Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Conduct security reviews of web applications and deliver detailed audit reports.
- Company: Join a forward-thinking company focused on application security and innovation.
- Benefits: Enjoy remote work flexibility and focus solely on advisory tasks.
- Why this job: Make a real-world impact while working independently on high-visibility projects.
- Qualifications: 4+ years in AppSec roles with strong coding knowledge and technical writing skills.
- Other info: No remediation work required; just pure security assessment.
The predicted salary is between 43200 - 72000 £ per year.
We are seeking a highly experienced Application Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required. You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence-based security audit report.
Key Responsibilities
- Perform static code analysis and security audit of a web application.
- Identify potential vulnerabilities in logic, data handling, authentication, and access control.
- Assess the application against OWASP Top 10 and other secure coding standards.
- Review third-party dependencies for known issues.
- Produce a professional security report with risk ratings, findings, and recommendations.
Required Skills & Experience
- 4+ years in Application Security, AppSec consulting, or Secure Code Review roles.
- Deep understanding of secure coding practices in web frameworks (e.g., JavaScript, Python, PHP, Node.js).
- Familiarity with tools like Snyk, Checkmarx, Veracode, or Burp Suite (passive scanning).
- Knowledge of OWASP, CWE, and general secure software development principles.
- Strong technical writing and communication skills.
- Preferred certifications: OSCP, CSSLP, GWAPT, CEH, or equivalent.
Deliverables
- One formal written report including:
- Executive summary for non-technical stakeholders.
- Technical breakdown of findings with severity and impact.
- Recommended mitigation guidance (no implementation expected).
Why Join Us?
- Remote flexibility.
- No remediation work — fully focused on review and advisory.
- A project with high visibility and real-world impact.
- Prompt onboarding and structured communication.
How to Apply
Message us directly or email with your CV, availability, and examples of previous audit/reporting work if available.
Senior Application Security Consultant employer: EVOLUTION PROJECT CONSULTING LIMITED
Contact Detail:
EVOLUTION PROJECT CONSULTING LIMITED Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Application Security Consultant
✨Tip Number 1
Familiarise yourself with the OWASP Top 10 vulnerabilities and ensure you can discuss them in detail. This will not only show your expertise but also demonstrate your understanding of the key security issues that the role focuses on.
✨Tip Number 2
Brush up on your knowledge of secure coding practices specific to the web frameworks mentioned in the job description, such as JavaScript and Python. Being able to reference these frameworks during discussions will highlight your relevant experience.
✨Tip Number 3
Prepare to discuss your experience with tools like Snyk, Checkmarx, or Burp Suite. Having specific examples of how you've used these tools in past projects will make you stand out as a candidate who is ready to hit the ground running.
✨Tip Number 4
Since this role involves producing detailed reports, practice explaining complex technical findings in a way that non-technical stakeholders can understand. This skill will be crucial for delivering the executive summary and ensuring your recommendations are actionable.
We think you need these skills to ace Senior Application Security Consultant
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience in Application Security, particularly focusing on your roles in AppSec consulting and Secure Code Review. Emphasise your familiarity with secure coding practices and the tools mentioned in the job description.
Craft a Strong Cover Letter: Write a cover letter that showcases your understanding of the role and your relevant experience. Mention specific projects where you conducted security audits or assessments, and how your findings led to improved security measures.
Showcase Technical Writing Skills: Since the role requires producing a formal written report, include examples of previous audit reports or technical documentation you've created. This will demonstrate your ability to communicate complex information clearly and effectively.
Highlight Relevant Certifications: If you have any of the preferred certifications like OSCP, CSSLP, or CEH, make sure to mention them prominently in your application. These credentials can set you apart from other candidates and show your commitment to the field.
How to prepare for a job interview at EVOLUTION PROJECT CONSULTING LIMITED
✨Showcase Your Technical Expertise
Be prepared to discuss your experience with secure coding practices and the specific web frameworks mentioned in the job description. Highlight any relevant projects where you conducted security audits or code reviews, and be ready to explain your approach to identifying vulnerabilities.
✨Familiarise Yourself with OWASP Top 10
Since the role involves assessing applications against the OWASP Top 10, make sure you can articulate what these vulnerabilities are and how they can impact an application. Prepare examples of how you've addressed these issues in past roles.
✨Prepare for Technical Questions
Expect technical questions related to tools like Snyk, Checkmarx, Veracode, or Burp Suite. Be ready to discuss your experience with these tools, including how you've used them in previous audits and the outcomes of those assessments.
✨Demonstrate Strong Communication Skills
Since you'll need to produce a formal written report, it's crucial to demonstrate your ability to communicate complex technical findings clearly. Practice explaining your past audit results in a way that would be understandable to non-technical stakeholders.
