Principal Application Security Engineer

Be among the first applicants.
John Lewis Partnership Plc
London
GBP 80,000 - 100,000
Be among the first applicants.
7 days ago
Job description
Posting End Date:
December 29, 2024

Join John Lewis or Waitrose today

If you've ever stepped through the doors of a John Lewis or Waitrose shop, shopped online, or seen any of our adverts, you'll know there's something unique about us.

That unique proposition is our Partners. As co-owners they have a say in our business and receive a share of the profits, so they put time and effort into making it work. Our Partners are the reason we're the success we are. They're our secret sauce; the opportunity for us to differentiate.

Job Summary:

Job Description:

At a glance

Working pattern - This is a hybrid working role, therefore your time will primarily be split between working from home and the London or Bracknell Head Office. There will be occasional travel as required.
Salary range - The salary range for this role is set at £68,500 - £128,000

Contract Type: This is a permanent contract.

Here at the John Lewis Partnership we have a bold and innovative IT team. We support our business by providing industry leading technology solutions that cater for our customer needs whenever and wherever they are, continually promoting innovation, transforming our infrastructure and delivering new and unique ways of shopping. Our mission is to delight customers at every opportunity and to maintain our reputation as the best retailer in the country.

We are embarking on an exciting journey to modernise our technology and ways of working, which together deliver the pace and agility that we will harness to meet the diverse needs and value expectations of our customers.

Our Engineering practice includes 80+ teams, working on everything from Cloud Platforms to Mobile Apps, from E-Commerce functionality to Machine Learning. Find out more about being a Software Engineer in the Partnership, and the technology we use.

At the heart of engineering excellence at JLP, our Principal Application Security Engineer will lead efforts to embed security into our software engineering practices across the organisation. With oversight of security within JLP's extensive product teams, this role is instrumental in developing and implementing secure coding strategies and in guiding security initiatives across all stages of the software development lifecycle.

In this role, you will have significant influence over security decisions that protect JLP's technology and data, enabling our systems to remain robust, adaptable, and aligned with the organisation's evolving needs.

What you'll be doing
  • You will shape and steer our engineering profession's approach to application security, working closely with Information Security, security architects, security engineers, security champions, and wider teams across the business to ensure adherence to best practices and evolving industry standards.
  • Your work will also directly influence JLP's broader security strategy, connecting engineering with information security to address compliance, resilience, and response needs.
  • You will play an enabling role, helping engineering teams achieve both alignment with JLP's security standards and the agility to release frequently with short cycle times. Acting as a subject matter expert, you'll guide engineers on selecting secure technical solutions. Additionally, you'll establish engineering guidelines, patterns, and workflows to support teams in self-serving secure solutions. Collaborating with engineering, architecture, and delivery leadership, you will foster a culture where security is embedded at every level, championing a balanced approach where secure practices drive innovation and efficiency.

You will have (Essential Skills)
  • A strong interest and proven experience in security and secure coding practices, with a thorough understanding of application security best practices.
  • Knowledge of security frameworks and standards.
  • Experience integrating security tools and processes across complex systems.
  • Demonstrated ability to influence leaders and collaborate effectively with individuals outside of your immediate sphere, building lasting and productive relationships.
  • A passion for innovation and change, with experience leading initiatives that drive transformative, secure engineering practices.
  • A commitment to continuous learning and staying updated on the latest security trends and industry developments.
  • A background in software or platform engineering, with a solid understanding of Agile development methods such as Scrum or Kanban and CI/CD practices.

What else you could bring:
  • Experience applying security principles in a complex, large-scale environment.
  • Experience fostering security skills and promoting secure coding practices within engineering teams.
  • Expertise in using metrics and feedback to track and demonstrate security improvements.
  • Strong grasp of software architecture, including diverse architectural styles and integration patterns.
  • Familiarity with cloud platforms like AWS, GCP, or Azure, and knowledge of cloud security practices.
  • Familiarity with infrastructure / endpoint security approaches.
  • Experience contributing to security policies and guidelines at a large organisation, especially within engineering-focused contexts.

Next Steps:
  • The application form consists of a CV upload, followed by application questions. Please save the application questions to a Google docs before entering on Workday.
  • Please visit - https://www.jlpjobs.com/how-to-apply/journey/ to understand more about application and hiring process.
  • Internal applicants: Principal Application Security Engineer Job Outline .pdf
  • You'll be asked about any adjustments you might need to support the recruitment process. Let us know, and we'll be sure to discuss it with you.
  • Please note: we sometimes close vacancies early in the event of a large response, so we recommend you apply as early as possible.

Benefits of the Partnership and the role
  • Hybrid Working.
  • Full-time working holiday entitlement 25 days holiday, plus public and bank holidays (this is prorated for part time hours).
  • Excellent work-life balance, including focus on well being and flexible working and our marketing leading equal parenthood leave Policy.
  • Defined Contribution pension scheme where your contributions will be matched by the Partnership (up to 8% of pay) and, after three years' service, you'll receive an additional Partnership contribution of 4% of pay, regardless of whether you pay in or not.
  • You'll get Partnership discount in store and online once you complete your Earning Membership period. That's 25% off in John Lewis (12% off electrical products, some exclusions apply) and 20% in Waitrose (some exclusions apply) You'll also be able to nominate someone you live with to share your discount.
  • Simple cycle to work support scheme.
  • We're really proud of our exclusive hotels based in some of Britain's most beautiful areas and once you've been with us for three months, you're welcome to explore them.
  • Health Care cover (level applicable).
  • Learn more about our extensive range of exciting benefits that you could enjoy when you join us, visit - https://www.jlpjobs.com/about/benefits/

Pay:
£68,500.00 - £128,000.00 Annual

Scheduled Weekly hours:
35

Worker Type:
Permanent Partner

Job Level:
Partnership Level 5

Hours of Work:
35

At the John Lewis Partnership, we embrace our differences. We want you to be you. Because, well, we know you're at your best when you're free to be yourself.

Being a truly inclusive employer to us means creating an environment which celebrates your contribution, regardless of age, gender, race, ethnicity, disability, sexual orientation, social background, religion or belief. It's why we've set our own aim to become the UK's most inclusive business - for our Partners (employees) and our customers.

We firmly believe that our future success lies in diversity of thought from all Partners and it's integral in our mission to build a happier world.

We welcome applications from everyone interested in working for us. And, once you're a Partner, your differences will make all the difference.

Find out more about D&I in the Partnership here.

We want all of our Partners to have a good work-life balance and we support flexible working. This might mean flexible or compressed hours, job sharing or shorter hour contracts, where it is possible to do so. Please discuss this further with the hiring manager during your interview.
Get a free, confidential resume review.
Select file or drag and drop it
Avatar
Free online coaching
Improve your chances of getting that interview invitation!
Be the first to explore new Principal Application Security Engineer jobs in London