Security Engineer - Endpoint Specialist
Contract Type: Contract (Inside IR35)
Location: Hybrid London (one day a week)
About the Role
We are seeking a Security Engineer to join a client of ours in the financial sector. The CTO team and play a pivotal role in enhancing the security posture of end-user computing environment. This role is ideal for someone with a strong foundation in endpoint security, identity management, and IT best practices, who can collaborate across teams to advise on secure configurations and drive continuous improvement.
You won’t be directly managing infrastructure tools like Active Directory or Exchange, nor will you own deployment processes—but your insights will shape how security is embedded across our technology stack.
Key Responsibilities
-
Advise on secure configuration and hardening of Microsoft operating systems (Windows 11 and beyond)
-
Collaborate with infrastructure and service teams to ensure Group Policy Objects (GPOs), MDM, and MFA are effectively implemented
-
Provide expert input on endpoint protection, including CrowdStrike EDR and anti-virus strategies
-
Support the development and implementation of security frameworks (NIST, ISO27001, NCSC)
-
Champion security awareness, codes of conduct, and data privacy compliance (GDPR, TRA, Computer Misuse Act)
-
Contribute to change management and ITIL-aligned service lifecycle improvements
-
Ensure endpoint configurations align with CIS and Microsoft security baselines
-
Act as a subject matter expert on identity and access management principles, including Active Directory fundamentals and TCP/IP protocols
Must-Have Skills & Knowledge
-
Intermediate to advanced understanding of cybersecurity principles
-
Strong working knowledge of Active Directory, GPOs, TCP/IP (DHCP, DNS)
-
Familiarity with MDM best practices and Multi-Factor Authentication
-
Expertise in endpoint protection tools (e.g., CrowdStrike)
-
Excellent communication and stakeholder engagement skills
-
Knowledge of security frameworks, legislation, and technical best practices
-
Experience with ITIL, change management, and service lifecycle processes
-
Understanding of endpoint hardening standards (CIS, MS baselines)
Nice-to-Have Skills
-
Awareness of AD and Exchange environments
-
Familiarity with desktop build/deployment processes and security implications
-
Basic scripting knowledge (PowerShell, VBScript)
-
Understanding of asset management and patching tools (SCCM, Ivanti)
-
Office Suite security configuration (e.g., macro restrictions)
-
Exposure to DLP tools (e.g., Microsoft Purview)
-
Experience with end-user security awareness and phishing testing
Please apply for more information. Please note this requirement does not support overseas working and will be Inside IR35.#LI-DNI