We’re a small (but growing fast) IT consultancy, with a strong sense of ethics and a genuine wish to do the right thing. Since we formed in 2007 we’ve attracted a range of clients from small high-growth start-ups to large government organisations.

We provide technical design, architecture, business analysis and other skills to our clients, helping them deliver large and complex projects. We also provide software development services, building platforms from the ground up across a range of technologies and approaches.

We operate as a flat organisation, and believe in trusting and supporting all of our team to operate independently, making the most of their expertise in their field. We believe in giving everyone an opportunity to continually learn and grow in the direction they choose, and we actively help and support people to shape the career that they wish to have.

You believe in the same things that we do – honesty, trust, and doing what’s truly best for our clients. You’re reliable and able to work without close supervision (although we’ll do our best to support you as you need).

You’re comfortable talking to clients and you’re good at communicating. You’re happy analysing systems and working towards a deep understanding of a problem so that you can solve it well.

You want a role which will challenge you and where you’ll learn new things on a regular basis. You want to grow, and you want to work with like-minded people who’ll help you do so, offering guidance and mentorship where possible.

The Job
As part of the Security Architecture team, you will provide the bridge between Information Assurance and Project Delivery. You will be the information security point of contact and subject matter expert to the project and devops teams, enabling them to understand and implement security controls to meet the security requirements of the programme.

You will be translating information security requirements and controls to meaningful application level information the developers understand, providing support for security testing, source code analysis and responding to the technical security related questions and tasks that will arise on a day to day basis.

The job will be based onsite in Central London alongside the project delivery teams. Therefore reasonable proximity and a willingness to travel to London is important


  • +5 years of Information Security experience, supported by preferably a CISSP or CSSLP certification
  • Experience of securing web applications and APIs/web services
  • Experience of secure SDLC methods, agile preferred.
  • Knowledge of secdevops and continuous delivery
  • Knowledge of web application security testing methodologies, dynamic and static Source Code Analysis, vulnerability assessments and penetration testing.
  • Broad Technical knowledge in information security across applications and infrastructure

Tagged as: cissp, csslp, sdlc