Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join our team to develop and maintain cutting-edge security tools against cyber threats.
- Company: Be part of John Lewis Partnership, the UK's largest employee-owned business with a focus on innovation.
- Benefits: Enjoy hybrid working, a supportive on-call rota, and a healthy work-life balance.
- Why this job: Shape the future of security in a collaborative environment where innovation is key.
- Qualifications: Proven expertise in Security Engineering, agile delivery, and collaboration with tech teams required.
- Other info: Opportunities for personal growth and a chance to make a real impact in a respected brand.
The predicted salary is between 40000 - 58000 £ per year.
ABOUT THE ROLE
Join the Information Security Engineering team at John Lewis Partnership to help build a secure future for an iconic brand. We work to protect our customers, Partners, and business against an ever-evolving cyber threat landscape.
The John Lewis Partnership\’s Information Security strategy is bold and ambitious. We provide a collection of security services, delivered via people, processes and technology. Working collaboratively, these services ensure that customers can shop with us efficiently, safely and securely, every single day.
Our Threat Defence team is at the forefront of our cyber resilience, proactively monitoring threats, identifying vulnerabilities, and engineering robust security defences.
As we expand our Security Engineering service, you\’ll be instrumental in developing cutting-edge capabilities and empowering our Security Operations Centre to stay ahead of the latest threats.
This is a great opportunity to directly shape our security posture, getting hands-on with next-generation cyber security tools. You\’ll thrive in an agile, supportive, and highly collaborative team where innovation isn\’t just encouraged, it\’s expected.
At a Glance
- Salary: £50,000 – £74,000 depending on experience
- Contract type: 2 Permanent and 1 Fixed term contract (up to 12 months)
- Hybrid Working: Based at our Bracknell Head Office with a flexible hybrid model (typically 1 day per week in the office, primarily Tuesdays, with ad-hoc visits as required by business needs), we support a healthy work-life balance
- On-Call: Participate in a supportive on-call rota (approx. 1 week in 6), with flexibility for leave and personal commitments.
What You\’ll Be Doing:
In this hands-on technical engineering role, you will:
- Develop, deploy, and maintain our critical security operations tooling, ensuring its continuous effectiveness
- Follow agile development practices in support of our Information Security strategy
- Lead the delivery of new and updated security tools across key domains like Email Security, Cloud Security, SaaS Security and Internet Security
- Contribute to the continuous improvement of existing critical security tooling, such as Google SecOps (Chronicle) and SentinelOne EDR
- Collaborate closely with Information Security colleagues, other technology teams, and strategic security vendors to build a truly secure Partnership.
What You\’ll Have (Essential Skills):
- Extensive proven Security Engineering expertise in at least one of these core areas:
- Email Security: e.g. Secure Email Gateways, Phishing Protection
- Cloud Security: e.g. Cloud Access Security Broker (CASB), Cloud Security Posture Management (CSPM)
- SaaS Security: e.g. SaaS Security Posture Management (SSPM)
- Internet Security: e.g. Zero Trust Network Access (ZTNA), Secure Web Gateway (specific experience with zScaler would be particularly beneficial)
- Proven track record of successful agile delivery (Scrum or Kanban)
- Strong collaboration skills working with development, operations, and infrastructure teams within a security context
- In-depth working knowledge of security best practices and frameworks (e.g. Mitre ATT&CK, NIST).
Even Better If You Have (Desirable Skills):
- Experience with SIEM tooling and detection development (Google SecOps/Chronicle proficiency is of specific benefit)
- Background in delivering and/or maintaining EDR tooling (specifically SentinelOne engineering experience is beneficial)
- Experience securing Google Cloud environments, utilising tools such as Google Security Command Center
- Relevant Information Security certifications (e.g. CISSP) or a related degree.
Ready to Apply?
- Simply upload your CV and complete our application questions.
We advise saving the application questions to a separate document before entering on Workday for future reference.
- Internal applicants – Please click here to view the Job outline – Job Outline – SENIOR INFORMATION SECURITY ANALYST.pdf
#LI-HEADOFFICE
#LI-Hybrid
#LI-LS1
Closing Date:
July 28, 2025
Pay:
£48,500.00 – £74,000.00 Annual
Contract Type:
Permanent
Hours of Work:
35
Job Level:
Partnership Level 7
Where You\’ll Be Working:
Bracknell Campus, Doncastle Road, Bracknell, Berkshire, RG12 8YA
ABOUT THE PARTNERSHIP
We\’re the largest employee owned business in the UK and home of our cherished brands, John Lewis and Waitrose. We\’re not just employees, we\’re Partners, driven by our purpose to build a happier world. As we look to our future, there\’s never been a more exciting time to join us.
