Security Engineer

As a Security Engineer, you'll provide hands‑on technical expertise to guide software development, delivery and continuous improvement focusing on risk and security. You'll help evolve our new Digital Platform so that it is secure and compliant with both internal and industry regulations. You'll analyse new feature code to identify security risks and work with engineers to mitigate them, working and applying modern security standards such as OWASP CI/CD, DSOMM, SAMM and Cloud Security Posture management systems such as Azure Defender and Prisma Cloud. With the range of technology platforms across our architecture, you'll have the opportunity to grow your expertise in new technologies, including PaaS and SaaS solutions, whilst supporting our engineers with specific security expertise. At AXA we work smart, empowering our people to balance their time between home and the office in a way that works best for them, their team and our customers. You'll work at least two days a week (40%) away from home, moving to three days a week (60%) in the future. Away from home means either attendance at one of our office locations, visiting clients or attending industry events.

• Analysing new feature code to identify security risks and working with engineers to mitigate
• Delivering improvements to our DSOMM score, either working with teams or directly taking responsibility for tasks (writing code, configuration, tooling, documentation)
• Working with our Information Security teams to ensure security policies are implemented in the most efficient and flexible manner
• Designing, building, operating and monitoring technology for large, complex multi‑site B2C and B2B applications
• Working across multiple technology platforms with opportunities to learn and apply your security knowledge and experience to new platforms and technologies
• Contributing to the definition of, adhering to and upholding coding standards and our software delivery lifecycle to ensure the delivery of secure, quality systems
• Designing, building, operating and optimising logging technology to allow more data to be gathered about sites holistic performance and reliability

• Exposure to Cloud Native software development, including cloud infrastructure and API design (Azure preferred)
• Willingness to learn and apply engineering and security expertise to projects built on multiple platforms, such as Salesforce and Azure
• Proven experience applying modern standards such as OWASP CI/CD, DSOMM, SAMM etc
• Strong networking protocol knowledge (TCP/IP, UDP, HTTP/3, AMQP, streaming protocols etc), cloud network design (VPNs, subnets, regions/zones etc), and integration related technologies (Auth0, APIM)
• Expertise with SAST & SCA systems such as Snyk, Checkmarx
• Experience with DAST systems such as OpenZAP, Qualys DAST (preferred) ideally with HTTP APIs
• Ability to manage large scale software estates from an operational perspective (build, release, monitoring, rollbacks, high availability, etc)

We acknowledge and appreciate the exceptional efforts of our people in protecting what matters most to our customers. In exchange we offer a series of core and supporting benefits designed to empower our people to thrive both professionally and personally. We believe in hiring people who possess the appropriate skills and values that align with our vision. Our selection process is fair and equitable, ensuring that all candidates have an equal opportunity to join us. We are dedicated to promoting diversity and inclusion, and we actively encourage applications from individuals of all backgrounds. As an Equal Opportunities Employer, we take pride in treating our employees and potential hires with respect and without discrimination based on any Protected Characteristics. AXA UK are recognised as a Disability Confident Leader. We actively encourage applications from people who face barriers in the workplace due to a disability or long‑term health condition. We participate in the Disability Confident Offer of Interview scheme. This means a fair and proportionate number of candidates with long‑term health conditions or disabilities who meet the essential criteria of a job will be offered an interview.

You’ll need to show you meet the essential criteria as detailed in the job advert or job description.

You don’t need to share the details of your long‑term health condition or disability for your application to be considered under this scheme.

• Competitive annual salary dependent on experience
• Annual company & performance‑based bonus
• Contributory pension scheme (up to 12% employer contributions)
• Life Assurance (up to 10 x annual salary)
• Private medical cover
• 28 days annual leave plus Bank Holidays
• Opportunity to buy up to 5 extra days leave or sell up to 5 days leave
• Wellbeing services & resources
• AXA employee discounts