Our client is a leading digital and technology consultancy, recognised among The Times Top 100 Companies to Work For, delivering secure, large-scale platforms across cloud-first environments. The organisation partners with clients to build resilient, scalable systems with security engineered at their core.
This opportunity is suited to someone ready to take ownership of security engineering practices across modern cloud platforms, combining hands-on technical expertise with leadership, mentoring, and influence across engineering teams.
You'll have the opportunity to:
Lead security engineering across cloud and application platforms
Define and evolve security testing methodologies and tooling
Embed security into CI/CD pipelines and DevSecOps practices
Influence secure-by-design engineering approaches across teams
Lead threat modelling and communicate risks effectively
Mentor engineers and support capability growth within the function
Shape how security is implemented across modern, scalable platforms
Your Responsibilities
Lead and deliver security testing and engineering activities across platforms
Perform and oversee penetration testing, code reviews, and security assessments
Develop and implement secure development and testing practices
Integrate security tooling into continuous delivery pipelines
Work closely with engineering teams to ensure security is embedded early
Lead threat modelling exercises across systems and architectures
Support adoption of security frameworks and compliance standards
Mentor and develop engineers within the security capability
Stay current with emerging threats, vulnerabilities, and techniques
Key Requirements
Strong experience securing web applications and cloud platforms (AWS or Azure)
Hands-on experience with manual and automated security testing
Strong understanding of secure coding and SDLC practices
Experience working within CI/CD and DevSecOps environments
Knowledge of security frameworks such as:
NCSC
NIST
CIS
OWASP
ISO27001
PCI DSS / GDPR
Strong understanding of common attack vectors (e.g. XSS, SQL injection)
Scripting or programming capability across Linux/Windows environments
Strong communication skills with ability to explain technical concepts clearly
Experience mentoring or leading small technical teams
You will gain exposure with:
Enterprise-scale cloud platforms and modern security architectures
DevSecOps tooling and integrated security pipelines
Advanced security testing techniques and real-world threat scenarios
Security tooling such as Burp Suite, Nmap, Nessus, Metasploit