Lead security engineer

Lead Security EngineerLead Security Engineer role at a well-regarded digital transformation consultancySpecialism in penetration testing, web application security, and cloud security engineeringHybrid working model; Belfast or Northern Ireland baseCompetitive salary commensurate with seniority; details shared on applicationTechnical leadership role with real influence over security engineering methodology and toolingAbout the CompanyOur client is a well-established digital transformation consultancy that delivers platforms and services for some of the most complex and regulated organisations in the UK and internationally. Operating across public sector, healthcare, defence, and commercial markets, they combine serious technical depth with a strong culture of people development. Their security engineering practice is growing, and they are well regarded for delivering modern, secure digital services at pace and at scale.The RoleThis is a Lead Security Engineer position with hands-on technical scope and genuine team leadership responsibility. You will lead security engineering and penetration testing efforts across the consultancy's platforms and services, setting direction on testing methodology, engagement scoping, tooling selection, and output quality. Working alongside agile delivery teams, you will be the senior technical voice on security engineering and will actively coach and develop more junior members of the practice. If you are a security engineer who wants to lead from the front, shape how testing is done, and build something with a strong team behind you, this role is worth exploring.Key ResponsibilitiesLead security engineering and penetration testing efforts across web applications and cloud platformsSet direction on testing methodology, engagement scoping, tool selection, and the quality of outputsPerform and document penetration tests on web-based applications, networks, and infrastructureAssess software and infrastructure source code from a security standpointDrive Continuous Security, CI and CD practices across agile delivery teamsArticulate threats and risk clearly through threat modelling exercises and stakeholder workshopsMentor and develop junior security engineers, managing performance and supporting career developmentStay current with emerging threats, attack types, and evolving security toolingShare knowledge across the team and contribute to the wider security communityWhat You'll NeedEssential:Expert-level knowledge of web application and cloud platform security (AWS and/or Azure)Proven ability to perform and document penetration tests across web applications, networks, and computer systemsStrong experience assessing software and infrastructure source code from a security standpointSolid grounding in Continuous Security, CI and CD techniquesKnowledge of security standards including NCSC, NIST, CIS, PCI, GDPR, OWASP ASVS, HIPAA, SOC2Understanding of common attack vectors including OWASP Top 10, SQL injection, XSS, XXE and MITMGood programming or scripting experience across Windows, Linux, or MacOSExcellent communication skills across technical and non-technical audiencesDesirable / Nice to Have:Penetration testing qualifications such as OSCP, CREST, or TIGERHands-on experience with tooling including Burp Suite, OWASP-ZAP, NMAP, Nessus, Kali, or MetasploitExperience working with external pen test providers to translate findings into actionable remediation plansWhy Apply?Competitive salary reflecting lead-level scope and responsibility; figures shared at first conversationHybrid working model with genuine flexibilityStrong annual leave entitlementReal technical leadership scope with influence over methodology and toolingWork on high-impact programmes across public sector, defence, and commercial sectorsStructured career development and access to a strong peer group across security and engineeringCulture built around knowledge sharing and genuine investment in growing the practiceSkills:Security Architect Security Network Security Cloud SecurityBenefits:Work From HomeWHJS1_NI