Senior Application Security Consultant

About the Role We are seeking a highly experienced Application Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required. You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence-based security audit report . Key Responsibilities Perform static code analysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known issues. Produce a professional security report with risk ratings, findings, and recommendations. Required Skills & Experience 4 years in Application Security , AppSec consulting , or Secure Code Review roles. Deep understanding of secure coding practices in web frameworks (e.g., JavaScript, Python, PHP, Node.js). Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development principles. Strong technical writing and communication skills. Preferred certifications: OSCP , CSSLP , GWAPT , CEH , or equivalent. Deliverables One formal written report including: Executive summary for non-technical stakeholders. Technical breakdown of findings with severity and impact. Recommended mitigation guidance (no implementation expected). Why Join Us? Remote flexibility No remediation work — fully focused on review and advisory A project with high visibility and real-world impact Prompt onboarding and structured communication How to Apply Message us directly or email dylan@evlpc.com with your CV, availability, and examples of previous audit/reporting work if available.