IT Security Engineer - Endpoint Security (Outside IR35)

My client, an International Bank, is looking for an IT Security Engineer to join their growing team in London.

About the IT Security Engineer role:

The IT Security Engineer will have the following objectives:

• Build, deploy and run Microsoft Defender to all endpoints (Servers, Laptops and Desktops).
• Ensure that the policies applied to the endpoints offer equivalent protection to current tools.
• Ensure that the deployment is performed in line with the bank's policies and procedures.
• Ensure that the correct level of monitoring and alerting is configured in Microsoft Sentinel.
• Ensure all appropriate knowledge transfer is completed to all relevant parties (Support documentation and delivery of KT).

1. Scope of Services

• Lead the deployment of Microsoft Defender across all endpoints within the organization.
• Configure and optimize Microsoft Defender policies to ensure current endpoint security is maintained (AV, DLP, Device Control, Access Control).
• Set up and manage Attack Surface Reduction (ASR) rules.
• Integrate Microsoft Defender with Microsoft Sentinel for enhanced threat detection and response.
• Use Case development.
• Develop and write advanced Kusto Query Language (KQL) queries for monitoring and alerting.
• Conduct thorough testing and validation of the deployment to ensure seamless operation.
• Provide technical support and troubleshooting for any issues related to Microsoft Defender and Sentinel.

1. Knowledge / Experience

• Proven experience as a Security Engineer with a focus on endpoint security.
• Previous experience deploying Microsoft Defender.
• Relevant Microsoft Certifications.
• Excellent problem-solving skills and the ability to troubleshoot complex security issues.
• Strong understanding of cybersecurity principles, threat landscapes, and mitigation strategies.
• Experience with endpoint management and security tools.
• Technical assessments of RFPs and third-party partner selection in line with OJEU or similar governance structures.
• Effective communication skills for conveying technical information to both technical and non-technical stakeholders.
• Broad understanding of corporate IT infrastructures and technologies.
• Demonstrable experience of successfully operating within a 'matrix' IT Security team & bespoke project team.
• Extensive understanding and implementation of the IT Security environment, policies, guidelines and standards, including awareness of ISO 27001/2.
• Ability to handle pressure and work to challenging deadlines.

1. Technical Skills

• Excellent analytical, problem-solving, and organizational skills.
• Expertise with EDR, Vulnerability management, MITRE attack framework, and Incident response.
• Expert knowledge of Microsoft Defender (including Defender XDR), including policy configuration and ASR rules.
• Experience deploying Microsoft Defender via Microsoft Intune, SCCM/MECM, and Azure ARC.
• Extensive experience with Microsoft Sentinel, including integration and advanced query writing using KQL (Sentinel Analytics, Hunts, and Notebooks).
• Experience managing Sentinel log ingestion (Azure Monitoring Agent, DCRs, LogStash).
• Experience with other SIEM technologies (LogRhythm).
• Experience with McAfee / Trellix (removal from endpoints).
• Knowledge of integrating Sentinel with Service Now.
• Sentinel Use Case development.

If the above is of interest and you want to know more, please apply to this role or call me on 0207 509 8040 to find out more.

P.S: For this role, you have to be on-site in their City of London offices twice a week (non-negotiable).

About the job

Contract Type: FULL_TIME
Specialism: Information Technology
Focus: Information Security
Industry: Banking
Salary: £500 - £540 per day + Outside IR35
Workplace Type: Hybrid
Experience Level: Senior Management
Location: London
Job Reference: Z91CXP-00A85E46
Date posted: 07 August 2024
Consultant: Darius Goodarzi