19 Contract Application Security Jobs in the UK

Application Security Architect Day Rate: Excellent Day Rate/Above Market Rate (disclosed on application) IR35 Status: Inside IR35 Contract Length: 6 months initial (expected to extend multiple times) Hybrid Model: 3 days per week in office, 2 days remote Office Location: Central London Job Level: Senior … Services (experience essential) About the Client and Role: My client, a highly prestigious, globally renowned name in financial services is seeking a vastly experienced Application Security Architect to join the in-house security team on an initial 6-month (but fully expected to extend many times) basis. … The Application Security Architect will be responsible for translating the group-wide information and cyber security strategy and requirement into secure-by-design Application security architecture throughout the organisation. The Architect will work closely with the Security and DevOps teams, reviewing large bodies of more »

Senior Cybersecurity Architect - £800 - £1000 Per Day (Rolling Contract) - London/Hybrid Tech Stack - Senior Security Architect, Financial Services, Financial Conduct Authority (FCA) Regulations, IT Risk Management, Network Security, Data Loss Prevention (DLP), Identity Access Management (IAM), Network Access Control (NAC), Next-Generation Firewall (NGFW), Cloud Security (exp. AWS/Azure/GCP), Endpoint Security (Endpoint Detection and Response Solutions (EDR)), IoT Security, Application Security, URGENT, CISSIP, CISM, SABSA, TOGAF, Senior Cybersecurity Architect). We have several fantastic new roles including a Senior Security Architect position to join a growing global … candidate will be an integral part of the Cybersecurity Architecture Team. You will be responsible for the design and implementation of the enterprise-wide security strategy which will be flexible in ensuring current and future business needs. This is a great opportunity for Senior Security Architect experienced in more »

LEAD CYBER SECURITY CONSULTANT - READING - CONTRACT- HYBRID Lead Cyber Security Consultant Contract - 6 Months rolling- Inside IR35 Location: Reading - 2 days onsite/week must The role of Cyber Security Consultant sits within the Cyber Security team which is responsible for providing subject matter expertise and … a reliable network which matches the best, whilst ensuring compliance to regulatory requirements, company policy and standards. Should have experience of using common information security management frameworks, such as NIST, PCI, GDPR, ISO Series, OWASP the IT Infrastructure Library (ITIL), the ISF Standards of Good Practice (SoGP) and ISACA … implementing processes, procedures, and architecture/design/decision templates is vital. Must have at least 3-5 years of experience working in Cyber Security within a technical field. Must have a mix of security consulting, architecture/design, and professional services experience. Must be able to lead more »

AWS Security Engineer - Remote (Outside IR35) Day Rate : £275-295 Contract Length : 6+ months Location : Remote About the role: As a Cloud Security Engineer you will be responsible for designing, implementing, and managing security measures to safeguard computer systems, networks, and data. Conducts regular system tests and … monitors network security continuously. Develops and implements security standards and procedures aligned with industry best practices. Collaborates with IT and development teams to integrate security practices into AWS-hosted and .NET or any other application security life cycles. Also performs vulnerability testing, investigates security breaches, installs security measures, documents breaches, and works to maintain a high-security standard by fixing detected vulnerabilities and staying updated on security technologies. Required Skills: Must be AWS security certified or relevant certifications (e.g., CISSP, CISM, CISA) Bachelor's degree in Computer Science, Information more »

Role- Senior Security Tester (Application Security) Location- Across UK Nature- Hybrid Responsible for enabling the delivery of security test engineering at project and programme level, including assurance of third-party testing where required. Ensuring best practice to embed automated security testing as early as possible more »

Senior Pen Tester/Application Security Tester 6 Month Contract Hybrid (occasional trips to the London office) Financial Services ASAP Start Date My Financial Services client is currently seeking for a Senior Penetration Tester to join the team. Responsibilities/Requirements: - Manually conduct application security testing … on web applications on prem and AWS cloud reporting issues - Manage DAST ans SAST scanning tools - 6 years + experience within the security testing field - Hands on experience testing and explaining OWASP top 10 vulnerabilities - Previously worked within the financial services industry Logistics: - 6 Month Rolling Contract more »

