Cyber Security Engineer

Policy Expert - Cyber Security Engineer Are you ready to transform the insurance industry?

Policy Expert is a forward-thinking business that loves to get things done. Leveraging proprietary technology and smart data, we offer reliable products and a wow customer experience.

Having achieved rapid growth since being founded in 2011, we've won over 1.5 million customers in Home, Motor and Pet insurance and have been ranked the UK's No.1-rated home insurer by Review Centre since 2013.

The IT Team are the backbone of our technology environment, responsible for designing, implementing, and maintaining all foundational technology systems that support business operations. This includes managing networks, servers, data centres, cloud platforms, storage solutions, and security frameworks to ensure that systems are reliable, scalable, and secure.

As our Cyber Security Engineer, you will play a pivotal role in ensuring the security and resilience of our IT infrastructure. Working closely with cross-functional teams, you will design, implement, and manage security measures across our cloud and on-premises environments, ensuring that our systems are robust, scalable, and aligned with industry best practices. Your primary responsibility will be to protect the company's infrastructure from security threats while supporting growth and operational efficiency.

• Infrastructure Security Design & Implementation:
  Develop, implement, and maintain robust security architectures and controls for cloud and on-premises infrastructures, supporting business growth while ensuring security best practices are followed.
• Threat Management:
  Proactively monitor and respond to security incidents, vulnerabilities, and threats, applying advanced techniques to safeguard systems from cyber-attacks.
• System Hardening & Configuration:
  Ensure that all infrastructure systems (e.g., servers, databases, networks) are securely configured and maintained with the latest security patches and updates, following industry standards like CIS benchmarks.
• Network Security:
  Implement and manage firewalls, VPNs, IDS/IPS, and other network security technologies to secure connectivity and prevent unauthorized access across the company's digital assets.
• Incident Response & Remediation:
  Lead efforts in incident detection, response, and remediation for infrastructure-related security incidents, ensuring rapid mitigation and future prevention.
• Collaboration & Integration:
  Work closely with our IT and software engineering teams to integrate security into system development and provide security guidance where needed.
• Compliance & Best Practices:
  Ensure compliance with relevant data protection laws (e.g., GDPR), security frameworks, and internal policies, contributing to audits and risk assessments where required.
• Automation & Optimisation:
  Identify opportunities for automation within security operations, from threat detection to patch management, to drive efficiency and scalability.
• Continuous Improvement:
  Stay up to date with emerging security trends, vulnerabilities, and technologies, and continually improve security processes and policies to adapt to a dynamic threat landscape.

You will thrive on solving complex problems and have a natural curiosity for identifying vulnerabilities before they become threats. The ideal candidate will possess strong analytical skills, allowing them to think critically and anticipate challenges in rapidly changing environments. Detail-oriented and methodical, you will leave no stone unturned when securing systems, ensuring that even the smallest risks are addressed.

• Proven Experience:
  
  Experience in infrastructure security engineering or a related role, ideally within the financial or insurance sectors.
• Technical Expertise:
  Strong knowledge of cloud (Azure, O365, Amazon) and server infrastructure, networks, firewalls, and endpoint systems.
• Security Tools & Technologies:
  Proficiency with security tools such as SIEM, IDS/IPS, vulnerability scanners, firewalls,…