1 to 25 of 114 Remote OWASP Jobs

Knowledge of cloud security frameworks Rest API knowledge Scripting and Infrastructure as Code (Terraform, CloudFormation) Experience with Jira or similar ticketing systems Technical architecture review skills Vulnerability identification (CWE, OWASP) Operating systems and hardening techniques Development concepts like CICD, Pipelines, SDLC Penetration testing knowledge (useful) Familiarity with Cloud Development Kit (CDK), GitOps Experience in DevOps/agile environments Docker, Kubernetes More ❯

teams and business stakeholders is essential. Experience working with security issues in software architecture, software development, e.g. static and/or dynamic code analysis and tools, software dependency check, OWASP Top10 testing, application threat modelling. In-depth experience working in an Agile software development environment, with classic applications as well as microservices, using modern code processing and continuous integration and … Security Architect, SDLC, Secure by Design, Architecture, Software Development, Engineering, DevOps, InfoSec, Security, Security Strategy, Best Practice, Programming, Code, C++, C#, C, .NET Core, Java, JavaScript, Node.js, Angular, React, OWASP, Agile, Application Threat Modelling, Security Policy, Security Controls, ISO 27001, NIST, GDPR, Cloud, Azure. Please note that due to a high level of applications, we can only respond to applicants More ❯

or application security. You should also have a proven experience and knowledge with any combination of the following: Threat modelling and risk assessments, Working knowledge of secure coding principles (OWASP and OWASP mobile, SANS ), Experience with designing and administering identity management (authentication and authorisation including policy enforcement points, token services, protocols such as OAuth2), Working knowledge of cryptography including encryption More ❯

Security Testing. Working knowledge of at least 5 of the following security tools and technologies: Burp Suite (including Burp Scanner) - for web application vulnerability scanning and manual security testing. OWASP ZAP - for DAST and automated security regression testing. Postman or SOAP UI - for API testing with a security focus (e.g. injection, authorisation, token misuse). OAuth2/OpenID Connect - for … systems (e.g. Git) - for secure code handling and integration with secrets scanners. Static Application Security Testing (SAST) tools - e.g. SonarQube, Checkmarx, Semgrep. Dynamic Application Security Testing (DAST) tools - e.g. OWASP ZAP, Burp Suite Pro. Infrastructure-as-Code (IaC) scanning tools - e.g. tfsec, Checkov. Secrets detection tools - e.g. GitLeaks, truffleHog, detect-secrets. Threat modelling methodologies - e.g. STRIDE, PASTA, or creating risk … based test charters. Familiarity with the OWASP Top 10 - and how to test for each category. Behaviours We'll assess you against these behaviours during the selection process: Making Effective Decisions Managing a Quality Service Working Together Seeing the Big Picture Leadership We only ask for evidence of these behaviours on your application form: Leadership Technical skills We'll assess More ❯

Umbrella solution. Essential skills/experience required: Certifications: OSCP or CREST/TIGER Scheme. Experience penetration testing, ethical hacking, or completing vulnerability assessments. Security testing tools (e.g., Burp Suite, OWASP ZAP, Nikto, Nmap, Metasploit, etc.). DevSecOps principles and tools (e.g., Veracode, SonarQube, GitHub Advanced Security, IaC scanning, etc.). Secure Cloud Infrastructure, specifically AWS and Azure. Scripting and automation More ❯

and Azure DevOps (CI/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage More ❯

and Azure DevOps (CI/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage More ❯

cybersecurity, with extensive experience in threat management, vulnerability management, offensive security practices and security testing. Strong knowledge of common security vulnerabilities, attack vectors, and security testing frameworks, such as OWASP, MITRE ATT&CK, CVE/CVSS, and NIST SP 800-53. Experience of vulnerability scanning tools, penetration testing tools, and security testing frameworks (e.g., Nessus, Metasploit, Burp Suite, Nmap More ❯

