Job Title:Cyber Security Engineer - MUST HAVE INSURANCE EXPERIENCE

Department:Cyber Security

Reports To:Head of Security Architecture & Engineering

Salary: £600 Per Day Inside IR35

Location: Central London (3 days per week on site, 2 days per week remote)

We're looking for a hands-on Application Security Engineer with a strong engineering mindset and a background in financial services, insurance, or fintech. You'll be embedded with product and engineering teams, driving secure development practices and owning security controls across our SDLC and cloud-native platforms.

This is a technical role, not for architects or managers - you'll be writing code, integrating tools, running threat modelling sessions, and solving real-world security problems.

• Lead threat modelling, secure design reviews, and AppSec assessments.

• Integrate and automate SAST, DAST, SCA, and container scanning in CI/CD.

• Triage and drive remediation of vulnerabilities across cloud and app layers.

• Deliver security controls via code (Terraform, YAML, scripting).

• Support and improve cloud security posture (GCP/Azure).

• Run internal pen testing and security assessments.

• Build and manage a Security Champions network.

• Be a visible, vocal SME on all things AppSec.

• Strong hands-on experience in AppSec with a background in software engineering or DevOps.

• Deep knowledge of GCP (preferred) or Azure security.

• Experience with Kubernetes, container security, and cloud infra.

• Proficiency in IaC (Terraform), scripting (Python, etc.), and CI/CD pipelines.

• Excellent communication skills - clear, concise, and credible with engineers.

• Exposure to regulated environments (FS, insurance, fintech) is a big plus.

You're an architect, people manager, or hands-off strategist. This is for engineers who deliver.

Eames Consulting is acting as an Employment Business in relation to this vacancy.