Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead security initiatives for our cloud platform and enhance software development lifecycle security.
- Company: Join IAG Loyalty, the team behind Avios, driving growth and innovation in travel and loyalty.
- Benefits: Enjoy hybrid working flexibility, with at least two days in the office and great corporate perks.
- Why this job: Be part of a fast-paced, innovative team making a real impact in security and technology.
- Qualifications: Experience in cloud security, DevOps, AWS, and scripting; strong communication and problem-solving skills required.
- Other info: We value diversity and inclusion, fostering a welcoming culture for all.
The predicted salary is between 43200 - 72000 £ per year.
Who we are: We’re the people behind the global loyalty currency, Avios, and home to three ambitious, growing businesses; IAG Loyalty, British Airways Holidays and The Wine Flyer. Each business has its own goals and strategy, but collectively we create brilliant experiences for our global customers. We’re on a truly exciting journey of growth and transformation – we’re going places!
The Opportunity: IAG Loyalty is fast becoming a Platform as a Service business. As a result, we are looking for a highly capable individual to join our security team. The candidate will have a strong technical background and experience in implementing best practice security controls within cloud and DevOps. They will be comfortable working in a cloud-native environment where high rates of technology change are the norm. We are looking for someone who can lead the delivery of a number of our security engineering objectives, be responsible for the effective operation of the tools that help keep our organisation secure and manage a small team of security engineers. This role is based out of our London office. We call our approach to hybrid working 'The Blend' — it’s about giving you the flexibility to choose where you do your best work, while staying connected with your team and the wider business. This means you will be required to spend at least two days per week in the office, with the rest of the time working from home. You may also be required to work from one of our other office or partner locations, based on your role and 'to do' list.
What you’ll be doing: You will lead the Platform Security practice within our security team, driving key initiatives to enhance the security of our cloud platform and software development lifecycle. This involves coordinating and contributing to continuous security improvements, developing secure-by-default patterns for engineering teams, and maintaining critical security tools such as CSPM and CNAPP. In addition, you’ll write scripts and build automation tools to streamline security activities, work cross-functionally to ensure effective monitoring and incident response, and collaborate closely with product teams to provide guidance and encourage adoption of security best practices. You’ll also take part in an on-call rotation to support timely and effective incident response when needed.
What we’re looking for:
- Cloud engineering experience with security tooling and cloud workload protection
- Skilled in DevOps, AWS, Infrastructure as Code (Terraform), and scripting (Python, Bash)
- Knowledge of secure engineering standards (OWASP, CIS, NIST) and Agile/DevOps practices
- Experienced with CSPM, CNAPP, security incident response, and SIEM tools
- Ability to evaluate and recommend new security technologies
- Clear communicator focused on enhancing developer experience
- Calm, evidence-based decision-making under pressure
- Entrepreneurial, goal-oriented, and innovative
- Comfortable sharing best practices across the organisation
We might not be right for you if:
- You only want to focus on your to-do list; we’re a small, high-performing team, we help each other to succeed.
- You value perfection over fast iteration and progress; IAG Loyalty moves fast, we learn and iterate as we go; our environment isn’t right for everyone.
- You’re looking to create but not build; this is an end-to-end role, you need to be comfortable owning your space, from ideation through to delivery and review.
If you think you have what it takes but don't meet every single point above, please do still apply. We’d love to chat and see if you could be a great fit.
Equity, Diversity and Inclusion at IAG Loyalty: Our vision, 'to create the world's most rewarding experiences,' applies not only to our customers but for our colleagues too. It’s about taking belonging seriously, actively fostering a culture where everyone feels welcomed and valued by embracing diverse identities, personal histories, and perspectives. This commitment makes IAG Loyalty a rewarding place to work and enhances our ability to solve complex problems, drive innovation, and better serve our customers and communities. Please let us know if we can make any reasonable adjustments to support your interview process with us.
Senior Security Engineer (AWS) employer: IAG Loyalty
Contact Detail:
IAG Loyalty Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Security Engineer (AWS)
✨Tip Number 1
Familiarise yourself with the specific security tools mentioned in the job description, such as CSPM and CNAPP. Having hands-on experience or relevant projects to discuss can really set you apart during interviews.
✨Tip Number 2
Showcase your cloud engineering experience by preparing examples of how you've implemented security controls in AWS environments. Be ready to discuss challenges you faced and how you overcame them.
✨Tip Number 3
Highlight your knowledge of secure engineering standards like OWASP and NIST. Consider discussing how you've applied these standards in previous roles to enhance security practices.
✨Tip Number 4
Demonstrate your ability to work collaboratively in a team setting. Prepare to share examples of how you've successfully worked cross-functionally to improve security measures and foster a culture of security awareness.
We think you need these skills to ace Senior Security Engineer (AWS)
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in cloud security, DevOps, and AWS. Use specific examples that demonstrate your skills in implementing security controls and leading teams.
Craft a Compelling Cover Letter: In your cover letter, express your enthusiasm for the role and the company. Mention how your background aligns with their goals, particularly in enhancing cloud security and your experience with security tools like CSPM and CNAPP.
Showcase Technical Skills: Clearly outline your technical skills related to the job description, such as scripting in Python or Bash, and your familiarity with secure engineering standards like OWASP and CIS. This will help you stand out as a qualified candidate.
Demonstrate Soft Skills: Highlight your communication skills and ability to work collaboratively in a team. Provide examples of how you've successfully worked under pressure and contributed to a positive team environment, as these traits are valued by IAG Loyalty.
How to prepare for a job interview at IAG Loyalty
✨Showcase Your Technical Expertise
Be prepared to discuss your experience with AWS, DevOps, and security tooling in detail. Highlight specific projects where you implemented security controls or improved cloud security, as this will demonstrate your capability to lead the Platform Security practice.
✨Understand the Company Culture
Familiarise yourself with IAG Loyalty's approach to hybrid working and their emphasis on collaboration. Be ready to discuss how you can contribute to a high-performing team and support your colleagues, as they value teamwork and shared success.
✨Prepare for Scenario-Based Questions
Expect questions that assess your problem-solving skills under pressure. Think of examples where you had to make evidence-based decisions during security incidents or when implementing new technologies, as this aligns with their focus on calm decision-making.
✨Demonstrate Your Communication Skills
As a clear communicator, you should be able to explain complex security concepts in an understandable way. Prepare to discuss how you would guide product teams in adopting security best practices, showcasing your ability to enhance developer experience.
