Lead Security Engineer

Lead Security Engineer

World of Books Group

UK-based | Remote / Hybrid

Permanent, Full-time

"This is a role for someone who wants to shape rather than maintain."

World of Books Group is a certified B Corp and one of the world's largest sellers of pre‑loved books, operating across the UK, US, and Hungary. Our technology estate spans cloud platforms, e‑commerce marketplaces, in‑house engineering, and a broad SaaS footprint – and we're looking for the person who will make it safer.

As Lead Security Engineer, you'll design, build, and operate the controls that underpin our cyber resilience programme. You'll report directly to the Group Information Security Manager and work with real autonomy – shaping the roadmap, choosing the tools, and driving the engineering work that moves our security maturity forward.

This is a genuinely hands‑on role. You'll treat AI and automation as force multipliers, influence across IT, Engineering, Product, and Finance without holding formal authority, and leave decisions documented in a way that outlasts individuals.

• Asset and Application Visibility: establishing continuous, automated discovery and ownership of our hardware, software, cloud, and SaaS estate
• Zero Trust Enforcement: identity‑aware access controls across remote and internal services
• Data Loss Prevention: phased DLP coverage against our highest‑risk data flows
• Identity Lifecycle: strengthening JML processes in Entra  key SaaS platforms

Your wider remit will grow to include detection engineering, vulnerability management, AI security governance, third‑party risk, and security tooling strategy – you'll help set the sequence.

Essential:

• 5+ years in security engineering or architecture, with clear progression in technical depth
• Hands‑on delivery across at least three of: cloud security (GCP/AWS), identity and access management (Entra ), SIEM and detection engineering, DLP, zero trust
• Sound judgment under uncertainty – you can make and defend security decisions with incomplete data
• Practical AI and automation fluency – you use it habitually to multiply your impact
• A track record of influencing engineering, product, and leadership stakeholders
• Comfortable in a small, high‑trust team where you set your own direction

Nice to have:

• Experience with Rapid7 Insight
  
  VM / Insight
  
  IDR, Sentinel One, Cloudflare, One Trust, Microsoft Purview, or Know Be4
• Background in e‑commerce, marketplace, or retail technology
• Familiarity with NIST CSF, ISO 27001, OWASP LLM Top 10, or similar frameworks
• Infrastructure‑as‑code (Terraform), scripting (Python, Power Shell), or detection‑as‑code workflows

• Competitive salary, plus Group benefits
• Remote / hybrid working, UK‑based, with flexible London office presence
• A clear mandate to drive change – not maintain the status quo
• A modern toolchain:
  Rapid7 (MDR), Sentinel One, One Trust, and AI tooling at org level
• A business with genuine mission – B Corp certified, sustainability‑led, and growing

• A current, trusted view of the full asset and application estate with clear ownership
• A progressing zero trust enforcement capability, with measurable reduction in implicit‑trust paths
• Meaningful reduction in manual audit effort across security controls
• Trusted cross‑functional relationships – you're seen as someone who unblocks, not gates