Principal Cyber Security Engineer

We're looking for a Principal Cyber Security Engineer to lead and strengthen our Security Operations at Dunelm.

This critical role will take ownership of our Security Operations function and lead both our DevSecOps and SecOps teams, helping to drive a proactive security culture across the organisation. You'll set the direction for how we build, operate, and secure our platforms, championing a proactive security culture across engineering and operations.

As our senior security technical lead, you'll influence architecture decisions, strengthen our secure engineering practices, and embed robust controls throughout the development lifecycle. You'll also drive improvements in detection, response, and operational resilience across all our technology platforms. This is a role for someone who wants to shape strategy, lead talented teams, and make a meaningful difference to how we protect and scale our business.

What you'll be doing

• Provide technical leadership and mentorship to DevSecOps and SecOps teams.
• Define and implement security standards, policies, and best practices.
• Drive secure coding practices and automated security testing within CI/CD pipelines.
• Manage incident response processes and oversee threat detection and vulnerability management.
• Act the primary security advisor for senior leadership and technical teams

Do you have experience in SIEM?, * Proven experience in senior security engineering or security architect roles with leadership responsibilities.

• Strong knowledge of cloud security (AWS, GCP), network security, and application security.
• Hands-on experience with DevSecOps tools (SAST, DAST, container security).
• Expertise in operational security, including SIEM, IDS/IPS, and incident response.
• Familiarity with compliance frameworks (ISO 27001, NIST, GDPR, PCI-DSS).
• Excellent communication and stakeholder management skills.