The Offensive Security Lead is a pivotal technical leadership role, responsible for driving and executing the offensive security strategy across HL’s digital and product landscape
Job Summary
The Offensive Security Lead is a pivotal technical leadership role, responsible for driving and executing the offensive security strategy across HL’s digital and product landscape.
The role will champion secure-by-design principles, lead red and purple team operations, and foster a culture of proactive risk management and continuous improvement.
This role is permanent, full time, 37.5 hours per week, Monday to Friday, with a hybrid flexible working pattern.
Matching Summary
The Offensive Security Lead is a pivotal technical leadership role, responsible for driving and executing the offensive security strategy across HL’s digital and product landscape.
Skills & Requirements
Must-have
offensive security strategy
red team operations
purple team assessments
bug bounty programme management
secure-by-design principles
cloud, web, mobile, API security
Nice-to-have
proactive risk management
continuous improvement culture
security-first culture
talent development
Key Requirements
Extensive experience in offensive security
Strong capability in web application, infrastructure, cloud, container, or mobile security
Proven experience designing and maintaining security testing environments
Hands on experience developing automated security testing pipelines
Demonstrated technical leadership in cloud-first initiatives
Experience enabling agile, DevOps, and product-led engineering teams
Deep understanding of UK financial services regulatory expectations