Lead Security Engineer
Location: UK-wide (Remote-first)
Salary: £70,000 – £95,000 + bonus
We are seeking an experienced Lead Security Engineer to join a high-performing engineering function focused on building secure, scalable, and resilient platforms across modern cloud environments.
This is a senior technical leadership role combining hands-on security engineering with mentoring, strategy, and delivery oversight within agile teams.
Role Responsibilities
• Lead security engineering and security testing across cloud and application platforms
• Define and drive security testing methodologies, tooling, and best practices
• Perform and oversee security assessments including penetration testing and code reviews
• Embed security into CI/CD pipelines and continuous delivery practices
• Collaborate with engineering teams to ensure secure-by-design development
• Lead threat modelling activities and articulate risks across systems and architectures
• Guide adoption of security standards, frameworks, and compliance requirements
• Mentor and develop junior engineers within the security function
• Stay current with emerging threats, vulnerabilities, and attack techniques
Required Experience
• Strong experience securing web applications and cloud platforms (AWS or Azure)
• Hands-on experience with security testing, including manual and automated approaches
• Strong understanding of secure coding and secure software development lifecycle practices
• Experience working with CI/CD and DevSecOps practices
• Knowledge of security frameworks and standards (e.g. NCSC, NIST, CIS, OWASP, ISO27001, PCI DSS, GDPR)
• Strong understanding of common attack vectors (OWASP Top 10, XSS, SQL injection, etc.)
• Good programming or scripting ability across Linux/Windows environments
• Strong communication skills with the ability to explain technical security concepts to varied audiences
• Experience mentoring or leading small technical teams
Desirable Experience
• Security certifications such as OSCP, CREST, or equivalent
• Experience with tools such as Burp Suite, Nmap, Nessus, Metasploit, or similar
• Exposure to enterprise security tooling (WAF, IDS/IPS, SIEM, etc.)
• Active participation in the security community or knowledge sharing activities
• Experience working in Agile delivery environments
Eligibility Requirements
• Must be a UK citizen
• Must be eligible for UK Security Clearance
This is an excellent opportunity for a senior security professional looking to take ownership of security engineering practices in a modern cloud-first environment, while influencing both technical direction and team development.
For more information or a confidential discussion, please get in touch.