Principal platform security engineer

Job Type: Permanent
Location: London
Position: Principal Platform Security Engineer

Role Overview

The Principal Platform Security Engineer is a senior leader within the London Platform Engineering Chapter. The role sets direction and leads by example in maturing platform security practices, guiding Innovation squads and Engineering Chapters toward cloud-first, secure‑by‑design outcomes.

Key Responsibilities

• Coach and mentor chapter members, supporting the Head of Platform Engineering with overall chapter management, especially regarding partner resources.
• Design, implement, and automate security controls and security testing within the SDLC.
• Lead application security practices to ensure secure design and build, coordinating between engineering and security teams.
• Apply Security‑as‑Code principles by providing training, creating reusable patterns, and establishing best practices for teams.
• Support the investigation and future implementation of agentic workflows and agents, ensuring solutions are secure‑by‑design and comply with Hiscox AI governance.
• Respond swiftly to new and emerging security threats and vulnerabilities, investigate suspected attacks, and manage security incidents—including post‑incident reviews to identify root causes and implement preventative solutions.
• Produce clear, actionable security reporting for senior leadership.
• Act as the primary point of contact for security‑related inquiries across London Market technology and change initiatives, coordinating with Group, other Business Units, and Cyber teams.
• Influence key architectural decisions early, balancing business requirements, budgets, security, and resilience.
• Partner with squads to move solutions from proof of concept (PoC) to a production‑ready platform.
• Build and maintain secure Azure and GCP infrastructure across all environments using Azure DevOps Pipelines and Terraform.
• Oversee and coach squads on intra‑day deployment mechanisms, advocating for cloud‑informed improvements that enhance security, reliability, and delivery speed.
• Build and maintain monitoring and alerting at all levels (infrastructure, application, and data), ensuring actionable signals and secure operational practices.

Person Specification

• 5+ years’ DevOps/Platform Engineering experience delivering solutions in Azure and/or GCP.
• Full‑stack application and infrastructure solution design with robust security controls, high availability, and operational resilience.
• Working knowledge of vulnerability and compliance management (scanning to remediation), patch management, endpoint protection/anti‑malware, and access control management (e.g., IAM/PAM).
• Experience with threat modelling and risk assessment applied to cloud architectures and CI/CD pipelines to guide secure design and prioritize risk treatment.
• Experience with AppSec tooling, including CI/CD integration, noise reduction tuning, and triaging results with engineers.
• Strong leadership skills, educating teams and delegating responsibilities across chapters and Group IT teams.
• Proficiency in Terraform and platform solutions, with experience integrating GCP and Azure.
• Knowledge of cloud‑native, microservices, and containerised systems.
• A strong desire for continuous improvement and an Agile way of working.
• Ideal: knowledge of the insurance and London Market ecosystem; Lloyd’s market experience.
• Hands‑on software delivery experience, including platform engineering, build, release, and deployment engineering using modern DevOps practices.
• Experience delivering and operating technology in regulated environments, understanding controls, audit expectations, and evidence‑based compliance.
• Clear communication of processes, patterns, and tooling to ensure quality, stability, performance, scalability, secure deployment, maintainability, and documentation.
• Broad awareness of major cloud providers and services, curious about evaluating and adopting capabilities that improve security, reliability, and cost efficiency.
• Proactive and improvement‑focused, challenging the status quo and driving automation and simplification where it adds value.
• Strong delivery focus, capable of prioritizing effectively and delivering outcomes in a fast‑paced environment with shifting demands.
• Ability to operate effectively in a small, high‑impact team while collaborating across a wider product/engineering organisation.
• Excellent communication and stakeholder‑management skills, able to influence at all levels and present complex topics clearly.
• Comfortable working in ambiguity and adapting quickly as priorities, technology, and threats evolve.
• Up‑to‑date knowledge of security practices, processes, and tooling, with judgement to apply emerging approaches pragmatically.