Senior Digital Platform Security Engineer

Frasers Group
Shirebrook
1 year ago
Applications closed

Related Jobs

View all jobs

IT Manager

Assistant Director - Technology and Operations

Senior Programme Manager - SOC (Government)

Senior Security Engineer

Senior Network Engineer

Director / Head of SOC - Greenfield SOC (Gov.)

At Frasers Group we’re rethinking retail. Through digital innovation and unique store experiences, we’re serving our consumers with the world’s best sports, premium and luxury brands globally. As a leader in the industry, we’re elevating the retail experience for our consumers through our collection of established brands, including Sports Direct, FLANNELS, USC, Frasers, and GAME.

Why join us?

Our mission- we are building the worlds most admired and compelling brand ecosystem

Our purpose – we are elevating the lives of the many with access to the world’s best brands and experiences

At Frasers Group, we fear less and do more. Our people are forward thinkers who are driven to operate outside of their comfort zone to change the future of retail, embracing challenges along the way. The potential to elevate your career is massive, the experience unrivalled. To be able to make the most of it you need to live and breathe our principles:

  • Think without limits - Think fast, think fearlessly, and take the team with you
  • Own it and back yourself - Own the basics, own your role and own the results
  • Be relevant - Relevant to our people, our partners and the planet

Are you ready to join the Fearless?

Frasers Group prides itself on the use of cutting edge and innovative IT solutions, these help drive the business forward and are continuously looking at the benefits new technology can provide.  

With our ongoing Expansion and Elevation Strategy, we are currently seeking a Senior Digital Platform Security Engineer to join our Digital Platform Security Team. With the Platform protecting over close to 50 websites alongside a near 4Bn annual turnover, ensuring these sites are secure as well as running optimally is our upmost importance. Our growing team of engineers is looking for the perfect colleague to help with the continuing growth as well as our technology transformation journey.   

The role involves; 

  • Collaborating with network/security architects to design and implement complex and thorough solutions to support the business 
  • Own complex tasks in the backlog and deliver them routinely with no significant issues 
  • Drive solutions through experimentation and innovation as a culture 
  • Solve problems collaboratively and communicate decisions to stakeholders 
  • Deliver shift-left security capabilities to platform and product 
  • Creating standards for fellow members of staff to follow and abide by 

Communication with clients and colleagues involved in provisioning activities is essential, therefore articulating in a clear written, verbal, or non-verbal manner is important. 

This role is available on a hybrid basis, 3 days on-site and 2 days remote, at our Shirebrook HQ 

Required Experience:

  • Demonstrated expertise in designing, implementing, and managing CDNs, particularly with platforms like Akamai. Experience with other CDN platforms is also appreciated.
  • Ability to analyse and optimise CDN performance metrics to ensure high availability and low latency.     
  • Practical experience in domain administration, including domain transfers and the implementation of advanced features like DNSSEC, SPF flattening, and DMARC.
  • Knowledge of domain reputation management and strategies to prevent domain spoofing and phishing attacks.
  • Solid background in networking, with experience in Internet routing, DNS, load balancing, CDN, Web Application Firewalls (WAF), and DDoS prevention. Proficient in troubleshooting web transactions and API calls.
  • Extensive knowledge of cryptography, including X.509 certificates, digital signatures, securing TLS/SSL parameters, and certificate pinning.
  • In-depth understanding of public cloud deployments in AWS, GCP, and Azure. Familiarity with tooling that can provide global connectivity using traffic management tools.
  • Experience in designing and implementing secure cloud architectures, including the use of cloud-native and cloud agnostic security services.

Desirable Technical Skills and Experience:

  • Knowledge of automation tools and Infrastructure as Code (IaC) tools such as Terraform and Python.
  • Experience with penetration testing tools, particularly Burp Suite.
  • Familiarity with compliance standards such as PCI DSS, GDPR, and ISO 27001.
  • Experience with Kubernetes deployments and a strong understanding of how to secure them.
  • Knowledge of container security best practices and tools for securing Kubernetes environments.
  • Experience with SIEM tools such as Splunk, ELK Stack, or QRadar for monitoring and analyzing security events.
  • Awareness of OWASP projects, including the OWASP Top 10, Application Security Verification Standard (ASV), Mobile Application Security (MAS), and API Security. Understanding of best practices for mitigating these risks in web applications.
  • Strong data manipulation skills with the ability to analyse and visualize large JSON or CSV datasets and find and correlate anomalous behaviours across diverse sets of data.
  • Experience with observability tools such as Splunk, AppDynamics, and Honeycomb for monitoring, troubleshooting, and optimizing application performance and security.
  • Desirable certifications include Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and Offensive Security Certified Professional (OSCP).

Along with your benefits package we also offer a wide range of perks for our colleagues:

Reward, Recognition and Opportunities

Frasers Champion- Our employees are at the heart of our business and we ensure individuals are recognised every single month for their hard work. Frasers Champion is a peer nominated scheme where 8 winners will receive double their pay for a month where they have thought without limits, owned it or been relevant.

