Security Engineer

Description

AXA is embarking on its most radical and ambitious change programme in the history of its Healthcare business. Driven by a changing UK health landscape, the growth in the (preventative) Wellbeing sector, and the need for radical simplification, we are uniting several businesses internally to produce a stronger offering than ever before in our mission to empower people to be the best version of themselves.

As a Security Engineer, you'll provide hands-on technical expertise to guide software development, delivery and continuous improvement focusing on risk and security. You'll help evolve our new Digital Platform so that it's secure and compliant with internal and industry regulations. You'll analyze new feature code to identify security risks and work with engineers to mitigate them, applying modern security standards such as OWASP CI/CD, DSOMM, SAMM, and Cloud Security Posture management systems like Azure Defender and Prisma Cloud.

At AXA, we promote flexible working, allowing our employees to balance their time between home and office in a way that suits them, their team, and our customers. You'll work at least 40% of your week away from home, with the majority of your work from September 2025. "Away from home" includes attending our offices, visiting clients, or industry events. We are open to discussing flexible working arrangements with candidates.

What you'll be doing:

1. Analyzing new feature code to identify security risks and collaborating with engineers to mitigate them.
2. Improving our DSOMM score by working with teams or directly handling tasks such as coding, configuration, tooling, and documentation.
3. Working with Information Security teams to implement security policies efficiently and flexibly.
4. Designing, building, operating, and monitoring technology for large, complex multi-site B2C and B2B applications.
5. Upholding coding standards and software delivery lifecycle to ensure secure, high-quality systems.
6. Designing, building, and optimizing logging technology to enhance data collection on site performance and reliability.

Due to high application volume, we may close this advert early to manage interest. If you're interested in joining AXA, please apply promptly.

What you'll bring:

• Expertise in complex Salesforce environments.
• Experience with Cloud Native development, including infrastructure and API design (Azure preferred).
• Knowledge of modern standards such as OWASP CI/CD, DSOMM, SAMM.
• Strong understanding of networking protocols (TCP/IP, UDP, HTTP/3, etc.), cloud network design, and integration technologies (Auth0, APIM).
• Experience with SAST & SCA tools like Snyk, Checkmarx.
• Experience with DAST tools such as OpenZAP, Qualys DAST.
• Ability to manage large-scale software estates operationally.
• Hands-on experience in automated security testing.

This role requires eligibility and authorization to work in the UK.

What we offer:

Our rewards package includes a competitive salary, performance bonus, pension scheme, life assurance, annual leave, options to buy or sell leave, employee discounts, and gym benefits. To apply, click the 'apply for this job' button, log in or create a profile, and submit your CV. We are an Equal Opportunities Employer and support accessibility needs via our AXA Accessibility Concierge. For adjustments, contact lauren.standen@axa-insurance.co.uk.

#FeelgoodHealth #LI-Hybrid

Who we are:

At AXA Health, we help members be their best selves through health and wellbeing support. We are transforming into a digital-first business, passionate about helping individuals, families, and organizations flourish.