Description
AXA is embarking on its most radical and ambitious change programme in the history of its Healthcare business. Driven by a changing UK health landscape, the growth in the (preventative) Wellbeing sector, and the need for radical simplification, we are uniting several businesses internally to produce a stronger offering than ever before in our mission to empower people to be the best version of themselves.
As a Security Engineer, you’ll provide hands-on technical expertise to guide software development, delivery, and continuous improvement focusing on risk and security. You’ll help evolve our new Digital Platform so that it is secure and compliant with internal and industry regulations. You’ll analyze new feature code to identify security risks and work with engineers to mitigate them, applying modern security standards such as OWASP CI/CD, DSOMM, SAMM, and Cloud Security Posture management systems like Azure Defender and Prisma Cloud.
At AXA, we work smart, empowering our people to balance their time between home and the office in a way that works best for them, their team, and our customers. You’ll work at least 40% of your week away from home, moving to the majority of your working week from September 2025. Away from home means attendance at office locations, visiting clients, or attending industry events. Flexible working arrangements are also considered, which you can discuss with Talent Acquisition.
What you’ll be doing:
* Analyzing new feature code to identify security risks and working with engineers to mitigate
* Delivering improvements to our DSOMM score, either collaborating with teams or directly taking responsibility for tasks (writing code, configuration, tooling, documentation)
* Working with Information Security teams to implement security policies efficiently and flexibly
* Designing, building, operating, and monitoring technology for large, complex multi-site B2C and B2B applications
* Contributing to the definition, adherence, and upholding of coding standards and the software delivery lifecycle to ensure secure, quality systems
* Designing, building, operating, and optimizing logging technology for better data on site performance and reliability
What you’ll bring:
* Experience in complex Salesforce environments
* Exposure to Cloud Native software development, including cloud infrastructure and API design (Azure preferred)
* Proven application of modern standards such as OWASP CI/CD, DSOMM, SAMM
* Strong networking protocol knowledge (TCP/IP, UDP, HTTP/3, etc.), cloud network design, and integration technologies (Auth0, APIM)
* Expertise with SAST & SCA systems like Snyk, Checkmarx
* Experience with DAST systems such as OpenZAP, Qualys DAST (preferred)
* Ability to manage large-scale software estates (build, release, monitoring, rollbacks, high availability)
* Hands-on experience building automated security test suites
As a precondition, you must be eligible and authorized to work in the UK.
What we offer:
* Competitive salary based on experience
* Annual performance-based bonus
* Contributory pension scheme (up to 12%)
* Life Assurance (up to 10x salary)
* Private health cover
* 28 days annual leave plus Bank Holidays
* Option to buy or sell up to 5 days leave
* Wellbeing resources
* AXA employee discounts
To apply, click ‘apply for this job’, log in or create a profile to submit your CV. We are an Equal Opportunities Employer and support applicants with disabilities through the AXA Accessibility Concierge. Contact lauren.standen@axa-insurance.co.uk for support.
#FeelgoodHealth #LI-Hybrid
Who we are:
At AXA Health, we help members be their best selves by providing health and wellbeing support. We’re transforming our business with digital experiences for our customers. We’re passionate about helping individuals, families, small businesses, and large corporations flourish.
#J-18808-Ljbffr