Ohme
Ohme6h ago
New

Lead Security Engineer

United KingdomUnited Kingdom·Londonlead
EngineeringSecurity Engineer
0 views0 saves0 applied

Quick Summary

Overview

Ohme is on a mission to accelerate the global transition to clean, affordable energy. We do that by serving as an integrated hardware and software smart-grid platform,

Technical Tools
EngineeringSecurity Engineer

Ohme is on a mission to accelerate the global transition to clean, affordable energy. We do that by serving as an integrated hardware and software smart-grid platform, focused on the residential EV charging market.

The worlds of energy, transport and artificial intelligence are colliding and Ohme is at the heart of this new era. By using technology and data integrations to connect cars, chargers, people, energy providers and more, Ohme has a powerful platform that puts the consumer at the core.

Ohme has been selling its chargers to consumers since mid 2019 and has had exponential growth since. We are now operating in multiple countries and have partnerships with the likes of VW, Mercedes, Octopus Energy, and other innovative brands.

We are scaling up the business and are building out the team for rapid growth. If you’re interested joining a fast-growing cleantech venture on a data and AI-first journey to speed up the global transition to clean, affordable energy, read on!

We are looking for a Lead Security Engineer to join our technology leadership team as the organisation’s senior security authority. Reporting directly to the CIO, this is a hands-on role: you will build and operate security controls, not just design them. You will work directly alongside engineering and DevOps teams, make pragmatic decisions under real constraints, and be as comfortable configuring a detection rule or reviewing an IaC change as you are presenting a risk position to the CTO. Two things matter most from day one: establishing a coherent security architecture that the organisation can build on, and getting Microsoft Sentinel into a functioning baseline capability.

This is a senior individual contributor role with real scope and autonomy. You will be the organisation’s go-to security expert — bringing the technical depth to build and operate controls directly, and the strategic judgement to shape how security is governed and prioritised across the business. As the function and the organisation around it mature, there is genuine scope for progression for the right person.

