Find your next tech and IT Job or contract OWASP in England

lead cyber and information security risk management, assurance, and architectural advisory for major applications and digital services during alpha, beta, and early live phases deliver critical security assessments and IT Health Checks, providing expert assurance across portfolio projects, with a focus on SaaS tooling compliance against NCSC Cloud Security Principles facilitate and oversee Security Working Groups throughout all key development and deployment stages, ensuring risks are tracked, logged, and reported to the Head of Cyber Risk and Assurance, with actionable recommendations provided produce formal risk assessments and risk treatment plans (RTPs) for all digital services and associated tooling, ensuring robust protection in accordance with business risk appetite develop, review, and advise on Secure by Design policies/practices, including safe use of AI, secure coding, and regulatory compliance frameworks (e.g., OWASP, DPIA, GovAssure) coordinate cross-platform activities and enable secure delivery of new GDS services, including supporting incident management and continuous improvement of live service security practices routinely provide monthly (and ad-hoc) risk briefings to senior leaders, evidencing assurance, identifying risks outside tolerance, mapping exposure, and recommending mitigations and controls mentor and train digital service teams and wider Information Security staff, sharing best practices and building internal capability for risk assessment and management support implementation and ongoing usage of risk management tooling, ensuring all details are uploaded promptly and appropriately, such as the SureCloud risk register engage proactively with senior internal and external stakeholders, promoting security culture and enabling confident delivery aligned with organisational priorities future line management activities as the team grows

Our client is looking for a Threat and Exposure Management SME to join their team on a six month initial contract, working two/three days a week onsite in London. This role would be working via an umbrella company. Essential skills/knowledge/experience: * Strong technical background and focus with the ability to script in one or more programming language (e.g.: Python, etc) * Strong hands-on experience with CloudStrike Falcon platform * Strong threat hunting experience and ability to analyse malware, networking, Firewall and Web Knowledge, OWASP top 10 knowledge, Knowledge of DevSecOps Threats * Understand vulnerability lifecycle and knowledge and demonstrable experience of Information security technologies and methodologies, Experience of Cloud systems and their Architecture (Azure, AWS) * Awareness of various operating system flavours including but not limited to Windows, Linux, Unix, Database technologies (SQL, Oracle, DB2, Mongo) and associated threats * Awareness of security controls in widely used technologies e.g., MS Office 365 and experience of Incident Management and Response tools - e.g., Remedy, ServiceNow * Strong verbal and written communication skills are crucial to success in this role * Proficiency in preparation of reports, dashboards, and documentation * Good problem-solving analytical skills, Good interpersonal skills LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Role: Security tester (manual) Rate: Outside IR35 Location: Remote with occasional travel to Croydon Duration: 6 months initially SC clearance or eligible The Security Tester will play a key role in delivering robust application security testing aligned with Secure-by-Design (SbD) principles and compliance frameworks such as NIST, CAF, and CAT. This role supports strategic aim to scale enterprise security testing capabilities, reduce outsourcing reliance, and embed security into the software development lifecycle. Key Responsibilities * Conduct Security Testing using SAST and DAST tools * Collaborate with Cyber Security Managers and Governance teams to ensure alignment with organisational security policies and standards * Mentor and upskill team testers in application security testing and automation * Track and report on security metrics and KPIs, including vulnerability trends and remediation outcomes. * Integrate security testing into CI/CD pipelines, supporting shift-left strategies and DevSecOps practices. Required Skills & Experience * Strong understanding of security standards including OWASP, NIST SP 800-53, ISO 27001, and CIS Benchmarks. * Experience with SAST/DAST tools and Cloud Security platforms (AWS, Azure). * Familiarity with Secure-by-Design principles and organisational security policies. * Experience with penetration testing, risk assessment, and compliance testing. * Proficiency in tools such as JIRA, SharePoint, and vulnerability management platforms. Desirable Attributes * Ability to interpret and apply OWASP and NIST security principles across diverse project environments. * Strong stakeholder engagement and communication skills. * Experience in developing deployment checklists and decision trees for secure tool usage. * Certifications such as CREST CRT, OSCP, CEH, or SANS are highly desirable. Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 10 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.