高级安全工程师

Lead Security Engineer Location: UK-wide (Remote-first) Salary: £70,000 – £95,000 + bonus We are seeking an experienced Lead Security Engineer to join a high-performing engineering function focused on building secure, scalable, and resilient platforms across modern cloud environments. This is a senior technical leadership role combining hands-on security engineering with mentoring, strategy, and delivery oversight within agile teams. Role Responsibilities: • Lead security engineering and security testing across cloud and application platforms • Define and drive security testing methodologies, tooling, and best practices • Perform and oversee security assessments including penetration testing and code reviews • Embed security into CI/CD pipelines and continuous delivery practices • Collaborate with engineering teams to ensure secure-by-design development • Lead threat modelling activities and articulate risks across systems and architectures • Guide adoption of security standards, frameworks, and compliance requirements • Mentor and develop junior engineers within the security function • Stay current with emerging threats, vulnerabilities, and attack techniques Required Experience: • Strong experience securing web applications and cloud platforms (AWS or Azure) • Hands-on experience with security testing, including manual and automated approaches • Strong understanding of secure coding and secure software development lifecycle practices • Experience working with CI/CD and DevSecOps practices • Knowledge of security frameworks and standards (e.g. NCSC, NIST, CIS, OWASP, ISO27001, PCI DSS, GDPR) • Strong understanding of common attack vectors (OWASP Top 10, XSS, SQL injection, etc.) • Good programming or scripting ability across Linux/Windows environments • Strong communication skills with the ability to explain technical security concepts to varied audiences • Experience mentoring or leading small technical teams Desirable Experience: • Security certifications such as OSCP, CREST, or equivalent • Experience with tools such as Burp Suite, Nmap, Nessus, Metasploit, or similar • Exposure to enterprise security tooling (WAF, IDS/IPS, SIEM, etc.) • Active participation in the security community or knowledge sharing activities • Experience working in Agile delivery environments Eligibility Requirements: • Must be a UK citizen • Must be eligible for UK Security Clearance This is an excellent opportunity for a senior security professional looking to take ownership of security engineering practices in a modern cloud-first environment, while influencing both technical direction and team development.

• 强大的Web应用和云平台安全经验（AWS或Azure）
• 具备安全测试经验，包括手动和自动化方法
• 熟悉安全编码和安全软件开发生命周期实践
• 具有CI/CD和DevSecOps实践经验
• 熟悉安全框架和标准（例如NCSC、NIST、CIS、OWASP、ISO27001、PCI DSS、GDPR）
• 熟悉常见攻击向量（OWASP Top 10、XSS、SQL注入等）
• 在Linux/Windows环境中具备良好的编程或脚本能力
• 具备向不同受众解释技术安全概念的沟通能力
• 具备指导或领导小型技术团队的经验

Anson McCade是一家专注于构建安全、可扩展且可靠的平台的高性能工程团队，专注于现代云环境。