The role holder will be a subject matter expert in DevSecOps approaches and best practices, playing a crucial role in bridging development, security, and operations. Demonstrable knowledge of the DevOps culture and principles, Secure Software Development Life Cycle (SDLC) practices, Application security knowledge, Cloud infrastructure knowledge and … familiarity with CI/CD tools, security tooling, and automation tools. The role holder will have overall accountability and oversight for the technical solution delivered for this domain. What I'll be doing - your accountabilities? * Creates and owns the E2E technical solution that underpins the goal of Establishing a … a range of specialisms, through collaboration with subject matter experts as necessary. * You are a subject matter expert in domain specialism relevant to DevSecOps, Application Security * You produce solutions collaboratively in an agile environment, evolving solutions in partnership with engineering teams through the build/measure/learn more »

premise experience with cloud services and their WAF controls, ideally including one or more of the following: AWS, Azure, and GCP understanding of Web Application security attack methods and mitigations in WAF tuning and configuration, coupled with a strong foundation in web security principles and practices. custom … WAF rules and features, addressing gaps and enhancing overall security measures to design and implement bespoke WAF processes and documentation, underpinned by a thorough understanding of web application security. skills to review and align platforms with MVP and Baseline Configurations, leveraging a deep knowledge of WAF functionalities and … limitations. DevSecOps pipeline maintenance support for the automation works with IDAM protocols and access control measures for WAF management, informed by strong web security knowledge. of HTTPS inspection, including Termination and Certificate management, grounded in robust web security practices. in rate limiting techniques and their integration into security more »

Role Description: The role holder will be a subject matter expert in DevSecOps approaches and best practices, playing a crucial role in bridging development, security, and operations. Demonstrable knowledge of the DevOps culture and principles, Secure Software Development Life Cycle (SDLC) practices, Application security knowledge, Cloud infrastructure … knowledge and familiarity with CI/CD tools, security tooling, and automation tools. The role holder will have overall accountability and oversight for the technical solution delivered for this domain. Key Accountabilities: Creates and owns the E2E technical solution that underpins the goal of Establishing a sustainable "DevSecOps" practice. … matter expert in DevSecOps approaches and best practices Mandatory - Demonstrable knowledge of the DevOps culture and principles, Secure Software Development Life Cycle (SDLC) practices, Application security knowledge, Cloud infrastructure knowledge and familiarity with CI/CD tools, security tooling, and automation tools. Preferred - experience of agile product more »

Good Morning, Hope you are well! My client within the financial services industry is looking for an Application Security Architect to join the team. Requirements Experience working withing the Financial Services Industry (Insurance or Exchange highly desirable) Hands on experience Operating application tools Must have subject matter … expertise in application threat modelling, secure coding practices in Java and C++, and DevSecOps practices. Must have current experience of operating SAST, SCA, DAST, IAST, MAST. Logistics: 6 Month Rolling Contract 3 Days a week working in the London Office) £850 - £900 per day inside IR35 Please send over more »

experience with cloud services and their WAF controls, ideally including one or more of the following: AWS, Azure, and GCP * Strong understanding of Web Application security attack methods and mitigations * Proficiency in WAF tuning and configuration, coupled with a strong foundation in web security principles and practices. … Develop custom WAF rules and features, addressing gaps and enhancing overall security measures * Capability to design and implement bespoke WAF processes and documentation, underpinned by a thorough understanding of web application security. * Analytical skills to review and align platforms with MVP and Baseline Configurations, leveraging a deep knowledge … Providing DevSecOps pipeline maintenance support for the automation works * Familiarity with IDAM protocols and access control measures for WAF management, informed by strong web security knowledge. * Understanding of HTTPS inspection, including Termination and Certificate management, grounded in robust web security practices. * Experience in rate limiting techniques and their more »

