Lead Security Engineer

£70,000 to 95,000 GBP

Bonus

Remote WORKING
Type: Permanent

Lead Security Engineer

Location: UK-wide (Remote-first)

Salary: £80,000 - £95,000 + bonus

We are seeking an experienced Lead Security Engineer to join a high-performing engineering function focused on building secure, scalable, and resilient platforms across modern cloud environments.

This is a senior technical leadership role combining hands-on security engineering with mentoring, strategy, and delivery oversight within agile teams.

Role Responsibilities

• Lead security engineering and security testing across cloud and application platforms
• Define and drive security testing methodologies, tooling, and best practices
• Perform and oversee security assessments including penetration testing and code reviews
• Embed security into CI/CD pipelines and continuous delivery practices
• Collaborate with engineering teams to ensure secure-by-design development
• Lead threat modelling activities and articulate risks across systems and architectures
• Guide adoption of security standards, frameworks, and compliance requirements
• Mentor and develop junior engineers within the security function
• Stay current with emerging threats, vulnerabilities, and attack techniques

Required Experience

• Strong experience securing web applications and cloud platforms (AWS or Azure)
• Hands-on experience with security testing, including manual and automated approaches
• Strong understanding of secure coding and secure software development lifecycle practices
• Experience working with CI/CD and DevSecOps practices
• Knowledge of security frameworks and standards (e.g. NCSC, NIST, CIS, OWASP, ISO27001, PCI DSS, GDPR)
• Strong understanding of common attack vectors (OWASP Top 10, XSS, SQL injection, etc.)
• Good programming or scripting ability across Linux/Windows environments
• Strong communication skills with the ability to explain technical security concepts to varied audiences
• Experience mentoring or leading small technical teams

Desirable Experience

• Security certifications such as OSCP, CREST, or equivalent
• Experience with tools such as Burp Suite, Nmap, Nessus, Metasploit, or similar
• Exposure to enterprise security tooling (WAF, IDS/IPS, SIEM, etc.)
• Active participation in the security community or knowledge sharing activities
• Experience working in Agile delivery environments

Eligibility Requirements

• Must be a UK citizen
• Must be eligible for UK Security Clearance

This is an excellent opportunity for a senior security professional looking to take ownership of security engineering practices in a modern cloud-first environment, while influencing both technical direction and team development.

For more information or a confidential discussion, please get in touch.