1 to 25 of 88 OWASP Jobs

segmentation, and host security. Hands on experience with the following security products Trellix, Ivanti, ClearSwift, Yubikey Understanding of secure coding practices and common vulnerabilities (OWASP Top 10, SANS Top 25). Expertise in identity and access management (IAM), including RBAC, ABAC, JWT and Cookie based authentication. Incident detection and response ...

Docker and/or Kubernetes Development Practices - Mandatory RESTful API design, development, and life cycle management Secure development - SAST/DAST tooling, code review, OWASP awareness Technical documentation to a high standard On-site in Taunton, Somerset - 2 days per week minimum Desirable Skills & Experience Legacy Windows technologies - Win32 ...

Docker and/or Kubernetes Development Practices - Mandatory RESTful API design, development, and life cycle management Secure development - SAST/DAST tooling, code review, OWASP awareness Technical documentation to a high standard On-site in Taunton, Somerset - 2 days per week minimum Desirable Skills & Experience Legacy Windows technologies - Win32 ...

/CD pipelines and DevSecOps principles Familiarity with software engineering best practices and SDLC processes Security Expertise Secure coding practices and vulnerability remediation OWASP Top 10 and common application security risks Static and dynamic application security testing concepts Secrets management and dependency security Threat modelling and risk analysis Soft Skills ...

GitHub Actions , CircleCI (or similar) Monitoring & logging: Prometheus , Grafana , ELK stack (or equivalent) DevSecOps: integrating security into pipelines and delivery (e.g., SonarQube , Snyk , OWASP practices) If you'd like to discuss this DevOps Engineer role in more detail, please send your updated CV to (url removed) and I will ...

practical knowledge of offensive security across web applications, APIs, networks, and cloud environments Solid understanding of system internals, networking, and common vulnerability classes including OWASP Top 10, authentication and authorisation flaws, logic issues, and race conditions Familiarity with Windows and Linux environments from an attacker's perspective Proficiency with standard ...

including Node.js, PostgreSQL, and Redis Investigate, diagnose, and resolve complex technical issues across systems Promote and implement secure development practices , including vulnerability management and OWASP standards Mentor and support developers, encouraging best practices and continuous improvement Contribute to defining and improving engineering standards, frameworks, and processes Technical Environment You will ...

experience with CI/CD security integration (GitLab CI or similar) Familiarity with SAST/DAST tooling and dependency scanning Understanding of common vulnerabilities (OWASP Top 10) and remediation Previous experience working as a back end or full stack developer Knowledge of GDPR and data protection legislation Strong communicator; able ...

similar Tools to Accelerate Engineering Workflows Deep Application Security Expertise: SAST/SCA/DAST/Secret Scanning Secure Code Review Threat Modelling (OWASP Top 10, API Top 10, LLM Security Risks) Experience Integrating Security Tooling into Developer Pipelines (GitLab/GitHub, CI/CD) Understanding of Prompt Injection, Jailbreak ...

conducting threat modelling (e.g. STRIDE, attack trees) and risk analysis Strong understanding of security frameworks and best practice such as ISO 27001, NIST, CIS, OWASP, NCSC guidance Experience working in the UK Public Sector and associated security standards and guidance including GovAssure/NCSC CAF, HMG Security Policy Framework. Knowledge ...

conducting threat modelling (e.g. STRIDE, attack trees) and risk analysis Strong understanding of security frameworks and best practice such as ISO 27001, NIST, CIS, OWASP, NCSC guidance Experience working in the UK Public Sector and associated security standards and guidance including GovAssure/NCSC CAF, HMG Security Policy Framework. Knowledge ...