We\’re ruthlessly focused on being brilliant at retail. We continue to innovate, adapt and diversify. Never Knowingly Undersold on price, quality and service in John Lewis and passionately serving food-lovers in Waitrose.
As Partners we all share the responsibility of ownership and in its rewards. We use our voices to contribute to our success, working together through the good and challenging times, holding true to our behaviours and treating everyone with kindness and respect.
We all own making the Partnership somewhere we belong. Embracing our differences and creating an environment where we\’re free to be ourselves and can THRIVE. Growing ourselves individually, and as a collective.
As Partners, we make all the difference. And, we all own it.
Important points to note:
It\’s important to note that some of our roles are subject to pre-employment vetting (which may include DBS checks for successful candidates). If required, you\’ll be informed and provided with information about vetting during the recruitment process and we encourage you to complete any vetting documents quickly to avoid delays. Any DBS checks required will be carried out by a third-party registered body and financial probity checks may also be required for some of our roles.
We also recommend that you apply as soon as possible as vacancies can close early if we see a high number of applicants.
We want all of our Partners to have a good work-life balance and we support flexible working. This might mean flexible or compressed hours, job sharing or shorter hour contracts, where possible. Please discuss this further with the hiring manager during your interview. #J-18808-Ljbffr
Senior Information Security Engineer employer: John Lewis Partnership Plc
Contact Detail:
John Lewis Partnership Plc Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Information Security Engineer
✨Tip Number 1
Familiarise yourself with the specific security tools mentioned in the job description, such as Google SecOps and SentinelOne. Having hands-on experience or knowledge about these tools will give you an edge during discussions with the hiring team.
✨Tip Number 2
Highlight your experience with agile methodologies like Scrum or Kanban. Be prepared to discuss how you've successfully delivered projects in a collaborative environment, as this is crucial for the role.
✨Tip Number 3
Showcase your understanding of security best practices and frameworks, particularly Mitre ATT&CK and NIST. Being able to articulate how these frameworks apply to real-world scenarios can set you apart from other candidates.
✨Tip Number 4
Network with current or former employees of John Lewis Partnership, especially those in the Information Security team. They can provide insights into the company culture and expectations, which can be invaluable during your interview.
We think you need these skills to ace Senior Information Security Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your extensive Security Engineering expertise, particularly in areas like Email Security, Cloud Security, and SaaS Security. Use specific examples from your experience that align with the job description.
Craft a Strong Cover Letter: Write a cover letter that showcases your passion for information security and your understanding of the John Lewis Partnership's mission. Mention how your skills can contribute to their ambitious Information Security strategy.
Highlight Agile Experience: Since the role requires a proven track record of successful agile delivery, be sure to include any relevant experience with Scrum or Kanban methodologies in your application. Provide examples of how you've collaborated with teams in a security context.
Prepare for Application Questions: Before submitting your application, save the application questions to a separate document. This will help you formulate thoughtful responses that reflect your qualifications and enthusiasm for the role.
How to prepare for a job interview at John Lewis Partnership Plc
✨Showcase Your Technical Expertise
Make sure to highlight your extensive experience in Security Engineering, especially in areas like Email Security, Cloud Security, and SaaS Security. Be prepared to discuss specific tools and technologies you've worked with, such as Secure Email Gateways or Cloud Access Security Brokers.
✨Demonstrate Agile Delivery Experience
Since the role requires a proven track record of successful agile delivery, be ready to share examples of how you've applied Scrum or Kanban methodologies in previous projects. Discuss any challenges you faced and how you overcame them.
✨Emphasise Collaboration Skills
Collaboration is key in this role, so prepare to talk about your experiences working with development, operations, and infrastructure teams. Highlight instances where your teamwork led to improved security outcomes or innovative solutions.
✨Familiarise Yourself with Security Frameworks
Brush up on security best practices and frameworks like Mitre ATT&CK and NIST. Being able to discuss these frameworks and how they apply to the role will demonstrate your depth of knowledge and commitment to security excellence.
