51 to 75 of 167 OWASP Jobs in the UK

AWS Security Specialty certification Technical experience with programming, technology infrastructure, and security Experience in deploying resources using Infrastructure as Code (Terraform) Experience in securing Kubernetes services Extensive knowledge in OWASP Web Top 10 and CWE Top 25 Strong written and oral communication skills to document reports on assessments and communicate potential weaknesses and risks to different audiences ranging from business More ❯

ofmodern software development approaches such as automated testing, test driven development, continuous integration, pair programming, code review and version control have understanding of common web security risks such as OWASP Top 10, and the corresponding mitigations enjoy researching and learning new programming tools and techniques and sharing their skills with others have experience working in a collaborative environment, and an More ❯

ofmodern software development approaches such as automated testing, test driven development, continuous integration, pair programming, code review and version control have understanding of common web security risks such as OWASP Top 10, and the corresponding mitigations enjoy researching and learning new programming tools and techniques and sharing their skills with others have experience working in a collaborative environment, and an More ❯

junior team members and support collaborative delivery of projects. Occasionally support the creation of marketing materials such as research papers and articles. Skills/Must have: Strong knowledge of OWASP methodologies and offensive testing across black/grey/white-box approaches. Proficiency in tools like Burp Suite, Kali, Nmap, Nessus, Qualys, Metasploit. Familiarity with cloud platform security testing (AWS More ❯

designing automated testing frameworks Hands-on experience with Azure DevOps, CI/CD pipelines, and containerized test environments. Strong understanding of API testing, performance profiling, and security testing (including OWASP top 10). Excellent problem-solving skills, with the ability to analyse complex technical challenges and propose scalable solutions. Experience working in Agile teams and collaborating across global R&D More ❯

Establish frontend testing strategy using tools like Jest, React Testing Library, Cypress, etc. Partner with security teams to implement secure-by-design frontends aligned with SaaS compliance needs (e.g., OWASP, SSO, GDPR). Required Qualifications Bachelor's or Master's in Computer Science, Software Engineering, or equivalent. 10+ years in frontend development with at least 4+ years of React-based More ❯

a team. Nice to Haves: Knowledge of performance profiling tools. Experience setting up CI/CD pipelines Solid understanding of writing secure code in compliance with international standards (PCI, OWASP) Previous experience in financial domain BS/MS degree in Computer Science, Engineering or a related subject. Location- United Kingdom More ❯

the following technical competencies: Solid grounding in OS and network fundamentals (Linux, Windows, Mac, TCP/IP stack). Knowledge of common attack techniques and mitigations (MITRE ATT&CK, OWASP Top 10). Familiarity with scripting and automation using Python, Bash, or PowerShell. Strong understanding of Active Directory attack chains and common privilege escalation paths. Experience interpreting logs and event More ❯

containerised applications using technologies such as AWS Lambda, Spring Boot, NodeJS, Python FastAPI, Oracle, PostgreSQL and MongoDB Contributing to DevSecOps delivery pipelines, using tooling such as Atlassian, Jenkins, GitLab, OWASP and AWS services Applying Site Reliability Engineering principles to ensure solutions are resilient, reliable and cost-effective Supporting clients and end users in making technical product decisions by clearly explaining More ❯

containerised applications using technologies such as AWS Lambda, Spring Boot, NodeJS, Python FastAPI, Oracle, PostgreSQL and MongoDB Contributing to DevSecOps delivery pipelines, using tooling such as Atlassian, Jenkins, GitLab, OWASP and AWS services Applying Site Reliability Engineering principles to ensure solutions are resilient, reliable and cost-effective Supporting clients and end users in making technical product decisions by clearly explaining More ❯

self-starter Deep understanding of both common and emerging vulnerabilities including their manifestation in different architectures (web applications, thick clients, APIs, networked infrastructure etc) Familiarity with industry standard guidance OWASP Top 10, SANS Top 25, NIST/CSC, CIS, NCSC etc. Applied understanding of topics such as authentication, access control, encryption, cloud security, operating system security, network security, database security. More ❯

and architectural risk assessments, identifying vulnerabilities early and collaborating on risk mitigation strategies. Define and enforce secure coding standards and architectural best practices aligned with industry benchmarks such as OWASP Top 10 and API Security Top 10. Partner with cloud engineers and developers to embed security controls specific to GCP, such as workload identity, IAM policy enforcement, VPC Service Controls … these into automated build and deployment pipelines. Practical expertise with threat modeling methodologies such as STRIDE, PASTA, or Attack Trees. Strong knowledge of secure coding standards and common vulnerabilities (OWASP Top 10, API Security Top 10) and how to mitigate them. Familiarity with Google Cloud Platform (GCP) security features and best practices, including IAM, Cloud Armor, Security Command Center, and More ❯

