<!-- Introduction --><div class="feature-text"><h2> Your new role</h2><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;">We are looking for an established IT Security Engineer to join the Information Security function of the UK’s largest sofa retailer. This is a pivotal role, demanding an experienced professional to be the technical authority on security matters.</p><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;">You will be the hands-on force protecting our information systems across all our environments. We need a proactive problem-solver with a completer / finisher mindset who understands the reality of attacker techniques.</p><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;">Your success means our business stays safe and resilient.</p><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;">This is a hybrid role based at our Doncaster Group Support Centre, with 2-3 days a week onsite.</p></div><!-- Responsibilities --><div><h3>What you'll be doing</h3><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;">This role is about reducing security risk through technical delivery and strategic oversight.</p><h4 style="margin:10px 0px;padding:0px;color:inherit;font-weight:bold;font-family:Arial;line-height:1.2;">1. Security Engineering &amp; Architecture</h4><ul style="margin:10px 0px 15px 20px;padding:0px 0px 0px 20px;"><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Lead the deployment, configuration, and tuning of new and existing security tools to enhance defence and efficiency.</p></li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Drive the enforcement of security policy and controls across key domains</p></li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Initiate, provide counsel and assurance on technical security projects from conception through to operational handover, ensuring clear risk reduction objectives are met. Working with other areas within the technology function to execute the delivery of the projects</p></li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Provide technical counsel to the Head of Group IT Security on new solutions before sign-off, ensuring secure-by-design principles are followed.</p></li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Conduct continuous internal security assessments, including Privileged Access Reviews and Cloud Configuration Audits, and own the resulting remediation activities end-to-end.</p></li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Develop automation and tooling to reduce incident response times and eliminate repetitive tasks for the security team.</p></li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Define and deliver security standards, policies and processes for the group and review in a timely manner.</p></li></ul><h4 style="margin:10px 0px;padding:0px;color:inherit;font-weight:bold;font-family:Arial;line-height:1.2;">2. Threat Detection &amp; Response</h4><ul style="margin:10px 0px 15px 20px;padding:0px 0px 0px 20px;"><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Support and enhance detection logic across all computing environments in collaboration with our security partners.</p></li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Perform deep, forensic-level investigations when security incidents occur. The goal is simple: learn from every event and prevent the same issue from ever recurring.</p></li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Lead the technical remediation efforts for security incidents and identified vulnerabilities, working closely across IT and the wider business.</p></li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Proactively determine our risk by “running the path” of known attacker tactics, techniques, and procedures (TTPs) within our environments.</p></li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Continuously improve security processes, playbooks, and tooling based on real-world lessons</p></li></ul><h4 style="margin:10px 0px;padding:0px;color:inherit;font-weight:bold;font-family:Arial;line-height:1.2;">3. Assurance &amp; Vulnerability Management</h4><ul style="margin:10px 0px 15px 20px;padding:0px 0px 0px 20px;"><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Lead the technical support for our penetration testing programme, including sound scoping, engaging with pentesters, and owning the subsequent vulnerability remediation.</p></li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Develop and implement a technical framework for the deeper assessment and management of Third-Party Security Risk, including assisting with the technical elements of supplier service reviews and audit execution.</p></li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Apply established Cybersecurity Frameworks and Best Practices &nbsp;to mature our security posture and guide governance activities.</p></li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Collaborate with engineering teams to enhance security coverage and visibility, providing expert technical security support across the company.</p></li></ul></div><!-- Ideal Candidate --><div><h3>The role is for you if...</h3><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;">This requires a high level of organisational skills and the ability to manage senior relationships across the business.</p><ul style="margin:10px 0px 15px 20px;padding:0px 0px 0px 20px;"><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Significant experience in security engineering within mixed Cloud and On-Prem enterprise environments.</p></li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Excellent communication skills, especially the ability to communicate complex technical security concepts and risks to all levels of the organisation.</p></li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">A deep understanding of attacker methodology, detection techniques, and how response frameworks relate to the role.</p></li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Experience working in cloud-native environments, specifically focusing on building and integrating security tooling to identify and mitigate misconfigurations.</p></li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Strong analytical, troubleshooting, and problem-solving skills.</p></li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Working knowledge of major industry standards and compliance requirements.</p></li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Ability to deliver through others.</p></li></ul><h4 style="margin:10px 0px;padding:0px;color:inherit;font-weight:bold;font-family:Arial;line-height:1.2;">Desirable Certifications&nbsp;</h4><ul style="margin:10px 0px 15px 20px;padding:0px 0px 0px 20px;"><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Certified Information System Security Professional (CISSP)</p></li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Certified Cloud Security Professional (CCSP)</p></li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;"><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;display:unset;">Professional Cloud Security Engineer (GCP)</p></li></ul><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;">Please note: Demonstrable, hands-on experience and proven risk-reduction capability will always take priority over certification. We will assess all relevant industry certifications when coupled with substantial technical work.</p></div><!-- Package Description --><div><h3>About DFS</h3><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;">We’re home to DFS, Sofology, and The Sofa Delivery Company - three distinctive brands with a shared mission to bring great design and comfort into every home, affordably, responsibly, and sustainably.</p><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;">At DFS Group, everyone plays a part. Whether you’re supporting our brands or serving our customers, you’re helping shape the future of furniture retail. Each brand has its own identity and creative direction, but we’re united by a culture that puts people and purpose at the heart of everything we do.</p><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;"><br style="margin:0px;padding:0px;"></p><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;">Everyone Welcome</p><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;">Across our Group, we're committed to a culture where everyone feels welcome, valued, and can thrive at work. We celebrate diverse voices, champion inclusion, and support each other through our growing colleague networks. We invest in partnerships that drive change, from supporting Doncaster Pride and introducing the Hidden Disabilities Sunflower, to partnering with Carers UK and developing leaders with Diversity in Retail.&nbsp;</p><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;">We're proud to be an equal opportunities employer, committed to building a workplace that reflects the communities we serve. So, if your experience doesn't quite match the specification, we'd still really love to hear from you</p><p style="margin:0px 0px 20px;padding:0px;color:inherit;font-size:inherit;"><br style="margin:0px;padding:0px;"></p></div><!-- About the Company --><div><h3>DFS Benefits</h3><ul style="margin:10px 0px 15px 20px;padding:0px 0px 0px 20px;"><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;">Potential Annual Bonus Scheme: Contribute to our success and get rewarded for it</li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;">Growth and Training: Learn new skills and develop your career with us</li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;">Leave: Enjoy a great holiday allowance, with the option to buy 5 extra days. Take advantage of our enhanced leave for Maternity, Paternity, Shared Parental, and Adoption, plus a paid volunteering day each year</li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;">Discounts: Get 30% off DFS and Sofology products for yourself, plus discounts for friends and family - and savings at big brands like Sainsbury’s, ASOS, and IKEA</li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;">Wellbeing Perks: Access healthcare services, an Employee Assistance Programme, and discounted gym memberships</li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;">Pension and Savings: Join our Group Pension and Sharesave schemes</li><li style="margin:0px 0px 5px;padding:0px;font-size:inherit;">Life Assurance &amp; Sick Pay: Peace of mind with Life Assurance and Company Sick Pay</li></ul></div><!-- Apply Button --><a href="https://apply.dfscareers.co.uk/members/?j=2908&amp;lang=en&amp;" class="btn btn-apply apply_bottom">Apply<i class="fas fa-chevron-right"></i></a>