Senior / Lead Security Engineer

CAPCO
London
1 year ago
Applications closed

Related Jobs

View all jobs

Security Engineer

Lead Software Security Engineer

Senior Security Engineer

Senior Application Security Engineer (33957)

Senior Application Security Engineer

Senior Security Engineer

Senior / Lead Security Engineer

at Capco UK - London

Senior/Lead Security Engineer - Senior/Principal Consultant

About Capco 

Capco is a global technology and business consultancy, focused on the financial services sector. We are passionate about helping our clients succeed in an ever-changing industry.

You will work on engaging projects with some of the largest banks in the world, on projects that will transform the financial services industry.

We are/have:

Experts across the Capital Markets, Insurance, Payments, Retail Banking and Wealth & Asset Management domains. Deep knowledge in various financial services offerings including Finance, Risk and Compliance, Financial Crime, Core Banking etc. Committed to growing our business and hiring the best talent to help us get there. Focused on maintaining our nimble, agile and entrepreneurial culture.

The Role

We are looking for engineers who want to play a key part in supporting the evolution of the Financial Services industry one project at a time. You will be expected to be a strong team player who prides themselves on delivering modern, first class cloud based platforms through practicing best in class Agile ways of working at all times.

Responsibilities

Craft and implement an advanced security engineering strategy to bolster our infrastructure and networks. Mentor and guide the security engineering team, fostering a culture of continuous learning and innovation. Collaborate with cross-functional teams to inculcate security-by-design principles. Design and optimise endpoint protection solutions, ensuring robustness against evolving threats. Provide leadership in device management, secure configuration, and hardening practices. Secure our Cloud architectures, emphasising proactive defence mechanisms and robust access controls. Monitor cloud configurations, ensuring alignment with best practices and compliance requirements. Implement a strategy for data protection across its lifecycle. Provide leadership in encryption, tokenisation, and masking strategies and implement a strategy for data protection across its lifecycle. Spearhead the integration of security within the SDLC, promoting secure coding practices and integrating security tools within CI/CD pipelines. Oversee designs, vulnerability assessments and code reviews, ensuring applications are free of critical security flaws. Guide the engineering teams in embracing security as an integral part of the development lifecycle. Promote secure coding practices and integrate security tools within CI/CD pipelines. Conduct regular network security assessments and audits to identify and mitigate vulnerabilities. Monitor security access and implement firewall technologies. Monitor the cybersecurity landscape for emerging threats and innovative defence strategies. Test and incorporate new security tools and methodologies that align with our tech stack and security objectives.

Skills & Expertise

Extensive experience in endpoint security solutions and best practices. Deep expertise in Cloud Security. Proficient understanding of data security principles and mechanisms. Strong background in application security and secure software development. Familiarity with major security standards and frameworks. Experience with programming languages (e.g., Python, Go, Java) will be a strong advantage. Excellent communication skills, both written and verbal.

Preferred Qualifications

Bachelor’s or master’s degree in computer science, Information Security, or a related field. Relevant certifications such as CSSLP, CISSP, or cloud-specific certifications.

We'd also like to see:

An appetite to contribute to the wider Capco business outside of project assignments. This can be achieved through various means including thought leadership activities, supporting RFP's and the coaching/mentoring of more junior engineering team members

A day in the life of an Engineer at Capco

Working alongside clients to interpret requirements and define industry-leading solutions. Designing and developing robust, well tested data pipelines. Demonstrating and helping clients adhere to best practices in engineering and SDLC. Building event-driven, loosely coupled distributed applications. Developing both on-premise and cloud-based solutions. Supporting internal Capco capabilities by sharing insight, experience and credentials.

We offer: 

A work culture focused on innovation and building lasting value for our clients and employees  Ongoing learning opportunities to help you acquire new skills or deepen existing expertise  A flat, non-hierarchical structure that will enable you to work with senior partners and directly with clients A diverse, inclusive, meritocratic culture Enhanced and competitive family friendly benefits, including maternity / adoption / shared parental leave and paid leave for sickness, pregnancy loss, fertility treatment, menopause, and bereavement 

Joining Capco means joining an organisation that is committed to an inclusive working environment where you’re encouraged to #BeYourselfAtWork. We celebrate individuality and recognize that diversity and inclusion, in all forms, is critical to success. It’s important to us that we recruit and develop as diverse a range of talent as we can, and we believe that everyone brings something different to the table – so we’d love to know what makes you different. We understand that you may need us to make changes to our process to allow you the best possible platform to succeed, and we are happy to cater to any reasonable adjustments you may require. You will find the section to let us know of these at the bottom of your application form or you can mention it directly to your recruiter at any stage and they will be happy to help. 

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Contract vs Permanent Cybersecurity Jobs: Which Pays Better in 2025?

Cybersecurity has become one of the fastest-growing and most crucial fields in modern business. With high-profile breaches dominating headlines and the ongoing digital transformation exposing organisations to new threats, companies across the UK are competing to attract skilled cybersecurity professionals. Roles range from penetration testers (pen testers) and SOC (Security Operations Centre) analysts to compliance officers, cloud security architects, threat intelligence analysts, and CISOs (Chief Information Security Officers). As demand continues to surge, cybersecurity salaries have climbed accordingly, and businesses have turned to more flexible hiring practices. Alongside permanent employment, many professionals explore short-term day‑rate contracting or fixed-term contracts (FTCs), searching for the ideal balance of pay, job security, and growth opportunities. Which arrangement truly pays better in 2025—and which best aligns with your ambitions? In this article, we dive into the contract vs. permanent debate with a focus on cybersecurity roles. We will examine the current market, the structure of day‑rate vs. FTC vs. permanent positions, the pros and cons of each, and some hypothetical pay comparisons. By the end, you should have a clearer sense of which career path might suit your situation and goals—whether you are a seasoned specialist aiming for top rates, or an up-and-coming analyst seeking a stable environment to develop in.

Jobs

Cyber Security Jobs for Non‑Technical Professionals: Where Do You Fit In?

Defence Needs More Than Hackers in Hoodies When headlines warn of ransomware crippling hospitals or deepfakes swaying elections, we picture hoodie‑clad hackers and elite penetration testers. Yet the reality of the UK’s cyber security sector is broader—and desperately short of talent. The Department for Science, Innovation & Technology (DSIT) estimates a shortfall of 11,200 cyber security professionals in 2024, while 43 % of advertised roles require governance, risk or communication skills rather than hands‑on technical exploits. Put plainly: if you can guide policy, manage projects, interpret regulations or inspire behaviour change, cyber security wants you. This guide highlights the fastest‑growing non‑technical roles, the transferable skills you already possess, and a concrete 90‑day plan to land a cyber security job—no packet sniffers required.

Careers Jobs

BAE Systems Cybersecurity Jobs in 2025: Your Complete UK Guide to Protecting Governments, Businesses and Critical Infrastructure

From securing the Royal Navy’s new Dreadnought submarines to foiling multimillion‑pound fraud rings, BAE Systems Digital Intelligence (DI)—formerly Detica—sits at the sharp end of global cyber defence. Head‑quartered in Guildford with hubs in Gloucester, Leeds and London, the 5,500‑strong DI business delivers threat‑intelligence platforms, secure‑by‑design software and 24/7 SOC services to government and commercial clients worldwide. With escalating ransomware, AI‑driven disinformation and complex supply‑chain threats, BAE plans to expand its UK cyber workforce by 20 % in 2025. Whether you’re a graduate passionate about reverse engineering, a DevSecOps engineer who loves IaC, or an incident‑response pro comfortable in high‑side environments, this guide explains how to land a BAE Systems cybersecurity job in 2025.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.