Enable job alerts via email!

Senior Application Security Consultant

JR United Kingdom

York

Remote

GBP 50,000 - 80,000

Full time

Yesterday

Be an early applicant

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

A leading consulting firm is seeking a Senior Application Security Consultant for a non-invasive web application security review project. This role focuses on identifying vulnerabilities and providing evidence-based audit reports without any remediation tasks. Bringing strong experience in application security and relevant certifications will be crucial for success in this highly visible project with real-world impact. The position offers remote flexibility and a structured onboarding process.

Benefits

Remote flexibility

Fully focused on review and advisory work

High visibility project

Prompt onboarding and structured communication

Qualifications

4+ years in Application Security or Secure Code Review roles.
Strong knowledge of OWASP, CWE and secure software development principles.
Ability to produce professional security reports with findings and recommendations.

Responsibilities

Conduct comprehensive security reviews of web-based applications.
Perform static code analysis and identify potential vulnerabilities.
Produce detailed security audit reports with risk ratings and recommendations.

Skills

Application Security

Secure Code Review

Static Code Analysis

Technical Writing

Communication Skills

Education

OSCP Certification

CSSLP Certification

GWAPT Certification

CEH Certification

Tools

Snyk

Checkmarx

Veracode

Burp Suite

Social network you want to login/join with:

Senior Application Security Consultant, york

col-narrow-left

Client:

EVOLUTION PROJECT CONSULTING LIMITED

Location:

Job Category:

Other

EU work permit required:

Yes

col-narrow-right

Job Views:

Posted:

04.06.2025

Expiry Date:

19.07.2025

col-wide

Job Description:

About the Role

We are seeking a highly experienced Application Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required.

You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence-based security audit report.

Key Responsibilities

Perform static code analysis and security audit of a web application.
Identify potential vulnerabilities in logic, data handling, authentication, and access control.
Assess the application against OWASP Top 10 and other secure coding standards.
Review third-party dependencies for known issues.
Produce a professional security report with risk ratings, findings, and recommendations.

Required Skills & Experience

4+ years in Application Security, AppSec consulting, or Secure Code Review roles.
Familiarity with tools like Snyk, Checkmarx, Veracode, or Burp Suite (passive scanning).
Knowledge of OWASP, CWE, and general secure software development principles.
Strong technical writing and communication skills.
Preferred certifications: OSCP, CSSLP, GWAPT, CEH, or equivalent.
Executive summary for non-technical stakeholders.
Technical breakdown of findings with severity and impact.
Recommended mitigation guidance (no implementation expected).

Why Join Us?

Remote flexibility
No remediation work — fully focused on review and advisory
A project with high visibility and real-world impact
Prompt onboarding and structured communication

How to Apply

Message us directly or email [emailprotected] with your CV, availability, and examples of previous audit/reporting work if available.

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.