Application Security Analyst, 3 months, London/Hybrid, £500/day (Outside IR35) My client, a leading TV production company are currently looking to bring on an Application Security Analyst for an initial 3 month contract. This role is part of the Project Management Office in the IT Department and will support the Security Application Compliance programme. Key Responsibilities: Perform system application assessments in alignment with established application security controls Communicate and reporting deficiency findings to management Assist IT teams in implementing corrective actions based on identified deficiencies Ensure effective business changes are introduced as a result of deficiency findings. Monitor and follow up on assessment recommendations to ensure timely implementation and resolution with the appropriate IT stakeholders Working with the PM, internal controls colleagues, IT Managers, InfoSec, to improve internal control Desirable Skills and Experience: Technical Skills Deep understanding of Web Application Security (e.g., OWASP Top 10 & beyond OWASP, such as business logic flaws, access control bypasses) Understanding of secure development practices Static & Dynamic Analysis (e.g., DAST) Experience in Authentication & Authorization (e.g., modern-day protocols like OAuth, OpenID, and experience in analysing access control and session management) Understanding of Cloud & API security; Cloud platforms (Azure, AWS) & their security implications Experience with Jira & Confluence Experience with Monday.com Experience with Microsoft Teams (including shared folder management on Teams) Soft Skills Previous experience managing projects/workstreams independently Proven ability to gather information across multiple sources and reconcile it into a comprehensible format for further use by other teams involved with the delivery of the programme (i.e., dev/tech teams, etc.) Excellent stakeholder engagement & management skills (i.e., workshops, interviews, questionnaires, product demos, etc.) Ability to work in a fast-paced environment and manage multiple priorities across different projects Attention to detail (as small oversights in security can be critical) Clear communication; must be able to explain findings to both technical & non-technical stakeholders Analytical thinking: Ability to understand complex systems and identify weak points Report writing & presentation; delivers clear, actionable security assessment reports with prioritised remediations