Security Consultant

Security Consultant (DevSecOps / Application Security)

💰 £480/day (Inside IR35) | 📅 6-Month Contract

📍 Manchester (2/3 days onsite)

Our client is seeking an experienced Security Consultant to support secure application delivery and DevSecOps initiatives within a large-scale enterprise technology environment. This role focuses on embedding security into software engineering and cloud delivery practices, helping development teams improve application security posture while driving secure-by-design principles across modern SDLC and CI/CD environments. You’ll work closely with engineering, DevOps, and security teams to support vulnerability management, secure development practices, and automated security controls across cloud-native applications and infrastructure.

Key Responsibilities

• Integrate security controls into SDLC and CI/CD pipelines
• Support implementation of:
• Static Application Security Testing (SAST)
• Software Composition Analysis (SCA)
• Infrastructure-as-Code (IaC) security scanning
• Dependency and vulnerability scanning
• Provide remediation guidance and secure coding support to development teams
• Promote secure-by-design principles and DevSecOps best practices
• Collaborate with engineering and security teams to improve application security posture
• Support secure cloud and infrastructure delivery initiatives
• Identify and mitigate application and infrastructure security risks
• Contribute to security governance, compliance, and continuous improvement initiatives

Required Skills & Experience

• Strong experience with DevSecOps implementation and secure SDLC practices
• Certified Information Systems Security Professional certification
• Hands-on experience with:

SAST tools

SCA tooling

IaC security scanning

Dependency vulnerability management

• Strong understanding of application security principles and vulnerability remediation
• Experience embedding security into CI/CD pipelines and engineering workflows
• Knowledge across one or more of the following:
• Computer networking
• Application security
• Penetration testing
• Databases
• Linux and Windows operating systems
• Cryptography (desirable)
• Strong communication and stakeholder collaboration skills

Desirable

• Additional security certifications highly beneficial
• Experience working within enterprise cloud or regulated environments
• Exposure to modern DevOps and cloud-native delivery models

If this is relevant to your experience, please apply with your CV and we'll be in touch. Thank you!