Security Engineer

Security Engineer

Salary: Up to 85,000 (depending on experience)
Locations: London, Leeds, Middlesbrough, Bristol or Bournemouth
Working Pattern: Hybrid - two days per week in one of the above offices

Overview:
An established enterprise organisation is undertaking enhancements to its digital platforms as part of an ongoing modernisation strategy.

As a Security Engineer, you will provide hands-on technical security expertise across software development, delivery and continuous improvement. You will play a key role in shaping and securing a modern digital platform, ensuring compliance with internal policies and industry regulations, while embedding security best practice across the engineering lifecycle.

Key Responsibilities:

• Analysing new feature code to identify security risks and working closely with engineering teams to mitigate them
• Delivering improvements to DSOMM maturity, either by enabling delivery teams or directly owning tasks (including coding, configuration, tooling and documentation)
• Working with Information Security teams to ensure security policies are implemented in a pragmatic, efficient and flexible manner
• Designing, building, operating and monitoring secure technology solutions for large-scale, complex B2C and B2B applications
• Applying security knowledge across multiple technology platforms, contributing to secure adoption of new tools and services
• Defining, upholding and contributing to secure coding standards and the software delivery lifecycle
• Designing, building and optimising logging and monitoring solutions to improve visibility, reliability and overall platform performance

Skills & Experience Required:

• Experience with cloud-native software development, including cloud infrastructure and API design (Azure preferred)
• Willingness to apply security and engineering expertise across multiple platforms, such as Azure and SaaS solutions
• Proven experience working with modern security standards and frameworks, including OWASP CI/CD, DSOMM and SAMM
• Strong knowledge of networking protocols (TCP/IP, UDP, HTTP/3, AMQP, streaming protocols), cloud networking concepts (VPNs, subnets, regions/zones) and integration technologies
• Hands-on experience with SAST and SCA tools such as Snyk and Checkmarx
• Experience with DAST tools such as OWASP ZAP or Qualys DAST (preferred), ideally working with HTTP APIs
• Ability to manage and support large-scale software estates, including build, release, monitoring, rollback and high availability
• Practical experience building and maintaining automated security testing suites

Eligibility: Must be eligible and authorised to work in the United Kingdom

Reward & Benefits:

• Competitive base salary dependent on experience
• Annual company and performance-related bonus
• Contributory pension scheme with enhanced employer contributions
• Life assurance
• Private medical cover
• 28 days annual leave plus bank holidays
• Option to buy or sell additional annual leave
• Wellbeing services and employee support resources
• Employee discount programmes