Security Engineer - Maternity Leave Cover
Department: Global Security Services
Employment Type: Permanent - Full Time
Location: UK - London
Description
We are seeking a proactive and delivery‑focused Security Engineer to join our Global CISO team on a maternity cover basis. This role is focused on security capability uplift through training, control engineering, and identity and access management (IAM), along with other security related engineering tasks as required.
The successful candidate will play a key role in strengthening CFC’s human and technical security controls, with particular ownership of phishing and security awareness training, engineering and maintaining security controls, and hands‑on IAM configuration and DLP improvement work across the organisation.
About the role
In this role, you’ll play a hands‑on role in strengthening the organisation’s security posture across people, process and technology. You’ll take ownership of key elements of the phishing simulation programme, contributing to campaign design and delivery, analysing results and identifying user behaviour trends. You’ll use these insights to drive targeted follow‑up training and awareness activities, and contribute to the wider security training and awareness programme by developing content for different audiences across the business and tracking effectiveness through clear, actionable metrics.
Alongside this, you’ll work directly with technical security controls, Identity and Access Management (IAM) and Data Loss Prevention (DLP). You’ll support the engineering, configuration and maintenance of security controls across the technology estate, working closely with Security Operations, IT and Architecture teams. You’ll carry out hands‑on IAM and DLP configuration, supporting role‑based access control, joiner/mover/leaver processes, privileged access management, access reviews and remediation activities. You’ll take a proactive, improvement‑focused approach throughout, identifying control gaps and collaborating with security, technology and business stakeholders to deliver practical, proportionate security improvements.
About you
- 3+ years’ experience in a security engineering or technical security role.
- Strong hands‑on experience in a security engineering or technical security role.
- Experience delivering phishing simulations and security awareness programmes.
- Practical experience engineering and configuring security controls.
- Solid understanding of IAM and DLP concepts and hands‑on configuration experience.
- Clear communication skills with the ability to translate security concepts for non‑technical audiences.
- Strong organisational skills and ability to manage multiple workstreams.
Core Values
Love what you do:
We show up each day ready to take on the world. Our passion and intensity set us apart and makes the difference to our colleagues, customers, brokers and carriers.
Challenge everything:
We’re never afraid to question the way that things are done and we constantly challenge ourselves and others to makes things better.
Have fun, be good:
Insurance is a serious business, but we don’t take ourselves too seriously. We make it fun to work at CFC, we welcome all viewpoints, and we treat everyone how we would expect to be treated.
