Security Engineer

Job Type: Permanent

Location: London, with a preference for 3 days in the office.

Flexible working: All roles are open to part-time, job-share and other types of flexibility. We will discuss what is important to you and balancing this with business requirements during the recruitment process.

Closing Date: 3rd July

Salary and benefits: Up to £105,000, discretionary bonus, private medical cover, 38 days annual leave, excellent pension, 12× salary life assurance, career breaks, income protection, 3× volunteering days and much more.

Who are we? We’re Standard Life, a retirement specialist focused entirely on retirement savings and income. We champion the belief that everyone’s journey to and through retirement can be better, and for more than 200 years, we’ve been helping our customers plan and prepare for their financial futures. Life today is increasingly complicated, uncertain and unpredictable. People move through different careers, face unexpected moments and navigate important choices. We offer our colleagues flexibility, trust and benefits that work for whatever life brings. In return we expect curiosity, connection, accountability and high standards. We make room for what matters – so you can bring your best, every day.

The Role: We’re looking for a Security Engineer to design, build and embed security and control capabilities across cloud platforms and engineering solutions within RS&AM Engineering. As a hands‑on, engineering‑led leader you will be focused on improving security posture, cyber resilience, and risk management through practical implementation rather than governance alone. In our Engineering & Transformation, you’ll report to the Head of Cloud Platform and operate as part of the broader Cloud Platform capability, ensuring security is embedded into cloud platforms, engineering practices, and delivery from design through to operation.

What are we looking for?

• Design and implement security controls across cloud platforms and engineering solutions, applying secure‑by‑design principles to systems, services, and data platforms.
• Build and integrate security capabilities into AWS‑based environments, implementing security tooling and automation such as vulnerability management, threat detection, and incident response capabilities.
• Work closely with cloud and platform engineers and embed security into cloud‑native architectures and platform patterns, ensuring solutions are secure, resilient, and aligned to platform standards.
• Proactively review engineering solutions with a lens of improving security posture and cyber resilience, identifying risks and working with engineering teams to implement pragmatic mitigations.
• Through modern engineering practices, define, embed and continuously improve security best practices into engineering delivery, promoting secure coding, testing, and deployment approaches.
• Experience implementing security controls across cloud‑native architectures with strong experience securing cloud environments, particularly AWS, supported by a strong understanding of security principles, vulnerability management and security tooling.

We are committed to ensuring that everyone feels accepted and welcome applicants from all backgrounds. If your experience looks different from what we’ve advertised and you believe that you can bring value to the role, we’d love to hear from you. If you require any adjustments to the recruitment process, please let us know so we can help you to be at your best. We’re reviewing applications as they come in and may close this role before the closing date, so apply early to avoid missing out.