Security Engineering Team Lead-Hybrid/Remote, SAST & Cloud in Bristol

Location: Bristol, London or Edinburgh (Hybrid)

Employment Type: Full-Time

Salary: Competitive

Overview

Our client is seeking an experienced Security Engineering Team Lead to drive and evolve its application security capability across modern engineering environments. This role combines hands‑on technical leadership with team management responsibilities, ensuring security is embedded into software engineering practices, cloud platforms, and CI/CD delivery pipelines. The successful candidate will play a key role in shaping secure‑by‑design development practices, implementing scalable application security tooling, and partnering closely with engineering, product, and platform teams to reduce risk while supporting fast‑paced delivery. This is an excellent opportunity for an experienced application security professional who enjoys operating in a player‑coach capacity, balancing strategic leadership with technical execution.

Responsibilities

• Lead, mentor, and develop a small application security team, setting priorities and ensuring effective delivery of security services.
• Own and manage application security tooling including SAST, SCA, DAST, and secrets management solutions.
• Integrate automated security controls and testing into CI/CD pipelines and engineering workflows.
• Define and maintain secure development standards, secure coding practices, and threat modelling frameworks.
• Collaborate with engineering, architecture, platform, and product teams to embed secure‑by‑design principles into systems and applications.
• Drive vulnerability identification, triage, remediation prioritisation, and risk management activities.
• Establish and monitor application security metrics including remediation timelines, tooling coverage, and risk reduction indicators.
• Support secure architecture reviews, particularly within cloud‑native and API‑driven environments.
• Stay informed on emerging threats, software supply chain risks, and evolving engineering practices including AI‑assisted development.
• Act as the primary application security lead for a key engineering domain, providing hands‑on technical expertise.
• Conduct deep‑dive security assessments including threat modelling, code reviews, and remediation support.
• Coordinate third‑party security assessments and ensure consistent security standards across externally developed applications.
• Plan and allocate security engineering resources across projects and priority initiatives.

Requirements

• Significant experience within application security, software engineering, or a related cyber security discipline.
• Proven experience leading, mentoring, or coaching engineers or security professionals.
• Hands‑on expertise with application security tooling such as SAST, DAST, SCA, and secrets management platforms.
• Experience integrating security controls into CI/CD pipelines using modern DevOps tooling.
• Strong understanding of Agile delivery, DevOps methodologies, and cloud-native architectures.
• Practical knowledge of secure coding practices, threat modelling, and vulnerability management.
• Ability to assess and prioritise security risks while balancing commercial and delivery objectives.
• Strong analytical and problem‑solving skills with a proactive approach to driving improvements.
• Excellent communication and stakeholder management capabilities.

Preferred Experience

• Experience supporting large‑scale engineering or digital transformation environments.
• Exposure to software supply chain security and AI‑assisted development practices.
• Experience working within highly collaborative cross‑functional engineering teams.

Our client offers a highly competitive benefits package designed to support employee wellbeing, flexibility, and long‑term career development, including:

• Competitive salary and discretionary bonus scheme
• Hybrid working model with flexibility for remote working
• Private medical insurance
• Life assurance
• Generous annual leave allowance with holiday purchase options
• Electric vehicle and cycle‑to‑work schemes
• Health and wellbeing support programmes
• Employee discount schemes and lifestyle benefits
• Enhanced family leave policies
• Volunteering days and community engagement initiatives
• Inclusive and flexible working culture