Cyber Security Engineer
London (Hybrid with 2/3 days on site p/week)
Inside IR35 – Initial 4 month contract
The successful candidate will be joining Application Security Team (AppSec team) focused on building security automation into delivery pipelines and conducting security focused tests against digital services.
Key Responsibilities
- Perform penetration testing and vulnerability assessments of web applications, APIs, and cloud infrastructure.
- Evaluate the automated security tooling into CI/CD pipelines (SAST, DAST, dependency checking, IaC etc), and make necessary recommendations.
- Collaborate with developers to remediate identified vulnerabilities and ensure secure code practices.
- Provide expert input on cloud security (AWS, Azure, or GCP) and DevSecOps tooling.
- Assist in maintaining security assurance across the SDLC in line with MoJ and NCSC guidelines.
Essential Criteria
- Penetration testing, ethical hacking, or vulnerability assessments.
- Security testing tools (e.g., Burp Suite, OWASP ZAP, Nikto, Nmap, Metasploit, etc.).
- DevSecOps principles and tools (e.g., Veracode, SonarQube, GitHub Advanced Security, IaC scanning, etc.).
- Secure Cloud Infrastructure, specifically AWS and Azure.
- Scripting and automation using Python and Bash.
- Certifications: OSCP or CREST / TIGER Scheme.
- Strong communication skills and the ability to explain security issues to technical and non-technical stakeholders.
London (Hybrid with 2/3 days on site p/week)
Inside IR35 – Initial 4 month contract
The successful candidate will be joining Application Security Team (AppSec team) focused on building security automation into delivery pipelines and conducting security focused tests against digital services.
Key Responsibilities
- Perform penetration testing and vulnerability assessments of web applications, APIs, and cloud infrastructure.
- Evaluate the automated security tooling into CI/CD pipelines (SAST, DAST, dependency checking, IaC etc), and make necessary recommendations.
- Collaborate with developers to remediate identified vulnerabilities and ensure secure code practices.
- Provide expert input on cloud security (AWS, Azure, or GCP) and DevSecOps tooling.
- Assist in maintaining security assurance across the SDLC in line with MoJ and NCSC guidelines.
Essential Criteria
- Penetration testing, ethical hacking, or vulnerability assessments.
- Security testing tools (e.g., Burp Suite, OWASP ZAP, Nikto, Nmap, Metasploit, etc.).
- DevSecOps principles and tools (e.g., Veracode, SonarQube, GitHub Advanced Security, IaC scanning, etc.).
- Secure Cloud Infrastructure, specifically AWS and Azure.
- Scripting and automation using Python and Bash.
- Certifications: OSCP or CREST / TIGER Scheme.
- Strong communication skills and the ability to explain security issues to technical and non-technical stakeholders.
We want to hear from you…
Ping us a mail
info@copello.co.ukSend us a message
Get in touchLet's have a chat
+44 (0)23 9310 0594Apply Now
Follow Us
Stop by for a coffee
Spectrum Building,
Solent Business Park,
1600 Parkway, Whiteley,
Fareham, PO15 7AH
Affiliations
