Security Engineer

Lead Security Engineer

Location: UK-wide (Remote-first)

Salary: £70,000 – £95,000 + bonus

We are seeking an experienced Lead Security Engineer to join a high-performing engineering function focused on building secure, scalable, and resilient platforms across modern cloud environments.

This is a senior technical leadership role combining hands-on security engineering with mentoring, strategy, and delivery oversight within agile teams.

Role Responsibilities

• Lead security engineering and security testing across cloud and application platforms

• Define and drive security testing methodologies, tooling, and best practices

• Perform and oversee security assessments including penetration testing and code reviews

• Embed security into CI/CD pipelines and continuous delivery practices

• Collaborate with engineering teams to ensure secure-by-design development

• Lead threat modelling activities and articulate risks across systems and architectures

• Guide adoption of security standards, frameworks, and compliance requirements

• Mentor and develop junior engineers within the security function

• Stay current with emerging threats, vulnerabilities, and attack techniques

Required Experience

• Strong experience securing web applications and cloud platforms (AWS or Azure)

• Hands-on experience with security testing, including manual and automated approaches

• Strong understanding of secure coding and secure software development lifecycle practices

• Experience working with CI/CD and DevSecOps practices

• Knowledge of security frameworks and standards (e.g. NCSC, NIST, CIS, OWASP, ISO27001, PCI DSS, GDPR)

• Strong understanding of common attack vectors (OWASP Top 10, XSS, SQL injection, etc.)

• Good programming or scripting ability across Linux/Windows environments

• Strong communication skills with the ability to explain technical security concepts to varied audiences

• Experience mentoring or leading small technical teams

Desirable Experience

• Security certifications such as OSCP, CREST, or equivalent

• Experience with tools such as Burp Suite, Nmap, Nessus, Metasploit, or similar

• Exposure to enterprise security tooling (WAF, IDS/IPS, SIEM, etc.)

• Active participation in the security community or knowledge sharing activities

• Experience working in Agile delivery environments

Eligibility Requirements

• Must be a UK citizen

• Must be eligible for UK Security Clearance

This is an excellent opportunity for a senior security professional looking to take ownership of security engineering practices in a modern cloud-first environment, while influencing both technical direction and team development.

For more information or a confidential discussion, please get in touch.