End User Compute - Security Operations Engineer

Would you like help drive the capabilities of a global company that works with 86% of the Fortune Global 500?  Do you have a passion to innovate and deliver robust and exciting enterprise-wide technology solutions?  Do you have experience in managing endpoint security?  If so, we have an exciting Engineering opportunity to join our End User Computing Technology team.

End User Computing Security Operations engineers are responsible for operational management ensuring the stability of the service and service innovation., Achieving this through analysis and solutioning. An engineer is expected to be strategically focused at all times, also looking at automation opportunities with the current services to simplify the operational model.

The Role

• Provide Operational Engineering and support against the global End User Computing platforms with a specific slant towards security solutions (e.g Intune, Microsoft Defender for Endpoint, Windows Update for Business etc).
• Work with EUC Operations and Info Sec Operations to maintain and administer endpoint security controls and policies, with a focus on day-to-day operations, troubleshooting and reporting. 
• Identify engineering operational improvements, articulate to platform owners and deliver improvement programmes.
• Maintain Information Security focus through risk mitigation and data loss prevention practices.  
• Engage in investigations to address identified Vulnerabilities in end user platforms and mange the deployment of the appropriate fix. 
• Make use of existing tools, skills and experience to provide fixes at scale to ensure robust security of endpoints
• Work closely with Information Security teams to ensure speedy responses to latest threats
• Participate in the production of quality reporting showing status of global workstations estate against required security SLAs and KPIs
• Creation of high-quality technical documentation and training material
• Ensure the smooth operation of monthly patching cycles both on MS platforms and third parties. 
• Assist in the development and maturity of associated patch and vulnerability processes
• Provide relevant data and evidence to internal and external audit team as and where required.
• Ensure compliance of workstations against other types of security controls (such as configuration). Investigate and provide remediation steps to ensure compliance. 
• Assist with the management and regular review of WTW compliance against Industry benchmarks
• Assist with the running of regular pen tests against owned systems and process. 

The Requirements

• An ITIL qualification is desirable but not essential
• A basic understanding of how applications interact with the Windows Operating System is critical as is experience in Enterprise Microsoft products and expertise in Active Directory
• 3+ Years’ experience with core technologies such as SCCM, Intune, Active Directory, Group Policy, Windows 10/11, Microsoft 365 Suite
• 3+ years experience with patch management technologies (including Windows Update for Business), methodologies and processes including deep technical investigative skills
• Demonstrable experience in other related security roles is desirable, particularly those relating to workstations configuration
• Experience with PowerBi, Power Automate and Log Analytics desirable
• Can demonstrate fundamental Microsoft Azure competency/awareness
• Has experience developing scripted solutions with Microsoft PowerShell
• Will be a self-motivated achiever, quickly grasp and interpret salient information with the ability to take a can-do approach without the need for supervision
• Experience with MS Defender for Endpoint (MDE) is desirable 
• Experience with PatchMyPC (or similar 3rd party patching tool) desirable
• Experience with EPM desirable.