Security Engineer / Hybrid Working - £80,000

Oliver James associates
Manchester, United Kingdom
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
£ 80K

Job location

Manchester, United Kingdom

Tech stack

API
Advanced Message Queuing Protocol
Azure
Software as a Service
Cloud Computing
Cloud Computing Security
Computer Security
Subnetting
Virtual Private Networks (VPN)
Network Protocols
Open Web Application Security
Platform as a Service (PAAS)
Salesforce
Secure Coding
Software Engineering
Data Streaming
TCP/IP
Data Logging
System Availability
Checkmarx
Api Design
Qualys
Static Application Security Testing
Dynamic Application Security Testing

Job description

We are currently supporting our global insurance client in expanding their team and looking for a security engineer who has previously worked within the insurance industry and had extensive experience working with engineering functions.

As a Security Engineer, you'll provide hands-on expertise to support secure software development, delivery, and continuous improvement. You'll help evolve our clients Digital Platform to ensure it is secure and compliant with internal policies and industry standards. Working closely with engineering teams, you'll identify and mitigate security risks in new features while applying modern security frameworks and cloud security tooling across a diverse technology landscape, including PaaS and SaaS platforms.

What you'll be doing

  • Reviewing new feature code to identify security risks and working with engineers to remediate them
  • Improving our DSOMM score through direct delivery (code, configuration, tooling, documentation) or collaboration with teams
  • Partnering with Information Security teams to implement security policies efficiently and flexibly
  • Designing, building, operating, and monitoring large-scale, complex B2C and B2B systems
  • Applying security expertise across multiple technology platforms and adopting new technologies
  • Defining, upholding, and contributing to secure coding standards and the software delivery lifecycle
  • Designing and optimising logging and monitoring solutions to improve system performance and reliability

Requirements

  • Experience with cloud-native development, cloud infrastructure, and API design (Azure preferred)
  • Willingness to work across multiple platforms, including Azure and Salesforce
  • Proven application of security standards such as OWASP CI/CD, DSOMM, and SAMM
  • Strong knowledge of networking protocols (TCP/IP, UDP, HTTP/3, AMQP, streaming), cloud networking (VPNs, subnets, regions/zones), and integration technologies (Auth0, APIM)
  • Hands-on experience with SAST and SCA tools (e.g. Snyk, Checkmarx)
  • Experience with DAST tools (e.g. OpenZAP, Qualys DAST), ideally for HTTP APIs
  • Operational experience managing large-scale software estates (build, release, monitoring, rollbacks, high availability)
  • Hands-on experience building automated security test suites

Apply for this position