Lead Security Engineer

Company: Ironsail
Apply for the Lead Security Engineer
Location: London
Job Description:

Salary: £29,465 – 44,187 per year

Requirements:

  • We are specifically looking for engineers with 7+ years of hands‑on experience in one or more of the following: DevOps Engineering, DevSecOps, Infrastructure Engineering, Systems Engineering, Cloud Engineering, Site Reliability Engineering (SRE), Security Engineering, or Senior Software Engineering with infrastructure ownership.
  • You have personally implemented production security controls including Linux administration, AWS, Azure and/or GCP, Identity & Access Management, Privileged Access Management, MFA, Endpoint Detection & Response, Vulnerability Management, Network Security, and Backup & Disaster Recovery.
  • You also have experience with Python, Bash, PowerShell, CI/CD security, Infrastructure as Code, Kubernetes, Docker, and cloud-native infrastructure.
  • You are comfortable using AI engineering tools such as Claude, ChatGPT, Gemini, Cursor, GitHub Copilot, or similar tools in your daily workflow.
  • You can explain how AI improves your engineering workflow.
  • You are a builder who can quickly assess unfamiliar systems, identify high‑risk security issues, prioritize what matters, and implement improvements.
  • You have built security programs rather than only auditing them.
  • You enjoy startups, ambiguity, ownership, and solving difficult engineering problems.
  • Nice to have: healthcare or pharmaceutical experience, HIPAA, CyberArk, Delinea, HashiCorp Vault, Kubernetes Security, Terraform, Incident Response, or Digital Forensics.
  • Certifications are appreciated but not required, including CISSP, CISM, CISA, Security+, or AWS Security Specialty.

Responsibilities:

  • Assess our existing cloud infrastructure and security posture.
  • Design and implement security architecture improvements.
  • Harden Linux systems and cloud environments.
  • Secure applications, endpoints, and production infrastructure.
  • Design practical remediation strategies and build scalable security standards.
  • Implement and manage Privileged Access Management (PAM), Identity & Access Management (IAM), Multi‑Factor Authentication (MFA), Endpoint Detection & Response (EDR), Backup & Disaster Recovery, Network Security, and Secrets Management.
  • Build and own our vulnerability management program.
  • Use tools and processes such as Nessus, Qualys, security monitoring platforms, alerting, security metrics, configuration reviews, security code reviews, internal security assessments, access reviews, and phishing simulations.
  • Own remediation through completion.
  • Respond to incidents and perform root cause analysis.
  • Improve monitoring and operational resilience.
  • Automate repetitive security tasks and design secure engineering workflows.
  • Own employee onboarding and offboarding, role‑based access control, privileged account governance, least‑privilege access, and periodic access reviews.
  • Support compliance initiatives including HIPAA, SOC 2, and ISO 27001.
  • Support vendor security reviews, coordinate penetration tests, assist with cyber insurance requirements, and drive remediation of audit findings.
  • Use AI for threat investigations, security research, log analysis, incident response, security automation, Python scripting, report generation, vulnerability remediation, and infrastructure analysis.

Technologies:

  • AI
  • AWS
  • Azure
  • Bash
  • ChatGPT
  • CI/CD
  • Cloud
  • Copilot
  • Cursor
  • DevSecOps
  • DevOps
  • Docker
  • GCP
  • GitHub
  • IAM
  • Support
  • Kubernetes
  • Linux
  • Network
  • PowerShell
  • Python
  • Security
  • Terraform

More

We are Ironsail, an AI‑driven healthcare technology company hiring for our first dedicated security engineer. This is a remote, full‑time independent contractor role focused on building our security program from the ground up in a highly technical, engineering‑driven environment. You will work directly with Engineering, DevOps, Product, and Leadership with significant autonomy to shape how security is designed, implemented, and scaled across our cloud infrastructure, applications, engineering processes, and internal systems. We are looking for someone who enjoys ownership, ambiguity, and hands‑on problem solving, and who wants to build security as a core engineering function rather than a compliance checkbox.

#J-18808-Ljbffr…

Posted: July 7th, 2026