Senior Pen Tester/Application Security Tester 6 Month Contract Hybrid (occasional trips to the London office) Financial Services ASAP Start Date My Financial Services client is currently seeking for a Senior Penetration Tester to join the team. Responsibilities/Requirements: - Manually conduct application security testing … on web applications on prem and AWS cloud reporting issues - Manage DAST ans SAST scanning tools - 6 years + experience within the security testing field - Hands on experience testing and explaining OWASP top 10 vulnerabilities - Previously worked within the financial services industry Logistics: - 6 Month Rolling Contract more »

Security Architect/Consultant 6 months Remote £700 - £900 per day inside ir35 Common skill requirements: Work with internal application development and change teams to: Produce Threat models. Review and or input security to solution architecture and high level designs Advise and consult with development teams on … security matters Ensure compliance to internal standards and use of approved patterns Production of patterns or internal technical security standards as required Experience and background: Experience working in financially regulated enterprises and things like PCI Previous exposure to working with Developers, ie helping, understanding their problems, facing off … to them etc Previous experience of assuring and advising on secure systems design Common patterns and security design etc Good grasp of application security issues, knowing XSS vs SSRF for example. Know their way around OWASP T10 + API etc Good knowledge of cryptography (more than an more »

materials, providing Power BI training, and championing adoption. * Hands-on experience with SQL querying and using APIs to retrieve data. * Experience implementing row-level security and understanding application security models in Power BI. * Proficient in implementing advanced calculations on datasets. * Microsoft certified Power BI data analyst associate more »

establishing a sustainable DevSecOps practice. As an SME in DevSecOps approaches and best practices, this position will play a crucial role in bridging development, security, and operations. Responsibilities include defining solutions that are customer-focused, secure, compliant, and align with business objectives, while considering all affected technical and business … Expert (SME) status in DevSecOps methodologies and best practices. * Demonstrable knowledge of the DevOps culture and principles, Secure Software Development Life Cycle (SDLC) practices * Application security knowledge, Cloud infrastructure knowledge and familiarity with CI/CD tools, security tooling, and automation tools. Desirable Skills: * Familiarity with agile more »

up to £54,000 base + 40 days annual leave and a 14.5% pension. Hybrid working. Role Summary The primary responsibility of the Lead Application Analyst is to provide Application Management and Support for the business systems. As Service Owner for one or more services will be responsible … the acceptance criteria for service transition. The postholder will actively engage with project managers to ensure quality outputs within the agreed acceptance criteria. Manage application enhancements designed to improve business performance, maintain all associated documentation, investigates issues, and provides advice on application security, licensing, upgrades, backups, and more »

you'll need to succeed Prior experience delivering secure solution designs SME in DevSecOps approaches Great knowledge of: DevOps knowledge and principles, Cloud Infrastructure, Application security, CI/CD tools, Secure Software Development Life Cycle (SDLC) What you'll get in return An opportunity to work for a more »

devices. Collaborate on the team's technical direction and refine its tools and processes. Enhance data monitoring and alerting systems while contributing to client application security. Requirements: Strong experience in development with Kotlin and Golang Strong understanding of development best practices (pair programming, TDD, CI/CD). Familiarity more »

key part within their Vulnerability Management division. Responsibilities Engineer a robust and proactive approach within the Vulnerability Management division of our client's Information Security team. Identify strategic risks and devise controls to mitigate external threats. Provide vital oversight to identify and manage critical risks. Step in to enhance … your PowerBI skills to the fore. Primarily focus on the physical infrastructure, with future opportunities targeting cloud environment advancements. Develop and implement measures ensuring application security. Foster an agile mindset and continuous improvement within the team. Master and utilise a suite of tools, including Qualys, PowerBI, and Veracode, to … need to have: Good understanding of frameworks such as OWASP, CVSS etc. Command a solid grasp of on-premise and cloud networking and network security devices. Exhibit a keen understanding of DDoS and WAF protection measures. Certified in CISM, CISSP, CSSLP or equivalent. Show ability to track, report on more »