26 to 35 of 35 Remote/Hybrid OWASP Jobs

government standards Writing clean, maintainable, and reusable code/configuration Supporting issue investigation, resolution, and continuous improvement Applying secure development practices, including awareness of OWASP principles Collaborating with stakeholders and clearly communicating technical concepts Tech and environment: Microsoft Power Platform (Power Apps, Power Automate, Dataverse) Integration with wider enterprise systems ...

Bases, Guardrails, and model lifecycles. AI/ML Core: Mastery of FMs, RAG, tool-use, and non-deterministic agent logic. Security Frameworks: Proficiency in OWASP LLM Top 10 and NIST AI RMF . Role 1: Identity Expert Mission: Secure the "Human-to-Agent" and "Agent-to-Resource" identity chain. ...

common vulnerabilities (XSS, CSRF, SQL Injection); experience building AppSec programs. Experience with any of the following: C#, React, JavaScript, REST APIs Participation in OWASP, BSides, open-source security projects, etc The ability to effectively communicate security concepts to both technical and non-technical audiences. What You'll Do: Establish ...

ownership and contribution to security decisions within projects Desirable Experience: Knowledge of security frameworks and standards including ISO 27001, PCI DSS, COBIT, NIST and OWASP Relevant certifications such as CISSP, CISM, CCSP, CEH or OSCP Experience working within public and/or private cloud environments This is an excellent opportunity ...

lifecycle). AI/ML Foundations: Deep understanding of FMs, RAG , non-deterministic agents, and complex tool-use. Secure AI: Expert-level knowledge of OWASP LLM Top 10 and Agentic AI threats . Familiarity with NIST AI RMF is a massive plus! Your Mission: Identity & Access Specialist As our Identity ...

practical "shift-left" model that enhances developer workflows rather than blocking them. Key Responsibilities Maturity Assessment and Strategy: Conduct an evidence-based audit against OWASP SAMM and NIST SSDF frameworks, translating findings into a prioritised 12-month risk-reduction roadmap. Pipeline Optimisation: Tuned tool signal-to-noise ratios (SAST … fluency in code, Infrastructure-as-Code (Terraform, Ansible), and YAML pipelines to maintain immediate credibility with senior software engineers. Framework Mastery: Practical application of OWASP SAMM, NIST SSDF, STRIDE, and MITRE ATTandCK. Cloud and Containers: Strong grounding in securing cloud workloads (AWS or Azure) and environments (Docker, Kubernetes). £600.00 ...

experience delivering web application, API, and/or infrastructure penetration tests in a professional consultancy setting. Strong understanding of common vulnerability classes (e.g. OWASP Top 10), exploitation techniques, and remediation guidance. Confident client-facing communication skills, with the ability to explain technical findings to both technical and non-technical audiences. ...

Hands-on experience delivering web application, API, and/or infrastructure penetration tests in a professional setting. Strong understanding of common vulnerability classes (e.g. OWASP Top 10), exploitation techniques, and remediation guidance. Confident client-facing communication skills, with the ability to explain technical findings to both technical and non-technical ...

delivery teams in Agile and DevOps environments to embed security by design. Support compliance with security and regulatory frameworks including ISO 27001, PCI DSS, OWASP and internal standards. Review security posture of vendors and outsourced services, providing due diligence and third-party risk assurance. Present security findings, risk opinions … security, secure application delivery, third-party risk management and access management practices. Experience applying recognised frameworks and standards such as ISO 27001, PCI DSS, OWASP, NIST and enterprise security control frameworks. Ability to translate complex technical risks into business language and provide clear, evidence-based recommendations. Exposure to contemporary architectures. ...

Play a key role within a leading investment bank, partnering with technical and business stakeholders to deliver secure solutions across networks, applications, and cloud environments. Utilise expertise in IAM, cryptography, secure development, information management, and ...