126 to 150 of 671 OWASP Jobs

Contribute to the development of security policies, procedures, and best practices. Requirements: Proven experience in application security, penetration testing, and secure software development practices. Strong understanding of security vulnerabilities (OWASP Top 10, etc.) and secure coding techniques. Experience with security tools (e.g., static/dynamic analysis tools, vulnerability scanners). Familiarity with common web technologies (e.g., Java, Python, JavaScript, SQL More ❯

Contribute to the development of security policies, procedures, and best practices. Requirements: Proven experience in application security, penetration testing, and secure software development practices. Strong understanding of security vulnerabilities (OWASP Top 10, etc.) and secure coding techniques. Experience with security tools (e.g., static/dynamic analysis tools, vulnerability scanners). Familiarity with common web technologies (e.g., Java, Python, JavaScript, SQL More ❯

the DevSecOps team. What you’ll need: At least 3 years of software engineering experience, with 2+ years focused on application security. In-depth knowledge of application security testing, OWASP, and secure web application development. Strong understanding of Agile and experience promoting security awareness across teams. Excellent communication, stakeholder management, and prioritization skills. Experience working with hacker/pen-testing More ❯

Translate business needs into effective security controls 5+ years in security architecture or consulting in regulated environments Deep knowledge of secure SDLC, DevSecOps, cloud (Azure/AWS), and frameworks (OWASP, MITRE) Hands-on experience with vulnerability tools, threat modelling, and compliance (GDPR, HIPAA, PCI) Strong communication and stakeholder engagement skills Technical knowledge across .NET, Java, scripting (Python, PowerShell), APIs, and More ❯

into effective security controls 🧠 Key Skills & Experience: 5+ years in security architecture or consulting in regulated environments Deep knowledge of secure SDLC, DevSecOps, cloud (Azure/AWS), and frameworks (OWASP, MITRE) Hands-on experience with vulnerability tools, threat modelling, and compliance (GDPR, HIPAA, PCI) Strong communication and stakeholder engagement skills Technical knowledge across .NET, Java, scripting (Python, PowerShell), APIs, and More ❯

into effective security controls 🧠 Key Skills & Experience: 5+ years in security architecture or consulting in regulated environments Deep knowledge of secure SDLC, DevSecOps, cloud (Azure/AWS), and frameworks (OWASP, MITRE) Hands-on experience with vulnerability tools, threat modelling, and compliance (GDPR, HIPAA, PCI) Strong communication and stakeholder engagement skills Technical knowledge across .NET, Java, scripting (Python, PowerShell), APIs, and More ❯

into effective security controls Key Skills & Experience: 5+ years in security architecture or consulting in regulated environments Deep knowledge of secure SDLC, DevSecOps, cloud (Azure/AWS), and frameworks (OWASP, MITRE) Hands-on experience with vulnerability tools, threat modelling, and compliance (GDPR, HIPAA, PCI) Strong communication and stakeholder engagement skills Technical knowledge across .NET, Java, scripting (Python, PowerShell), APIs, and More ❯

with public/private cloud environments ( Openshift, Rancher, K8s, AWS, GCP, Azure, etc. ) In-depth knowledge of security principles, compliance regulations, and change management. Experience in running assessments using OWASP MASVS and ASVS. Working knowledge on exploiting and fixing application vulnerabilities. Proven expertise in architectural threat modeling and conducting secure design reviews. In-depth knowledge of common web application vulnerabilities … i.e. OWASP Top 10 or SANS top 25). Familiarity with automated dynamic scanners, fuzzers, and proxy tools. An analytical mind for problem solving, abstract thought, and offensive security tactics. Highly effective communication skills, in both verbal and written forms, to effectively convey technical and non-technical concepts to a wide variety of audiences Exposure to advanced AI and Large More ❯

