Job Title:Cyber Security Engineer – MUST HAVE INSURANCE EXPERIENCE
Department:Cyber Security
Reports To:Head of Security Architecture & Engineering
Salary: GBP600 Per Day Inside IR35
Location: Central London (3 days per week on site, 2 days per week remote)
The Role
We're looking for ahands–on Application Security Engineerwith a strong engineering mindset and a background infinancial services, insurance, or fintech. You'll be embedded with product and engineering teams, driving secure development practices and owning security controls across our SDLC and cloud–native platforms.
This is atechnical role, not for architects or managers – you'll be writing code, integrating tools, running threat modelling sessions, and solving real–world security problems.
What You'll Do
Leadthreat modelling, secure design reviews, and AppSec assessments.
Integrate and automateSAST, DAST, SCA, and container scanning in CI/CD.
Triage and drive remediation ofvulnerabilitiesacross cloud and app layers.
Deliver security controls viacode(Terraform, YAML, scripting).
Support and improvecloud security posture(GCP/Azure).
Run internalpen testingand security assessments.
Build and manage aSecurity Championsnetwork.
Be a visible, vocalSMEon all things AppSec.
What You'll Bring
Strong hands–on experience in AppSec with a background insoftware engineering or DevOps.
Deep knowledge ofGCP (preferred)or Azure security.
Experience withKubernetes, container security, and cloud infra.
Proficiency in IaC (Terraform), scripting (Python, etc.), and CI/CD pipelines.
Excellent communication skills – clear, concise, and credible with engineers.
Exposure to regulated environments (FS, insurance, fintech) is a big plus.
Not for You If
You're an architect, people manager, or hands–off strategist. This is forengineers who deliver.
Eames Consulting is acting as an Employment Business in relation to this vacancy.
#J-18808-Ljbffr
