Principal Platform Security Engineer

As a senior and influential member of the London Platform Engineering Chapter, the Principal Platform Security Engineer will set direction and lead by example in maturing our platform security practices. You will guide multiple Innovation squads and Engineering Chapters, driving cloud‑first adoption and championing secure‑by‑design initiatives.

You will be an integral member of a Chapter spanning Platform, DevOps, and Site Reliability Engineers, and a core contributor to a Platform Engineering squad focused on continuous improvement across our cloud and on‑premises platforms. You will raise engineering standards through automation, reliable design, and pragmatic governance, helping to deliver smarter, more cost‑effective, and faster solutions that are reusable across squads.

With security embedded across all squads, you will provide visible leadership to strengthen our platform security posture. You will influence priorities, drive the change needed to embed modern DevOps and security ways of working, and ensure teams have the patterns, tooling, and guidance to succeed.

As the chapter grows, this role also offers the opportunity to take on people leadership responsibilities, including day‑to‑day management of third‑party security engineers and partner resources.

• Coach and mentor chapter members, and support the Head of Platform Engineering with overall chapter management, particularly across partner resources.
• Design, implement, and automate security controls and security testing within the SDLC.
• Lead application security practices, ensuring secure design and build, and coordinate effectively between engineering and security teams.
• Apply Security‑as‑Code principles by providing training, creating reusable patterns, and establishing best practices for teams.
• Support the investigation and future implementation of agentic workflows and agents, ensuring proposed solutions are secure‑by‑design and comply with Hiscox AI governance.
• Respond swiftly to new and emerging security threats and vulnerabilities, investigate suspected attacks, and help manage security incidents, including post‑incident reviews to identify root causes, implement solutions, and prevent recurrence.
• Produce clear, actionable security reporting for senior leadership.
• Act as the primary point of contact for security‑related inquiries across London Market technology and change initiatives, coordinating with Group, other Business Units, and Cyber teams to advance security practices across Hiscox.
• Influence key architectural decisions early, balancing business requirements, budgets, security, and resilience.
• Partner with squads to take solutions from proof of concept (PoC) through to a production‑ready platform.
• Build and maintain secure Azure and GCP infrastructure across all environments using Azure DevOps Pipelines and Terraform.
• Oversee and coach squads on intra‑day deployment mechanisms, advocating for cloud‑informed improvements that increase security, reliability, and delivery speed.
• Build and maintain monitoring and alerting at all levels (infrastructure, application, and data), ensuring actionable signals and secure operational practices.

• 5+ years’ DevOps/Platform Engineering experience delivering solutions in Azure and/or GCP.
• Full‑stack application and infrastructure solution design, ensuring robust security controls, high availability, and operational resilience throughout.
• Working knowledge of vulnerability and compliance management (scanning through to remediation), patch management, endpoint protection/anti‑malware, and access control management (e.g., IAM/PAM), including driving findings to closure.
• Working knowledge of threat modelling and risk assessment, applied to cloud architectures and CI/CD pipelines to guide secure design and prioritised risk treatment.
• Experience with AppSec tooling, including CI/CD integration, tuning to reduce noise, and triaging results with engineers to prioritise remediation and prevent regressions.
• Strong leadership skills. You will help lead the wider technology and change teams to improve our DevOps and Security maturity by educating others and delegating responsibilities across your chapter, other engineering chapters, and Group IT teams.
• Experience with Terraform, and platform solutions.
• Experience working on solutions with integrations between GCP and Azure.
• Knowledge of Cloud native, microservices and containerised systems.
• To have a strong desire for continuous improvement and an Agile way of working.

• Knowledge of the insurance and London Market ecosystem; Lloyd's market experience is particularly valuable.
• Proven, hands‑on software delivery experience, including platform engineering and/or build, release, and deployment engineering using modern DevOps practices.
• Experience delivering and operating technology in regulated environments, with a strong understanding of controls, audit expectations, and evidence‑based compliance.
• Able to clearly explain the processes, patterns, and tooling used to ensure quality, stability, performance, scalability, secure deployment, maintainability, and effective documentation.
• Broad awareness of major cloud providers and services, with curiosity to evaluate and adopt capabilities that improve security, reliability, and cost efficiency.
• Proactive and improvement‑focused, challenging the status quo and driving automation and simplification wherever it adds value.
• Strong delivery focus, able to prioritise effectively and deliver outcomes in a fast‑paced environment with shifting demands.
• Able to operate effectively in a small, high‑impact team while collaborating across a wider product/engineering organisation.
• Excellent communication and stakeholder‑management skills, able to influence at all levels and present complex topics clearly.
• Comfortable working in ambiguity and adapting quickly as priorities, technology, and threats evolve.
• Up‑to‑date knowledge of security practices, processes, and tooling, with the judgement to apply emerging approaches pragmatically.