National AI Awards 2025Discover AI's trailblazers! Join us to celebrate innovation and nominate industry leaders.

Nominate & Attend

Application Security Consultant

Advanced Resource Managers
Greater London
1 week ago
Create job alert

Senior Application Security Consultant
5 Months
£ per day (Inside IR35)
1-2 days per week on site in London


The Application Security Consultant will support the increasing demand for Information Security skills across Group Functions. With an ability to review existing applications and also engage on new services being offered, this role is critical to advising on how we embed security into our business operations.
This role will also play a key role in realising our Security Improvement programme across a number of our business areas and will require effective communication with a wide range of colleagues both technical and non-technical.


Principal accountabilities:
1. Security Design - Ensure projects consider security in the design by setting security needs and requirements to ensure alignment to L&G Security Policies and Standards, participating in Technology or Supplier selection as a security SME and applying threat and initial risk assessment approaches to select appropriate controls. Work with the Group wide Security Improvement Programme to ensure Group Functions services align with current Security requirements.
2. Security Assessment - Review the design of in-flight or existing services to conduct risk assessments, identify and articulate security gaps against L&G Security Policies and Standards. For gaps identify the related risks and potential options for management - articulate options to system or business owners.
3. Security Advice and Guidance - Be a source of expert Information Security advice, both to projects (i.e. consulting with architects or developers) and in an ad-hoc manner (responding to user queries) working closely with key stakeholders and business leaders to ensure security issues are understood and reviewing existing systems and services to prioritise security improvement activities.
4 Security Advocacy - Represent the Group Functions Security team to senior business stakeholders. Identify areas where the Security team, and wider IT team, can add additional benefit and support business ambitions
5 Security Representation - Represent the Group Functions IT team in interactions with the wider L&G Group and Security Improvement project, such as sitting on Steering Groups or Customer Engagement Workshops and ensure Group Functions interests are input and requests for input are passed to the correct teams
6. Security Maturity - Actively work to improve the Group Functions IT Security Maturity and Capability. Suggest enhancements to processes, update or establish procedures where required.
7. Treating Customers Fairly (TCF) - Ensure that all customers/stakeholders are treated fairly in line with Legal & General's principles on Customer Experience, Employee Engagement, Continuous Improvement and TCF policy.


Qualifications-
Appropriate security qualifications and memberships (e.g. CISSP, etc.) are desirable, but not essential or demonstrable equivalent experience.


Knowledge-
Information Security broadly, knowledge of Access Control security, transportation security, secure architecture principles, cryptography and operational controls (such as back-ups, resilient design, anti-virus) are essential
* Knowledge of Threat modelling, control frameworks and Risk assessment techniques (such as ISOx, COBIT, COSO, ITIL and NIST Cyber Security Framework) is desirable
* Knowledge of Cloud Security practices is desirable


Experience in the following areas would be beneficial-
* Security Design in projects (setting requirements, reviewing architecture)
* Risk assessment and control selection
* Critical review of products / vendors from a security perspective
* Experience of communicating to senior stakeholders in straightforward terms
* Dealing with ad-hoc user queries, where the role holder may not be an SME, and providing guidance in line with Security principles and seeking support from colleagues

Related Jobs

View all jobs

Application Security Consultant

Application Security Consultant - Cryptography, SC clearance

Application Security Consultant - Cryptography, SC clearance

Application Security Consultant – Cryptography, SC clearance

Application Security Consultant - Cryptography, SC clearance

Application Security Consultant

National AI Awards 2025

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

How to Present Cyber Security Solutions to Non-Technical Audiences: A Public Speaking Guide for Job Seekers

Cyber security is no longer just an IT issue—it’s a board-level priority. Whether you’re applying for a role in penetration testing, security operations, risk management, or compliance, your ability to clearly explain cyber threats and solutions to non-technical stakeholders is vital. This guide will help cyber security job seekers develop one of the most in-demand soft skills in the industry: public speaking. You’ll learn how to simplify complex concepts, structure effective presentations, use storytelling and analogies, and handle common stakeholder questions with confidence.

Cyber Security Jobs Employer Hotlist 2025: 50 UK Companies Actively Hiring Right Now

Bookmark this guide—refreshed every quarter—so you always know who’s really expanding their cyber security teams. Ransomware payouts broke records in 2024, the UK’s new Cyber Security Bill imposed mandatory breach disclosure, and the National Cyber Force’s move to Samlesbury has super‑charged the northern skills market. Result? Demand for security architects, SOC analysts, penetration testers, cloud‑security engineers, threat hunters & GRC specialists is at an all‑time high in 2025. Below you’ll find 50 organisations that have posted UK‑based cyber security vacancies or announced head‑count growth during the past eight weeks. They’re organised into five quick‑scan categories. For every employer you’ll see: Main UK hub Example live or recent vacancy Why it’s worth a look (tech stack, culture, mission) Search any company on CyberSecurityJobs.tech to view current ads, or set a free alert so fresh openings land straight in your inbox.

Return-to-Work Pathways: Relaunch Your Cyber Security Career with Returnships, Flexible & Hybrid Roles

Re-entering the workforce after a career break can feel especially challenging in a fast-moving field like cyber security. Whether you stepped away for parenting, caregiving or another life chapter, the UK’s cyber security sector now offers a range of return-to-work pathways—from structured returnships to flexible and hybrid roles. These programmes value the transferable skills and resilience you’ve developed during your break, pairing you with mentorship, upskilling opportunities and supportive networks to ease your transition back into cyber security. In this article, tailored for parents and carers, you’ll discover how to: Understand the growing demand for cyber security talent in the UK Translate your organisational, communication and problem-solving skills into cyber security roles Tackle common re-entry challenges with practical solutions Refresh your technical knowledge through targeted learning Access returnship and re-entry programmes specific to cyber security Find roles that accommodate family commitments—whether hybrid, flexible or full-time Balance your career relaunch with caring responsibilities Master applications, interviews and networking in cyber security Draw inspiration from real returner success stories Whether you aim to return as an analyst, penetration tester, security engineer or compliance specialist, this guide will equip you with the steps and resources to reignite your cyber security career.