76 to 89 of 89 OWASP Jobs

years of experience in software and/or firmware testingEngineering degree in Software, Computer Science, Cybersecurity or demonstrated knowledge.Proficiency with tools: Burp Suite, OWASP ZAP, Nessus, Nmap Fortify, Checkmarx, Metasploit, Wireshark.Knowledge of scripting languages such as Python, JavaScript, Bash, or PowerShell.Understanding of encryption algorithms, key management, & secure protocols … Strong understanding of common vulnerabilities (e.g., OWASP Top 10, CWE/SANS Top 25)Familiarity with Linux, Windows, and network protocols (TCP/IP, DNS, of industrial protocols (e.g., Serial, Modbus, HART)Knowledge of industry standards: IEC 62443, ISO 27001, NIST, OWASPNice-to-have:Experience implementing DevSecOps best practices; Azure ...

Play a key role within a leading investment bank, partnering with technical and business stakeholders to deliver secure solutions across networks, applications, and cloud environments. Utilise expertise in IAM, cryptography, secure development, information management, and ...

DevSecOps/Application Security engineering background GitHub administration & GitHub Advanced Security (GHAS) CI/CD pipeline security integration SAST/DAST tooling (CodeQL, Semgrep, OWASP ZAP etc.) Secret scanning, dependency scanning, container & IaC scanning OIDC/short-lived credentials Security remediation & vulnerability management JIRA/Agile delivery environments Strong stakeholder … management & delivery ownership Nice to have: BAM/governance programme experience Datadog/SIEM/EDR exposure Pen testing remediation OWASP/Secure SDLC knowledge Cloud/container security exposure The client is looking for someone proactive, organised, and technically strong who can operate across development, infrastructure, security, and operational ...

governance, assurance, and risk evaluation Design cloud-based solutions using Azure and/or AWS Produce architectural documentation, models, and prototypes Ensure compliance with OWASP, NCSC, and GDPR standards Contribute to architecture governance, standards, and best practices Support stakeholder engagement, bids, and technical assurance activities Mentor junior engineers and architects … Defence, Government, or secure environments Active SC Clearance (essential) Strong experience delivering complex, enterprise-scale systems Knowledge of secure development lifecycles (SSDLC) Experience with OWASP, NCSC Cloud Principles, GDPR Strong cloud experience (Azure and/or AWS) Background in microservices, APIs, and integration patterns Experience with DevOps and CI/ ...

metrics and continuous testing for core AI risks, including hallucinations, memorisation, algorithmic bias, uncertainty, and model drift . Regulatory Compliance Evidence: Map threat models (OWASP LLM Top 10, Agentic threats) to automated test cases. Produce the technical testing evidence required by EU AI Act Article 15 , DORA , and FCA Operational … configuring, testing, and bypassing Bedrock Guardrails, Agents, and Knowledge Bases (RAG) . AI Security & Fundamentals: Solid understanding of Foundation Models, tool use (function calling), OWASP LLM Top 10 , and NIST AI RMF . Automation Stack: Strong Python development skills, experience with AI eval tools (Garak, Pyrit, Ragas), and building complex ...

metrics and continuous testing for core AI risks, including hallucinations, memorisation, algorithmic bias, uncertainty, and model drift . Regulatory Compliance Evidence: Map threat models (OWASP LLM Top 10, Agentic threats) to automated test cases. Produce the technical testing evidence required by EU AI Act Article 15 , DORA , and FCA Operational … configuring, testing, and bypassing Bedrock Guardrails, Agents, and Knowledge Bases (RAG) . AI Security & Fundamentals: Solid understanding of Foundation Models, tool use (function calling), OWASP LLM Top 10 , and NIST AI RMF . Automation Stack: Strong Python development skills, experience with AI eval tools (Garak, Pyrit, Ragas), and building complex ...

We are a $13+ billion global technology company, home to more than 224,000 people across 60 countries, delivering industry-leading capabilities centered around digital, engineering, cloud, and AI, powered by a broad portfolio of ...

