1 to 25 of 28 Remote OWASP Jobs in the UK excluding London

firewalls, IDS/IPS, micro-segmentation, and host security. Hands on experience with the following security products Trellix, Ivanti, ClearSwift, Yubikey Understanding of secure coding practices and common vulnerabilities (OWASP Top 10, SANS Top 25). Expertise in identity and access management (IAM), including RBAC, ABAC, JWT and Cookie based authentication. Incident detection and response in MOD environments. Security compliance More ❯

and Azure DevOps (CI/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator. Able to engage More ❯

and Azure DevOps (CI/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator. Able to engage More ❯

and Azure DevOps (CI/CD)- Familiar with scripting languages like PowerShell, YAML, JSON- Expertise in application security tools and DevSecOps processes- Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC)- Experience with threat modelling, risk assessments, and secure design reviews- Comfortable owning security strategy and tooling across complex, modern product landscapes- Strong communicator - able to engage More ❯

application security Experience working with large-scale multi-cloud, multi-account architecture CISSP, CISM, AWS Solutions Architect Professional, Azure Solutions Architect, or equivalent certification, is preferred Thorough understanding of OWASP Top 10 and Secure Development Expertise in automating security tools and integrations, including simple scripting Experience with application security tools (SAST, DAST, IAST and SCA) Strong technical knowledge of development More ❯

DevSecOps or Secure SDLC programmes within enterprise environments Strong technical and commercial acumen - able to engage with both CTOs and procurement teams Experience with regulated environments and frameworks (NIST, OWASP, ISO 27001) Hands-on experience with secure engineering practices, security toolchains, and automation strategy Excellent stakeholder management, crisis leadership, and communication skills Relevant certifications (e.g. CISSP, CSSLP, CISM) Eligibility for More ❯

world problems with stakeholders and customers What You’ll Bring: 5+ years of experience in C# and .NET Core Strong grasp of software design principles and secure coding practices (OWASP) Experience with REST API development and deployment in AWS or Azure Familiarity with Entity Framework , SQL/NoSQL databases, and cloud architecture Confidence in automated testing (unit, integration, system) Versatility More ❯

on both front-end and back-end, requiring a broad, generalist knowledge. Ensuring web application security by building applications that meet high standards, pass penetration tests, and align with OWASP recommendations. Producing accurate estimates for project deliverables. Supporting developed applications, including issue investigation and resolution. Contributing to continuous improvement roadmaps for applications. Defining and executing test requirements, including writing scripts More ❯

efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. More ❯

efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. More ❯

ll Be Doing: Lead and oversee secure development and testing strategy across the SDLC Define and govern secure architecture and ensure alignment with enterprise policies and industry frameworks (e.g. OWASP, NIST, ISO 27001) Drive DevSecOps integration into CI/CD pipelines, embedding SAST, DAST, SCA and container security tools Own the security testing process, improving automation, coverage, and remediation velocity More ❯

knowledge of all aspects of development is required. Maintain awareness of web application security and building applications which meet high standards of security, pass penetration tests and align with OWASP recommendations. Taking an active part in the whole Software Development Lifecycle end-to-end - including conception, design, architecture, build and deployment. Producing accurate estimates for project deliverables and change requests. More ❯

Experience with Azure Managed Services, Docker, Kubernetes, Terraform, Helm Experience building modern web apps using Angular and Typescript Experience working in Azure DevOps managing backlogs etc Working knowledge of OWASP security best practices Knowledge of working with FedRamp compliance Our Employer Commitment This job posting will remain active until a qualified candidate is identified. At Ivanti, we are committed to More ❯

Experience with Azure Managed Services, Docker, Kubernetes, Terraform, Helm Experience building modern web apps using Angular and Typescript Experience working in Azure DevOps managing backlogs etc Working knowledge of OWASP security best practices Knowledge of working with FedRamp compliance Our Employer Commitment This job posting will remain active until a qualified candidate is identified. At Ivanti, we are committed to More ❯

the following technical competencies: Solid grounding in OS and network fundamentals (Linux, Windows, Mac, TCP/IP stack). Knowledge of common attack techniques and mitigations (MITRE ATT&CK, OWASP Top 10). Familiarity with scripting and automation using Python, Bash, or PowerShell. Strong understanding of Active Directory attack chains and common privilege escalation paths. Experience interpreting logs and event More ❯

