Lead Security Engineer

Location: 1x Day London

Salary: £120k to £130k

We are partnering with a UK-based technology company specialising in secure, mission‑critical software platforms for government and defence. They’re looking to bring in the first Information Security hire who will own security across the board and will be joining at a pivotal point in the company’s growth where you will have the opportunity to shape and mature security strategy from the ground up.

You will collaborate closely with engineers and developers to embed secure‑by‑design principles within their engineering culture while partnering with the business to ensure AI‑driven initiatives are implemented securely. You will work closely with compliance experts across the organisation to ensure alignment with ISO and NIST standards.

• Build and lead a security programme aligned with business and compliance goals.
• Define and enforce company‑wide security policies and standards.
• Identify risks, manage the risk register, and drive remediation.
• Guide stakeholders (technical and non‑technical) on security risks, controls, and system design decisions.

• Champion secure SDLC practices with DevOps and engineering teams.
• Lead security programmes across endpoints, cloud, and customer‑facing products.
• Continuously improve security monitoring, tools, and incident readiness.

• Take ownership of security incidents as the primary point of contact.
• Coordinate response across internal teams, MSSP partners, and the SOC.

• Oversee third‑party penetration tests and security assessments, track findings, and verify remediation.

• Strong engineering experience, preferably in cloud or application security.
• Expertise in incident response, SOC operations, and working with MSSPs.
• Deep understanding of cloud‑native environments and infrastructure‑as‑code.
• Experienced in defining and implementing security policies and governance frameworks.

• UK Security Clearance (SC or DV), active or previously held.
• Preferred certifications: CISSP, CISM, or CISA.