Centralised Eval Platform: Operate a firm-wide service to measure success rates, uncertainty, hallucination, and bias across all non-deterministic systems. Secure Architecture: Map OWASP LLM Top 10 and agentic threats to technical controls; manage AWS Bedrock Guardrails and Knowledge Bases. AI Supply Chain: Own the AI-BOM , ensuring supply … Depth: Strong grasp of FMs, RAG, tool-use, and the failure modes of agentic workflows. Security & Compliance: Deep knowledge of NIST AI RMF, OWASP LLM Top 10, and UK/EU financial regulations (FCA/DORA). Testing Automation: Proven ability to build measurement frameworks for drift, memorization, and adversarial ...

We are a $13+ billion global technology company, home to more than 224,000 people across 60 countries, delivering industry-leading capabilities centered around digital, engineering, cloud, and AI, powered by a broad portfolio of ...

Centralised Eval Platform: Operate a firm-wide service to measure success rates, uncertainty, hallucination, and bias across all non-deterministic systems. Secure Architecture: Map OWASP LLM Top 10 and agentic threats to technical controls; manage AWS Bedrock Guardrails and Knowledge Bases. AI Supply Chain: Own the AI-BOM , ensuring supply … Depth: Strong grasp of FMs, RAG, tool-use, and the failure modes of agentic workflows. Security & Compliance: Deep knowledge of NIST AI RMF, OWASP LLM Top 10, and UK/EU financial regulations (FCA/DORA). Testing Automation: Proven ability to build measurement frameworks for drift, memorization, and adversarial ...

Centralised Eval Platform: Operate a firm-wide service to measure success rates, uncertainty, hallucination, and bias across all non-deterministic systems. Secure Architecture: Map OWASP LLM Top 10 and agentic threats to technical controls; manage AWS Bedrock Guardrails and Knowledge Bases. AI Supply Chain: Own the AI-BOM , ensuring supply … Depth: Strong grasp of FMs, RAG, tool-use, and the failure modes of agentic workflows. Security & Compliance: Deep knowledge of NIST AI RMF, OWASP LLM Top 10, and UK/EU financial regulations (FCA/DORA). Testing Automation: Proven ability to build measurement frameworks for drift, memorization, and adversarial ...

Expert, you will lead the organisation's Generative AI security strategy. Key responsibilities include: Advanced Threat Modelling: Leading structured sessions using STRIDE and OWASP LLM/Agentic frameworks to map out attack trees for complex, non-deterministic systems. Adversarial Engineering: Translating emerging threats-such as Prompt Injection, Sleeper Agents … deep knowledge of FCA compliance and DORA. Solid grasp of Foundation Models (FMs), RAG, and the risks of non-deterministic agentic behavior. Mastery of OWASP LLM Top 10 and the NIST AI Risk Management Framework. Hands-on experience securing AWS Bedrock and governing the full AI model lifecycle. Ability ...

Expert, you will lead the organisation's Generative AI security strategy. Key responsibilities include: Advanced Threat Modelling: Leading structured sessions using STRIDE and OWASP LLM/Agentic frameworks to map out attack trees for complex, non-deterministic systems. Adversarial Engineering: Translating emerging threats-such as Prompt Injection, Sleeper Agents … deep knowledge of FCA compliance and DORA. Solid grasp of Foundation Models (FMs), RAG, and the risks of non-deterministic agentic behavior. Mastery of OWASP LLM Top 10 and the NIST AI Risk Management Framework. Hands-on experience securing AWS Bedrock and governing the full AI model lifecycle. Ability ...

metrics effectively to management audiences. • Working knowledge of vulnerability management and reporting processes. • Understanding of application security and development security requirements. • Familiarity with OWASP Top 10 and common web application security risks. • Ability to work effectively in a fast-paced operational environment and adapt to changing priorities. • Ability to work … Framework (RMF) controls and application security - Advanced • Cyber Security Management - Advanced • Cloud Cyber Defense - Intermediate • Code scanning tools - Intermediate • Vulnerability Management and Reporting - Intermediate • OWASP Top 10 - Intermediate • Application Security and Development Security Requirements - Intermediate • Adaptability and operational resilience in rotating shift environments - Intermediate nd Key Responsibilities • Support Assessment ...