×
Register Here to Apply for Jobs or Post Jobs. X

Principal Security Engineer

Job in Paisley, Renfrewshire, PA1, Scotland, UK
Listing for: Lindar
Full Time position
Listed on 2026-07-02
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager, Systems Engineer, Network Security
Job Description & How to Apply Below

Mr Who?

MrQ - we're an awesome, award winning online casino launched in 2018. We're big on tech, big on performance and most of all - big on fun. Over the years, we have experienced explosive growth - which means we need more rock stars to join our quest for total world domination.

This is a founding security engineering role. There is no existing function, no inherited tooling, no playbooks to follow while you're building it. We need someone who can own the entire security engineering discipline end to end: define the strategy, architect the solutions, deploy and manage the tooling, write the policies, run the operations, and report on posture to the business.

You’ll work as a direct partner to the IT Ops Specialist. The two of you will shape how security and IT operations work together across the organisation. This means you need to be technically exceptional while also being the person who builds the governance, drives compliance, and ensures security has a seat at every strategic decision. You will own the security roadmap, influence technology and platform choices, and be accountable for the security posture of the business.

This is not a support role, it’s a senior position that demands both engineering depth and strategic ownership.

What You Will Do 1. Security Strategy & Technical Leadership
  • Strategic Ownership:
    Define and own the enterprise security strategy and multi-year roadmap. Identify gaps, set priorities, allocate effort and deliver. This feeds directly into business-level risk decisions.
  • Technical Authority:
    Be the definitive technical voice on security across the organisation. Evaluate threats, make architectural decisions, and set the standard for how security is implemented across every platform and system.
  • Partnership:
    Operate as a strategic partner to the IT Ops Specialist. Jointly shape how security and IT operations integrate shared tooling decisions, aligned processes, unified incident response, single view of risk.
  • Stakeholder Influence:
    Present security posture, risk appetite and investment cases to senior leadership. Translate technical risk into business impact. Ensure security is embedded into every major technology and product decision.
2. Security Architecture, Tooling & Engineering
  • Security Stack:
    Evaluate, select, deploy, configure and manage the full enterprise security tooling suite from scratch — EDR/XDR (Crowd Strike/Sentinel One), SASE/SWG (Netskope/Zscaler), SIEM, email security, DLP, endpoint privilege management, application allow listing.
  • Architecture:
    Design and implement enterprise security architecture built on zero trust and secure-by-default principles. Own the technical blueprint across cloud (AWS), SaaS, endpoints, network and identity.
  • Detection Engineering:
    Build, tune and maintain detection rules, correlation logic and alerting across SIEM and EDR. Engineer high-fidelity detections mapped to MITRE ATT&CK. Continuously reduce false positives and expand coverage.
  • Automation:
    Engineer automation for security operations at scale — scripting (Python, Bash, Power Shell) for response orchestration, access reviews, compliance checks, vulnerability reporting, threat intel enrichment.
  • Integration & Evaluation:
    Ensure all security tooling integrates with existing infrastructure and identity platforms. Lead POCs, vendor evaluations and build-vs-buy decisions for new security technologies.
3. Security Operations & Incident Response
  • IR Leadership:
    Own the full incident response lifecycle — detection, triage, containment, eradication, recovery, post-incident review. Author and maintain IR playbooks, runbooks and escalation procedures.
  • Threat Intelligence:
    Investigate security events, perform root cause analysis, and apply threat intelligence to improve defensive posture. Understand attacker TTPs and ope rationalise frameworks like MITRE ATT&CK and NIST CSF.
  • Vulnerability Management:
    Own the vulnerability management programme end to end — scanning, prioritisation, remediation tracking, SLA enforcement and executive reporting across infrastructure, endpoints and applications.
  • Application & API Security:
    Assess the security of internal applications, third-party…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary