Overview

Policy Expert – Infrastructure Security Engineer

Are you ready to transform the insurance industry?

Policy Expert is a forward-thinking business that leverages proprietary technology and smart data to offer reliable products and a wow customer experience.

Having achieved rapid growth since 2011, we’ve won over 1.5 million customers in Home, Motor and Pet insurance and have been ranked the UK’s No.1-rated home insurer by Review Centre since 2013.

The IT Team designs, implements, and maintains foundational technology systems that support business operations, including networks, servers, data centres, cloud platforms, storage solutions, and security frameworks to ensure systems are reliable, scalable, and secure.

Responsibilities

• Infrastructure Security Design & Implementation: Develop, implement, and maintain robust security architectures and controls for cloud and on‑premises infrastructures, supporting business growth while ensuring security best practices are followed.
• Threat Management: Proactively monitor and respond to security incidents, vulnerabilities, and threats, applying advanced techniques to safeguard systems from cyber-attacks.
• System Hardening & Configuration: Ensure that all infrastructure systems (e.g., servers, databases, networks) are securely configured and maintained with the latest security patches and updates, following industry standards like CIS benchmarks.
• Network Security: Implement and manage firewalls, VPNs, IDS/IPS, and other network security technologies to secure connectivity and prevent unauthorized access across the company’s digital assets.
• Incident Response & Remediation: Lead efforts in incident detection, response, and remediation for infrastructure-related security incidents, ensuring rapid mitigation and future prevention.
• Collaboration & Integration: Work closely with IT and software engineering teams to integrate security into system development and provide security guidance where needed.
• Compliance & Best Practices: Ensure compliance with data protection laws (e.g., GDPR), security frameworks, and internal policies, contributing to audits and risk assessments where required.
• Automation & Optimisation: Identify opportunities for automation within security operations, from threat detection to patch management, to drive efficiency and scalability.
• Continuous Improvement: Stay up to date with emerging security trends, vulnerabilities, and technologies, and continually improve security processes and policies to adapt to a dynamic threat landscape.

Qualifications

• Proven Experience: Experience in infrastructure security engineering or a related role, ideally within the financial or insurance sectors.
• Technical Expertise: Strong knowledge of cloud (Azure, O365, Amazon) and server infrastructure, networks, firewalls, and endpoint systems.
• Security Tools & Technologies: Proficiency with security tools such as SIEM, IDS/IPS, vulnerability scanners, firewalls, endpoint protection, alert and remediation, and encryption technologies.
• Certifications: Relevant certifications such as CISSP, CISM, CCSP, CEH, or AWS/Azure security certifications are highly desirable.
• Scripting & Automation: Experience in automating security tasks using scripting languages (PowerShell).
• Analytical Skills: Strong analytical and problem-solving skills with the ability to think critically and adapt to fast-paced environments.
• Communication: Excellent written and verbal communication skills, with the ability to translate complex security issues into business-friendly language.

Benefits

• Pension contributions matched up to 7%
• Learning budget of £1,000 per year + study leave
• Enhanced maternity & paternity
• Travel season ticket loan
• Access to a wide selection of London events and use of a Private Lounge

Location & Working Pattern

Based in London in a 50/50 hybrid mode.

What We Stand For

We are an equal opportunity employer. We recruit based solely on skills, knowledge, and experience. We are committed to a diverse and inclusive team and welcome applications from all backgrounds.

Next Steps

We aim to be in touch within 14 working days of your application. If you do not meet all requirements, we still encourage you to apply.