Principal Security Engineer

Principal Security Engineer – London (Hybrid, 4 days onsite)

6 Month Contract

Join a major retail transformation programme as the senior cyber security authority, driving secure-by-design principles across the full project lifecycle from requirements through to BAU handover.

Key Responsibilities

  • Lead threat modelling, security architecture, design assurance, testing, deployment, and operational handover.
  • Own cyber security sign-off and Definition-of-Done evidence across all programme stages.
  • Validate security controls against CIS Controls v8.1, NIST CSF, and ISO 27001 frameworks.
  • Drive penetration testing, control validation, security monitoring, and risk reduction activities.
  • Engage with senior stakeholders, Security Councils, external assurance teams, and programme leadership.
  • Ensure audit-ready evidence, governance compliance, and operational security readiness.

Essential Skills

  • 10+ years' enterprise cyber security engineering and architecture experience.
  • Strong expertise in CIS Controls v8.1, threat modelling (STRIDE, MITRE ATT&CK, OWASP), and security assurance.
  • Hands-on experience with penetration testing, vulnerability management, SIEM, endpoint security, and DevSecOps.
  • Experience working within large-scale transformation programmes.
  • CISSP certification plus one of CISM, CISA, CCSP, CRISC, or SABSA.
  • Strong stakeholder management and executive communication skills.

Technology Exposure:

Microsoft Sentinel, Elastic, CrowdStrike, Defender, Zscaler, Qualys, Snyk, Semgrep, Burp Suite, Akamai WAF, BMC Helix, Azure DevOps, Jira, Power BI.

For more information and direct contact with me, please send me an email and call only if required. I will be sure to check responses daily and shortlist the best candidates; if you are shortlisted, you will hear from me.

Josh@gazellegc.com

+44 7908143845

Apply Now
Apply Now

Job Details

Company
Gazelle Global
Location
City of London, London, United Kingdom
Posted