Enable job alerts via email!

Cyber Security Engineer *INSURANCE EXPERIENCED*

NACBA

London

Hybrid

GBP 125,000 - 150,000

Full time

Yesterday
Be an early applicant

Generate a tailored resume in minutes

Land an interview and earn more. Learn more

Start fresh or import an existing resume

Job summary

A leading company in the financial services sector is seeking a Cyber Security Engineer with insurance experience to enhance its security posture. This hands-on role requires deep knowledge of application security and cloud environments (GCP/Azure) while driving secure development practices. You'll lead threat modelling, conduct AppSec assessments, and create security controls through code. Ideal candidates will have a solid engineering background and strong communication skills to work closely with product teams.

Qualifications

  • Strong hands-on experience in AppSec with a software engineering or DevOps background.
  • Deep knowledge of GCP or Azure security and container security.
  • Excellent communication skills for clear interactions with engineers.

Responsibilities

  • Lead threat modelling, secure design reviews, and AppSec assessments.
  • Integrate and automate security tools in CI/CD.
  • Run internal pen testing and security assessments.

Skills

Application Security
Threat Modelling
Cloud Security
Scripting
CI/CD Pipelines
Communication
Container Security

Tools

Terraform
Kubernetes
GCP
Azure

Job description

Job Title:
Cyber Security Engineer - MUST HAVE INSURANCE EXPERIENCE

Department:
Cyber Security

Reports To:
Head of Security Architecture & Engineering

Salary: £600 Per Day Inside IR35

Location: Central London (3 days per week on site, 2 days per week remote)

The Role

We're looking for a hands-on Application Security Engineer with a strong engineering mindset and a background in financial services, insurance, or fintech. You'll be embedded with product and engineering teams, driving secure development practices and owning security controls across our SDLC and cloud-native platforms.

This is a technical role, not for architects or managers - you'll be writing code, integrating tools, running threat modelling sessions, and solving real-world security problems.

What You'll Do
  • Lead threat modelling, secure design reviews, and AppSec assessments.
  • Integrate and automate SAST, DAST, SCA, and container scanning in CI/CD.
  • Triage and drive remediation of vulnerabilities across cloud and app layers.
  • Deliver security controls via code (Terraform, YAML, scripting).
  • Support and improve cloud security posture (GCP/Azure).
  • Run internal pen testing and security assessments.
  • Build and manage a Security Champions network.
  • Be a visible, vocal SME on all things AppSec.
What You'll Bring
  • Strong hands-on experience in AppSec with a background in software engineering or DevOps.
  • Deep knowledge of GCP (preferred) or Azure security.
  • Experience with Kubernetes, container security, and cloud infra.
  • Proficiency in IaC (Terraform), scripting (Python, etc.), and CI/CD pipelines.
  • Excellent communication skills - clear, concise, and credible with engineers.
  • Exposure to regulated environments (FS, insurance, fintech) is a big plus.
Not for You If...

You're an architect, people manager, or hands-off strategist. This is for engineers who deliver.

Eames Consulting is acting as an Employment Business in relation to this vacancy.
Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.