Principal Security Engineer

Benefits

Additional Information

We're a digital insurance provider with ambitious plans to become The Best and Biggest in the UK market. Over the past few years, we've made significant investments in our data and tech capabilities, particularly within our CIO function. Our CIO team is at the forefront of driving innovation and ensuring our technology infrastructure supports our ambitious goals. We've nurtured our 4Cs culture, fostering collaboration, creativity, and continuous improvement. We're proud of the journey we're on as a company and know that our continued success will rely on the contribution of our talented colleagues. The CIO team plays a crucial role in this journey, working on cutting-edge projects that enhance our digital presence and improve customer engagement. We provide insurance to nearly four million customers, but we know there's even bigger opportunity out there. The fact you're now reading this job advert means we've tempted you to find out more about #lifeatHD - we really hope you like what you see, and you'll join us to share in the success of the exciting chapter that lies ahead. We understand some people may not apply for jobs unless they feel they tick every box. If you are excited about joining us and think you have some of what we are looking for, even if you're not 100% sure, we would love to hear from you. Our CIO team is always looking for passionate individuals who are eager to make a difference and contribute to our success. Job Details Promote a culture where we re-use more which allows us to optimise workflow efficiency and reduce duplication. Guide and coach teams on good security engineering practices and process improvements, helping to build capability and maturity across the organisation. Supports the team in delivering outcomes efficiently, by reducing manual execution. Ensure fast, reliable feedback loops are in place to enable fail-fast delivery and continuous improvement. Define and implement best practices and controls, ensuring adherence and enabling early detection of issues. Drive engagement and collaboration across Scrum Teams and the CIO community, leading the definition and adoption of best practices to enable faster, secure and more reliable delivery. Skills we would love you to have Extensive practical experience in IT Security working in an agile environment. Transformational leadership skills being able to influence decision making and implement new processes and procedures in support of the company's vision. Excellent mentoring skills to support direct reports in their ongoing development Proven experience in designing, implementing, and securing cloud environments, with a strong emphasis on Microsoft Azure services. In-depth knowledge of cloud security best practices, network security, identity and access management, encryption, and secure coding principles. Excellent problem-solving skills and the ability to analyse complex security issues and develop effective solutions. Strong communication and collaboration skills, with the ability to work effectively in cross-functional teams. Track record of successfully designing, building, and deploying scalable, secure, and highly available security infrastructures using Azure. Strong proficiency in leveraging data and advanced analytics to drive decision-making and continuously enhance security solutions. Tools & Technologies: Proficient knowledge of at least on agile methodology (eg Scrum, Kanban, SAFe)Familiar with backlog and test case management in a system of record such as Jira or Octane Expert knowledge using Cloud Technologies Strong understanding of regulatory compliance requirements (e.g. GDPR, ISO 27001, NIST) and experience implementing security controls to meet those requirements. Hands-on experience with Azure Kubernetes Service (AKS) and microservices architecture. Familiarity with DevSecOps methodologies and tools, enabling the seamless integration of security into the development process. Proficiency in Microsoft Defender security assessment tools, vulnerability scanning tools, and SIEM platforms. In-depth understanding of the Microsoft ecosystem, including hands-on experience with Firewalls, IDS/IPS, Load Balancers, Applications Gateways, Proxies, M365, EDR, KQL. Expertise in utilizing Azure DevOps to drive efficient and collaborative development processes, including the development of security solutions and updates in code. Unfortunately, we are unable to progress with candidates that require sponsorship at this time