Security Engineer

About the Role:

Are you ready to use your security expertise to protect a dynamic, global brand? Join our team and help us build on our success by keeping NEXT secure and driving innovation in our security posture. This is a role where you can Make it happen - taking ownership of our defences and pushing the boundaries of what automated security looks like.

We are looking for an experienced and threat focused Security Engineer with deep technical expertise in security tooling across both on-premise and cloud environments. You'll be a crucial part of our Information Security team, moving beyond simple 'system maintenance' to focus on continually improving robust defences that protect our business and customers. 

You will be responsible for:

• Proactive Defence: Implementing and maintaining security technologies and concepts, continually improving NEXT's security posture in response to the threat landscape. You'll work to reduce our attack risk by working closely with IT and security teams to ensure secure and proper integration of systems.
• System Maintenance: Continuous maintenance and tuning of security systems, collaborating with our Vulnerability & Threat Management and Incident Response teams to ensure effectiveness against new and emerging threats..
• Innovation: Driving proactive improvement by suggesting and testing new technologies and supporting the continuous development of internal security tools.
• Automation: Driving efficiency by utilising automation (SOAR) to aid in alert enrichment and incident management.
• Collaborating with IT Teams to ensure new and existing controls integrate seamlessly.

• Operational Support: Participating in a shift and call-out rota to provide 24x7 technical escalation and platform support for our environment.

You are technically curious, pragmatic, and organised with a 'security first' mindset. You don't just "do security" as a job; you have a genuine passion for the industry and a personal drive to assess threat risk in order to protect our business.

• Professional Commitment: You are results-oriented and understand that maintaining a robust security posture requires dedication beyond standard expectations. You are the type of professional who takes full ownership of critical issues, seeing them through to resolution.
• Continuous Learner: The threat landscape is dynamic, and you are adaptable. You are committed to your own professional growth, constantly refining your technical skills and seeking to understand the mechanisms of new attack vectors.
• Custodian Mindset: You understand the gravity of your role. You take personal pride in the reliability of the controls you configure and view yourself as a custodian of the brand's reputation and customer data.
• Collaborative & Calm: You embrace collaboration, actively sharing knowledge with the team. You remain calm under pressure and can communicate complex technical risks clearly to management.

Your Experience

We invest in modern tooling so we provide the best protections for our business. We don't expect you to be an expert in all of these from day one, but experience with similar platforms is essential:

• SIEM: Detect and respond experience with products like Google SecOps, Splunk, Exabeam, or Elastic.
• SOAR: Python-driven Security Automation experience (building playbooks and integrations).
• Next-Gen EDR/XDR: Experience with large-scale on-prem and cloud next-gen anti-malware deployments.
• Secure Email Gateways: Experience using enterprise-grade products to protect both inbound and outbound mail flows.
• Cloud Security (CSPM & CNAPP): Experience implementing policies to detect cloud misconfigurations, secure containerized workloads, and manage drift in Azure, GCP, or AWS.
• Web Application Firewalls (WAF): Experience configuring WAFs, ideally in a high-volume eCommerce environment.
• Privilege Access Management (PAM): Experience configuring tooling to enforce least-privilege access.
• Core Tech: Proven IT experience in Windows Server and/or Linux, network administration, or application development.
• Project Delivery: proven experience with project delivery, managing technical implementations from design to completion.
• Industry: Understanding and experience of working for an eCommerce Retail company is beneficial.

#LI-LE1 #LI-Hybrid