picked.
Log inPost a role
picked.ai/hire/security-engineer
Hire a security engineer
How to hire a
security engineer.
Salary bands, time-to-fill, what good actually looks like, and the assessment we put every candidate through. Built on nine years of validated psychometric data from Neuroworx.
Post this role
~30 seconds
Title, level, three must-haves. We syndicate, screen, score, and shortlist. First 50 candidates free.
Post this role for free →
£131,500
Median salary · United Kingdom
£108-£155k senior range
42d
Typical time-to-fill
down to 5.1d with Picked
124
Applicants per role
Series A · public posting
9 / 124
Make it to interview
industry · pre-AI screening
Salary bands
What it costs to hire one.
2026 H1 · base + variable
LevelUSUKEURemote
IC1 / Junior$93-$128k£58-£80k€62-€86k$77-$106k
IC2 / Security engineer$128-$176k£80-£110k€86-€118k$106-$145k
IC3 / Senior security$173-$248k£108-£155k€116-€166k$143-$205k
IC4 / Staff security$237-$328k£148-£205k€158-€219k$195-$271k
IC5 / Principal security$317-$440k£198-£275k€212-€294k$261-$363k
Source · 2,847 anonymised offers placed via Picked Q4 2025 to Q1 2026. Updated monthly.
What good looks like
Past credentials. Present signals.
01
Threat modelling
Can sit with a product team for an hour and leave with a ranked list of risks the team agrees with.
02
Pragmatism under pressure
Has chosen not to block a team when blocking was easy. Has the receipts on why that was right.
03
Cross-team comms
Writes the policy paragraph that engineers actually read. Knows the difference between a control and a slide.
04
Curiosity
Reads CVEs, postmortems, and disclosure blogs the way other engineers read release notes.
05
Quiet vigilance
Has caught the small wrong thing in a PR review or a config change. Did not need a parade for it.
Nine years of Neuroworx outcome data on 14,000 security engineer hires says: the candidates rated high on threat modelling + cross-team comms outperform high-prestige-CV candidates by a wide margin in the first twelve months.
Read the paper →
What Picked puts every candidate through
Four stages. Each one written down.
From the Neuroworx item bank · 1,247 items live
01
Triage
CV + cover screened against must-haves. Title, level, language, region, three skills you set. Hard filters first. The model spends no time on people you would not even read.
~12 seconds · $0.12
02
Conversational screen
A 12-minute voice or chat conversation against six structured probes: motivation, scope of last role, the thing they are proudest of, biggest production mistake, what they would build with a free month, why this role.
~12 min · $0.31
03
Role-fit assessment
A scoped task drawn from the bank. Submit a short writeup. Scored against a published rubric on judgement, craft, and pragmatism.
30-60 min · $0.28
04
AI first-round interview
A 20-minute voice interview against six items drawn from the IC3 item bank. Includes behavioural ("tell me about a time"), technical or scenario ("walk me through how you would approach"), and an ownership probe.
~20 min · $0.24
The 1,247 items for security engineer are split across 42 sub-rubrics. Every item has been calibrated against twelve-month performance outcomes from 14,083 prior hires.
See sample items ↗
Sample interview questions
A few from the item bank.
01
Tell me about the last threat model you ran. Who was in the room and what came out of it?
Listen for: A specific product surface, the team present, a ranked list of risks, a follow-up the team owned.
02
When did you last decide not to block a shipping team?
Listen for: A specific risk, the compensating control they accepted, the named owner of the residual risk.
03
Tell me about a policy you wrote that survived a real incident.
Listen for: A specific policy, the incident that tested it, the line that held. They name the change they made after.
04
Describe an audit your team failed. What did you do?
Listen for: A real finding, the root cause, the change they shipped. The way they wrote it up.
05
Walk me through a bug bounty report you triaged.
Listen for: A specific report, the way they confirmed it, the severity call, the fix. They name the researcher.
See all 30 questions →
Job description template
Copy. Paste. Replace the bracketed bits.
security-engineer.md
215 words · 3 min read
# [Senior/Mid/Junior] security engineer · [city] or remote

We are hiring our [Nth] security engineer. You will partner with [N] product teams and own [application security / detection / vendor risk] across our platform. The team is [N] engineers plus a [head of security]. [How you operate]. [How incidents are handled].

## You will be good here if

- You have run a real threat model and you have written a policy that survived a real incident.
- You will not block a team without offering a path.
- [The third trait you actually care about].

## What we use

[Cloud, identity, detection, code-scanning]. We will not retrain you on a stack, but we do not care if you came from [adjacent stack].

## Compensation

[Currency][low] to [high] base. [low] to [high] percent equity. We post the band because we mean it.

## How we hire

30-second post, screen + assessment via Picked, 20-min interview via Picked, one on-site half-day with the team. We aim to give a yes or no in 7 days.

## What is the rubric

Threat modelling, pragmatism under pressure, cross-team comms, curiosity, quiet vigilance. Not credentials.

That is the JD. Apply via [link] or just send a paragraph about the last policy you wrote that mattered.

[Your name], [your title]
Full JD template page →
Also from this hub
Security engineer hiring, written down.
Interview questions
30 questions, broken out by stage and seniority, sourced from the Neuroworx item bank.
/security-engineer-interview-questions
Job description template
A short, copy-pasteable JD that does not read like every other JD on the internet.
/security-engineer-job-description-template
Onboarding checklist
Week-one, week-two, day-thirty milestones. Borrowed from Wise, Linear, Vercel.
/security-engineer-onboarding
Other roles in /hire
See all →
account executivebackend engineerbdrbi analystchief of staffcontent marketercustomer success managerdata analystdata engineerdata scientistdevops engineerengineering managerfpa analystfrontend engineerfull stack engineergrowth marketerhead of operationshead of peoplehr business partnermachine learning engineerperformance marketerproduct designerproduct managerproduct marketing managersales engineersdrsenior product managersoftware engineerstaff engineer
Hire a security engineer.
By Friday.
Post this role for freeSee a real dashboard →
$0.99 per AI-vetted candidate. First 50 free.
picked.
The AI-native replacement for inbound hiring. For the hiring manager, not HR.
© 2026 Picked · Made in London · Three finalists in forty-eight hours.
Hire security engineers · Picked.ai