DevSecOps Security Consultant- 12 Months- Inside IR35- Hybrid in Sheffield

DevSecOps Security Consultant- 12 Months- Inside IR35- Hybrid in Sheffield

Role Overview

A 12-month hybrid contract role based in Sheffield paying £550 per day, with 4 positions available, for a senior Cybersecurity SME/Consultant joining an Engineering Excellence and Enablement function. The role is focused on embedding security into engineering platforms and DevSecOps practices within a large, regulated environment. The successful candidate will drive platform security maturity through framework development, assessment, and continuous improvement, while engaging extensively with senior stakeholders.

Key Responsibilities

• Lead framework and assessment activities to evaluate and strengthen platform security across engineering environments.
• Drive engineering platform security enablement, embedding secure practices across CI/CD pipelines, build tools, and developer tooling.
• Develop and execute security roadmaps, building maturity models and frameworks to guide long-term improvement.
• Engage senior stakeholders and federated technology teams to drive governance, alignment, and adoption of security practices.
• Champion continuous improvement, identifying gaps and refining security controls and processes over time.

Top 5 Skills

• Regulated sector cybersecurity experience - Proven expertise within large-scale, regulated financial institutions or similarly complex environments, with 12-18 years of overall experience.
• Engineering platform security - Deep technical knowledge of CI/CD systems, build tools, artifact repositories, runtime environments, and developer tooling.
• DevSecOps practices - Strong experience designing secure pipelines, integrating security scanning tools, and automating security controls.
• Technical security breadth - Strong knowledge across service mesh, cryptography, network security, application security, vulnerability management, and risk management.
• Strategic stakeholder engagement - Demonstrated ability to conduct threat modelling and security assessments, build maturity frameworks, and influence senior leadership to drive change across federated teams.