SALARY: COMPETITIVE PLUS BENEFITSLOCATION: LONDON STORE SUPPORT CENTRE AND HOME, LONDON, EC1M 6HACONTRACT TYPE: PERMANENTBUSINESS AREA: SAINSBURY’S TECHCLOSING DATE: 25 SEPTEMBER 2025REQUISITION ID: 400017271

We’d all like amazing work to do, and real work-life balance. That’s waiting for you at Sainsbury’s. Think about the scale it takes for us to feed the nation. The level of data, transactions and variety it involves. Then you’ll realise that ours is a modern software engineering environment because it has to be. We’ve made serious investment into a Tech Academy and into setting standards and principles. We iterate, learn, experiment and push ways of working such as Agile, Scrum and XP. So you can look forward to awesome opportunities in everything from AI to reusable tech.
Security Engineer – C4 Level
Location: Flexible / Hybrid
Team: Information Security
Brand: Sainsbury’s
Are you a network-savvy security engineer ready to shape the future of retail security?
At Sainsbury’s, we’re not just a 150-year-old retail chain—we’re a tech-forward organisation on a transformative journey. Security is at the heart of our innovation, enabling teams to build boldly while protecting what matters most. We’re looking for a Security Engineer with a strong foundation in network security, cloud technologies, and PKI infrastructure to join our vibrant team.

What You’ll Do Network & Cloud Security Engineering

• Design and implement secure network architectures across hybrid environments.
• Engineer VPN solutions and secure remote access technologies.
• Deploy and manage cloud-native security controls (Azure, AWS, GCP).
• Integrate cloud security posture management (CSPM) and workload protection platforms.

PKI & Certificate Management

• Manage internal PKI infrastructure and certificate lifecycle.
• Implement certificate-based authentication for secure access.
• Collaborate on identity and access management (IAM) strategies.

Email & Web Security

• Configure and maintain email security gateways (Proofpoint, Mimecast).
• Engineer web proxy and CASB solutions (e.g., Netskope) to enforce secure browsing policies.

Cross-Team Collaboration

• Partner with Security Operations Centre, Analysts, and Product Managers.
• Translate business needs into secure technical solutions.
• Validate security requirements across Agile delivery pipelines.

Documentation & Risk Management

• Document security processes and technical configurations.
• Identify and mitigate risks across network and cloud environments.
• Ensure compliance with architectural and design standards.

Essential Criteria:

• Strong hands-on experience with network security technologies: firewalls, IDS/IPS, VPNs, SD-WAN, and encryption.
• Deep understanding of cloud security principles and architectures.
• Proficiency in PKI, certificate management, and cryptographic protocols.
• Familiarity with email and web security tools like Proofpoint, Mimecast, and Netskope.

• Design and implement secure network architectures across hybrid environments.
• Engineer VPN solutions and secure remote access technologies.
• Deploy and manage cloud-native security controls (Azure, AWS, GCP).
• Integrate cloud security posture management (CSPM) and workload protection platforms