Lead Security Engineer

Our Mission & Vision

Thomsons Online Benefits is Changing Benefits. For Good. Our unique and innovative SaaS platform takes employee engagement to a whole new level. We are fast paced, ambitious, people focused and on a journey to dominate the global benefits market.

We are in the midst of one of the most exciting times in the company’s history and while we are already recognised as the global leader in our industry, we will not become complacent. We continue to work to revolutionise the market and our PINK people are what makes this possible. We are passionately committed to going the extra mile for our clients, partners and people. Our values to ‘be brilliant together’, ‘maximise potential’ and to ‘challenge everything, deliver excellence’ are part of our unique culture. This is the PINK glue that binds us.

It is time for Thomsons Online Benefits to continue its success. We truly believe that using our platform and products can impact and improve people’s lives. In fact, nearly 2 million people are already using our platform (Darwin). That’s a lot of people enjoying their flexible benefits!


About the team:

We are a dedicated, highly communicative team that have a genuine passion for what we do – we work closely together, (we live in Zoom and Slack), and operate in a busy, but fun environment. We are looking for someone that can fit into this; likes being part of a team, has a growth mindset and is a good communicator. Some days can be extremely busy but we make sure it’s balanced and understand (as well as encourage) there is life outside of work. We are extremely proud and committed to the team culture we’ve built; no-blame, trusting and can-do.


Your role and your mission:

We are looking for a lead security engineer who can bring experience and best practice around infrastructure security for a hybrid global SaaS solution. This is a new function in an existing SRE team and the ideal candidate will come from a SaaS background in either a security or cloud engineering role, be comfortable with working on their own (but being part of a larger, closely knit SRE team) and able to communicate well to stakeholders.


  • Threat Hunting – if we have a vulnerability across our stack we want to know (about it and remediate!)
  • Work with other parts of SRE & wider tech teams to evaluate and introduce ways of working more securely
  • Creating and maintaining detect and response run books
  • Ensuring our security dashboards are up to date
  • Ownership and maturity of our SIEM solution
  • Willingness to occasionally work out of hours


What skills & values you will bring:

  • Passion for Technology and getting ‘under the bonnet’
  • Hands on experience with WAF, IDS and IPS solutions
  • Comfortable with Microsoft, Cisco, VMWare, Linux technology stack
  • Previous experience working with third party penetration testers and subsequent remediation plans
  • “Whitehat” experience desirable (or the ability to run internal security tests on infrastructure)
  • A good understanding of deployment pipelines and managing security throughout
  • Experience in managing large scale patching operations
  • Vulnerability scanning


Our “PINK” benefits and what you can expect:

  • An opportunity to work in a fast growing, innovative company with lots of room for progression
  • A fail-friendly environment that encourages learning and initiative
  • Flexible working options (when applicable)
  • Day off on your birthday
  • Weekly health and fitness classes
  • Matching charity contributions, charity days off and Pay it Forward charity challenge
  • A flexible reimbursement account for you to spend on the things that matter to you
  • Pension, Life and Medical Insurance

So if you like the look of what you see, and think you could be the perfect fit for us, then take the leap and apply today!  Go on, what are you waiting for?