Requirements Bachelor’s degree in IT or equivalent experience. 5+ years in information/applicationsecurity roles. Experience working in agile environments. Deep understanding of cloud security (Azure, AWS), OWASP, MITRE. Proven experience with policy interpretation and security implementation in real-world projects. Preferred Skills Certifications such as CISSP, CCSP, CEH, Microsoft Azure/AWS Security. Working knowledge of GDPR More ❯
Requirements Bachelor’s degree in IT or equivalent experience. 5+ years in information/applicationsecurity roles. Experience working in agile environments. Deep understanding of cloud security (Azure, AWS), OWASP, MITRE. Proven experience with policy interpretation and security implementation in real-world projects. Preferred Skills Certifications such as CISSP, CCSP, CEH, Microsoft Azure/AWS Security. Working knowledge of GDPR More ❯
AppSec or DevSecOps, with strong experience in secure SDLC and CI/CD Hands-on knowledge of security tools like GitHub Advanced Security, Veracode, Snyk, ZAP, Burp Familiarity with OWASP, MITRE, CWE, and modern dev frameworks (C#, Java, Python, React) Knowledge of scripting languages (Python, Ruby, Rust) Excellent communication skills to bridge tech and business stakeholders Passion for building scalable More ❯
AppSec or DevSecOps, with strong experience in secure SDLC and CI/CD Hands-on knowledge of security tools like GitHub Advanced Security, Veracode, Snyk, ZAP, Burp Familiarity with OWASP, MITRE, CWE, and modern dev frameworks (C#, Java, Python, React) Knowledge of scripting languages (Python, Ruby, Rust) Excellent communication skills to bridge tech and business stakeholders Passion for building scalable More ❯
AppSec or DevSecOps, with strong experience in secure SDLC and CI/CD Hands-on knowledge of security tools like GitHub Advanced Security, Veracode, Snyk, ZAP, Burp Familiarity with OWASP, MITRE, CWE, and modern dev frameworks (C#, Java, Python, React) Knowledge of scripting languages (Python, Ruby, Rust) Excellent communication skills to bridge tech and business stakeholders Passion for building scalable More ❯
AppSec or DevSecOps, with strong experience in secure SDLC and CI/CD Hands-on knowledge of security tools like GitHub Advanced Security, Veracode, Snyk, ZAP, Burp Familiarity with OWASP, MITRE, CWE, and modern dev frameworks (C#, Java, Python, React) Knowledge of scripting languages (Python, Ruby, Rust) Excellent communication skills to bridge tech and business stakeholders Passion for building scalable More ❯
AppSec or DevSecOps, with strong experience in secure SDLC and CI/CD Hands-on knowledge of security tools like GitHub Advanced Security, Veracode, Snyk, ZAP, Burp Familiarity with OWASP, MITRE, CWE, and modern dev frameworks (C#, Java, Python, React) Knowledge of scripting languages (Python, Ruby, Rust) Excellent communication skills to bridge tech and business stakeholders Passion for building scalable More ❯
development lifecycle (SDLC). Working knowledge of Waterfall, Agile and primarily DevOps development methodologies. Understanding or cloud technologies and related topics such as containerization (Docker, Kubernetes, ...) Experience with OWASP Testing Guide v3/4 and OWASP TOP 10. Has experience in defining Security policies and procedures for compliance in Production systems. What’s in it for you: You will More ❯
London, England, United Kingdom Hybrid / WFH Options
Copper.co
and their effective integration within the S-SDLC. Awareness of microservice architecture and associated common deployment patterns a must. Security Industry Knowledge: Deep familiarity with security standards & frameworks e.g., OWASP, MITRE Attack etc and their practical application. Technical Ability: Hands-on experience with scripting elegant, scalable solutions to encountered problems, and prior experience implementing and/or reviewing terraform for More ❯
SCCM or enterprise patch management tools Experience with Qualys or enterprise Vulnerability Management and Compliance toolsets. Security legislation and regulatory frameworks exposure and awareness • Industry best practices such as OWASP, Cyber security framework and NCSC guidance • Information Security Management System (Infrastructure Security Operations and Incident Management). • NIST Cyber Security Framework • ISO 27001 - Information Security Management System (ISMS) • CIS - Center More ❯
and delivery of security scanning service using tools like SAST/DAST/SCA etc. In-depth knowledge of security frameworks, standards, and best practices (e.g., ISO 27001, NIST, OWASP). Prior experience with penetration testing and vulnerability management. Demonstrable security risk management knowledge and experience. Experience as acting as a change agent, driving continuous improvement and excellence. Ability to More ❯
SDLC and managing vulnerabilities. Knowledge of risk assessments, threat modeling, and security design reviews. Strong understanding of Agile, DevSecOps, and system engineering principles. Familiarity with security standards like NCSC, OWASP, NIST SSDF, ISO27001, and Azure security practices. Experience with Azure cloud infrastructure, PaaS, and DevOps tools. Ability to prepare and present security reports to senior management. Degree in Computer Science More ❯
London, England, United Kingdom Hybrid / WFH Options
Spinwell Global
across the SDLC in line with client guidelines. SKILLS/EXPERIENCE OF THE CYBER SECURITY ENGINEER Penetration testing, ethical hacking, or vulnerability assessments. Security testing tools (e.g., Burp Suite, OWASP ZAP, Nikto, Nmap, Metasploit, etc.) DevSecOps principles and tools (e.g., Veracode, SonarQube, GitHub Advanced Security, IaC scanning, etc.). Secure Cloud Infrastructure, specifically AWS and Azure. Scripting and automation using More ❯
