Salary: Up to £85,000 (depending on experience)
Locations: London, Leeds, Middlesbrough, Bristol or Bournemouth
Working Pattern: Hybrid – two days per week in one of the above offices
Overview
An established enterprise organisation is undertaking enhancements to its digital platforms as part of an ongoing modernisation strategy.
As a Security Engineer, you will provide hands‑on technical security expertise across software development, delivery and continuous improvement. You will play a key role in shaping and securing a modern digital platform, ensuring compliance with internal policies and industry regulations, while embedding security best practice across the engineering lifecycle.
Key Responsibilities
* Analysing new feature code to identify security risks and working closely with engineering teams to mitigate them
* Delivering improvements to DSOMM maturity, either by enabling delivery teams or directly owning tasks (including coding, configuration, tooling and documentation)
* Working with Information Security teams to ensure security policies are implemented in a pragmatic, efficient and flexible manner
* Designing, building, operating and monitoring secure technology solutions for large-scale, complex B2C and B2B applications
* Applying security knowledge across multiple technology platforms, contributing to secure adoption of new tools and services
* Defining, upholding and contributing to secure coding standards and the software delivery lifecycle
* Designing, building and optimising logging and monitoring solutions to improve visibility, reliability and overall platform performance
Skills & Experience Required
* Experience with cloud-native software development, including cloud infrastructure and API design (Azure preferred)
* Willingness to apply security and engineering expertise across multiple platforms, such as Azure and SaaS solutions
* Proven experience working with modern security standards and frameworks, including OWASP CI/CD, DSOMM and SAMM
* Strong knowledge of networking protocols (TCP/IP, UDP, HTTP/3, AMQP, streaming protocols), cloud networking concepts (VPNs, subnets, regions/zones) and integration technologies
* Hands‑on experience with SAST and SCA tools such as Snyk and Checkmarx
* Experience with DAST tools such as OWASP ZAP or Qualys DAST (preferred), ideally working with HTTP APIs
* Ability to manage and support large‑scale software estates, including build, release, monitoring, rollback and high availability
* Practical experience building and maintaining automated security testing suites
* Competitive base salary dependent on experience - circa £85,000
* Annual company and performance‑related bonus
* Private medical cover
* Wellbeing services and employee support resources
#J-18808-Ljbffr