Responsibilities

~1 min read
  • Own and actively maintain the organisation’s security architecture, covering cloud, application, network, and data security — producing real, usable artefacts rather than documentation that lives on a shelf.
  • Work with DevOps to embed security into CI/CD pipelines — defining requirements together for SAST/DAST tooling, container security scanning, secrets detection, and IaC security checks, and getting hands-on with configuration where the team needs it.
  • Lead security reviews for new projects, platforms, and third-party integrations — applying proportionate, risk-based judgement that keeps engineering teams moving rather than creating bottlenecks.
  • Work closely with the DevOps function on AWS security posture — reviewing IAM policies, SCPs, and IaC configurations, advising on control design, and assisting with implementation where it makes sense. Own the security monitoring layer directly: Security Hub, GuardDuty, CloudTrail, and Config findings are yours to triage, prioritise, and drive to resolution.
  • Set the standards for identity and access management, secrets management, encryption, and network segmentation. DevOps owns implementation in many of these areas — your role is to work with them to define what good looks like, review what gets built, and work alongside the team to close gaps.
  • Own the Microsoft security stack day-to-day — configuring and tuning Microsoft Sentinel analytics rules, managing Defender for Endpoint and Defender for Office 365 policies, working with Purview for data classification and DLP, and ensuring Entra ID Conditional Access and identity protection controls are fit for purpose. Getting Sentinel to a functioning baseline is a priority.
  • Define and own the organisation’s incident response capability — defining the IR process, building and maintaining response playbooks, and leading the response to significant security incidents end-to-end from detection through to post-incident review and remediation.
  • Shape the security strategy that Ohme presents to its enterprise energy partners — translating posture and controls into the assurance evidence major customers require, including due diligence questionnaires and supplier compliance requirements.
  • Apply ISO 27001 and related standards as a practical lens for risk management and policy — making controls real and enforceable rather than documented and ignored.
  • Conduct risk assessments and threat modelling across the technology estate, translating findings into prioritised remediation work that the team can actually execute.
  • Own the security risk register, feeding into the organisational risk register — tracking posture, remediation progress, and reporting to the CIO with clarity and without unnecessary noise.
  • Support audit and compliance activities where they arise, engaging with external assessors as needed.
  • Communicate security risk and decisions clearly to both technical and non-technical colleagues — influencing without authority and making the case for good security practice in terms the business understands.
  • Build strong relationships with engineering, product, and operations teams to ensure security is seen as an enabler, not a blocker.
  • Provide clear, concise reporting on security posture and risk to the CIO and leadership team when it matters — not as a bureaucratic exercise but as a tool for decision-making.
  • Stay current with the evolving threat landscape and emerging security technologies, sharing relevant insight across the organisation.
  • Define and maintain a pragmatic AI security governance framework covering the adoption of large language model (LLM) services from providers such as Anthropic and OpenAI, AI-powered tooling, and agentic workflow platforms.
  • Identify, assess, and clearly communicate the security risks specific to AI systems — including prompt injection, tool misuse, data exfiltration via model inputs, insecure agentic behaviour, and supply chain risk from third-party AI providers.
  • Establish and enforce security standards for integrating LLM-based services into internal systems, covering API key management, data classification, model context boundaries, and output validation.
  • Mature governance standards for Model Context Protocol (MCP) server deployments, ensuring that AI agents operating with tool access are subject to appropriate authentication, authorisation, and audit controls.
  • Champion a balanced approach to AI security — enabling engineering and product teams to adopt AI capabilities at pace while ensuring risk is understood, quantified, and appropriately managed. The objective is to enable progress, not restrict it. The AI security landscape is genuinely new territory for the industry; what matters is depth of thinking and willingness to work through it, not a pre-built playbook.
  • Embed AI security review into delivery and procurement processes, ensuring new AI integrations receive proportionate threat modelling without creating unnecessary friction for teams.
  • Demonstrable hands-on experience as a senior security engineer or security architect, with a track record of building and operating security controls directly — not just designing or advising on them.
  • Hands-on experience configuring and tuning a SIEM platform — writing detection rules, reducing alert noise, building response playbooks, and iterating based on real incidents rather than theory. Microsoft Sentinel is the platform in use; direct Sentinel experience is strongly preferred.
  • Deep expertise in AWS security services — IAM, SCPs, Security Hub, GuardDuty, CloudTrail, AWS Config, KMS, and related services. You will work alongside a DevOps function that owns IAM and IaC; the expectation is that you can review, challenge, and advise with genuine technical depth, and take direct ownership of the security monitoring and detection layer.
  • Solid working knowledge of the Microsoft security stack — Sentinel, Defender for Endpoint, Defender for Office 365, Entra ID (Conditional Access, identity protection, PIM), and Purview. The organisation is Microsoft-first for identity, endpoint, and collaboration security; this is as operationally important as AWS in this role.
  • Experience working with DevSecOps practices in CI/CD pipelines — SAST/DAST tooling, container security, secrets management, and IaC security. You don’t need to own the pipelines, but you need to know them well enough to set requirements, review implementations, and identify what’s missing.
  • Strong knowledge of ISO 27001 and the ability to apply governance frameworks pragmatically in a fast-moving technology environment.
  • Experience conducting threat modelling, security architecture reviews, and risk assessments.
  • Strong communication skills — able to translate security risk into plain language for engineering and business audiences alike, and to influence decisions without relying on authority or process.
  • A clear bias towards action — you are more likely to fix a misconfiguration directly than write a policy about it. Comfortable operating as a senior individual contributor without direct reports, and self-directed enough to make progress without a playbook.
  • A clear understanding of the specific security challenges presented by AI and LLM systems — including agentic architectures, prompt injection, third-party model risk, and the data handling implications of AI pipelines — combined with the judgment to develop governance that enables innovation rather than blocking it.
  • AWS Certified Security - Specialty certification (or equivalent).
  • Experience with Microsoft Defender for Endpoint or Defender for Office 365 configuration and tuning.
  • Experience with zero-trust architecture and modern identity frameworks (OIDC, OAuth 2.0).
  • Familiarity with SOC 2, Cyber Essentials Plus, or NIST frameworks.
  • Experience working in a scale-up or high-growth technology environment.
  • Familiarity with AI provider security models and trust frameworks (e.g. Anthropic, OpenAI), and awareness of emerging AI governance standards including the OWASP LLM Top 10 and NIST AI RMF.
  • Hands-on experience with Model Context Protocol (MCP), agentic AI orchestration, or AI automation platforms, with a practical understanding of the authentication, authorisation, and access control implications of these systems.

What We Offer

~2 min read
Hybrid working — 4 days in our London office, 1 day remote.
Direct access and influence at CIO level.
The opportunity to shape and own the security function in a growing technology organisation, with genuine scope for progression as the function and organisation mature.
Comprehensive benefits package.
Tooling is funded on justification — you will have leadership support to make the case for what you need to do the job properly.
Our benefits:
Competitive salary and bonus
London Office - 4 days a week in the office
Private Health Insurance
Pension Scheme
Life Assurance Scheme with death in service benefit of 4x salary
Income Protection Scheme for long term illness
Ride to Work Scheme
Payroll Giving Scheme
Season Ticket Loan to spread cost of travel over 12 months
Eye Test every 2 years

Location & Eligibility

Where is the job
London, United Kingdom
On-site at the office
Who can apply
GB

Listing Details

Posted
July 14, 2026
First seen
July 14, 2026
Last seen
July 14, 2026

Posting Health

Days active
0
Repost count
0
Trust Level
60%
Scored at
July 14, 2026

Signal breakdown

freshnesssource trustcontent trustemployer trust
Ohme
Ohme
greenhouse
Employees
30
Founded
2024
Domain
ohme.fr
View company profile
Newsletter

Stay ahead of the market

Get the latest job openings, salary trends, and hiring insights delivered to your inbox every week.

A
B
C
D
Join 12,000+ marketers

No spam. Unsubscribe at any time.

OhmeLead Security Engineer