Skip to main content

Principal Application Security Engineer

At a glance

Working pattern  - This is a hybrid working role, therefore your time will primarily be split between working from home and the London or Bracknell Head Office, There will be occasional travel as required.
Salary range - The salary range for this role is set at £68,500 - £128,000

Contract Type: This is a permanent contract. 

Here at the John Lewis Partnership we have a bold and innovative IT team. We support our business by providing industry leading technology solutions that cater for our customer needs whenever and wherever they are, continually promoting innovation, transforming our infrastructure and delivering new and unique ways of shopping. Our mission is to delight customers at every opportunity and to maintain our reputation as the best retailer in the country.

We are embarking on an exciting journey to modernise our technology and ways of working, which together deliver the pace and agility that we will harness to meet the diverse needs and value expectations of our customers. 

Our Engineering practice includes 80+ teams, working on everything from Cloud Platforms to Mobile Apps, from E-Commerce functionality to Machine Learning.  Find out more about being a Software Engineer in the Partnership, and the technology we use.

At the heart of engineering excellence at JLP, our Principal Application Security Engineer will lead efforts to embed security into our software engineering practices across the organisation. With oversight of security within JLP’s extensive product teams, this role is instrumental in developing and implementing secure coding strategies and in guiding security initiatives across all stages of the software development lifecycle.

In this role, you will have significant influence over security decisions that protect JLP’s technology and data, enabling our systems to remain robust, adaptable, and aligned with the organisation’s evolving needs.

What you’ll be doing

  • You will shape and steer our engineering profession’s approach to application security, working closely with Information Security, security architects, security engineers, security champions, and wider teams across the business to ensure adherence to best practices and evolving industry standards. 

  • Your work will also directly influence JLP’s broader security strategy, connecting engineering with information security to address compliance, resilience, and response needs.

  • You will play an enabling role, helping engineering teams achieve both alignment with JLPs security standards and the agility to release frequently with short cycle times. Acting as a subject matter expert, you’ll guide engineers on selecting secure technical solutions. Additionally, you’ll establish engineering guidelines, patterns, and workflows to support teams in self-serving secure solutions. Collaborating with engineering, architecture, and delivery leadership, you will foster a culture where security is embedded at every level, championing a balanced approach where secure practices drive innovation and efficiency.

There are opportunities to become a people manager if that is something that appeals to you.

You will have (Essential Skills)

  • A strong interest and proven experience in security and secure coding practices, with a thorough understanding of application security best practices.

  • Knowledge of security frameworks and standards.

  • Experience integrating security tools and processes across complex systems

  • Demonstrated ability to influence leaders and collaborate effectively with individuals outside of your immediate sphere, building lasting and productive relationships.

  • A passion for innovation and change, with experience leading initiatives that drive transformative, secure engineering practices.

  • A commitment to continuous learning and staying updated on the latest security trends and industry developments.

  • A background in software or platform engineering, with a solid understanding of Agile development methods such as Scrum or Kanban and CI/CD practices

 What else you could bring:

  • Experience applying security principles in a complex, large-scale environment.

  • Experience fostering security skills and promoting secure coding practices within engineering teams.

  • Expertise in using metrics and feedback to track and demonstrate security improvements.

  • Strong grasp of software architecture, including diverse architectural styles and integration patterns.

  • Familiarity with cloud platforms like AWS, GCP, or Azure, and knowledge of cloud security practices.

  • Familiarity with infrastructure / endpoint security approaches

  • Experience contributing to security policies and guidelines at a large organisation, especially within engineering-focused contexts.

  • There are opportunities to become a people manager if that is something that appeals to you.

Next Steps: 

  • The application form consists of a CV upload, followed by application questions. Please save the application questions to a Google docs before entering on Workday. 

  • Please visit - https://www.jlpjobs.com/how-to-apply/journey/ to understand more about application and hiring process. 

  • Internal applicants: Principal Application Security Engineer Job Outline .pdf

  • You'll be asked about any adjustments you might need to support the recruitment process. Let us know, and we'll be sure to discuss it with you. 

  • Please note: we sometimes close vacancies early in the event of a large response, so we recommend you apply as early as possible. 

Benefits of the Partnership and the role 

  • - Hybrid Working. 

  • ️ - Full - time working holiday entitlement 25 days holiday, plus public and bank holidays (this is prorated for part time hours).

  • ⚖ - Excellent work life balance, including focus on well being and flexible working and our marketing leading equal parenthood leave Policy

  • - Defined Contribution pension scheme where your contributions will be matched by the Partnership (up to 8% of pay) and, after three years’ service, you’ll receive an additional Partnership contribution of 4% of pay, regardless of whether you pay in or not

  • - You’ll get Partnership discount in store and online once you complete your Earning Membership period. That’s 25% off in John Lewis (12% off electrical products, some exclusions apply) and 20% in Waitrose (some exclusions apply) You’ll also be able to nominate someone you live with to share your discount.

  • -  Simple cycle to work support scheme

  • - We’re really proud of our exclusive hotels based in some of Britain’s most beautiful areas and once you’ve been with us for three months, you’re welcome to explore them

  • - Health Care cover (level applicable)

  • -  Learn more about our extensive range of exciting benefits that you could enjoy when you join us, visit - ttps://www.jlpjobs.com/about/benefits/

#LI-HEADOFFICE

#LI-Hybrid

#LI-SM1

Principal Application Security Engineer

John Lewis Partnership
London, UK
Full-Time

Published on 11/12/2024

Search more jobs

Share this job now