experience with security testing tools (e.g., Veracode, Snyk, OWASP ZAP, Burp Suite). Strong knowledge of secure coding practices and secure SDLC methodologies . Experience in cloud security (Azure preferred) and securing cloud-native applications. Familiarity with CI/CD security integration . Understanding of compliance and regulatory More ❯

and address risks related to application, API, and cloud security. Lead threat modelling exercises and define security controls that address application security risks (e.g., OWASP Top 10, API security) and cloud security standard methodologies. Provide strategic mentorship on security tools and enterprise technologies, advising on secure architecture patterns, cloud automation … microservice-based architectures and containerized environments (e.g., Kubernetes). Expertise in application security, including secure software development practices, API security, and addressing common vulnerabilities (OWASP Top 10). The other stuff we are looking for We'd also love you to bring; Experience with designing and handling large scale distributed More ❯