Security Engineer

Overview

Security Engineer

Our Client requires a Contract Security Engineer to identify gaps in security, identify root causes, work with stakeholders to remediate software and hardware issues.

• Day Rate: £650-£700pd
• IR35 Status: Inside
• Travel: 3 days a week in Central London (2 WFH)
• Duration: 6 Months initially

Responsibilities

• Captures, refines, and embeds information security requirements into systems and configurations, ensuring alignment with organisational needs.
• Conducts security reviews and risk assessments to identify vulnerabilities, develop risk mitigation plans, and strengthen overall security posture.
• Documents and maintains security processes, procedures, and controls across infrastructure, hardware, and software environments.
• Partners with internal teams and external vendors to ensure effective communication, risk remediation, and shared accountability for security outcomes.
• Demonstrates strong knowledge of security engineering and risk management practices, translating complex technical concepts into clear guidance for diverse stakeholders.
• Hands-on experience configuring and managing security across multi-cloud environments, including GCP, AWS, and Azure.
• Skilled in implementing a wide array of security controls such as secure SDLC practices, firewalls, email and web filtering, WAFs, VNC, Kubernetes security, mobile verification toolkits, client-side encryption, API protection, IDS/IPS, SIEM configuration, and CIS hardening standards

Qualifications

• Experience capturing, refining, and embedding information security requirements into systems and configurations, ensuring alignment with organisational needs.
• Experience conducting security reviews and risk assessments to identify vulnerabilities, develop risk mitigation plans, and strengthen overall security posture.
• Experience documenting and maintaining security processes, procedures, and controls across infrastructure, hardware, and software environments.
• Ability to partner with internal teams and external vendors to ensure effective communication, risk remediation, and shared accountability for security outcomes.
• Strong knowledge of security engineering and risk management practices, translating complex technical concepts into clear guidance for diverse stakeholders.
• Hands-on experience across multi-cloud environments (GCP, AWS, Azure).
• Proficiency with a range of security controls including secure SDLC practices, firewalls, email/web filtering, WAFs, VNC, Kubernetes security, mobile verification toolkits, client-side encryption, API protection, IDS/IPS, SIEM configuration, and CIS hardening standards.