Fearless 1000 – By October 2025, we want our share price to hit £10. If that happens for 30 or more consecutive trading days, all colleagues across the business will receive a bonus! The top 1000 performers in the company will receive unprecedented bonuses, worth from £50,000 to £1million! Senior leaders across the business nominate these performers twice a year for embodying our core values and delivering exceptional performance*.

*subject to terms and conditions

Frasers Festival – an event like no other! Our Frasers Festival is our celebration for Head Office and Retail Staff across the UK and Europe – hosting a MEGA brand village, guest speakers from the world's biggest brands, evening entertainment, the ultimate Frasers Fearless Fitness Challenge and much more.

CEO Sessions – Once a quarter we offer 20 employees the opportunity to attend our “CEO Sessions” ran by our CEO and leadership team. Employees have the chance to connect, network and submit questions around specific topics such as our Sports or Luxury business.

Retail Reconnect – In order to build the planets most admired and compelling brand ecosystem, all employees must understand our business, product and customers. Each financial year, Head Office employees will gain insights by spending two days in one of our stores or the Warehouse. The goal is to learn how the work you do impacts our teams on the frontline, and to bring ideas back to the office which will improve how we work.

Employee Welfare

Frasers Fit – Our Everlast Gyms Team are on a mission to make our workforce the best, and fittest on the planet! We run free gym classes for employees as well as discounted memberships to our clubs. Frasers Fit is our wellbeing programme which aims to support and improve colleagues Physical, Financial & Mental wellbeing. The app is accessible for every employee and includes training, nutrition and lifestyle advice- all completely free.

Retail Trust – We know that its not just about physical health, mental wellness is equally important which is why all of our employees get free access and support from the Retail Trust charity. This includes a 24 hour wellbeing helpline, wellness hub, counselling and financial/legal support.

What’s next?

Our Recruitment Team will be reviewing applications and all candidates will receive a response, whether you are successful or unsuccessful. Shortlisted applicants may be asked to confirm a few key details before being booked in for a first stage interview with the Recruiter- this will be behaviourally focussed and centred around how you align with our Culture and Values. If successful we anticipate two further interview stages with the Hiring Manager/wider team which will be more technically focussed and could include a presentation/task so we can see your skills in action.

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

How to Write a Cyber Security Job Ad That Attracts the Right People

Cyber security is now a board-level priority for organisations across the UK. From financial services and healthcare to critical infrastructure, SaaS platforms and the public sector, demand for skilled cyber security professionals continues to grow. Yet despite this demand, many employers struggle to attract the right candidates. Cyber security job adverts often generate large volumes of applications, but few are a genuine match. Meanwhile, experienced security engineers, analysts and architects quietly ignore adverts that feel vague, unrealistic or disconnected from real security work. In most cases, the problem is not a lack of talent — it is the quality of the job advert. Cyber security professionals are trained to assess risk, spot weaknesses and question assumptions. A poorly written job ad signals organisational immaturity and weak security culture. A well-written one signals seriousness, competence and trust. This guide explains how to write a cyber security job ad that attracts the right people, improves applicant quality and positions your organisation as a credible security employer.

Education Jobs

Maths for Cyber Security Jobs: The Only Topics You Actually Need (& How to Learn Them)

If you are applying for cyber security jobs in the UK it can feel like “real security people” must be brilliant at maths. The reality is simpler: most roles do not need degree-level pure maths. What they do need is confidence with a small set of practical topics that show up repeatedly in day-to-day work across SOC, incident response, cloud security, AppSec, threat detection, IAM & security engineering. This guide strips the maths down to what actually helps you get hired. It includes a 6-week learning plan plus portfolio projects you can publish to prove the skills. You will focus on: Number systems & bitwise thinking (binary, hex, bytes, XOR) Modular arithmetic basics (enough to understand how modern crypto “works”) Probability & statistics for detection, triage & risk Discrete maths for logic, sets, graphs & complexity Security maths habits: estimation, false positive control & evidence-led reporting You will not waste time on heavy theory that rarely appears in junior or mid-level cyber security roles.

Jobs

Neurodiversity in Cyber Security Careers: Turning Different Thinking into a Superpower

Cyber security is all about thinking like an attacker, spotting unusual patterns, protecting systems & responding calmly when everything looks like it’s on fire. It’s a discipline built on curiosity, persistence & noticing things other people miss. That’s exactly why it can be such a good fit for many neurodivergent people. If you live with ADHD, autism or dyslexia, you may have been told your brain is “too distracted”, “too literal” or “too disorganised” for a security role. In reality, the traits that can make traditional office work tough often line up beautifully with cyber security work – from hyperfocus in incident response to meticulous analysis in threat hunting. This guide is written for cyber security job seekers in the UK. We’ll look at: What neurodiversity means in a cyber context How ADHD, autism & dyslexia strengths map to different security roles Practical workplace adjustments you can ask for under UK law How to talk about neurodivergence during applications & interviews By the end, you’ll have a clearer sense of where you might thrive in cyber security – & how to turn “different thinking” into a genuine superpower.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.