with public/private cloud environments ( Openshift, Rancher, K8s, AWS, GCP, Azure, etc. ) In-depth knowledge of security principles, compliance regulations, and change management. Experience in running assessments using OWASP MASVS and ASVS. Working knowledge on exploiting and fixing application vulnerabilities. Proven expertise in architectural threat modeling and conducting secure design reviews. In-depth knowledge of common web application vulnerabilities … i.e. OWASP Top 10 or SANS top 25). Familiarity with automated dynamic scanners, fuzzers, and proxy tools. An analytical mind for problem solving, abstract thought, and offensive security tactics. Highly effective communication skills, in both verbal and written forms, to effectively convey technical and non-technical concepts to a wide variety of audiences Exposure to advanced AI and Large More ❯

and securing next-gen AI applications, this is the perfect opportunity to make a real impact. Key Responsibilities: API Security Leadership Implement and enforce best practices for API security (OWASP API Top 10, JWT/OAuth 2.0, API key management). LLM & AI Security Develop strategies to detect and prevent LLM abuse (e.g., prompt injection, excessive cost exploitation). Collaborate … Threat Hunting Monitor for anomalous API traffic and respond to security incidents. Research emerging attack vectors targeting APIs and LLMs. Required Skills & Experience: API Security Expertise - Strong knowledge of OWASP API Security Top 10, REST/gRPC security, and authentication (JWT, OAuth 2.0). Bot & Abuse Prevention - Hands-on experience with rate limiting, CAPTCHA, and behavioral bot detection . LLM More ❯

Security Engineer/Cloud/DSOMM/OWASP/Salesforce Permanent Hybrid - 2 or 3 days p/w on-site Leeds FPSG have a fantastic opportunity to join a large-scale digital transformation programme aimed at uniting multiple internal business units under a new, secure, cloud digital platform. Ideal for a hands-on Security Engineer who enjoys embedding security … maturity frameworks such as DSOMM, including hands-on delivery (code, configuration, documentation, tooling) Designing, building, operate, monitoring secure solutions across complex platforms Ensuring internal and industry security standards (e.g. OWASP CI/CD, SAMM) are adhered to across systems Managing and improving cloud security posture (Azure Defender, Prisma Cloud etc) Implementing and optimising observability platforms for holistic system monitoring Supporting … software estates, including deployment pipelines, rollback strategies, and uptime monitoring Practical experience building automated security test suites into CI/CD workflows Familiarity with security frameworks such as DSOMM, OWASP, and SAMM Suitability: This role is a technical hands-on security engineering role, it is NOT GRC focused. It would be well-suited to experienced Security Engineers or Developers with More ❯

into application design Lead security architecture reviews and provide expert technical guidance on complex security challenges Keep up-to date with the latest security threat assessment frameworks such as OWASP, MITRE ATT&CK Assess security posture against industry regulations and compliance requirements Identify and mitigate security risks associated with new technologies and initiatives Perform security assessments to identify vulnerabilities Communicate More ❯

into application design Lead security architecture reviews and provide expert technical guidance on complex security challenges Keep up-to date with the latest security threat assessment frameworks such as OWASP, MITRE ATT&CK Assess security posture against industry regulations and compliance requirements Identify and mitigate security risks associated with new technologies and initiatives Perform security assessments to identify vulnerabilities Communicate More ❯

into application design Lead security architecture reviews and provide expert technical guidance on complex security challenges Keep up-to date with the latest security threat assessment frameworks such as OWASP, MITRE ATT&CK Assess security posture against industry regulations and compliance requirements Identify and mitigate security risks associated with new technologies and initiatives Perform security assessments to identify vulnerabilities Communicate More ❯