application security Experience working with large-scale multi-cloud, multi-account architecture CISSP, CISM, AWS Solutions Architect Professional, Azure Solutions Architect, or equivalent certification, is preferred Thorough understanding of OWASP Top 10 and Secure Development Expertise in automating security tools and integrations, including simple scripting Experience with application security tools (SAST, DAST, IAST and SCA) Strong technical knowledge of development More ❯

pure product or application security Strong expertise in offensive security techniques and methodologies, including ethical security testing Deep understanding of secure coding practices, common vulnerabilities and risk scoring methodologies (OWASP Top 10, CWE, CVSS scoring etc.) Strong experience communicating to stakeholders of varying technical skill levels Your experience should include: Using offensive security tooling, including tools such as Burp Suite More ❯

working experience.??? Working knowledge of at least 5 of the following security tools and technologies: Burp Suite (including Burp Scanner) - for web app vulnerability scanning and manual security testing. OWASP ZAP - for DAST and automated security regression testing. Postman or SOAP UI - for API testing with a security focus (e.g. injection, authorisation, token misuse). OAuth2/OpenID Connect - for … version control systems - for secure code handling and integration with security scanners. Static Application Security Testing (SAST) tools - e.g. SonarQube, Checkmarx, Semgrep. Dynamic Application Security Testing (DAST) tools - e.g. OWASP ZAP, Burp Suite Pro. Infrastructure-as-Code (IaC) scanning tools - e.g. tfsec, Checkov. Secrets detection tools - e.g. GitLeaks, truffleHog, detect-secrets. Threat modelling approaches - e.g. STRIDE, or creating risk-based … test charters. Familiarity with the OWASP Top 10 - and how to test for each risk category. Behaviours We'll assess you against these behaviours during the selection process: Making Effective Decisions Managing a Quality Service Working Together Seeing the Big Picture Technical skills We'll assess you against these technical skills during the selection process: Penetration testing/ethical hacking More ❯

been a UK resident for at least 5 years). Experience conducting penetration tests (web, infrastructure, external/internal). Strong knowledge of security testing methodologies and frameworks (e.g., OWASP, NIST). Proficiency with industry-standard tools (e.g., Burp Suite, Nmap, Metasploit, Kali Linux). Excellent written and verbal communication skills. OSCP, OSWE, or other relevant certifications. Experience with red More ❯

Docker, Kubernetes, Terraform, and Helm. Hands-on experience developing modern web applications with Angular and TypeScript. Familiarity with Azure DevOps for backlog management and project tracking. Working knowledge of OWASP security best practices. Exposure to FedRAMP compliance standards and processes. What is it in for you? Opportunities for career growth Skills development Team collaboration Private Health Insurance Equity Tracking Award More ❯

audit and privacy policies and regulations General knowledge of security technology Nice to have: Experience with PowerBI Programming skills and experience (python, Java, SQL) Technical network skills Knowledge of OWASP, SANS, NIST, ISO 27001, ISF or other security-related practices Previous Banking/Financial Industry experience CISSP, CISA, CRISC, CSSLP, SABSA certifications Skills & Competencies: Vulnerability management Risk reporting Programming Data More ❯

application monitoring platforms such as Dynatrace and Catchpoint. Understanding of .NET applications and experience making small code changes when required. Knowledge of Akamai or similar CDNs, perimeter security, and OWASP security guidelines. Strong networking experience across DNS, routing, load balancers, and firewalls. Skilled with enterprise‐level deployments across microservices and multi‐server environments. Experience with MLOps platforms (ideally Azure), database More ❯

application monitoring platforms such as Dynatrace and Catchpoint. Understanding of .NET applications and experience making small code changes when required. Knowledge of Akamai or similar CDNs, perimeter security, and OWASP security guidelines. Strong networking experience across DNS, routing, load balancers, and firewalls. Skilled with enterprise‐level deployments across microservices and multi‐server environments. Experience with MLOps platforms (ideally Azure), database More ❯

