326 to 350 of 677 OWASP Jobs

performance analysis and tuning using memory and thread dump analysis. Work with databases including Oracle, PL/SQL, and MongoDB. Understand and implement secure coding practices in line with OWASP guidelines. Collaborate in a Kubernetes-based environment. Integrate with identity and access management platforms (e.g., ForgeRock). Handle Kafka-based data streaming and understand Kafka architecture. Utilize enterprise-level Elastic More ❯

hands-on penetration testing experience across network, web, wireless, and cloud environments. Expert with core tools: Burp Suite, Metasploit, Cobalt Strike, Nmap , and custom scripting. Deep understanding of vulnerabilities (OWASP Top 10, MITRE ATT&CK) and exploitation methods. Experience delivering reports aligned to PTES, OWASP, NIST, or OSSTMM standards. Exceptional communicator who can translate complex technical issues for diverse audiences. More ❯

Minimum 5 years of practical penetration testing experience (web, infrastructure, external/internal). Experience in scoping penetration testing assessments. Strong knowledge of security testing methodologies and frameworks (eg, OWASP, NIST). Proficiency with industry-standard tools (eg, Burp Suite, Nmap, Metasploit, Kali Linux). Excellent written and verbal communication skills. O ne of the following qualifications is essential: OSCP More ❯

harden complex systems against evolving threats. Required Skills and Experience: Proven experience conducting penetration testing across web apps, APIs, infrastructure, and cloud environments (AWS, Azure, GCP) Strong understanding of OWASP Top 10 , CVSS, and secure coding principles Experience with tools such as Burp Suite , Nmap , Metasploit , Kali , and custom scripts Familiarity with MITRE ATT&CK , red teaming methodologies, and reporting More ❯

harden complex systems against evolving threats. Required Skills and Experience: Proven experience conducting penetration testing across web apps, APIs, infrastructure, and cloud environments (AWS, Azure, GCP) Strong understanding of OWASP Top 10 , CVSS, and secure coding principles Experience with tools such as Burp Suite , Nmap , Metasploit , Kali , and custom scripts Familiarity with MITRE ATT&CK , red teaming methodologies, and reporting More ❯

junior team members and support collaborative delivery of projects. Occasionally support the creation of marketing materials such as research papers and articles. Skills/Must have: Strong knowledge of OWASP methodologies and offensive testing across black/grey/white-box approaches. Proficiency in tools like Burp Suite, Kali, Nmap, Nessus, Qualys, Metasploit. Familiarity with cloud platform security testing (AWS More ❯

junior team members and support collaborative delivery of projects. Occasionally support the creation of marketing materials such as research papers and articles. Skills/Must have: Strong knowledge of OWASP methodologies and offensive testing across black/grey/white-box approaches. Proficiency in tools like Burp Suite, Kali, Nmap, Nessus, Qualys, Metasploit. Familiarity with cloud platform security testing (AWS More ❯

new detection use cases. Hands-on experience with AWS security services, such as GuardDuty, Security Hub, CloudTrail, and IAM configurations. Familiarity with securing web applications, including common vulnerabilities (e.g. OWASP Top 10) and mitigation techniques. Proficiency in scripting languages like PowerShell and Python. Experience working within agile or continuous improvement environments. Desired Qualifications : Strong analytical skills, with the ability to More ❯

offers, and knowledge of its limitations. • Good understanding of the configuration of Power Pages • An understanding of security best practices around Power Pages, with knowledge of items such as OWASP • Hands on experience with Dataverse and Dataverse for Teams as part of implementing Power Platform solutions. • Hands on experience in the setup of Continuous Integration (CI) and Continuous Delivery (CD More ❯

Core Experience of using observability systems such as Elastic APM or DataDog to track and diagnose issues in production A solid understanding of security principles and secure coding including OWASP Top 10 Experience in VOIP, (SIP and RTP advantageous) Experience of TDD/BDD/DDD principles Knowledge of PCI compliance and associated standards such as ISO 27001 Knowledge of More ❯

systems (e.g., Git) and continuous integration/deployment (CI/CD) practices. · Solid understanding of web security practices, including JWT authentication, secure API design, rate limiting, and familiarity with OWASP vulnerabilities. · Ability to troubleshoot and find solutions without needing hand-holding. Salary & Benefits 🎁 No two days are the same at Arcube. In a high-performing and tight-knit team, the More ❯