Working with shared/common government tech stacks (Node.js, PostgreSQL, Redis) Investigating and resolving technical issues across the stack Applying secure development practices, including OWASP principles and vulnerability management Collaborating with stakeholders and communicating technical concepts clearly Tech stack includes: Node.js, HAPI (web framework) API development (REST, OpenAPI) PostgreSQL, MongoDB ...

automated testing using tools such as NUnit, Jasmine and Selenium Good knowledge of SOLID principles Desirable Skills: Containers (docker, K8s) Security best practice (OWASP top ten) OpenIDConnect/Identity server MS SQL Server Azure DevOps, TeamCity Infrastructure as Code (Bicep, ARM templates, Terraform) Please apply now or contact ...

automated testing using tools such as NUnit, Jasmine and Selenium Good knowledge of SOLID principles Desirable Skills: Containers (docker, K8s) Security best practice (OWASP top ten) OpenIDConnect/Identity server MS SQL Server Azure DevOps, TeamCity Infrastructure as Code (Bicep, ARM templates, Terraform) Please apply now or contact (url removed ...

testing experience Strong understanding of web application and infrastructure testing methodologies Experience with tools such as Burp Suite, Nmap, Nessus, Metasploit, etc. Understanding of OWASP Top 10 and common attack vectors Strong report writing and communication skills Consultancy/client-facing experience beneficial Additional certifications such as CPSA or cloud ...

Strong grasp of integration patterns with Legacy systems (Mainframe, ESB, message-based, batch) and incremental modernisation strategies Solid understanding of secure-by-design principles, OWASP risks, and engineering for high-assurance environments Experience with infrastructure-as-code (Terraform, CloudFormation, CDK) and modern CI/CD practices Strong experience working ...

strong differentiator but not essential: Security exposure in any of the following areas will set you apart: threat modelling, Zero Trust architecture, IAM, OWASP, secure-by-design, or API security. The details: Salary: £90,000 Location: Belfast Working pattern: Hybrid, no set minimum in-office days but a preference ...

Experience with cloud platforms (AWS, Azure, or GCP) Strong knowledge of testing tools such as: Selenium, Cypress, Playwright Cucumber/Gherkin JMeter/BlazeMeter OWASP ZAP, SonarQube, BrowserStack Experience delivering: Performance & scalability testing Security & penetration testing Accessibility testing UAT/OAT Experience of working in a consultancy professional services environment ...

Experience with cloud platforms (AWS, Azure, or GCP) Strong knowledge of testing tools such as: Selenium, Cypress, Playwright Cucumber/Gherkin JMeter/BlazeMeter OWASP ZAP, SonarQube, BrowserStack Experience delivering: Performance & scalability testing Security & penetration testing Accessibility testing UAT/OAT Experience of working in a consultancy professional services environment ...

with mobile analytics, crash reporting, and APM tools (eg Firebase Crashlytics, Dynatrace, App Center) Understanding of secure coding practices and mobile security frameworks (eg OWASP Mobile) Experience with mobile device management (MDM) or enterprise distribution Familiarity with cross-platform considerations, even if primarily native-focused Scope & Accountability Responsible for hands ...

Infrastructure as Code (Terraform or CDK) Strong grounding in clean architecture, SOLID principles, and code maintainability Knowledge of API integration and secure development practices (OWASP) What you'll be doing: Delivering end-to-end software solutions in a modern tech stack Working closely with product managers, QA, and engineering leadership ...

cloud native applications in Azure, GCP, or AWS Advanced knowledge of HTTP, SSL/TLS encryption, DNS, switching and routing, and Application Security, mitigating OWASP top 10 security threats Proven experience with Imperva delivery and security services. Strong understanding of CDN architecture and web performance optimization. Expertise in Imperva ...

environments. Strong cyber fundamentals, including cryptography, CIA triad, threat modelling, authentication, encryption and secure communications. Understanding of secure coding standards and frameworks such as OWASP, NIST or similar. Ability to work directly with engineering teams and provide clear, practical technical guidance. Strong written documentation skills. Experience working in a regulated ...

through code review, application testing, and infrastructure assessments. High proficiency deploying and configuring applications in large-scale enterprise environments. Working knowledge of: • NIST frameworks • OWASP Top 10 • Enterprise grade security design patterns DTS offers excellent compensation package. Contact: Ajay Bharbutta Team Lead Digital Technology Solutions ...

across diverse teams and projects. Experience in managing and mentoring technical security professionals. Desirable Familiarity with secure development practices and application security frameworks (e.g. OWASP). Experience with using Akamai. Knowledge of Zero Trust architecture principles. Certifications such as CISSP, CCSP, or SABSA. Additional Responsibilities Drive security architecture reviews ...