Security Engineer

Security Engineer

Oliver James are partnered with a forward-thinking UK organisation that are embarking on the most radical and ambitious transformation programme in the history of its Healthcare business. In response to a changing UK health landscape, the rapid growth of the preventative wellbeing sector, and the need for bold simplification, this organisation is uniting several internal businesses into a single, streamlined digital offering. The mission? To empower people to be the best version of themselves-with health and wellbeing at the core.

As aSecurity Engineer, you'll be a key player in this journey-applying modern security practices across a newly developed Digital Platform that underpins the transformation. You'll work across agile engineering teams to ensure security is embedded into every layer of the technology stack, from design through to deployment and monitoring.

What You'll Be Doing:

Security by Design:Collaborate with engineering teams to assess new features and services, identify potential vulnerabilities, and design secure solutions from the ground up.

Code & Tooling Contribution:Play a hands-on role in improving the organisation's DSOMM score-writing secure code, enhancing documentation, building tooling, and contributing to the secure configuration of systems.

Security Integration:Work alongside Information Security and architecture teams to ensure policies are applied efficiently and pragmatically within CI/CD pipelines and production environments.

Platform Security:Help design and operate secure, scalable cloud infrastructure (primarily in Azure), with a focus on performance, resilience, and observability.

Monitoring & Response:Build and optimise logging, monitoring, and alerting systems that give insight into platform reliability and security events.

Standards & Practices:Champion secure coding standards, contribute to the software delivery lifecycle, and support engineering teams in adopting modern security frameworks.

What You'll Bring:

Cloud Security Experience:Proven experience in securing cloud-native platforms, ideally using Microsoft Azure, and an understanding of infrastructure-as-code, networking, and API design.

Modern Security Frameworks:Deep familiarity with OWASP CI/CD, DSOMM, SAMM, and Cloud Security Posture Management tools (e.g. Azure Defender, Prisma Cloud).

Security Tooling Expertise:Strong hands-on experience with security scanning tools, including SAST and SCA (e.g. Snyk, Checkmarx) and DAST tools (e.g. OpenZAP, Qualys DAST).

Technical Breadth:Solid understanding of networking protocols (TCP/IP, HTTP/3, AMQP, etc.), cloud network design (VPNs, subnets, zones), and integration technologies (e.g. Auth0, API management tools).

Operational Awareness:Ability to manage and support large-scale software estates-handling aspects like deployment, rollback, observability, and high availability.

Automation & Testing:Experience developing or managing automated security test suites as part of a DevSecOps approach.

What's on Offer:

Salary:Up to £85,000 - experience dependant

Bonus:Annual company and performance-related bonus

Pension:Up to 12% employer contributions

Leave:28 days annual leave + Bank Holidays, with the option to buy/sell up to 5 days

Life Assurance:Up to 10x your annual salary

Hybrid Working:2 days a week from the office, which will increase to 3 from September, with a variety of office locations including London, Tunbridge Wells, Bristol, Middlesborough, Bournemouth, Leeds, Manchester.

Wellbeing & Perks:A wide range of employee benefits, including product discounts, gym benefits, and wellbeing resources.

If this sounds like you, and you'd be interested in contributing to an un-paralleled digital transformation, then please apply directly.