Salary: £? - ? per year
Requirements
- We are looking for an experienced Product Security, Application Security, or secure software engineering contractor.
- We need strong knowledge of secure SDLC, threat modelling, and vulnerability management.
- We need experience with security testing, code analysis, or vulnerability scanning tools.
- We need knowledge of OWASP, NIST, or similar secure coding frameworks.
- We need an understanding of encryption, PKI, networking, and common security threats.
- We are looking for someone comfortable working in a regulated or quality-driven environment.
- Nice to have: embedded or IoT security experience, Wi‑Fi security knowledge, or security certifications.
Responsibilities
- We drive secure development practices across the SDLC.
- We lead threat modelling, risk assessments, and vulnerability management.
- We review software and product designs from a security perspective.
- We support engineering teams with secure coding and remediation guidance.
- We use static and dynamic analysis tools to identify and reduce risk.
- We contribute to security documentation and incident support.
Technologies
- Embedded
- IoT
- Support
- OWASP
- Security
More
We are hiring an experienced Product Security / AppSec contractor to support secure product development across new and existing software‑led products. This is an immediate contract with a global business, focused on secure SDLC, threat modelling, and vulnerability management across complex regulated products. We will work closely with engineering, quality, and security teams to improve secure‑by‑design practices, reduce risk, and support remediation throughout the development lifecycle. This is a hands‑on technical role with real ownership, broad scope across security engineering, risk, and remediation, and strong potential for extension. The role is hybrid with 2 days per week onsite, on a 6‑month initial contract, with a likely extension and a start date of 01/07. The hourly rate is negotiable depending on experience.
