Security Consultant
Posted 1 week ago by Fruition Group
Negotiable
Outside
Remote
England, United Kingdom
Summary: The Security Consultant role involves enhancing the Secure Software Development Lifecycle (SDLC) within a large-scale environment, focusing on application security and project delivery. The consultant will influence security integration throughout the project lifecycle and ensure secure solutions are developed from the outset. This position requires a proactive approach to vulnerability management and security controls, acting as a trusted advisor across various teams. The contract is for 9 months and is classified as outside IR35.
Key Responsibilities:
- Lead improvements to the Secure Software Development Lifecycle, aligned to NIST CSF 2.0.
- Act as an Application Security / Project Guardian, embedding security across delivery lifecycles.
- Review and tighten existing vulnerability management practices.
- Define and document end-to-end security requirements in a clear, accessible format for delivery teams.
- Ensure security controls are applied at the right stage of projects, regardless of entry point.
- Bring together application, platform, cloud, and infrastructure security to ensure cohesive SDLC controls.
- Validate that back-end and platform security controls are correctly implemented and fit for purpose.
- Operate as a trusted internal security advisor, balancing risk, delivery timelines, and business objectives.
Key Skills:
- Proven experience improving Secure SDLC maturity within complex environments.
- Strong knowledge of NIST CSF, application security, and secure-by-design principles.
- Experience working with ISMS environments.
- Hands-on capability across vulnerability management, security assessments, and control validation.
- Ability to translate security requirements into practical, delivery-ready guidance.
- Experience working autonomously across multiple teams with competing priorities.
- Strong understanding of cloud and platform security (AWS, Kubernetes, APIs, IAM).
- Pragmatic approach to risk management in agile delivery environments.
Salary (Rate): undetermined
City: undetermined
Country: United Kingdom
Working Arrangements: remote
IR35 Status: outside IR35
Seniority Level: undetermined
Industry: IT
Job title: Security Consultant
Location: UK
Remote Contract: 9 months, Outside IR35
Why Apply? This contract role offers the opportunity to play a key part in strengthening an established Secure SDLC within a complex, large-scale environment. You'll work across application security and project delivery, influencing how security is embedded throughout the lifecycle and helping teams build solutions securely from the outset.
Responsibilities:
- Lead improvements to the Secure Software Development Lifecycle, aligned to NIST CSF 2.0.
- Act as an Application Security / Project Guardian, embedding security across delivery lifecycles.
- Review and tighten existing vulnerability management practices.
- Define and document end-to-end security requirements in a clear, accessible format for delivery teams.
- Ensure security controls are applied at the right stage of projects, regardless of entry point.
- Bring together application, platform, cloud, and infrastructure security to ensure cohesive SDLC controls.
- Validate that back-end and platform security controls are correctly implemented and fit for purpose.
- Operate as a trusted internal security advisor, balancing risk, delivery timelines, and business objectives.
Requirements:
- Proven experience improving Secure SDLC maturity within complex environments.
- Strong knowledge of NIST CSF, application security, and secure-by-design principles.
- Experience working with ISMS environments.
- Hands-on capability across vulnerability management, security assessments, and control validation.
- Ability to translate security requirements into practical, delivery-ready guidance.
- Experience working autonomously across multiple teams with competing priorities.
- Strong understanding of cloud and platform security (AWS, Kubernetes, APIs, IAM).
- Pragmatic approach to risk management in agile delivery environments.
We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation or age.