We're hiring a Lead Product Security Engineer
At tombola, we build experiences players can trust — and security is at the core of that promise. We're looking for a Lead Product Security Engineer to set the vision for product security, lead a small but mighty team, and make sure security is built into everything we create.
What you'll do:
Own our product security strategy
Lead & grow a small security team
Shift security left in our SDLC
Champion security tooling, automation & best practice
You'll need:
* Proven background in application/product security with leadership experience.
* Strong knowledge of mobile and web application security tooling and testing (SAST, DAST, CI/CD integration).
* Experience embedding security into the SDLC and agile practices.
* Familiarity with cloud security (Cloudflare and AWS preferred).
* Understanding of standards and frameworks (OWASP Top 10, ISO27001, PCI-DSS, NIST).
* Certifications like CISSP, OSCP, CEH, AWS are a bonus.
What's in it for you?
Quarterly bonus, hybrid working, private healthcare, 25+ days holiday, free meals & coffee, onsite gym, and loads of L&D.
Sunderland (Hybrid – 2 days at home) | Permanent
Apply now and lead the future of product security at tombola.