Cyber Security Engineer

Policy Expert – Cyber Security Engineer

Are you ready to transform the insurance industry?

Policy Expert is a forward-thinking business that loves to get things done. Leveraging proprietary technology and smart data, we offer reliable products and a wow customer experience.

Having achieved rapid growth since being founded in 2011, we've won over 1.5 million customers in Home, Motor and Pet insurance and have been ranked the UK's No.1-rated home insurer by Review Centre since 2013.

Hear from our team about what it's like working at Policy Expert

About the IT team:

The IT Team are the backbone of our technology environment, responsible for designing, implementing, and maintaining all foundational technology systems that support business operations. This includes managing networks, servers, data centres, cloud platforms, storage solutions, and security frameworks to ensure that systems are reliable, scalable, and secure.

Your day to day:

As our Cyber Security Engineer, you will play a pivotal role in ensuring the security and resilience of our IT infrastructure. Working closely with cross-functional teams, you will design, implement, and manage security measures across our cloud and on-premises environments, ensuring that our systems are robust, scalable, and aligned with industry best practices. Your primary responsibility will be to protect the company's infrastructure from security threats while supporting growth and operational efficiency.

Main Responsibilities:

• Infrastructure Security Design & Implementation: Develop, implement, and maintain robust security architectures and controls for cloud and on-premises infrastructures, supporting business growth while ensuring security best practices are followed.
• Threat Management: Proactively monitor and respond to security incidents, vulnerabilities, and threats, applying advanced techniques to safeguard systems from cyber-attacks.
• System Hardening & Configuration: Ensure that all infrastructure systems (e.g., servers, databases, networks) are securely configured and maintained with the latest security patches and updates, following industry standards like CIS benchmarks.
• Network Security: Implement and manage firewalls, VPNs, IDS/IPS, and other network security technologies to secure connectivity and prevent unauthorized access across the company's digital assets.
• Incident Response & Remediation:Lead efforts in incident detection, response, and remediation for infrastructure-related security incidents, ensuring rapid mitigation and future prevention.
• Collaboration & Integration: Work closely with our IT and software engineering teams to integrate security into system development and provide security guidance where needed.
• Compliance & Best Practices: Ensure compliance with relevant data protection laws (e.g., GDPR), security frameworks, and internal policies, contributing to audits and risk assessments where required.
• Automation & Optimisation: Identify opportunities for automation within security operations, from threat detection to patch management, to drive efficiency and scalability.
• Continuous Improvement: Stay up to date with emerging security trends, vulnerabilities, and technologies, and continually improve security processes and policies to adapt to a dynamic threat landscape.

Who are you:

You will thrive on solving complex problems and have a natural curiosity for identifying vulnerabilities before they become threats. The ideal candidate will possess strong analytical skills, allowing them to think critically and anticipate challenges in rapidly changing environments. Detail-oriented and methodical, you will leave no stone unturned when securing systems, ensuring that even the smallest risks are addressed.

The core attributes we would value in this role:

• Proven Experience: Experience in infrastructure security engineering or a related role, ideally within the financial or insurance sectors.
• Technical Expertise: Strong knowledge of cloud (Azure, O365, Amazon) and server infrastructure, networks, firewalls, and endpoint systems.
• Security Tools & Technologies: Proficiency with security tools such as SIEM, IDS/IPS, vulnerability scanners, firewalls, endpoint protection, alert and remediation, and encryption technologies.
• Certifications: Relevant certifications such as CISSP, CISM, CCSP, CEH, or AWS/Azure security certifications are highly desirable.
• Scripting & Automation: Experience in automating security tasks using scripting languages (PowerShell).
• Analytical Skills: Strong analytical and problem-solving skills with the ability to think critically and adapt to fast-paced environments.
• Communication: Excellent written and verbal communication skills, with the ability to translate complex security issues into business-friendly language.

Desirable Skills:

• Cisco Certifications (CCIE, CCNA, etc.) with recent experience working on Cisco switches, routers, and other networking devices (

Benefits:

This role will be based in our London office 3 days a week.

We match your pension contributions up to 7%

Private medical & Dental cover

Learning budget of £1,000 a year + Study leave (with encouragement to use it)

Enhanced maternity & paternity

Travel season ticket loan

Access to a wide selection of London O2 events and use of a Private Lounge

Employee Wellbeing Programme

Prayer room in Office

What We Stand for and Next Steps "We pride ourselves on being an equal opportunity employer. We treat all applications equally and recruit based solely on an individual's skills, knowledge, and experience. The quality and growing diversity of our team is a testament to this commitment"

At Policy Expert, we are committed to fostering an inclusive and supportive environment for all candidates. If you require any reasonable adjustments during the interview process to accommodate your needs, please do not hesitate to let us know. We are dedicated to ensuring every candidate has an equal opportunity to succeed and will work with you to provide the necessary support.

We aim to be in touch within 14 working days of your application – you will be notified if successful or unsuccessful. Please be encouraged to apply even if you do not meet all the requirements.

Useful links:

Glassdoor | Trust Pilot