Principal Security Engineer

**ABOUT FPT SOFTWARE**:
FPT Software, a subsidiary of FPT Group, is a leading global IT service provider headquartered in Vietnam. With 33,000+ employees in 88 offices across 30 countries, we serve 1,100+ clients, including 96 Fortune 500 companies.

We believe diversity fuels innovation and strive to create an inclusive workplace where talents of all backgrounds thrive. We welcome expatriates and international professionals to bring fresh perspectives and help shape the future of technology.

**JOB OVERVIEW**

We are seeking a **Principal Security Engineer** to support our partnership with FPT. In this role, you will lead the design, implementation, and governance of our enterprise security architecture, with a strong emphasis on Microsoft Azure security. This is a highly strategic, hands-on role serving as our principal technical authority to protect our cloud environments, core insurance platforms (Omega & Phoenix) and customer data while enabling business growth across our UK, Canadian, and Australian markets. You will also shape enterprise security policies and governance frameworks, providing guidance to leadership on balancing innovation with risk management.

**Why Join?**

As our new **Principal Security Engineer**, you will guide our engineering culture enabling the transformation of a high-growth company offering products our customers need during a moment that shapes the future for those they love most. Every day you’ll tackle complex challenges while partnering with engineering, infrastructure, and cloud teams to embed security into system design, Azure DevOps pipelines, and deployments across our Omega (customer platform), Phoenix (policy administration), and Salesforce CRM systems.

**RESPONSIBILITIES**

**Technical Leadership**
- Drive adoption of zero-trust architecture, advanced authentication, and secure configuration baselines across cloud and hybrid environments supporting our insurance platforms.

**Operations & Risk Management**
- Continuously assess and actively defend against emerging cyber threats, including phishing, ransomware and other extortion-based attacks, account compromise, data exfiltration, and zero-day vulnerabilities.
- Lead proactive threat hunting initiatives to identify and contain advanced threats across environments.
- Implement controls and monitoring to detect and mitigate insider threats and misuse of privileged access.
- Contribute to business continuity and disaster recovery planning to ensure resilient operations and rapid recovery in the event of a security incident.
- Oversee vulnerability management, penetration testing, and incident response for cloud and hybrid systems supporting life insurance operations across multiple jurisdictions.
- Implement and optimize monitoring, logging, and detection using Microsoft Sentinel, Defender XDR, and other integrated security platforms with focus on financial services threat vectors.
- Collaborate with compliance and risk teams to ensure adherence to ISO 27001, SOC 2, GDPR, FCA (UK), and relevant Canadian/Australian financial services regulatory requirements.

**Financial Services Security Focus**
- Champion and instill a security-first culture by mentoring engineers, promoting secure practices, and influencing stakeholders across technology and business functions.
- Implement data loss prevention (DLP) measures to safeguard sensitive customer and financial information across jurisdictions.
- Ensure robust security controls for customer data protection across life insurance products and claim processing systems.
- Implement security measures for financial transactions, direct debits, and payment processing systems.
- Design security frameworks for multi-jurisdictional operations ensuring compliance with UK FCA, Canadian, and Australian regulatory requirements.

**REQUIREMENTS**
- Significant body of professional experience in cybersecurity, with the most recent tenures spent in either a staff or principal role.
- Strong expertise in Microsoft Azure security, including identity, access, workload, and data protection with specific experience in financial services environments.
- Deep understanding of network security, IAM, encryption, and modern authentication protocols (SAML, OAuth, OpenID Connect) within regulated industries.
- Hands-on experience with the Microsoft security stack (Sentinel, Defender for Cloud, Defender for Endpoint, Intune) in enterprise financial services environments.
- Proven track record leading enterprise security architecture and risk reduction initiatives at scale within financial services or similar regulated industries.
- Understanding financial services regulatory requirements (FCA, GDPR, SOC 2) and their security implications.

**Nice to have**
- Certifications such as Microsoft Cybersecurity Architect Expert, Azure Security Engineer Associate (AZ-500), CISSP, CCSP, or financial services security certifications.
- Experience with Infrastructure as Code (Terraform, ARM templates, or Bicep