AppSec Champion / DevSecOps Security SME

Job Title: AppSec Champion / DevSecOps Security SME
Contract Duration: 3-6 months
Location: Fully Remote
Contract Type: Umbrella only

Clearance: Eligible for SC or Active SC

About Us:
We manage over £200 billion on behalf of the UK government and serve 25 million customers. As one of the UK's largest retail savings organisations, security is central to everything we do.

Role Overview:
We are seeking an experienced DevSecOps Security SME to join our technology team on a contract basis. In this pivotal role, you will drive the adoption of secure software development practices, integrate security controls into our CI/CD pipelines, and lead application and infrastructure security efforts within a complex and highly regulated environment.

Key Responsibilities:

• Champion application security best practices across development teams.
• Embed security into continuous integration and continuous deployment (CI/CD) pipelines, ensuring automated security testing and compliance.
• Collaborate with developers, engineers, and security teams to identify and remediate vulnerabilities early in the development lifecycle.
• Lead cyber assurance initiatives, maintaining security posture aligned with regulatory and organizational standards.
• Provide expert advice and guidance on secure development methodologies and tooling.
• Contribute to the design and implementation of secure infrastructure solutions.

Key Skills and Experience:

• Proven expertise in Application Security and vulnerability management.
• Strong background in DevSecOps, including experience with CI/CD pipeline security integration.
• Familiarity with Cyber Assurance frameworks and practices.
• Hands-on development experience with security automation and secure coding principles.
• In-depth knowledge of security tools, technologies, and best practices in cloud and on-premise environments.
• Ability to operate effectively in a regulated environment, balancing security with business needs.