VPNs, and VLANs. Basic experience with SIEMs and security logs Understanding of vulnerability management practices Understanding of penetration testing, Threat Hunting, Red Teaming methodologies Familiarity with application security and OWASP Top Ten Scripting languages Experience with capture-the-flags Familiarity with audit principles and different information security compliance standards Soft Skills: Analytical Thinking: Ability to assess risks, detect anomalies, and More ❯

efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. More ❯

efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. More ❯

experience with AWS (or similar cloud platforms) and Cloudflare. Infrastructure as Code: Proficiency with Terraform or similar IaC tools. Vulnerability Knowledge: Solid understanding of common vulnerability classes and the OWASP Top 10. Coding & Scripting: Proficient in reading code (e.g., Python, Scala) and using Git for version control of code and configuration changes. Familiarity with iOS or Android security. Experience of More ❯

modules. Expertise in creating themes and templates, and familiarity with accessibility standards (WCAG 2.1 AA). Experience optimizing performance, working with caching, CDNs, and web application security principles (e.g., OWASP top ten). Strong skills in HTML5, CSS3, JavaScript, and experience with Bootstrap or other SASS frameworks. Experience with JS frameworks like AngularJS or React/Redux, and good working More ❯

strong track record in software engineering with a focus on application and infrastructure security, ideally in agile or DevOps environments. You're fluent in secure development concepts - comfortable with OWASP Top 10, CWE and common secure design patterns. You've helped teams adopt secure SDLC practices, working closely with central security or architecture groups. You know how to embed tools More ❯

expose DevSecOps capabilities. Package and deploy services to OpenShift/Kubernetes clusters, ensuring scalability and high availability. DevSecOps Toolchain Integration Integrate with and extend APIs for Synopsys BlackDuck, Snyk, OWASP Dependency-Track, JFrog Artifactory, HashiCorp Vault/CyberArk, and more. Drive continuous improvement of our CI pipelines (Jenkins, TeamCity, Tekton), embedding security "shift-left" practices. Developer Enablement & Support Partner with More ❯

fundamentals in data structures, algorithm design and complexity analysis. Experience developing, deploying and maintaining API's onto AWS or Azure. Excellent understanding of software design principles. Experience in applying OWASP secure coding practices. Confident and experienced with automated testing - from unit tests to system and integration tests. Willingness to develop across multiple platforms and architectures. Genuinely passionate about changing lives More ❯

internal and external audits where needed. What we're looking for Experience in software engineering, with a strong security mindset Deep understanding of web and API vulnerabilities, including the OWASP Top 10 Proficient in coding, scripting (e.g. Python, Bash), and automating security in CI/CD Hands-on experience with security tools like SAST, DAST, and SCA Familiar with cloud More ❯

and infrastructure using appropriate security tools. Experience with Continuous Security, Continuous Integration and Continuous Delivery techniques. Experience of network security (e.g. OSI, TCP/IP), web application security (e.g. OWASP) and cryptographic controls (e.g. PKI, TLS). We are passionate about developing people - a demonstrated ability in managing, mentoring and coaching members of your team and wider community is important More ❯

and infrastructure using appropriate security tools. Experience with Continuous Security, Continuous Integration and Continuous Delivery techniques Experience of network security (e.g. OSI, TCP/IP), web application security (e.g. OWASP) and platform security (e.g. CIS Benchmarks). Experience of mentoring and coaching members of your team and wider community. Excellent communication skills, with the ability to convey security complexities to More ❯

record of successes. Understanding of security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. An understanding of application security principals, best practices, OWASP/related standards. Knowledge of security frameworks & controls, hardening standards & security best practices. An understanding of network protocols & practices, firewalls, intrusion detection/prevention systems and WAFs. We look for More ❯

closely with product managers, engineering leads (Firmware, Cloud, Mobile, Web), and quality assurance to integrate security and compliance checkpoints directly into Sonos's Secure Development Lifecycle (SDL), aligning with OWASP SAMM principles. Conduct Compliance Risk Assessments: Systematically identify, assess, and prioritize compliance-related risks within product designs, new features, and roadmaps. Cross-Functional Collaboration & Influence: Work effectively with diverse stakeholders More ❯