Security Engineer

Lead Security Engineer Location: UK-wide (Remote-first) Salary: £70,000 – £95,000 + bonus We are seeking an experienced Lead Security Engineer to join a high-performing engineering function focused on building secure, scalable, and resilient platforms across modern cloud environments. This is a senior technical leadership role combining hands-on security engineering with mentoring, strategy, and delivery oversight within agile teams. Role Responsibilities • Lead security engineering and security testing across cloud and application platforms • Define and drive security testing methodologies, tooling, and best practices • Perform and oversee security assessments including penetration testing and code reviews • Embed security into CI/CD pipelines and continuous delivery practices • Collaborate with engineering teams to ensure secure-by-design development • Lead threat modelling activities and articulate risks across systems and architectures • Guide adoption of security standards, frameworks, and compliance requirements • Mentor and develop junior engineers within the security function • Stay current with emerging threats, vulnerabilities, and attack techniques Required Experience • Strong experience securing web applications and cloud platforms (AWS or Azure) • Hands-on experience with security testing, including manual and automated approaches • Strong understanding of secure coding and secure software development lifecycle practices • Experience working with CI/CD and DevSecOps practices • Knowledge of security frameworks and standards (e.g.

NCSC, NIST, CIS, OWASP, ISO27001, PCI DSS, GDPR) • Strong understanding of common attack vectors (OWASP Top 10, XSS, SQL injection, etc.) • Good programming or scripting ability across Linux/Windows environments • Strong communication skills with the ability to explain technical security concepts to varied audiences • Experience mentoring or leading small technical teams Desirable Experience • Security certifications such as OSCP, CREST, or equivalent • Experience with tools such as Burp Suite, Nmap, Nessus, Metasploit, or similar • Exposure to enterprise security tooling (WAF, IDS/IPS, SIEM, etc.) • Active participation in the security community or knowledge sharing activities • Experience working in Agile delivery environments Eligibility Requirements • Must be a UK citizen • Must be eligible for UK Security Clearance This is an excellent opportunity for a senior security professional looking to take ownership of security engineering practices in a modern cloud-first environment, while influencing both technical direction and team development. For more information or a confidential discussion, please get in touch.