An exciting newly created role for a Security Operations Lead, joining a specialist software company at a pivotal stage of growth. This is a hands-on leadership role at the heart of Platform Engineering. You'll run the security working group, own the vulnerability management lifecycle, and embed security across development, platform, and product. Making it a shared responsibility, not a siloed function. You'll need sharp technical instincts, sound judgement, and the ability to make complex risk legible to an executive audience. What You'll Do: Security Leadership Lead the security working group, setting priorities and driving resolution Translate threat intelligence into actionable engineering tasks and deliver monthly risk summaries to the ELT Vulnerability & Incident Management Own the full vulnerability lifecycle: discovery, triage, remediation, and reporting Coordinate incident response and set risk-based remediation timelines Security Tooling Own and evolve the security tool stack (SAST, DAST, SCA, secrets management) and integrate it into CI/CD pipelines Drive adoption of dependency scanning, artifact verification, and SBOM tooling, ensuring tools produce signal, not noise Experience: Strong application and infrastructure security background in cloud-native environments, with hands-on experience across CI/CD, containerisation, and infrastructure-as-code Deep understanding of common vulnerability classes (OWASP Top 10 and beyond) and practical experience with SAST, DAST, SCA, and secrets scanning tooling Proven end-to-end vulnerability management and incident response experience, including supply chain risk mitigation The ability to assess risk and make clear prioritisation calls, even with imperfect information A track record of leading cross-team security initiatives without direct authority, aligning stakeholders with competing priorities Experience improving security culture across engineering teams with diverse tech stacks Strong communicator, able to move between engineering detail and board-level risk narrative with ease Familiarity with ISO 27001, Cyber Essentials, or similar frameworks is a bonus Benefits: Private healthcare Life assurance & income protection Enhanced maternity Electric vehicle & cycle to work salary sacrifice Pension with NI savings & matched share scheme Flexible working & employee discounts Please apply now if you are meeting the above criteria or contact Andrew Harrison directly.