Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Conduct security reviews of web applications and produce detailed audit reports.
- Company: Join a forward-thinking team focused on enhancing application security.
- Benefits: Enjoy remote work flexibility and focus solely on advisory tasks.
- Why this job: Make a real-world impact while working independently on high-visibility projects.
- Qualifications: 4+ years in Application Security with strong coding knowledge and technical writing skills.
- Other info: No remediation work required; just pure analysis and reporting.
The predicted salary is between 43200 - 72000 £ per year.
We are seeking a highly experienced Application Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required.
You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence-based security audit report.
Key Responsibilities- Perform static code analysis and security audit of a web application.
- Identify potential vulnerabilities in logic, data handling, authentication, and access control.
- Assess the application against OWASP Top 10 and other secure coding standards.
- Review third-party dependencies for known issues.
- Produce a professional security report with risk ratings, findings, and recommendations.
- 4+ years in Application Security, AppSec consulting, or Secure Code Review roles.
- Deep understanding of secure coding practices in web frameworks (e.g., JavaScript, Python, PHP, Node.js).
- Familiarity with tools like Snyk, Checkmarx, Veracode, or Burp Suite (passive scanning).
- Knowledge of OWASP, CWE, and general secure software development principles.
- Strong technical writing and communication skills.
- Preferred certifications: OSCP, CSSLP, GWAPT, CEH, or equivalent.
- One formal written report including:
- Executive summary for non-technical stakeholders.
- Technical breakdown of findings with severity and impact.
- Recommended mitigation guidance (no implementation expected).
- Remote flexibility
- No remediation work — fully focused on review and advisory
- A project with high visibility and real-world impact
- Prompt onboarding and structured communication
Message us directly or email dylan@evlpc.com with your CV, availability, and examples of previous audit/reporting work if available.
Contact Detail:
EVOLUTION PROJECT CONSULTING LIMITED Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Application Security Consultant
✨Tip Number 1
Make sure to brush up on the OWASP Top 10 vulnerabilities, as this role heavily focuses on identifying these issues. Familiarity with these common security flaws will not only help you in the interview but also demonstrate your expertise in application security.
✨Tip Number 2
Since you'll be working independently, showcase your ability to manage projects and deliver results without supervision. Prepare examples from your past experience where you successfully conducted security audits or assessments on your own.
✨Tip Number 3
Highlight your technical writing skills by preparing a mock report based on a previous project or a hypothetical scenario. This will show your potential employer that you can produce clear, professional documentation, which is crucial for this role.
✨Tip Number 4
Familiarise yourself with the tools mentioned in the job description, like Snyk or Burp Suite. If you have experience using them, be ready to discuss how you've applied these tools in your previous roles to enhance your candidacy.
We think you need these skills to ace Senior Application Security Consultant
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience in Application Security, particularly focusing on your roles in AppSec consulting and Secure Code Review. Emphasise your familiarity with secure coding practices and the specific web frameworks mentioned in the job description.
Craft a Strong Cover Letter: Write a cover letter that showcases your understanding of the role and your relevant skills. Mention your experience with tools like Snyk, Checkmarx, or Burp Suite, and how you have applied secure coding principles in past projects.
Showcase Your Technical Writing Skills: Since the role requires producing a formal written report, include examples of previous audit or reporting work in your application. Highlight your ability to communicate complex technical findings clearly to both technical and non-technical stakeholders.
Highlight Relevant Certifications: If you hold any relevant certifications such as OSCP, CSSLP, GWAPT, or CEH, make sure to mention them prominently in your application. This will demonstrate your commitment to the field and enhance your credibility as a candidate.
How to prepare for a job interview at EVOLUTION PROJECT CONSULTING LIMITED
✨Showcase Your Technical Expertise
Be prepared to discuss your experience with secure coding practices and the specific web frameworks mentioned in the job description. Highlight any relevant projects where you performed static code analysis or security audits.
✨Familiarise Yourself with OWASP
Since the role involves assessing applications against the OWASP Top 10, make sure you can articulate what these vulnerabilities are and how they can be identified. This will demonstrate your knowledge and readiness for the position.
✨Prepare for Technical Writing Questions
Given that a key deliverable is a formal written report, be ready to discuss your technical writing skills. You might be asked to explain how you would structure your findings and recommendations in a clear and professional manner.
✨Discuss Tools and Methodologies
Be knowledgeable about the tools listed in the job description, such as Snyk and Burp Suite. Be prepared to discuss your experience with these tools and how you have used them in previous roles to identify vulnerabilities.
