Role: Cyber Security Engineer
Contract Duration: Until 1st October 2025
Rate: £700/day
Security Clearance: SC required
Expenses: Reimbursed when travelling away from base office

A leading digital security function is seeking an experienced Cyber Security Engineer to strengthen its Application Security (AppSec) capabilities. This role focuses on embedding automated security controls within CI/CD pipelines and delivering hands-on testing of cloud-based services.

Key Responsibilities:

• Conduct penetration tests and security assessments on web apps, APIs, and cloud platforms

• Review and optimise security automation tools within CI/CD workflows (SAST, DAST, IaC scanning, etc.)

• Partner with developers to fix vulnerabilities and champion secure coding

• Provide subject-matter expertise in cloud security (AWS, Azure, or GCP) and DevSecOps tooling

• Ensure security compliance across the development lifecycle, aligned with NCSC and industry standards

Required Experience:

• Proven track record in pen testing, vulnerability assessments, and ethical hacking

• Hands-on with tools such as Burp Suite, ZAP, Nmap, Metasploit

• Deep understanding of secure cloud infrastructure (AWS/Azure) and scripting (Python, Bash)

• Familiarity with DevSecOps tools (e.g. Veracode, GitHub Advanced Security)

• Certifications such as OSCP or CREST/TIGER

Bonus Skills:

• Experience within the CHECK scheme

• Knowledge of UK public sector security practices

• Exposure to threat modelling and secure system design