Focus on ensuring different modules/components interact correctly. Test APIs, databases, and service flows. Security Testing & Penetration Testing (Ethical Hacking) Simulate attacks to find vulnerabilities. Tools: Burp Suite , OWASP ZAP , Metasploit . CEH , OSCP , CISSP certifications an advantage Vulnerability Testing Scan systems for known vulnerabilities. Collaborate with SecOps and DevSecOps teams. Security QA/Secure Code Testing Test software … from a secure coding perspective. Ensure compliance with secure development standards (OWASP Top 10, etc.). Test Management Oversee testing across multiple teams and or products. Handle stakeholder communication, budget, vendor selection, and process compliance. Test Architectecture Design testing frameworks, strategies, and toolchains. Advise on choosing tools (e.g., UFT vs Selenium) and scaling automation. API Testing Validate REST/SOAP More ❯

experience with Government Digital Standards (GDS) Demonstrable experience in Test Automation using Playwright with JavaScript Expertise in Browserstack for use in compatibility testing Previous experience in security testing with OWASP ZAP Performance testing knowledge (JMeter preferred) Experience in CI/CD Integration for Test Automation Azure DevOps proficiency for Test Management and defect tracking Working experience of BDD Framework (Cucumber More ❯

Month Contract London/Remote Working Working background as a Test Lead within the public sector Previous experience with Government Digital Standards (GDS) Previous experience in security testing with OWASP ZAP Performance testing knowledge (JMeter preferred) Experience in CI/CD Integration for Test Automation Azure DevOps proficiency for Test Management and defect tracking Working experience of BDD Framework (Cucumber More ❯

Month Contract London/Remote Working Working background as a Test Lead within the public sector Previous experience with Government Digital Standards (GDS) Previous experience in security testing with OWASP ZAP Performance testing knowledge (JMeter preferred) Experience in CI/CD Integration for Test Automation Azure DevOps proficiency for Test Management and defect tracking Working experience of BDD Framework (Cucumber More ❯

to review and contribute to GitHub PRs. Experience in a continuous flow environment and active participation in Agile practices. Bonus skills include: Designing scalable test frameworks. Security testing fundamentals (OWASP Top 10, Sonarcloud). Writing custom GitHub Actions. Chaos Engineering knowledge. What you can expect: Salary reviews, share options, office perks, wellness and learning budgets, conference attendance, volunteer days, generous More ❯

building secure software across multiple types of projects. Significant experience working in highly regulated environments, with previous involvement in cryptocurrency-related projects being a strong plus. Strong knowledge of OWASP standards, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) tools. Familiarity with integrating these tools into CI/CD pipelines is highly desirable. More ❯

multiple technical teams simultaneously Familiarity with containerization technologies and dependency management systems Knowledge of web application security testing techniques and tools Experience with open source security tooling (such as OWASP ZAP, Trivy, or similar) Experience in DevSecOps practices and implementation Experience in vulnerability management and remediation Please note that we welcome interest from candidates with varying levels of experience; many More ❯

backend code to identify security flaws, misconfigurations, or vulnerabilities. Threat Modelling: Lead and contribute to threat modeling sessions - analyse how our products handle data, map potential attack vectors (especially OWASP Top 10), and design mitigation strategies. Secure Development Practices: Help the development team adopt secure coding practices, identify systematic security issues, and uplift the overall engineering team's security awareness. … improvement. Mandatory Experience: Solid experience as a developerhaving utilised (JavaScript/Python) Ability to read and understand code quickly, including unfamiliar codebases Familiarity with modern security tools (e.g., Snyk, OWASP ZAP, Burp Suite) Strong understanding of common web vulnerabilities (OWASP Top 10) Experience with threat modeling and secure design principles Comfortable translating technical findings into prioritised improvements for the engineering More ❯

the DevSecOps team. What you’ll need: At least 3 years of software engineering experience, with 2+ years focused on application security. In-depth knowledge of application security testing, OWASP, and secure web application development. Strong understanding of Agile and experience promoting security awareness across teams. Excellent communication, stakeholder management, and prioritization skills. Experience working with hacker/pen-testing More ❯

the DevSecOps team. What you’ll need: At least 3 years of software engineering experience, with 2+ years focused on application security. In-depth knowledge of application security testing, OWASP, and secure web application development. Strong understanding of Agile and experience promoting security awareness across teams. Excellent communication, stakeholder management, and prioritization skills. Experience working with hacker/pen-testing More ❯

testing. Collaborate to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for analysis and runtime protection. Qualifications: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding practices. Familiarity with threat modeling methodologies like STRIDE. Hands-on experience with tools such as SAST/DAST/IAST, Snyk More ❯

Collaborate to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for code analysis and runtime protection. Qualifications: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding practices. Familiarity with threat modeling methodologies like STRIDE and risk analysis. Hands-on experience with SAST/DAST/IAST tools More ❯

teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for code analysis and runtime protection. Requirements: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding practices. Familiarity with threat modeling methodologies like STRIDE. Hands-on experience with SAST/DAST/IAST tools such as Snyk More ❯

containerized workloads in collaboration with engineering teams. Evaluate and implement security tools for code analysis and runtime protection. Candidate Requirements: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding practices. Familiarity with threat modeling methodologies like STRIDE. Hands-on experience with tools such as SAST/DAST/IAST, Snyk More ❯