Job Title: Security Consultant – DevSecOps / Application Security
Location: Hybrid Manchester, UK (3days/week)
Duration: 6months+
520GBP/day Inside IR35
Role Overview
We are looking for an experienced Security Consultant with strong DevSecOps and Application Security expertise. The ideal candidate should be comfortable working across secure software development, infrastructure security, and vulnerability management within modern CI/CD environments. CISSP certification is highly desirable, and additional security certifications would be an advantage.
The candidate should have hands-on knowledge in at least one or more of the following areas:
* Computer Networking
* Application Security
* Cryptography (desirable)
* Penetration Testing
* Databases
* Linux and Windows Operating Systems
Key Responsibilities
* Integrate security controls and best practices into SDLC and CI/CD pipelines.
* Support and manage SAST, SCA, IaC, and dependency scanning activities.
* Identify vulnerabilities and provide remediation guidance to development teams.
* Promote secure-by-design principles and DevSecOps culture across engineering teams.
* Collaborate with development, infrastructure, and security teams to improve overall application security posture.
* Conduct security reviews, risk assessments, and recommend mitigation strategies.
* Support secure coding practices and application security best practices.
* Assist in implementing and improving DevSecOps processes and automation.
Required Skills & Experience
* Strong understanding of DevSecOps implementation and Secure SDLC practices.
* Experience with Static Application Security Testing (SAST) and Software Composition Analysis (SCA) tools.
* Knowledge of Infrastructure-as-Code (IaC) security and dependency scanning.
* Hands-on experience with vulnerability management and remediation support.
* Good understanding of application security principles and secure-by-design concepts.
* Familiarity with CI/CD pipelines and security automation.
* Experience working with Linux and Windows environments.
* Understanding of networking and security fundamentals.
Desirable Skills
* CISSP certification preferred.
* Additional certifications such as CEH, OSCP, CISM, Security+, or AWS/Azure Security certifications are beneficial.
* Exposure to cryptography concepts and penetration testing methodologies.
* Experience with cloud security and container security tools is a plus.
Soft Skills
* Strong communication and stakeholder management skills.
* Ability to work collaboratively with developers and engineering teams.
* Problem-solving mindset with strong analytical skills.
* Ability to explain technical security concepts to non-technical stakeholders.
Priyanka Sharma
Senior Delivery Consultant
Office: 02033759240
Email: