Job Description
Lead Security Engineer (DevSecOps / Platform Security)
Contract: 12 months initially
Industry: Tech Consultancy / Retail
IR35: Inside IR35
Day Rate: £700 - £750
Location: Central London (1 day a week on-site to start reducing to a couple of times a
month)
We're working with a well-known tech consultancy to find a Lead Security Engineer to join their professional network and get started on an immediate engagement with one of their largest retail clients. This is a hands-on, engineering-first role, not infrastructure support, not system admin. If you've built your career in DevSecOps, platform security, or cloud security engineering and you can actually write code (Python or equivalent), this one's worth a look.
The role
You'll be embedded in the Platform team, helping define and drive a security engineering roadmap in a genuine DevSecOps way, not security bolted on at the end, but baked into CI/CD pipelines, IaC, and delivery from the ground up. Think translating architectural intent into real, deliverable work: building repeatable security patterns, leading technical vulnerability triage, and consulting with feature teams on Data Privacy Impact Assessments (DPIAs).
This is a credibility role as much as a technical one. You'll be working across engineering teams and leadership, so you need to be the kind of person who earns trust through depth of knowledge, not just job title.
What they're looking for
- Solid background in platform or cloud security engineering, DevSecOps, not infra support
- Hands-on AWS security experience, ideally across hybrid-cloud and SaaS environments
- Strong CI/CD and IaC security integration (you've done this, not just read about it)
- Actual coding ability, Python or similar; scripting alone isn’t right for this role
- Experience with technical vulnerability triage and pragmatic remediation strategies
- Familiarity with security frameworks (NIST CSF, CSA Critical Controls) applied in practice
- Comfortable leading DPIA consultations and embedding compliance into engineering
- Zero-trust architecture experience across cloud and traditional deployment models
- Ability to influence stakeholders from working group level up to leadership
Nice to have
- SIEM, SOAR, or exposure management experience
- PCI-DSS regulated environment exposure
- Incident response / SOC collaboration
- AWS Certified Security – Specialty, CEH, CCSP, or CISSP
If this sounds like your kind of gig, get in touch. One role confirmed, two on the table if the right people are out there.
At Inara Talent, we believe everyone deserves a fair chance to shine. We connect great people from all backgrounds with opportunities where they can thrive making sure hiring is fair inclusive, and genuinely diverse. No matter your background, we focus on what matters: your talent.