*INSURANCE EXPERIENCED* Cyber Security Engineer
Posted 1 week ago by Eames Consulting Group Ltd
£600 Per day
Inside
Hybrid
London, UK
Summary: The role of Cyber Security Engineer requires a hands-on professional with a strong engineering mindset and experience in financial services, insurance, or fintech. The engineer will work closely with product and engineering teams to implement secure development practices and manage security controls throughout the software development lifecycle. This technical position involves coding, integrating security tools, and addressing real-world security challenges. The ideal candidate will be proactive in leading security assessments and enhancing the organization's cloud security posture.
Key Responsibilities:
- Lead threat modelling, secure design reviews, and AppSec assessments.
- Integrate and automate SAST, DAST, SCA, and container scanning in CI/CD.
- Triage and drive remediation of vulnerabilities across cloud and app layers.
- Deliver security controls via code (Terraform, YAML, Scripting).
- Support and improve cloud security posture (GCP/Azure).
- Run internal pen testing and security assessments.
- Build and manage a Security Champions network.
- Be a visible, vocal SME on all things AppSec.
Key Skills:
- Strong hands-on experience in AppSec with a background in software engineering or DevOps.
- Deep knowledge of GCP (preferred) or Azure security.
- Experience with Kubernetes, container security, and cloud infra.
- Proficiency in IaC (Terraform), Scripting (Python, etc.), and CI/CD pipelines.
- Excellent communication skills - clear, concise, and credible with engineers.
- Exposure to regulated environments (FS, insurance, fintech) is a big plus.
Salary: £600 Per Day
City: London
Country: UK
Working Arrangements: hybrid
IR35 Status: inside IR35
Seniority Level: undetermined
Industry: IT
Job Title:
Cyber Security Engineer - MUST HAVE INSURANCE EXPERIENCE
Department:
Cyber Security
Reports To:
Head of Security Architecture & Engineering
Salary: £600 Per Day Inside IR35
Location: Central London (3 days per week on site, 2 days per week remote)
The RoleWe're looking for a hands-on Application Security Engineer with a strong engineering mindset and a background in financial services, insurance, or fintech. You'll be Embedded with product and engineering teams, driving secure development practices and owning security controls across our SDLC and cloud-native platforms.
This is a technical role, not for architects or managers - you'll be writing code, integrating tools, running threat modelling sessions, and solving real-world security problems.
What You'll DoLead threat modelling, secure design reviews, and AppSec assessments.
Integrate and automate SAST, DAST, SCA, and container scanning in CI/CD.
Triage and drive remediation of vulnerabilities across cloud and app layers.
Deliver security controls via code (Terraform, YAML, Scripting).
Support and improve cloud security posture (GCP/Azure).
Run internal pen testing and security assessments.
Build and manage a Security Champions network.
Be a visible, vocal SME on all things AppSec.
What You'll Bring
Strong hands-on experience in AppSec with a background in software engineering or DevOps.
Deep knowledge of GCP (preferred) or Azure security.
Experience with Kubernetes, container security, and cloud infra.
Proficiency in IaC (Terraform), Scripting (Python, etc.), and CI/CD pipelines.
Excellent communication skills - clear, concise, and credible with engineers.
Exposure to regulated environments (FS, insurance, fintech) is a big plus.
Not for You If
You're an architect, people manager, or hands-off strategist. This is for engineers who deliver.
Eames Consulting is acting as an Employment Business in relation to this vacancy.