At a Glance
- Tasks: Shape and enhance our cyber resilience programme as a Lead Security Engineer.
- Company: Join World of Books Group, a certified B Corp and leader in pre-loved books.
- Benefits: Enjoy remote/hybrid work, flexible hours, and a modern toolchain.
- Other info: Be part of a mission-driven company focused on sustainability and growth.
- Why this job: Make a real impact in security while working with cutting-edge technology.
- Qualifications: 5+ years in security engineering with hands-on experience in cloud security and identity management.
The predicted salary is between 70000 - 90000 £ per year.
This is a role for someone who wants to shape rather than maintain.
The Opportunity World of Books Group is a certified B Corp and one of the world's largest sellers of pre-loved books, operating across the UK, US, and Hungary. Our technology estate spans cloud platforms, e-commerce marketplaces, in-house engineering, and a broad SaaS footprint — and we're looking for the person who will make it safer.
As Lead Security Engineer, you'll design, build, and operate the controls that underpin our cyber resilience programme. You'll report directly to the Group Information Security Manager and work with real autonomy — shaping the roadmap, choosing the tools, and driving the engineering work that moves our security maturity forward. This is a genuinely hands-on role. You'll treat AI and automation as force multipliers, influence across IT, Engineering, Product, and Finance without holding formal authority, and leave decisions documented in a way that outlasts individuals.
What You'll Focus On
- Asset and Application Visibility: establishing continuous, automated discovery and ownership of our hardware, software, cloud, and SaaS estate
- Zero Trust Enforcement: identity-aware access controls across remote and internal services
- Data Loss Prevention: phased DLP coverage against our highest-risk data flows
- Identity Lifecycle: strengthening JML processes in Entra ID and key SaaS platforms
Your wider remit will grow to include detection engineering, vulnerability management, AI security governance, third-party risk, and security tooling strategy — you'll help set the sequence.
What We're Looking For
- 5+ years in security engineering or architecture, with clear progression in technical depth
- Hands-on delivery across at least three of: cloud security (GCP/AWS), identity and access management (Entra ID), SIEM and detection engineering, DLP, zero trust
- Sound judgment under uncertainty — you can make and defend security decisions with incomplete data
- Practical AI and automation fluency — you use it habitually to multiply your impact
- A track record of influencing engineering, product, and leadership stakeholders
- Comfortable in a small, high-trust team where you set your own direction
Nice to have:
- Experience with Rapid7 InsightVM / InsightIDR, SentinelOne, Cloudflare, OneTrust, Microsoft Purview, or KnowBe4
- Background in e-commerce, marketplace, or retail technology
- Familiarity with NIST CSF, ISO 27001, OWASP LLM Top 10, or similar frameworks
What We Offer
- Remote / hybrid working, UK-based, with flexible London office presence
- A clear mandate to drive change — not maintain the status quo
- A modern toolchain: Rapid7 (MDR), SentinelOne, OneTrust, and AI tooling at org level
- A business with genuine mission — B Corp certified, sustainability-led, and growing
What Success Looks Like in Year One
- A current, trusted view of the full asset and application estate with clear ownership
- A progressing zero trust enforcement capability, with measurable reduction in implicit-trust paths
- Meaningful reduction in manual audit effort across security controls
- Trusted cross-functional relationships — you're seen as someone who unblocks, not gates
Sound like you? We'd love to hear from you. Apply via LinkedIn or send your CV directly. We review applications on a rolling basis.
Note for recruiters: We are managing this search directly and are not accepting agency submissions at this time.
Lead Security Engineer in London employer: World of Books
World of Books Group is an exceptional employer that empowers its employees to shape the future of security within a dynamic and mission-driven environment. With a commitment to sustainability as a certified B Corp, we offer flexible remote and hybrid working options, a modern toolchain, and a culture that values innovation and autonomy. Join us to make a meaningful impact while enjoying opportunities for professional growth in a supportive, high-trust team.
StudySmarter Expert Advice🤫
We think this is how you could land Lead Security Engineer in London
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, especially those already at World of Books Group. A friendly chat can give you insights and maybe even a foot in the door.
✨Tip Number 2
Show off your skills! If you’ve got a portfolio or any projects that highlight your security engineering prowess, make sure to share them during interviews. It’s all about proving you can shape the future, not just maintain it.
✨Tip Number 3
Prepare for hands-on challenges! Expect practical tests or scenarios during interviews. Brush up on your cloud security and zero trust concepts so you can demonstrate your expertise confidently.
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re genuinely interested in being part of our mission-driven team.
We think you need these skills to ace Lead Security Engineer in London
Some tips for your application 🫡
Show Your Passion for Security:When you're writing your application, let your enthusiasm for security engineering shine through! We want to see how you can shape our security landscape, so share your experiences and what drives you in this field.
Tailor Your CV to the Role:Make sure your CV highlights the skills and experiences that align with the Lead Security Engineer position. Focus on your hands-on delivery in areas like cloud security and zero trust — we want to see how you can make an impact!
Be Clear and Concise:Keep your application straightforward and to the point. We appreciate clarity, so avoid jargon and ensure your key achievements stand out. This helps us quickly see how you fit into our vision.
Apply Through Our Website:We encourage you to apply directly through our website! It’s the best way for us to receive your application and ensures you’re considered as we review applications on a rolling basis.
How to prepare for a job interview at World of Books
✨Know Your Stuff
Make sure you brush up on your technical knowledge, especially around cloud security, identity management, and zero trust principles. Be ready to discuss specific tools you've used and how they relate to the role. This is a hands-on position, so showing your practical experience will really set you apart.
✨Showcase Your Influence
Since this role involves influencing various teams without formal authority, prepare examples of how you've successfully collaborated with different stakeholders in the past. Highlight situations where your input led to significant changes or improvements in security practices.
✨Emphasise Your Autonomy
The job description mentions real autonomy, so be prepared to talk about times when you've taken the lead on projects. Discuss how you shaped roadmaps or made decisions that drove security maturity forward, showcasing your ability to work independently while still aligning with broader business goals.
✨Be Ready for Scenario Questions
Expect scenario-based questions that test your judgment under uncertainty. Think through potential security challenges the company might face and how you would approach them. This will demonstrate your critical thinking skills and your ability to make informed decisions even with incomplete data.
