Skip to main content
Back to jobs

Security Engineer

External
bupa logoBupa · South West London
ContractHybridToday
Application SecurityComplianceLinuxNetwork SecuritySSOStakeholder Management
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

Benefits

Our benefits are designed to make health happen for our people. Viva is our global wellbeing programme and includes all aspects of our health, from mental and physical, to financial, social and environmental wellbeing. We support flexible working and have a range of family friendly benefits.Joining Bupa in this role you will receive the following benefits and more:25 days holiday per year, pro rata to your contract.Access to a range of services to support your physical and mental wellbeingFixed term benefits allowanceAccess to our confidential employee assistance programmeWorkplace pensionOnline discounts covering your everyday shopping, entertainment, eating out and more.Why Bupa?We're a health insurer and proHealth insuranceFlexible schedule

Additional Information

Job Description: Security Engineer Salary: £55,100 - £68,000 (neg depending on experience) Location: Cromwell Hospital, London (SW5 0TU) Hybrid Working: Desired 2 days per week onsite Fixed Term Contract: 12 Months Scheduled weekly hours: 37.5 hours Benefits: Fixed Term benefits allowance We make health happen We are seeking an experienced Security Engineer to join Cromwell on a fixed-term contract. In this role, you will be responsible for ensuring the organisation adheres to industry security standards and best practices, including NIST, ISO 27001, and CIS controls. You will play a key role in implementing, maintaining, and continuously enhancing our security frameworks, processes, and technologies. This position is critical in safeguarding the company's systems, data, and reputation, while also promoting a strong culture of security awareness across the business. How you'll help us make health happen: Support the implementation, monitoring, and continuous improvement of security frameworks and controls aligned to NIST, ISO 27001, and CIS standards Design, implement, and manage security solutions, including SSO, MFA, and identity lifecycle processes (JML), ensuring secure and seamless user access Collaborate with IT, HR, compliance, and security teams to embed and maintain security controls across systems, projects, and business workflows Identify, assess, and manage security risks and vulnerabilities across applications and infrastructure, developing and driving remediation plans through to completion Ensure security is embedded across the full project lifecycle, including participation in change management and design processes Develop, maintain, and document security policies, procedures, and standard operating protocols in line with best practice and regulatory requirements Monitor security posture, track risks, escalate overdue remediation, and ensure adherence to defined security metrics and organisational risk appetite Support security assessments, pre-engagement activities, and coordination with internal SMEs and wider security teams Implement and maintain capabilities for early detection, response, and management of security incidents Test and assess systems and infrastructure to identify vulnerabilities and recommend improvements Produce clear reporting on security posture, risk, and improvement initiatives, and represent the organisation in relevant security forums Develop and implement technical solutions and tools to enhance security capability, automate processes, and protect organisational data and infrastructure Promote security awareness across the organisation, providing guidance and training where required Key Skills / Qualifications needed for this role: Proven experience in a Security Engineer, Application Security Engineer, or similar role within an enterprise or regulated environment Strong working knowledge of security frameworks and standards, including NIST, ISO 27001, and CIS, with hands-on experience implementing and maintaining controls Practical experience designing, implementing, and managing identity and access solutions, including SSO, MFA, and joiner/mover/leaver (JML) processes Solid technical expertise across security technologies such as firewalls, intrusion detection systems, anti-virus, authentication systems, log management, and content filtering Good understanding of network security, network segmentation, and monitoring tools, alongside infrastructure and operating system security (Windows/Linux) Experience identifying and managing vulnerabilities, supporting remediation activities, and maintaining security systems within complex environments Ability to design, document, and optimise security processes, policies, and technical procedures to a high standard Strong understanding of infrastructure and application security principles, with the ability to secure enterprise environments end-to-end Relevant professional certifications such as CISSP, CISM, or equivalent are highly desirable Excellent problem-solving skills with the ability to work effectively under pressure Strong communication and stakeholder management skills, with the ability to translate technical security concepts into business context

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at bupa? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect