At a Glance
- Tasks: Deliver hands-on security expertise in cloud and digital services, embedding security in DevSecOps.
- Company: Join a dynamic consultancy team focused on public sector projects.
- Benefits: Competitive rate, flexible work arrangements, and opportunities for professional growth.
- Other info: Embrace a diverse and inclusive workplace with excellent career advancement opportunities.
- Why this job: Make a real impact by enhancing security processes and influencing key decisions.
- Qualifications: Experience in DevSecOps, AWS/Azure, and stakeholder consulting required.
Location: London
Type: 1 day a week on-site
Clearance: Active SC Clearance
IR35: Outside
Rate: £400 - £500
Contingency: Must be able to start within 1-2 weeks
Sanderson G&D are seeking a Security Consultant with a broad technical skillset to operate with a technical consultancy supplying into the Public Sector. This is a great chance to join an exciting team and project area.
Responsibilities
- Deliver hands‐on technical security expertise across cloud and digital services, actively contributing to solution implementation rather than operating in an assurance or purely architectural capacity.
- Embed security within DevSecOps practices, advising on secure engineering approaches, tooling, automation, CI/CD pipelines, and helping teams "shift security left" while contributing directly to technical tasks as needed.
- Engage proactively with stakeholders across technical, delivery, and senior leadership communities - translating complex security issues into clear, actionable insights and influencing decision‐making.
- Work directly in AWS and/or Azure environments, supporting secure configuration, cloud-native security patterns, and hands‐on troubleshooting in live or developing services.
- Support continuous improvement by identifying opportunities to enhance security processes, automation, tooling, and team capability.
Essential Skills
- Demonstrable technical experience across DevSecOps tech stacks
- Demonstrable experience of operating in AWS/Azure Cloud Environments
- Zero Trust principles and practical implementation
- Secure by Design
- Logging, monitoring & detection: CloudWatch, Azure Monitor, Security Center/Defender, SIEM concepts
- Demonstrable experience of consulting stakeholders and customers.
- Experience of working with a consultancy
If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.
Security Consultant (DevSecOps) - SC Cleared - Outside IR35 in London employer: Sanderson Government & Defence
At Sanderson G&D, we pride ourselves on being an exceptional employer, offering a dynamic work culture that fosters collaboration and innovation. Our London-based team thrives on the opportunity to engage with cutting-edge technology in the public sector, while our commitment to employee growth ensures that you will have access to continuous learning and development opportunities. Join us to be part of a diverse community where your contributions are valued, and you can make a meaningful impact in the field of security consulting.
Contact Details:
Sanderson Government & Defence Recruitment Team
StudySmarter Expert Advice🤫
We think this is how you could land Security Consultant (DevSecOps) - SC Cleared - Outside IR35 in London
✨Get Active on Cybersecurity Forums
Join platforms like Stack Exchange and Reddit’s r/cybersecurity to hang out with industry pros, learn the latest, and share your insights. This will not only boost your visibility but also help you connect with potential clients who might need your freelance services.
✨Show Off Your Skills with Public Projects
Create a few open-source projects or contribute to existing ones that showcase your cybersecurity skills. Use GitHub to display your work, as this is an excellent way to attract clients looking for freelancers with a proven track record.
✨Attend Local Conferences and Meetups
Make sure to hit up cybersecurity meetups, workshops, and conferences in your area. These events are goldmines for networking, and you’ll often find people looking for freelancers after a chat over a coffee – so come prepared with your business cards and a killer elevator pitch!
✨Market Yourself Smartly
Set up a professional website that showcases your portfolio, expertise, and client testimonials. Optimise it for SEO with relevant keywords so potential clients searching for cybersecurity freelancers can easily find you. Don’t forget to link to your site on all your social media and profiles!
We think you need these skills to ace Security Consultant (DevSecOps) - SC Cleared - Outside IR35 in London
Some tips for your application 🫡
Show Your Skills Through a Strong Portfolio:Since you're applying for a freelance role in cybersecurity, it's crucial to showcase your technical skills through a detailed portfolio. Include case studies of projects you've worked on, any security tools you've developed or assessed, and specifics on the methodologies you’ve used. This will help Sanderson Government & Defence understand what you're capable of.
Certifications Matter!:Make sure to list any relevant certifications you hold, such as CISSP, CEH, or CompTIA Security+. Freelance clients often value these credentials as they reflect your expertise and commitment to the field. If you’re actively pursuing more certifications, don’t hesitate to mention that too!
Rates, Availability, and Your Work Style:In your application, it’s essential to be clear about your freelance rates and availability. Clients appreciate transparency. Mention how many hours a week you can dedicate and your preferred working hours, as this sets expectations from the start and shows you're organised and professional.
Tailor Your CV to Highlight Cybersecurity Experience:When crafting your CV, make sure to tailor it specifically to cybersecurity. Highlight projects, tasks, and achievements related to security assessments, vulnerabilities you've mitigated, or compliance work you've undertaken. Keywords relevant to the job can grab attention and increase your chances of landing a spot at Sanderson Government & Defence.
How to prepare for a job interview at Sanderson Government & Defence
✨Showcase Your Cybersecurity Skills
As a freelancer in cybersecurity, it’s crucial we demonstrate not just our knowledge but our practical skills too. Be ready to discuss specific tools you’ve used, like Wireshark or Metasploit, and share relevant experiences where you identified vulnerabilities or mitigated risks in past projects.
✨Prepare Your Portfolio
Unlike traditional roles, freelancing relies heavily on your portfolio. Let’s curate a selection of past work that showcases our best projects. If we’ve handled penetration tests, audits, or incident responses, be sure to highlight these in your portfolio, and share any client testimonials if we have them.
✨Stay Updated on Trends and Tools
Cybersecurity is an ever-evolving field, so we should be prepared to chat about recent developments and how they impact our work. Familiarise ourselves with the latest threats, tools, and frameworks, like MITRE ATT&CK, that are pertinent to the projects we’re pitching.
✨Pitching Your Value as a Freelancer
When freelancing, we often need to negotiate our rates and value propositions. Be ready to explain how our skills can help Sanderson Government & Defence protect their assets and manage risks. It can help to outline some potential strategies or improvements we could implement for them based on their current setup.
