Permanent Full Time Information Security London - Hybrid 502623 Apply now
Lead Application Security Engineer
Working at our iconic office in King’s Cross, London, and virtually via Microsoft Teams Your new role at NewDay As a Cloud Security Engineer, you’ll have the ability to play a major role in securing NewDay’s cloud infrastructure. By helping to develop our cloud security roadmap and building automation and tooling you’ll enable our engineering teams to securely provision infrastructure, building security guardrails to ensure that security is embedded in infrastructure patterns by design. The team is tasked with upholding the highest security standards for Cloud development, advancing the adoption of Compliance as Code, and proactively monitoring environments to enhance configurations and builds while identifying potential vulnerabilities or threats. Key Responsibilities
Security Control Automation: Identify, design, deploy, and automate security measures in complex Cloud environments using tools like Bicep, Terraform, and Plum. Cloud Security Tooling: Develop and embed Cloud-native security solutions, leveraging experience in threat modelling and architectural reviews to strengthen security frameworks. Security Reviews: Provide advice and guidance, conduct reviews, and raise awareness on Cloud security for Engineering teams, ensuring adherence to standards such as PCI-DSS, & CIS benchmarks. Incident Response: Collaborate and support our Security Operations team to respond to major security incidents and threats. Support, Compliance, and Advocacy: Assist with risk and compliance initiatives, optimise Cloud costs, identify platform enhancements, and champion Cloud security across the organisation. What you’ll bring
We need knowledge, experience + expertise in: 5 years experience in security engineering, cloud security or DevSecOps Hands-on experience building secure infrastructure using Infrastructure as Code At least one high-level programming language such as Python, C#, or Java Strong hands-on experience working with major cloud providers (Azure, AWS or GCP) Working knowledge of CI/CD such as GitHub Actions, AzureDevOps, Jenkins And would love you to know or learn: Threat modelling of cloud infrastructure Securing and hardening CI/CD pipelines Pulumi, Terraform, or Bicep Compliance as Code tooling such as Azure Policy, AWS SCPs Understanding of PCI-DSS, and other security frameworks Additional Responsibilities
You will work with our internal engineering teams, running workshops and facilitating the implementation of DevSecOps practices. You will lead the design, build, and integration of security with our infrastructure using IaC tools. Develop high-quality technical content such as reusable modules, templates, custom workflows, automation tools, reference architectures, and guidelines to create a paved security road for engineering teams. Identify and solve security challenges and reduce bottlenecks, enabling faster deployments. About NewDay
We help people move forward with credit and help our colleagues to move their careers forward too. We use our highly flexible, scalable, and multi-product digital credit engine to power over 120 million transactions every year. Our brands include Aqua, marbles, fluid and Bip. We partner with leading brands such as John Lewis, AO, Argos and DEKO. Over 5 million UK customers are supported by our award-winning customer service. At NewDay, we value all types of diversity. We’re an equal opportunity employer and believe that our differences create a vibrant, authentic working culture. We want all our colleagues to feel able to bring their whole selves to work. We’re focused on what will drive impact in helping people move forward with credit. Our distinctive culture is geared to spark innovation and team working – with lots of open doors for development. We invest in our colleagues. On top of a strong market competitive salary, you get a bonus opportunity that matches the impact (delivery + values) you drive in your role. At NewDay, #yourwellbeing matters: You get 26 days holiday and can buy up to 5 more after probation. NewWork, our flexible, hybrid working approach, helps you to manage your work/life balance. Our tax efficient green car and cycle to work schemes save you money
(and help the planet). Ask your Talent Acquisition Partner to tell you more about any of our perks.
#J-18808-Ljbffr
Working at our iconic office in King’s Cross, London, and virtually via Microsoft Teams Your new role at NewDay As a Cloud Security Engineer, you’ll have the ability to play a major role in securing NewDay’s cloud infrastructure. By helping to develop our cloud security roadmap and building automation and tooling you’ll enable our engineering teams to securely provision infrastructure, building security guardrails to ensure that security is embedded in infrastructure patterns by design. The team is tasked with upholding the highest security standards for Cloud development, advancing the adoption of Compliance as Code, and proactively monitoring environments to enhance configurations and builds while identifying potential vulnerabilities or threats. Key Responsibilities
Security Control Automation: Identify, design, deploy, and automate security measures in complex Cloud environments using tools like Bicep, Terraform, and Plum. Cloud Security Tooling: Develop and embed Cloud-native security solutions, leveraging experience in threat modelling and architectural reviews to strengthen security frameworks. Security Reviews: Provide advice and guidance, conduct reviews, and raise awareness on Cloud security for Engineering teams, ensuring adherence to standards such as PCI-DSS, & CIS benchmarks. Incident Response: Collaborate and support our Security Operations team to respond to major security incidents and threats. Support, Compliance, and Advocacy: Assist with risk and compliance initiatives, optimise Cloud costs, identify platform enhancements, and champion Cloud security across the organisation. What you’ll bring
We need knowledge, experience + expertise in: 5 years experience in security engineering, cloud security or DevSecOps Hands-on experience building secure infrastructure using Infrastructure as Code At least one high-level programming language such as Python, C#, or Java Strong hands-on experience working with major cloud providers (Azure, AWS or GCP) Working knowledge of CI/CD such as GitHub Actions, AzureDevOps, Jenkins And would love you to know or learn: Threat modelling of cloud infrastructure Securing and hardening CI/CD pipelines Pulumi, Terraform, or Bicep Compliance as Code tooling such as Azure Policy, AWS SCPs Understanding of PCI-DSS, and other security frameworks Additional Responsibilities
You will work with our internal engineering teams, running workshops and facilitating the implementation of DevSecOps practices. You will lead the design, build, and integration of security with our infrastructure using IaC tools. Develop high-quality technical content such as reusable modules, templates, custom workflows, automation tools, reference architectures, and guidelines to create a paved security road for engineering teams. Identify and solve security challenges and reduce bottlenecks, enabling faster deployments. About NewDay
We help people move forward with credit and help our colleagues to move their careers forward too. We use our highly flexible, scalable, and multi-product digital credit engine to power over 120 million transactions every year. Our brands include Aqua, marbles, fluid and Bip. We partner with leading brands such as John Lewis, AO, Argos and DEKO. Over 5 million UK customers are supported by our award-winning customer service. At NewDay, we value all types of diversity. We’re an equal opportunity employer and believe that our differences create a vibrant, authentic working culture. We want all our colleagues to feel able to bring their whole selves to work. We’re focused on what will drive impact in helping people move forward with credit. Our distinctive culture is geared to spark innovation and team working – with lots of open doors for development. We invest in our colleagues. On top of a strong market competitive salary, you get a bonus opportunity that matches the impact (delivery + values) you drive in your role. At NewDay, #yourwellbeing matters: You get 26 days holiday and can buy up to 5 more after probation. NewWork, our flexible, hybrid working approach, helps you to manage your work/life balance. Our tax efficient green car and cycle to work schemes save you money
(and help the planet). Ask your Talent Acquisition Partner to tell you more about any of our perks.
#J-18808-Ljbffr