Platform (GCP) Security & Compliance Cloud and a pplication security: Cloud posture management tools (e.g. Azure Dender, GCP SCCE), WAFs (e.g. Azure WAF, Cloud Armor AWS WAF), and protection against OWASP Top 10 and emerging threats. Network & infrastructure security: Network security principles (e.g. segmentation, monitoring, intrusion detection/prevention). Any experience in Zero Trust architecture in cloud environments would be More ❯

support and report on QA progress and milestones. Skills & Experience Strong background in test management and Agile delivery. Hands-on experience with CI/CD (GitLab), automation tools (Playwright, OWASP Zap, Gatling), and monitoring (Grafana, Splunk). Familiarity with cloud (AWS/Azure), Kubernetes, and databases (Oracle RDS, SQL, MongoDB). Technical knowledge of Java 21 and Spring Boot. Deep More ❯

fundamentals in data structures, algorithm design and complexity analysis. Experience developing, deploying and maintaining API's onto AWS or Azure. Excellent understanding of software design principles. Experience in applying OWASP secure coding practices. Confident and experienced with automated testing - from unit tests to system and integration tests. Willingness to develop across multiple platforms and architectures. Genuinely passionate about changing lives More ❯

the business. Actively contribute to incident response , security training , supplier reviews , and client security assurance Stay ahead of evolving threats, and help shape our strategy using frameworks such as OWASP, SASE, and Zero Trust. What We're Looking For Essential: Right to work in the UK. Proven experience in cyber security engineering, including vulnerability management, SIEM, WAFs, and secure infrastructure More ❯

the business. Actively contribute to incident response , security training , supplier reviews , and client security assurance Stay ahead of evolving threats, and help shape our strategy using frameworks such as OWASP, SASE, and Zero Trust. What We're Looking For Essential: Right to work in the UK. Proven experience in cyber security engineering, including vulnerability management, SIEM, WAFs, and secure infrastructure More ❯

design standards; review pull-requests with a security-by-design mindset Quality & Security Assurance Own post-merge QA: automated test pipelines, manual exploratory testing, performance baselines Implement penetration testing (OWASP ZAP, Burp Suite, Metasploit). Deliver security requirements into CI/CD and track remediation Guard non-functional requirements - performance, reliability, compliance - through every sprint Benefits Remote-first working with More ❯

problem solving skills with a strong sense of customer commitment Prior experience with web servers (Nginx, IIS and more) Excellent communication (written and verbal) and interpersonal skills Familiarity with OWASP top 10 Familiarity with bot mitigation an advantage Engineering/Computer Science or equivalent experience in a technical field an advantage. Applicants must have a valid work permit in the More ❯

with proven experience leading teams. Secondary Expertise: Knowledge and experience in network security, including firewalls, micro-segmentation, DDoS protection, WAF, and NAC. Familiarity with open-source frameworks such as OWASP, CVSS, etc. Experience with security products like Qualys, AlgoSec, Fortinet, Guardicore, Akamai, and Forescout. Salary: Up to £80,000 Basic Salary + 10% bonus + 4k car 13% pension Location More ❯

SSDLC strategy, including short, mid, and long-term goals aligned with the group's security posture and digital transformation initiatives. Develop and maintain AppSec maturity models (e.g. based on OWASP SAMM, NIST SSDF, BSIMM) and work with business units to assess current state and define realistic improvement plans. Drive the development of a global secure development policy, including approved tools … deploy processes. Experience working in or with regulated industries or large enterprises is highly desirable. Mergers and Acquisitions integration experience is a plus Familiarity with industry frameworks and standards: OWASP SAMM, OWASP ASVS, BSIMM, NIST SSDF, ISO 27034. Lead teams and projects. This could be as an DevSecOps team lead, security architect, or manager for SSDLC initiatives. Professional certifications in More ❯

security testing. Certification in ethical hacking or penetration testing (e.g. 7Safe CSTA, GIAC), or currently working towards one. Working knowledge of at least five of the following: Burp Suite, OWASP ZAP, Postman, OAuth2/OpenID Jenkins or Concourse CI/CD pipelines Unix/Linux systems AWS or similar cloud platform SQL/MongoDB/Oracle databases Static or dynamic … application security testing tools (e.g. SonarQube, Checkmarx) Git or other version control systems Infrastructure-as-Code scanning tools Threat modelling and OWASP Top 10 familiarity Salary and benefits: Base salary of £40,398, with an additional DDaT allowance of £4,350–£11,000 (depending on skills and experience) Civil Service Pension Scheme with employer contributions of 28.97% 30 days annual More ❯