Security Engineer – Fixed Term Contract
Salary: £55,100 – £68,000 (negotiable depending on experience)
Location: Cromwell Hospital, London (SW5 0TU)
Hybrid Working: Desired 2 days per week onsite
Fixed Term Contract: 12 Months
Scheduled weekly hours: 37.5 hours
Benefits: Fixed Term benefits allowance
Job Overview
We are seeking an experienced Security Engineer to join Cromwell on a fixed-term contract. In this role you will ensure the organisation adheres to industry security standards and best practices, including NIST, ISO 27001, and CIS controls. You will play a key role in implementing, maintaining, and continuously enhancing our security frameworks, processes, and technologies.
Responsibilities
- Support the implementation, monitoring, and continuous improvement of security frameworks and controls aligned to NIST, ISO 27001, and CIS standards
- Design, implement, and manage security solutions, including SSO, MFA, and identity lifecycle processes (JML)
- Collaborate with IT, HR, compliance, and security teams to embed and maintain security controls across systems, projects, and business workflows
- Identify, assess, and manage security risks and vulnerabilities across applications and infrastructure, driving remediation plans through completion
- Ensure security is embedded across the full project lifecycle, including participation in change management and design processes
- Develop, maintain, and document security policies, procedures, and standard operating protocols in line with best practice and regulatory requirements
- Monitor security posture, track risks, and ensure adherence to defined security metrics and organisational risk appetite
- Support security assessments, pre‑engagement activities, and coordination with internal SMEs and wider security teams
- Implement and maintain capabilities for early detection, response, and management of security incidents
- Test and assess systems and infrastructure to identify vulnerabilities and recommend improvements
- Produce clear reporting on security posture, risk, and improvement initiatives, and represent the organisation in relevant security forums
- Develop and implement technical solutions and tools to enhance security capability, automate processes, and protect organisational data and infrastructure
- Promote security awareness across the organisation, providing guidance and training where required
Qualifications
- Proven experience in a Security Engineer, Application Security Engineer, or similar role within an enterprise or regulated environment
- Strong working knowledge of security frameworks and standards, including NIST, ISO 27001, and CIS, with hands‑on experience implementing and maintaining controls
- Practical experience designing, implementing, and managing identity and access solutions, including SSO, MFA, and joiner/mover/leaver (JML) processes
- Solid technical expertise across security technologies such as firewalls, intrusion detection systems, anti‑virus, authentication systems, log management, and content filtering
- Good understanding of network security, network segmentation, and monitoring tools, alongside infrastructure and operating system security (Windows/Linux)
- Experience identifying and managing vulnerabilities, supporting remediation activities, and maintaining security systems within complex environments
- Ability to design, document, and optimise security processes, policies, and technical procedures to a high standard
- Strong understanding of infrastructure and application security principles, with the ability to secure enterprise environments end‑to‑end
- Relevant professional certifications such as CISSP, CISM, or equivalent are highly desirable
- Excellent problem‑solving skills with the ability to work effectively under pressure
- Strong communication and stakeholder management skills, with the ability to translate technical security concepts into business context
Benefits
- 25 days holiday per year, pro‑rata to your contract
- Access to a range of services supporting physical and mental wellbeing
- Fixed‑term benefits allowance
- Employee assistance programme
- Workplace pension
- Online discounts for everyday shopping, entertainment, and dining
Other Information
Time Type: Full time
Job Area: IT
Locations: Cromwell Hospital, London
We are an equal‑opportunity employer and encourage applications from people with diverse backgrounds and experiences.
#J-18808-Ljbffr…