Experience working with ISO 27001, Cyber Essentials, and preferably NIST CSF, SOC 2, or SWIFT frameworks. Strong understanding of security in the context of software development and application security (OWASP, SDLC, DevSecOps). Hands-on, pragmatic approach with the ability to operate in a lean, fast-paced environment. Excellent communication skills, with the ability to engage both technical and non More ❯

or cyber recovery planning and testing would be advantageous. Prior experience working with external auditors and regulators would be advantageous In depth knowledge of system and application vulnerabilities e.g. OWASP, NIST, SANS... Bachelor's degree in Computer Science, or a related field as well as accreditation in CISSP, CISM, CISA, CRISC, AWS would be a bonus #J-18808-Ljbffr More ❯

communication skills to communicate effectively at all levels to technical and non-technical audiences. Internal team engagement, working collaboratively, sharing knowledge, advising, and training colleagues. Knowledge of common vulnerabilities OWASP Top 10, CVE databases etc Understanding of Agile and DevOps practices for continuous testing and delivery Knowledge of integrating security testing into test automation and CI/CD pipelines Desirable More ❯

record of successes. Understanding of security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. An understanding of application security principals, best practices, OWASP/related standards. Knowledge of security frameworks & controls, hardening standards & security best practices. An understanding of network protocols & practices, firewalls, intrusion detection/prevention systems and WAFs. We look for More ❯

record of successes. Understanding of security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. An understanding of application security principals, best practices, OWASP/related standards. Knowledge of security frameworks & controls, hardening standards & security best practices. An understanding of network protocols & practices, firewalls, intrusion detection/prevention systems and WAFs. We look for More ❯

etc. Working knowledge of core networking concepts Common ports/protocols, NAT, Public/Private IPs, VLANs, etc. Working knowledge of web technologies and concepts Web servers/applications, OWASP top 10, etc. Effective communication skills, with the ability to explain complex events to less technical audiences, enabling effective cross-functional collaboration within the SOC and across departments Dedicated to More ❯

your background might be better suited to. 8+ years of experience in IoT security, preferably in the medical device or the pharmaceutical industry. Proficiency in security frameworks (e.g., NIST, OWASP, MITRE ATT&CK, PASTA, STRIDE) and standards such as FDA cybersecurity guidance Experience assessing security risks using industry standard methods (penetration test results, threat modeling, security testing) and determining residual More ❯

maturity frameworks such as DSOMM, including hands-on delivery (code, configuration, documentation, tooling) Designing, building, operate, monitoring secure solutions across complex platforms Ensuring internal and industry security standards (e.g. OWASP CI/CD, SAMM) are adhered to across systems Managing and improving cloud security posture (Azure Defender, Prisma Cloud etc) Implementing and optimising observability platforms for holistic system monitoring Supporting … software estates, including deployment pipelines, rollback strategies, and uptime monitoring Practical experience building automated security test suites into CI/CD workflows Familiarity with security frameworks such as DSOMM, OWASP, and SAMM Suitability: This role is a technical hands-on security engineering role, it is NOT GRC focused. It would be well-suited to experienced Security Engineers or Developers with … annual leave with buy/sell options + Private healthcare + Extensive Wellbeing services and employee discounts Key Technical Terms Security Engineering, Cybersecurity Engineer, Information Security Specialist, Salesforce, Azure, OWASP CI/CD, DSOMM, SAMM, Cloud Security Posture Management, Prisma Cloud, Azure Defender, Snyk, Checkmarx, OpenZAP, Qualys, DAST, SAST, CI/CD, Infrastructure Security, Auth0, Secure APIs, Networking Protocols, DevSecOps More ❯

record of successes. Knowledge of security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. An understanding of application security principles, best practices, OWASP/related standards. Some knowledge/experience in scoping/undertaking internal pen testing and creation of external penetration testing scopes. Knowledge of security frameworks & controls, hardening standards & security best More ❯

with securing network and enterprise cloud applications - ideally GCP, Azure or AWS You have strong knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-53 or OWASP You have knowledge of host hardening, auditing, logging and monitoring, network security, SEIM deployments, security analytics, anomaly detections, PKI You have proven implementation of cloud security models, particularly identity, network More ❯

with GRC (Governance, Risk, and Compliance) and SA&A (Security Assessment & Authorization) tools such as Archer, or similar platforms. Familiarity with cloud compliance requirements and privacy regulations. Knowledge of OWASP Top 10 and modern application security best practices. Understanding of adversary TTPs (Tactics, Techniques, and Procedures) and frameworks such as MITRE ATT&CK. Ability to work independently and manage priorities More ❯