Rodeo
ResourcesPartnersSign in

World of Books Group

Lead Security Engineer

Baginton
Posted about 2 months ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Lead Security Engineer

πŸ“ UK-based | Remote / Hybrid

🏒 World of Books Group

πŸ“‹ Permanent, Full-time

"This is a role for someone who wants to shape rather than maintain."

The Opportunity

World of Books Group is a certified B Corp and one of the world's largest sellers of pre-loved books, operating across the UK, US, and Hungary. Our technology estate spans cloud platforms, e-commerce marketplaces, in-house engineering, and a broad SaaS footprint β€” and we're looking for the person who will make it safer.

As Lead Security Engineer, you'll design, build, and operate the controls that underpin our cyber resilience programme. You'll report directly to the Group Information Security Manager and work with real autonomy β€” shaping the roadmap, choosing the tools, and driving the engineering work that moves our security maturity forward.

This is a genuinely hands-on role. You'll treat AI and automation as force multipliers, influence across IT, Engineering, Product, and Finance without holding formal authority, and leave decisions documented in a way that outlasts individuals.

What You'll Focus On

Your initial priorities will be:

  • Asset and Application Visibility: establishing continuous, automated discovery and ownership of our hardware, software, cloud, and SaaS estate
  • Zero Trust Enforcement: identity-aware access controls across remote and internal services
  • Data Loss Prevention: phased DLP coverage against our highest-risk data flows
  • Identity Lifecycle: strengthening JML processes in Entra ID and key SaaS platforms

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer β€” it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet β€” that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant β€” 2026 Scheme

PwCΒ·London, UK
Β£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon β€” deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme β€” client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right β€” and where to focus when applying.

Your wider remit will grow to include detection engineering, vulnerability management, AI security governance, third-party risk, and security tooling strategy β€” you'll help set the sequence.

What We're Looking For

Essential:

  • 5+ years in security engineering or architecture, with clear progression in technical depth
  • Hands-on delivery across at least three of: cloud security (GCP/AWS), identity and access management (Entra ID), SIEM and detection engineering, DLP, zero trust
  • Sound judgment under uncertainty β€” you can make and defend security decisions with incomplete data
  • Practical AI and automation fluency β€” you use it habitually to multiply your impact
  • A track record of influencing engineering, product, and leadership stakeholders
  • Comfortable in a small, high-trust team where you set your own direction

Nice to have:

  • Experience with Rapid7 InsightVM / InsightIDR, SentinelOne, Cloudflare, OneTrust, Microsoft Purview, or KnowBe4
  • Background in e-commerce, marketplace, or retail technology
  • Familiarity with NIST CSF, ISO 27001, OWASP LLM Top 10, or similar frameworks
  • Infrastructure-as-code (Terraform), scripting (Python, PowerShell), or detection-as-code workflows

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

What We Offer

  • Competitive salary, plus Group benefits
  • Remote / hybrid working, UK-based, with flexible London office presence
  • A clear mandate to drive change β€” not maintain the status quo
  • A modern toolchain: Rapid7 (MDR), SentinelOne, OneTrust, and AI tooling at org level
  • A business with genuine mission β€” B Corp certified, sustainability-led, and growing

What Success Looks Like in Year One

  • A current, trusted view of the full asset and application estate with clear ownership
  • A progressing zero trust enforcement capability, with measurable reduction in implicit-trust paths
  • Meaningful reduction in manual audit effort across security controls
  • Trusted cross-functional relationships β€” you're seen as someone who unblocks, not gates

Sound like you? We'd love to hear from you.

Apply via LinkedIn or send your CV directly. We review applications on a rolling basis.

Trusted by 25,000+ job seekers

β€œIt took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Cloud Security
Identity And Access Management
SIEM
Detection Engineering
Data Loss Prevention
Zero Trust
AI Automation
Stakeholder Management
Vulnerability Management
Security Architecture
Infrastructure-as-Code
Python
PowerShell
GCP
AWS
Entra ID

Location

Baginton, England, United Kingdom

Sign up to applySee more jobs like this