To develop, implement and maintain solutions that support the safeguarding of the bank’s systems and sensitive information.
Provision of subject matter expertise on security systems and engineering patterns. Development and implementation of protocols, algorithms, and software applications to protect sensitive data and systems. Management and protection of secrets, ensuring that they are securely generated, stored, and used. Execution of audits to monitor, identify and assess vulnerabilities in the bank’s infrastructure/software and support the response to potential security breaches. Identification of advancements in technology to support innovation and adoption of new cryptographic technologies and techniques. Collaboration across the bank, including developers and security teams, to ensure that cryptographic solutions align with business objectives, security policies and regulatory requirements. Development/implementation and maintenance of Identity and Access Management solutions and systems.
To advise and influence decision making, contribute to policy development and take responsibility for operational effectiveness. Collaborate closely with other functions/business divisions. Lead a team performing complex tasks, using well‑developed professional knowledge and skills to deliver work that impacts the whole business function. Set objectives and coach employees in pursuit of those objectives, appraisal of performance relative to objectives and determination of reward outcomes.
People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver a consistently excellent standard. The four LEAD behaviours are:
For individual contributors: lead collaborative assignments and guide team members through structured assignments, identify the need for the inclusion of other areas of specialisation, identify new directions for assignments and/or projects, and consult on complex issues; providing advice to People Leaders to support the resolution of escalated issues.
Join Barclays as a Security Engineer — and help protect and power the next generation of digital banking. You’ll take ownership of securing AWS platforms at scale, driving DevSecOps innovation, and embedding security into the fabric of engineering. This is a high‑impact role where you’ll influence how teams build, deliver, and operate — raising the bar on resilience, speed, and security across the organisation.
To be successful as a Security Engineer, you should have experience with Cloud Application & Infrastructure DevOps Engineering: Strong hands‑on AWS DevOps expertise with a track record of building resilient, high‑availability cloud‑native platforms, leveraging CI/CD automation, Infrastructure as Code, and best‑practice design for resilience, recovery, and operational effectiveness, while promoting modern cloud engineering standards. Secure Cloud Engineering: Proven experience embedding security‑by‑design into SDLC, defining guardrails, and operating secure AWS DevSecOps platforms, with the ability to integrate security controls (including Microsoft E365), measure compliance, and balance delivery speed with risk and resilience. Engineering Leadership & Change: Demonstrated ability to lead engineering and security transformation, influence stakeholders, deliver projects end‑to‑end, upskill teams, and drive lasting behavioural change through automation, standardisation, and observability. Experience delivering cloud, DevOps or engineering transformation within a banking, financial services, or other highly regulated enterprise environment for security transformation. Scalable Security Engineering Experience designing and implementing DevSecOps across Agile value streams and TechOps platforms to enable repeatable security remediation pathways that enforce scalable security controls and guardrails at speed and at scale. Operational Resilience Experience engineering resilient cloud platforms and security controls in UK financial services or critical infrastructure environments, supporting high availability, rapid disaster recovery, and business continuity of important business services and/or security controls.
This role is based in Edinburgh.