application monitoring platforms such as Dynatrace and Catchpoint. Understanding of .NET applications and experience making small code changes when required. Knowledge of Akamai or similar CDNs, perimeter security, and OWASP security guidelines. Strong networking experience across DNS, routing, load balancers, and firewalls. Skilled with enterprise‐level deployments across microservices and multi‐server environments. Experience with MLOps platforms (ideally Azure), database More ❯

application monitoring platforms such as Dynatrace and Catchpoint. Understanding of .NET applications and experience making small code changes when required. Knowledge of Akamai or similar CDNs, perimeter security, and OWASP security guidelines. Strong networking experience across DNS, routing, load balancers, and firewalls. Skilled with enterprise‐level deployments across microservices and multi‐server environments. Experience with MLOps platforms (ideally Azure), database More ❯

the following technical competencies: Solid grounding in OS and network fundamentals (Linux, Windows, Mac, TCP/IP stack). Knowledge of common attack techniques and mitigations (MITRE ATT&CK, OWASP Top 10). Familiarity with scripting and automation using Python, Bash, or PowerShell. Strong understanding of Active Directory attack chains and common privilege escalation paths. Experience interpreting logs and event More ❯

and cloud security vulnerabilities (e.g., XSS, SSRF, CSRF, CORS, SQL Injection, broken authentication/authorization, encryption flaws). Provide expert guidance on secure coding practices, common vulnerability classes (e.g., OWASP Top 10), and threat modeling for modern web applications. Conduct security reviews of design and architecture documents; lead threat modeling exercises using frameworks such as STRIDE, PASTA, MITRE ATT&CK … developers, write clear documentation, and engage stakeholders. Nice to have: Certifications such as OSCP, GCIH, GWAPT, or CISSP. Familiarity with security frameworks such as NIST CSF, MITRE ATT&CK, OWASP ASVS, or ISO 27001. Experience with commercial security tools such as EDR, SIEM, CSPM, CNAPP, vulnerability scanners, bug bounty platforms, WAFs, or compliance automation platforms. Prior experience driving security engineering More ❯

Understanding of current testing trends and Agile methodologies Degree in computer science, software engineering, or related field preferred Experience with API testing tools like Postman or SoapUI Knowledge of OWASP vulnerabilities and security testing ISTQB certification Experience with source control tools like Git or Bitbucket Strong problem-solving, communication, and time management skills Minimum of 5 years in a Software More ❯

application monitoring platforms such as Dynatrace and Catchpoint. Understanding of .NET applications and experience making small code changes when required. Knowledge of Akamai or similar CDNs, perimeter security, and OWASP security guidelines. Strong networking experience across DNS, routing, load balancers, and firewalls. Skilled with enterprise‐level deployments across microservices and multi‐server environments. Experience with MLOps platforms (ideally Azure), database More ❯

application monitoring platforms such as Dynatrace and Catchpoint. Understanding of .NET applications and experience making small code changes when required. Knowledge of Akamai or similar CDNs, perimeter security, and OWASP security guidelines. Strong networking experience across DNS, routing, load balancers, and firewalls. Skilled with enterprise‐level deployments across microservices and multi‐server environments. Experience with MLOps platforms (ideally Azure), database More ❯

Experience with Azure Managed Services, Docker, Kubernetes, Terraform, Helm Experience building modern web apps using Angular and Typescript Experience working in Azure DevOps managing backlogs etc Working knowledge of OWASP security best practices Knowledge of working with FedRamp compliance Our Employer Commitment This job posting will remain active until a qualified candidate is identified. At Ivanti, we are committed to More ❯

AWS or Azure). Assist with containerisation (Docker/Kubernetes). Support implementation of authentication systems (OAuth 2.0, Auth0, AWS Cognito). Gain exposure to security best practices (e.g., OWASP). Work on RESTful API design and consumption. Collaborate on version control practices using Git, documentation, and code reviews. Desired Skills: Passion for software development and continuous learning. Some frontend More ❯