Lead Security Engineer in London

Lead Security Engineer in London

London Full-Time 29465 - 44187 £ / year (est.) No working from home possible
Ironsail

At a Glance

  • Tasks: Lead the development of a robust security program in a dynamic, tech-driven environment.
  • Company: Join Ironsail, an innovative AI-driven healthcare technology company.
  • Benefits: Competitive salary, remote work, and the chance to shape security practices.
  • Other info: Enjoy autonomy and ownership while solving complex engineering challenges.
  • Why this job: Make a real impact by building security from the ground up.
  • Qualifications: 7+ years in security engineering or related fields; hands-on experience required.

The predicted salary is between 29465 - 44187 £ per year.

Requirements

  • We are specifically looking for engineers with 7+ years of hands‑on experience in one or more of the following: Dev Ops Engineering, Dev Sec Ops, Infrastructure Engineering, Systems Engineering, Cloud Engineering, Site Reliability Engineering (SRE), Security Engineering, or Senior Software Engineering with infrastructure ownership.
  • You have personally implemented production security controls including Linux administration, AWS, Azure and/or GCP, Identity & Access Management, Privileged Access Management, MFA, Endpoint Detection & Response, Vulnerability Management, Network Security, and Backup & Disaster Recovery.
  • You also have experience with Python, Bash, Power Shell, CI/CD security, Infrastructure as Code, Kubernetes, Docker, and cloud-native infrastructure.
  • You are comfortable using AI engineering tools such as Claude, Chat GPT, Gemini, Cursor, Git Hub Copilot, or similar tools in your daily workflow.
  • You can explain how AI improves your engineering workflow.
  • You are a builder who can quickly assess unfamiliar systems, identify high‑risk security issues, prioritize what matters, and implement improvements.
  • You have built security programs rather than only auditing them.
  • You enjoy startups, ambiguity, ownership, and solving difficult engineering problems.
  • Nice to have: healthcare or pharmaceutical experience, HIPAA, Cyber Ark, Delinea, Hashi Corp Vault, Kubernetes Security, Terraform, Incident Response, or Digital Forensics.
  • Certifications are appreciated but not required, including CISSP, CISM, CISA, Security+, or AWS Security Specialty.

Responsibilities

  • Assess our existing cloud infrastructure and security posture.
  • Design and implement security architecture improvements.
  • Harden Linux systems and cloud environments.
  • Secure applications, endpoints, and production infrastructure.
  • Design practical remediation strategies and build scalable security standards.
  • Implement and manage Privileged Access Management (PAM), Identity & Access Management (IAM), Multi‑Factor Authentication (MFA), Endpoint Detection & Response (EDR), Backup & Disaster Recovery, Network Security, and Secrets Management.
  • Build and own our vulnerability management program.
  • Use tools and processes such as Nessus, Qualys, security monitoring platforms, alerting, security metrics, configuration reviews, security code reviews, internal security assessments, access reviews, and phishing simulations.
  • Own remediation through completion.
  • Respond to incidents and perform root cause analysis.
  • Improve monitoring and operational resilience.
  • Automate repetitive security tasks and design secure engineering workflows.
  • Own employee onboarding and offboarding, role‑based access control, privileged account governance, least‑privilege access, and periodic access reviews.
  • Support compliance initiatives including HIPAA, SOC 2, and ISO 27001.
  • Support vendor security reviews, coordinate penetration tests, assist with cyber insurance requirements, and drive remediation of audit findings.
  • Use AI for threat investigations, security research, log analysis, incident response, security automation, Python scripting, report generation, vulnerability remediation, and infrastructure analysis.

Technologies

  • AI
  • AWS
  • Azure
  • Bash
  • Chat GPT
  • CI/CD
  • Cloud
  • Copilot
  • Cursor
  • Dev Sec Ops
  • Dev Ops
  • Docker
  • GCP
  • Git Hub
  • IAM
  • Support
  • Kubernetes
  • Linux
  • Network
  • Power Shell
  • Python
  • Security
  • Terraform
  • More

We are Ironsail, an AI‑driven healthcare technology company hiring for our first dedicated security engineer.

This is a remote, full‑time independent contractor role focused on building our security program from the ground up in a highly technical, engineering‑driven environment.

You will work directly with Engineering, Dev Ops, Product, and Leadership with significant autonomy to shape how security is designed, implemented, and scaled across our cloud infrastructure, applications, engineering processes, and internal systems.

We are looking for someone who enjoys ownership, ambiguity, and hands‑on problem solving, and who wants to build security as a core engineering function rather than a compliance checkbox.

#J-18808-Ljbffr

Lead Security Engineer in London employer: Ironsail

At Ironsail, we pride ourselves on being an exceptional employer that fosters a culture of innovation and collaboration. As a remote, AI-driven healthcare technology company, we offer our Lead Security Engineer the unique opportunity to build a security program from the ground up, with significant autonomy and support for professional growth. Our commitment to employee development, coupled with a dynamic work environment that embraces ambiguity and ownership, makes us an attractive choice for those seeking meaningful and rewarding employment in the tech industry.

Ironsail

Contact Details:

Ironsail Recruitment Team

We think you need these skills to ace Lead Security Engineer in London

DevOps Engineering
DevSecOps
Infrastructure Engineering
Systems Engineering
Cloud Engineering
Site Reliability Engineering (SRE)
Security Engineering