Security Engineer

About the Role: Are you ready to use your security expertise to protect a dynamic, global brand? Join our team and help us build on our success by keeping NEXT secure and driving innovation in our security posture. This is a role where you can Make it happen - taking ownership of our defences and pushing the boundaries of what automated security looks like.

We are looking for an experienced and threat focused Security Engineer with deep technical expertise in security tooling across both on-premise and cloud environments. You'll be a crucial part of our Information Security team, moving beyond simple 'system maintenance' to focus on continually improving robust defences that protect our business and customers.

• Proactive Defence: Implementing and maintaining security technologies and concepts, continually improving NEXT's security posture in response to the threat landscape. You'll work to reduce our attack risk by working closely with IT and security teams to ensure secure and proper integration of systems.
• System Maintenance: Continuous maintenance and tuning of security systems, collaborating with our Vulnerability & Threat Management and Incident Response teams to ensure effectiveness against new and emerging threats.
• Innovation: Driving proactive improvement by suggesting and testing new technologies and supporting the continuous development of internal security tools.
• Automation: Driving efficiency by utilising automation (SOAR) to aid in alert enrichment and incident management.
• Collaborating with IT Teams to ensure new and existing controls integrate seamlessly.
• Operational Support: Participating in a shift and call-out rota to provide 24x7 technical escalation and platform support for our environment.

You are technically curious, pragmatic, and organised with a 'security first' mindset. You don't just "do security" as a job; you have a genuine passion for the industry and a personal drive to assess threat risk in order to protect our business.

• Professional Commitment: You are results‑oriented and understand that maintaining a robust security posture requires dedication beyond standard expectations. You are the type of professional who takes full ownership of critical issues, seeing them through to resolution.
• Continuous Learner: The threat landscape is dynamic, and you are adaptable. You are committed to your own professional growth, constantly refining your technical skills and seeking to understand the mechanisms of new attack vectors.
• Custodian Mindset: You understand the gravity of your role. You take personal pride in the reliability of the controls you configure and view yourself as a custodian of the brand's reputation and customer data.
• Collaborative & Calm: You embrace collaboration, actively sharing knowledge with the team. You remain calm under pressure and can communicate complex technical risks clearly to management.

We invest in modern tooling so we provide the best protections for our business. We don't expect you to be an expert in all of these from day one, but experience with similar platforms is essential:

• SIEM: Detect and respond experience with products like Google SecOps, Splunk, Exabeam, or Elastic.
• SOAR: Python‑driven Security Automation experience (building playbooks and integrations).
• Next‑Gen EDR/XDR: Experience with large‑scale on‑prem and cloud next‑gen anti‑malware deployments.
• Secure Email Gateways: Experience using enterprise‑grade products to protect both inbound and outbound mail flows.
• Cloud Security (CSPM & CNAPP): Experience implementing policies to detect cloud misconfigurations, secure containerized workloads, and manage drift in Azure, GCP, or AWS.
• Web Application Firewalls (WAF): Experience configuring WAFs, ideally in a high‑volume eCommerce environment.
• Privilege Access Management (PAM): Experience configuring tooling to enforce least‑privilege access.
• Core Tech: Proven IT experience in Windows Server and/or Linux, network administration, or application development.
• Project Delivery: proven experience with project delivery, managing technical implementations from design to completion.
• Industry: Understanding and experience of working for an eCommerce Retail company is beneficial.

#LI-LE1 #LI-Hybrid

You know Next, but did you know we're a FTSE‑100 retail company employing over 35,000 people across the UK and Ireland. We're the UK's 2nd largest fashion retailer and for Kidswear we're the market leader. At the last count we have over 500 stores, plus the Next Online and it's now possible to buy on‑line from over 70 countries around the world! So we've gone global!

• 25% off most NEXT, MADE*, Lipsy*, Gap* and Victoria's Secret* products (*when purchased through NEXT)
• Company performance based bonus
• Sharesave scheme
• On‑site Nursery available; OFSTED outstanding in all areas
• 10% off most partner brands & up to 15% off Branded Beauty
• Early VIP access to sale stock
• Access to fantastic discounts at our Staff Shops
• Restaurants with great food at amazing prices
• Access a digital GP and other free health and wellbeing services
• Free on‑site parking
• Financial Wellbeing – Save, track and enhance your financial wellbeing
• Apprenticeship – Grow and develop on the job whilst gaining a qualification
• Direct to Work – Discount online and instore, collect your items the next day for free from your place of work or local store
• Support Networks – Access to Network Groups to empower and celebrate each other
• Wellhub – Discounted flexible monthly gym memberships, with apps, PT sessions and more

Conditions apply to all benefits. These benefits are discretionary and subject to change.

We aim to support all candidates during the application process and are happy to provide workplace adjustments when necessary. Should you need support with your application due to a disability or long‑term condition, feel free to get in touch with us by email headoffice_careers@next.co.uk (please include 'Workplace Adjustments' in the subject line), or call us on 0116 284 2486 and leave a voicemail.