Join to apply for the Principal Security Engineer role at Capco . Capco is a global technology and business consultancy focused on the financial services sector. We are committed to diversity and inclusion, fostering an environment where everyone can be More ❯
with Postman for API testing. Knowledge of cloud services platforms like Azure, AWS, Google Cloud Platform etc. Understanding of SonarQube for code quality analysis. Security practices and tools like OWASP and Snyk. Additional Beneficial Experience: CI/CD tools like Jenkins or GitHub Actions. Container orchestration with Kubernetes. Front-end state management with Redux. TypeScript for enhanced JavaScript development. Back More ❯
defences. Technologies and Soft Skills required: Advanced technical knowledge of penetration testing techniques, security assessments, and vulnerability exploitation. Expertise in security testing tools (such as Burp Suite, Metasploit, Nmap, OWASP ZAP, etc.), as well as manual testing methods. Strong understanding of common applicationsecurity vulnerabilities (such as SQL injection, XSS, CSRF, insecure deserialization, etc.) and OWASP Top 10. Proficiency in More ❯
Glasgow, Scotland, United Kingdom Hybrid / WFH Options
JR United Kingdom
authorization practices, audit logging, encryption at rest/in transit, and other applicationsecurity standards. Ensure software and infrastructure meet organizational security and compliance requirements (e.g., GDPR, ISO 27001, OWASP Top 10). Team Management & Culture Build and scale high-performance engineering teams, including backend, frontend, full-stack, data, and security engineers. Define and track KPIs for engineering productivity, quality More ❯
Bath, England, United Kingdom Hybrid / WFH Options
JR United Kingdom
authorization practices, audit logging, encryption at rest/in transit, and other applicationsecurity standards. Ensure software and infrastructure meet organizational security and compliance requirements (e.g., GDPR, ISO 27001, OWASP Top 10). Team Management & Culture Build and scale high-performance engineering teams, including backend, frontend, full-stack, data, and security engineers. Define and track KPIs for engineering productivity, quality More ❯
Bournemouth, England, United Kingdom Hybrid / WFH Options
JR United Kingdom
authorization practices, audit logging, encryption at rest/in transit, and other applicationsecurity standards. Ensure software and infrastructure meet organizational security and compliance requirements (e.g., GDPR, ISO 27001, OWASP Top 10). Team Management & Culture Build and scale high-performance engineering teams, including backend, frontend, full-stack, data, and security engineers. Define and track KPIs for engineering productivity, quality More ❯
Southampton, England, United Kingdom Hybrid / WFH Options
JR United Kingdom
authorization practices, audit logging, encryption at rest/in transit, and other applicationsecurity standards. Ensure software and infrastructure meet organizational security and compliance requirements (e.g., GDPR, ISO 27001, OWASP Top 10). Team Management & Culture Build and scale high-performance engineering teams, including backend, frontend, full-stack, data, and security engineers. Define and track KPIs for engineering productivity, quality More ❯
Woking, England, United Kingdom Hybrid / WFH Options
JR United Kingdom
authorization practices, audit logging, encryption at rest/in transit, and other applicationsecurity standards. Ensure software and infrastructure meet organizational security and compliance requirements (e.g., GDPR, ISO 27001, OWASP Top 10). Team Management & Culture Build and scale high-performance engineering teams, including backend, frontend, full-stack, data, and security engineers. Define and track KPIs for engineering productivity, quality More ❯
Cheltenham, England, United Kingdom Hybrid / WFH Options
JR United Kingdom
authorization practices, audit logging, encryption at rest/in transit, and other applicationsecurity standards. Ensure software and infrastructure meet organizational security and compliance requirements (e.g., GDPR, ISO 27001, OWASP Top 10). Team Management & Culture Build and scale high-performance engineering teams, including backend, frontend, full-stack, data, and security engineers. Define and track KPIs for engineering productivity, quality More ❯
Brighton, England, United Kingdom Hybrid / WFH Options
JR United Kingdom
authorization practices, audit logging, encryption at rest/in transit, and other applicationsecurity standards. Ensure software and infrastructure meet organizational security and compliance requirements (e.g., GDPR, ISO 27001, OWASP Top 10). Team Management & Culture Build and scale high-performance engineering teams, including backend, frontend, full-stack, data, and security engineers. Define and track KPIs for engineering productivity, quality More ❯
Aberdeen, Scotland, United Kingdom Hybrid / WFH Options
JR United Kingdom
authorization practices, audit logging, encryption at rest/in transit, and other applicationsecurity standards. Ensure software and infrastructure meet organizational security and compliance requirements (e.g., GDPR, ISO 27001, OWASP Top 10). Team Management & Culture Build and scale high-performance engineering teams, including backend, frontend, full-stack, data, and security engineers. Define and track KPIs for engineering productivity, quality More ❯
Slough, England, United Kingdom Hybrid / WFH Options
JR United Kingdom
authorization practices, audit logging, encryption at rest/in transit, and other applicationsecurity standards. Ensure software and infrastructure meet organizational security and compliance requirements (e.g., GDPR, ISO 27001, OWASP Top 10). Team Management & Culture Build and scale high-performance engineering teams, including backend, frontend, full-stack, data, and security engineers. Define and track KPIs for engineering productivity, quality More ❯
