Security Engineering Lead

Role Purpose

The Security Engineering Lead is responsible for defining, implementing, and managing the organisation's end-to-end Vulnerability Management Programme (VMP). Working closely with other teams and providers, the role ensures a single, consolidated view of vulnerabilities across all enterprise assets spanning penetration tests results, customer findings, SOC detections, vulnerability scanning solutions (e.g. Qualys and Nessus), Cloud Security Posture Management (Azure/AWS), Microsoft Secure Score, security assessments and other sources.

Beyond vulnerability lifecycle management, the role provides implementation and daily management for WAF, Zero Trust Network Access (ZTNA), and DevSecOps integration, ensuring all edge, cloud, and application security controls are operationalised, measurable, and audit-ready. This position is central to the organisation's transformation towards proactive, intelligence-driven, and risk-based security with metrics regularly reported to the Board and CISO.

Skills and Experience

• 7+ years of experience in Cloud Security, Security Engineering, or DevSecOps roles.
• Proven hands-on experience with Cloudflare WAF and Cloudflare Zero Trust platform.
• Deep understanding of HTTP/S, CDN, reverse proxy, and DNS architecture.
• Experience operating Qualys or Nessus vulnerability management platforms.7
• Knowledge of Zero Trust Architecture and identity-based access models.
• Familiarity with SIEM integration, and incident response.
• Strong grasp of OWASP Top 10, CVE management, and secure configuration standards
• Experience working with Entra ID and MFA integration.
• Excellent communication, documentation, and stakeholder engagement skills.