Job Title

About the RoleWe are seeking a highly experienced Application Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required.You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence-based security audit report.Key ResponsibilitiesPerform static code analysis and security audit of a web application.Identify potential vulnerabilities in logic, data handling, authentication, and access control.Assess the application against OWASP Top 10 and other secure coding standards.Review third-party dependencies for known issues.Produce a professional security report with risk ratings, findings, and recommendations.Required Skills & Experience4+ years in Application Security, AppSec consulting, or Secure Code Review roles.Deep understanding of secure coding practices in web frameworks (e.g., JavaScript, Python, PHP, Node.js).Familiarity with tools like Snyk, Checkmarx, Veracode, or Burp Suite (passive scanning).Knowledge of OWASP, CWE, and general secure software development principles.Strong technical writing and communication skills.Preferred certifications: OSCP, CSSLP, GWAPT, CEH, or equivalent.DeliverablesOne formal written report including:Executive summary for non-technical stakeholders.Technical breakdown of findings with severity and impact.Recommended mitigation guidance (no implementation expected).Why Join Us?Remote flexibilityNo remediation work — fully focused on review and advisoryA project with high visibility and real-world impactPrompt onboarding and structured communicationHow to ApplyMessage us directly or email dylan@ with your CV, availability, and examples of previous audit/reporting work if available.