Enable job alerts via email!

Senior Application Security Consultant

JR United Kingdom

Derby

Remote

GBP 60,000 - 90,000

Full time

2 days ago

Be an early applicant

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

A leading consultancy firm in the UK is seeking a Senior Application Security Consultant to conduct thorough security assessments of web-based applications. In this role, you'll perform static code analysis, identify vulnerabilities, and compile comprehensive security reports. Ideal candidates are seasoned professionals with an extensive background in application security and expert knowledge of OWASP guidelines. This position offers remote flexibility and a focus solely on advisory work.

Benefits

Remote flexibility

No remediation work

High visibility project

Structured communication

Qualifications

4+ years in Application Security or related roles required.
Executive summary capability for non-technical stakeholders.
Strong skills in code analysis, risk identification, and reporting.

Responsibilities

Conduct a comprehensive security review of web applications.
Identify vulnerabilities and assess compliance with OWASP standards.
Produce a security audit report detailing findings and recommendations.

Skills

Application Security

AppSec consulting

Secure Code Review

Technical writing

Communication

Familiarity with OWASP

Risk assessment

Education

OSCP

CSSLP

GWAPT

CEH

Tools

Snyk

Checkmarx

Veracode

Burp Suite

Social network you want to login/join with:

Senior Application Security Consultant, derby

col-narrow-left

Client:

EVOLUTION PROJECT CONSULTING LIMITED

Location:

derby, United Kingdom

Job Category:

Other

EU work permit required:

Yes

col-narrow-right

Job Views:

Posted:

04.06.2025

Expiry Date:

19.07.2025

col-wide

Job Description:

About the Role

We are seeking a highly experienced Application Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required.

You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence-based security audit report.

Key Responsibilities

Perform static code analysis and security audit of a web application.
Identify potential vulnerabilities in logic, data handling, authentication, and access control.
Assess the application against OWASP Top 10 and other secure coding standards.
Review third-party dependencies for known issues.
Produce a professional security report with risk ratings, findings, and recommendations.

Required Skills & Experience

4+ years in Application Security, AppSec consulting, or Secure Code Review roles.
Familiarity with tools like Snyk, Checkmarx, Veracode, or Burp Suite (passive scanning).
Knowledge of OWASP, CWE, and general secure software development principles.
Strong technical writing and communication skills.
Preferred certifications: OSCP, CSSLP, GWAPT, CEH, or equivalent.
Executive summary for non-technical stakeholders.
Technical breakdown of findings with severity and impact.
Recommended mitigation guidance (no implementation expected).

Why Join Us?

Remote flexibility
No remediation work — fully focused on review and advisory
A project with high visibility and real-world impact
Prompt onboarding and structured communication

How to Apply

Message us directly or email [emailprotected] with your CV, availability, and examples of previous audit/reporting work if available.

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.