Security Engineer

Security Engineer

Location: London or Winchester

Hybrid: 2 days a week (40%) onsite.

On Call: Participation in an on-call rota, after completion of probation period (1 week in 6)

Lane Clark & Peacock (LCP) is a leading independent consultancy that uses powerful analytics fused with human expertise to shape a more positive future. We provide market-leading capabilities across pensions and financial services, energy, health, and analytics. Our technology and analytics capabilities are fundamental to what we do, helping us power the possibilities that provide solutions for tomorrow. We strive to help our clients leverage the latest technology and analytics across a range of industries to stay at the forefront of data-driven and digital solutions.

What's the role?

Working as part of the Infrastructure team, your role as Security Engineer is to build, support and continuously improve technical threat identification, mitigation and response measures, both physical and cloud-based, that ensure the security of LCP's infrastructure and data.

Key Responsibilities

Infrastructure and Cloud Security:

• Secure LCP's infrastructure, spanning multiple physical offices in the UK and abroad and numerous MS Cloud subscriptions, through a balanced-risk approach
• Design, implement, and maintain technical security controls and countermeasures to mitigate identified risks
  • Deliver standardized security measures for cloud resource templates and configuration baselines, enabling approved teams to self-serve pre-configured resources.
  • Automate manual or repetitive tasks to improve the efficiency of technical security measures
  • Implement and manage technical security tooling (e.g., Microsoft Defender for Cloud, Defender for Endpoint, Nessus) and provide training as required
  • Maintain and develop awareness of emerging threats and vulnerabilities and the techniques used to mitigate them
  • Develop information security practices, standards and trends within a modern, increasingly cloud-based and Agile/DevOps oriented environment

Threat Detection and Incident Response:

• Work with an outsourced Security Operations Centre to
  • Enhance LCP's Sentinel SIEM platform, developing and maintaining runbooks for automated response
    • Maintain threat detection and response processes alongside the InfoSec team
  • Perform proactive threat hunting and respond to new and emerging security threats and vulnerabilities
  • Conduct in-depth security incident investigations, collaborating with both technical and non-technical stakeholders to identify root causes, threat vectors, scope of compromise, and recommend remedial and preventative actions

Security Operations and Risk Management:

• Conduct regular vulnerability scans, analyse results, and report on identified risks
  • Manage endpoint security, including antivirus, anti-malware, and access controls
  • Perform system hardening through compliance audits, timely patch updates, and enforcement of security measures
  • Develop, document, and maintain security policies, procedures, and compliance reports
  • Provide audit and risk assessment support, ensuring compliance with regulatory requirements, and accreditations like Cyber Essentials Plus and ISO 27001

Collaboration and Stakeholder Engagement:

• Collaborate with InfoSec to deliver key security initiatives and ensure adherence to patching and vulnerability management policies
  • Partner with Product and Platform teams to implement secure coding practices and infrastructure security measures
  • Act as a trusted advisor and technical point of contact within the firm's engineering community

Operational Security Tasks:

• Develop processes for security operational tasks and tooling, including SIEM, EDR, and Vulnerability Management
  • Scope, conduct, and assess penetration testing activities
• Participate in the on-call rota providing 24/7 support across 365 days of the year for critical and high priority incidents

What skills and experience are we looking for?

• First-hand experience and knowledge of modern information security methodologies, techniques and tooling, spanning both physical and cloud infrastructure
• Experience of securing infrastructure within a DevOps organisation - including secure coding standards, automation and enterprise monitoring and reporting tools
• Experience of security controls and countermeasures within IP based networks, WAN technologies, virtual server technologies and Microsoft Cloud
• First-hand experience with modern Security Information and Event Management (SIEM) solutions and related workflow automation, Sentinel SIEM, creation of Runbooks and in Threat Hunting
• Ability to proactively own and coordinate resolving security issues, to ensure solutions continue to meet business needs
• Ability to break a problem down into its component parts to identify and diagnose root causes, troubleshooting and identify problems across different technology capabilities
• Strong planning and organisational skills, including the ability to coordinate several work streams simultaneously, while balancing priorities and quality
• Excellent communication skills with a capacity to present, discuss and explain issues coherently and logically, both in writing and orally
• Ability to balance conflicting and changing demands through prioritisation and pragmatism

What's in it for you?

Take a look at our Glassdoor and Career stories pages to see why our people love being here! As well as joining a multi-award winning, fun, collaborative, people first organisation where your personal and professional skills will be developed to make you the best you can be, we offer an attractive benefits package designed to promote your overall wellbeing so that you are able to perform to your full potential both in and out of work. Currently our core benefits package includes:

For you:

• Professional study support (where applicable)
• Access to our internal Wellbeing, LGBTQ+, Multicultural and Women's networks

For your family:

• Life assurance
• Income protection
• Enhanced maternity/paternity/adoption and shared parental leave

For your health:

• 26 days annual leave (pro-rata for part-time working) plus bank holidays (most of which can be taken flexibly!) with options to buy & sell holiday
• Private medical insurance
• Discounted gym memberships, critical illness and dental insurance through our flexible benefits
• Eye care vouchers
• Cycle to work scheme
• Digital GP services

For your wealth:

• Competitive pension scheme
• Discretionary bonus scheme
• High street discounts
• Season ticket loans

For others:

• Volunteering opportunities

For the environment:

• Electric vehicle salary sacrifice scheme (qualifying period applies)

And much more!

We continuously strive to build an inclusive workplace where all forms of diversity are valued, including age, background, disability, gender, gender identity, gender expression, race, religion or sexual orientation.

LCP is committed to making our opportunities accessible to all and would welcome you getting in touch to let us know if an adjustment can be made to help with your application. This may be extra time for assessments, pre-interview site visits, interview structure or questions, or asking us about building accessibility. Whatever it may be, please get in touch via our dedicated email address - accessibilityaware@lcp.uk.com to discuss how we can support you with your application.