Security Engineer

Security Engineer Salary: Up to £85,000 (depending on experience) Locations: London, Leeds, Middlesbrough, Bristol or Bournemouth Working Pattern: Hybrid - two days per week in one of the above offices Overview: An established enterprise organisation is undertaking enhancements to its digital platforms as part of an ongoing modernisation strategy. As a Security Engineer, you will provide hands-on technical security expertise across software development, delivery and continuous improvement. You will play a key role in shaping and securing a modern digital platform, ensuring compliance with internal policies and industry regulations, while embedding security best practice across the engineering lifecycle. Key Responsibilities: Analysing new feature code to identify security risks and working closely with engineering teams to mitigate them Delivering improvements to DSOMM maturity, either by enabling delivery teams or directly owning tasks (including coding, configuration, tooling and documentation) Working with Information Security teams to ensure security policies are implemented in a pragmatic, efficient and flexible manner Designing, building, operating and monitoring secure technology solutions for large-scale, complex B2C and B2B applications Applying security knowledge across multiple technology platforms, contributing to secure adoption of new tools and services Defining, upholding and contributing to secure coding standards and the software delivery lifecycle Designing, building and optimising logging and monitoring solutions to improve visibility, reliability and overall platform performance Skills & Experience Required: Experience with cloud-native software development, including cloud infrastructure and API design (Azure preferred) Willingness to apply security and engineering expertise across multiple platforms, such as Azure and SaaS solutions Proven experience working with modern security standards and frameworks, including OWASP CI/CD, DSOMM and SAMM Strong knowledge of networking protocols (TCP/IP, UDP, HTTP/3, AMQP, streaming protocols), cloud networking concepts (VPNs, subnets, regions/zones) and integration technologies Hands-on experience with SAST and SCA tools such as Snyk and Checkmarx Experience with DAST tools such as OWASP ZAP or Qualys DAST (preferred), ideally working with HTTP APIs Ability to manage and support large-scale software estates, including build, release, monitoring, rollback and high availability Practical experience building and maintaining automated security testing suites Eligibility: Must be eligible and authorised to work in the United Kingdom Reward & Benefits: Competitive base salary dependent on experience Annual company and performance-related bonus Contributory pension scheme with enhanced employer contributions Life assurance Private medical cover 28 days annual leave plus bank holidays Option to buy or sell additional annual leave Wellbeing services and employee support resources Employee discount programmes