Principal Web Security Engineer (45996)

As a valued employee of the British Council you already help us deliver our mission to support peace and prosperity by building connections understanding and trust between people in the UK and countries worldwide. For over 90 years we have shaped brighter futures through education arts culture language and creativity.

You are part of our organisation in over 200 countries and territories and where we are on the ground in more than 100 countries.

We connect. We inspire.

Principal Web Security Engineer

The Role:

We are looking for seasoned Principal Web Security Engineer to join our Cyber Security team to implement the strategy defined for Web Application Firewall (WAF) solution across the organisation which would protect British Council assets from internet-based threats. This role ensures the security scalability and optimisation of web applications protecting them against cyber threats such as DDoS attack and other OWASP Top 10 vulnerabilities. It will collaborate closely with technical business teams application development and other teams to strengthen the organisations security posture.

Accountabilities:

• Collaborate with the Principal Architect to develop internet threat protection strategies advise on InfoSec compliance and design risk-based controls.
• Evaluate third-party and cloud solutions interpret penetration test results and guide mitigation. Work with internal teams to secure endpoints and assess services like CDN/WAF against policy addressing threats like bots and cross-site vulnerabilities.
• Oversee global Akamai services including CDN WAF and Bot Management optimizing configurations for proxy protection redirection and API security.
• Guide third-party DNS and certificate management.
• Enhance Site Shield DATA Stream and malware scanning.
• Lead automation initiatives manage global redirections and maintain blacklists and continuously identify and implement new features to strengthen the organizations security posture and operational efficiency.
• Serve as a trusted advisor ensuring internet-facing systems are secure and compliant.
• Empower system owners to manage risks and communicate critical cyber alerts and actions clearly across teams.

Requirements of the role:

• Significant working experience in a global IT related environment with WAF tool.
• Good understanding of the cyber security risks and potential mitigations associated with cloud and on-premises systems and services.
• Strong understanding of cyber security architecture and design.
• Experience in maintenance of an Akamai CDN & WAF across a large global organisation with hundreds of websites and web applications
• Experience in onboarding websites and web applications onto an Akamai CDN & WAF
• Experience and understanding of the core components of digital networks and products/services that can used to protect them
• Good understanding of programming skills (C Phyton PHP JS Java .NET)

Closing Date: Applications will close at 23:59 IST/ 20:29 Poland time on Thursday 29 May 2025

You must have the legal right to work in Poland at the time of application.

Important Information:

Department: Information Governance and Risk Management

Contract type:Indefinite (Permanent) Contract
Pay band: 9

Location: Warsaw Poland

Requirements:
Please note that candidates must have the pre-existing legal right to work in Poland.

Mobility / relocation / visa sponsoring support will not be provided.

British Council supports working in new ways such as hybrid working subject to full approval by line management and conditional upon our ability to provide the appropriate level of service. This may not be appropriate for all roles but can be explored at interview.

A connected and trusted UK in a more connected and trusted world.

Equality Diversity and Inclusion Statement

We are committed to equality diversity and inclusion and welcome applications from all sections of the community as we believe that a diverse workforce gives added depth to our work. The British Council is a Disability Confident Employer. The Disability Confident scheme helps challenge attitudes increase understanding of disability and ensure staff are drawn from the widest possible pool of talent. We guarantee an interview for disabled applicants who meet the minimum role requirements. We welcome discussions about specific requirements or adjustments to enable participation and engagement in our work and activities.

Safeguarding Statement

The British Council is committed to safeguarding children young people and adults who we work with. We believe that all children and adults everywhere in the world deserve to live in safe environments and have the right to be protected from all forms of abuse maltreatment and exploitation as set out in article 19 UNCRC (United Nations Convention on the Rights of the Child) 1989. Appointment to positions where there is direct involvement with vulnerable groups will be dependent on thorough checks being completed in line with legal requirements and with the British Councils Safeguarding policies for Adults and Children.

If you experience any difficulties with submitting your application please email