This website uses cookies to ensure you get the best experience.

tombola and our selected partners use cookies and similar technologies (together “cookies”) that are necessary to present this website, and to ensure you get the best experience of it. If you consent to it, we will also use cookies for analytics purposes.

See our Cookie Policy to read more about the cookies we set.

You can withdraw and manage your consent at any time, by clicking “Manage cookies” at the bottom of each website page.

Select which cookies you accept

On this site, we always set cookies that are strictly necessary, meaning they are necessary for the site to function properly.

If you consent to it, we will also set other types of cookies. You can provide or withdraw your consent to the different types of cookies using the toggles below. You can change or withdraw your consent at any time, by clicking the link “Manage Cookies”, which is always available at the bottom of the site.

To learn more about what the different types of cookies do, how your data is used when they are set etc, see our Cookie Policy.

These cookies are necessary to make the site work properly, and are always set when you visit the site.

Vendors Teamtailor

These cookies collect information to help us understand how the site is being used.

Vendors Teamtailor
tombola career site
Technology · Sunderland, UK · Hybrid

Lead Product Security Engineer - Sunderland - Hybrid

We’re hiring a Lead Product Security Engineer!

At tombola, we build experiences players can trust — and security is at the core of that promise. We’re looking for a Lead Product Security Engineer to set the vision for product security, lead a small but mighty team, and make sure security is built into everything we create.

What you’ll do:

✅ Own our product security strategy
✅ Lead & grow a small security team
✅ Shift security left in our SDLC
✅ Champion security tooling, automation & best practice

You’ll need:

  • Proven background in application/product security with leadership experience.
  • Strong knowledge of mobile and web application security tooling and testing (SAST, DAST, CI/CD integration).
  • Experience embedding security into the SDLC and agile practices.
  • Familiarity with cloud security (Cloudflare and AWS preferred).
  • Understanding of standards and frameworks (OWASP Top 10, ISO27001, PCI-DSS, NIST).
  • Certifications like CISSP, OSCP, CEH, AWS are a bonus.

What’s in it for you?
Quarterly bonus, hybrid working, private healthcare, 25+ days holiday, free meals & coffee, onsite gym, and loads of L&D.

Sunderland (Hybrid – 2 days at home) | 📝 Permanent

Apply now and lead the future of product security at tombola.

Department
Technology
Role
Information Security
Locations
Sunderland, UK
Remote status
Hybrid
Picture of Andrew Poxton
Contact Andrew Poxton TA Partner – People

Our vacancies

More jobs
Technology · Sunderland, UK · Hybrid

Lead Product Security Engineer - Sunderland - Hybrid

Loading application form

Already working at tombola?

Let’s recruit together and find your next colleague.