Security Engineer / Hybrid Working – £80,000
Location: Hybrid (2-3 days a week from home). Our client has locations across the UK, offices predominantly in the greater London and Manchester Locations.
We are currently supporting our global insurance client in expanding their team and looking for a security engineer who has previously worked within the insurance industry and had extensive experience working with engineering functions.
As a Security Engineer, you’ll provide hands-on expertise to support secure software development, delivery, and continuous improvement. You’ll help evolve our clients Digital Platform to ensure it is secure and compliant with internal policies and industry standards. Working closely with engineering teams, you’ll identify and mitigate security risks in new features while applying modern security frameworks and cloud security tooling across a diverse technology landscape, including PaaS and SaaS platforms.
What you’ll be doing
- Reviewing new feature code to identify security risks and working with engineers to remediate them
- Improving our DSOMM score through direct delivery (code, configuration, tooling, documentation) or collaboration with teams
- Partnering with Information Security teams to implement security policies efficiently and flexibly
- Designing, building, operating, and monitoring large-scale, complex B2C and B2B systems
- Applying security expertise across multiple technology platforms and adopting new technologies
- Defining, upholding, and contributing to secure coding standards and the software delivery lifecycle
- Designing and optimising logging and monitoring solutions to improve system performance and reliability
What you’ll bring
- Experience with cloud-native development, cloud infrastructure, and API design (Azure preferred)
- Willingness to work across multiple platforms, including Azure and Salesforce
- Proven application of security standards such as OWASP CI/CD, DSOMM, and SAMM
- Strong knowledge of networking protocols (TCP/IP, UDP, HTTP/3, AMQP, streaming), cloud networking (VPNs, subnets, regions/zones), and integration technologies (Auth0, APIM)
- Hands-on experience with SAST and SCA tools (e.g. Snyk, Checkmarx)
- Experience with DAST tools (e.g. OpenZAP, Qualys DAST), ideally for HTTP APIs
- Operational experience managing large-scale software estates (build, release, monitoring, rollbacks, high availability)
- Hands-on experience building automated security test suites
If this role sounds like your next move please click “APPLY” OR email [email protected]
