Menu

Senior Security Engineer

Job details
Posting date: 17 March 2026
Hours: Full time
Closing date: 16 April 2026
Location: London, EC2M 4AA
Company: NatWest Group
Job type: Permanent
Job reference: R-00274861

Apply for this job

Summary

Join us as a Senior Security Engineer

  • Hone your existing technical expertise and take on a role with great career development potential and make a real difference for our business

  • This is your chance to have real influence and see your decisions producing tangible results in a critical role

  • Here, you can expect to enjoy a collaborative and supportive culture, with a big focus on personal and professional development


What you'll do


You’ll be responsible for securing applications and the Azure cloud estate by preventing vulnerabilities early and leading effective security detection and response. You’ll operate a “security happens on day one” mindset, embedding controls into engineering workflows through DevSecOps and operating a proactive SecOps capability.


Working closely with our Principal Engineers, Architects in the domain and other key stakeholders, you’ll develop a deep understanding of how our platform works and supports the business. You’ll also become familiar with our applications, data and infrastructure. Crucially, you’ll find new way to improve the way we work.


You’ll also:

  • Implement secure-by-design patterns using automated, policy-driven controls integrated into CI/CD pipelines across Azure

  • Own vulnerability management and penetration testing activities, ensuring remediation is risk-based and aligned with PCI DSS where applicable

  • Contribute to Azure security operations, including threat detection, alert triage, investigation, and incident response using SIEM/SOAR and automation to reduce MTTD/MTTR

  • Define and maintain security policies, standards, and threat modelling practices while driving continuous improvement across security tooling and processes

  • Champion best practice, especially around scalability, automation, virtualisation, optimisation, availability and performance


The skills you'll need


We’re looking for an experienced Azure cloud security and SecOps professional with hands-on ownership of security design, detection, and incident response in modern DevSecOps environments. What’s more, you’re able to communicate technical concepts in a simple way for non-technical people.


We’ll also expect you to have:

  • Azure experience, including hands-on ownership of security engineering and operations using Microsoft Defender for Cloud, Microsoft Sentinel (SIEM/SOAR), Azure Policy, and continuous compliance monitoring (e.g., PCI DSS)

  • Strong knowledge of Azure DevOps, GitHub Advanced Security, CI/CD integration, and compliance frameworks such as GDPR and PCI DSS

  • Hands-on experience securing containerised workloads and AKS, including vulnerability management, runtime security, and Infrastructure as Code using Bicep

  • Experience of information security policies and practices within the financial sector

  • Strong stakeholder management skills and communication skills

Apply for this job