Remote Working Application Security Contract Jobs
Senior Combined ADHD Assessor & Prescriber for Children - Redruth, Cornwall
Posted 1 day ago by Paloma Health
The role of Senior Combined ADHD Assessor & Prescriber for Children at Paloma involves delivering high-quality ADHD neur...
- Rate £67,000 per year
- Category Outside
- Work type Remote
- Location Redruth, Cornwall
Stay Updated on Contract Jobs
Never miss another opportunity with our email alerts.
Save your searches to be notified as soon as new jobs are added.
Sort By
Saved Searches
No saved searches yet
Filters
IR35 Status
Working Arrangements
Industry
Sector
Posted By
Country
Seniority Level
Date Posted
Contract Rate
About Our Remote Working Application Security Contract Roles
What does a application security contractor do?
Application Security contractors are engaged to identify, assess, and help remediate security vulnerabilities within software applications across the development lifecycle. The work spans a range of activities including secure code review, penetration testing of web and mobile applications, threat modelling, security architecture review, and the integration of security practices into DevSecOps pipelines. Application Security contractors are brought in when organisations need specialist security expertise that their development teams do not hold, when a specific application requires a security assessment ahead of launch, or when a security remediation programme requires dedicated resource.
Technical skills in Application Security contracting are deep and specialised. Contractors need strong knowledge of the OWASP Top 10 and broader application vulnerability classes, hands-on experience with penetration testing tools such as Burp Suite, and the ability to conduct both manual and automated security assessments of web applications, APIs, and mobile applications. Experience reviewing code for security issues across languages such as Java, Python, JavaScript, or .NET is a common requirement. For DevSecOps-focused roles, knowledge of integrating security tooling into CI/CD pipelines using tools such as SonarQube, Snyk, or Checkmarx is increasingly required. Relevant certifications including OSCP, CEH, or GWAPT are well regarded and frequently listed as requirements.
What is the market like for application security contractors?
Application Security contracting is a high-demand specialist market, driven by the increasing pace of software delivery and the growing recognition that security must be embedded in development processes rather than applied retrospectively. The shift towards DevSecOps across technology organisations is creating sustained demand for contractors who can work within agile engineering teams as well as conducting standalone assessments. Financial services, fintech, and e-commerce organisations are among the most active buyers, though demand is growing across all sectors that handle sensitive data or operate regulated digital services. Supply of experienced Application Security contractors remains limited relative to demand, supporting strong rate levels.
What does 'remote working' mean for application security contractors?
Remote contract roles are delivered primarily from the contractor's own location rather than the client's premises. In the UK contractor market, "remote" covers a range of arrangements, from fully remote with no on-site requirement through to predominantly remote roles that involve periodic travel for workshops or stakeholder meetings, typically a few days per month.
Remote contracts can show different rate patterns compared to on-site or hybrid positions. In some cases, remote working reduces location-driven rate premiums; in others, rates remain aligned to the employer's location or market benchmarks. As with all contract roles, rates are primarily driven by scope, expertise, and delivery expectations rather than working arrangement alone.
The availability of remote contracting varies by role and sector. Technology, data, and digital roles offer the broadest remote opportunities, while financial services and government clients more commonly require hybrid arrangements. Contractors evaluating remote opportunities should clarify on-site expectations before accepting, as definitions of "remote" vary between clients.
How much do application security contractors usually earn when working remotely?
Contract rates for application security roles typically range from £550 to £950 per day, depending on the scope of the role, required expertise, and the delivery expectations of the engagement. Remote roles may sit at different points within this range depending on the employer's location and whether any on-site attendance is required.
How many remote working application security vacancies are there on Quality Contracts?
Over the past twelve months, we have tracked over 150 application security contract roles across the site. Around 50% of the jobs currently listed on Quality Contracts offer some sort of remote or hybrid working arranegment. Data reviewed up to June 2026.