Security Engineer

griffinfire
London
1 week ago
Create job alert

Security Engineer

Location:London or Winchester

Hybrid:2 days a week (40%) onsite.

On Call:Participation in an on-call rota, after completion of probation period (1 week in 6)

Lane Clark & Peacock (LCP) is a leading independent consultancy that uses powerful analytics fused with human expertise to shape a more positive future. We provide market-leading capabilities across pensions and financial services, energy, health, and analytics. Our technology and analytics capabilities are fundamental to what we do, helping us power the possibilities that provide solutions for tomorrow. We strive to help our clients leverage the latest technology and analytics across a range of industries to stay at the forefront of data-driven and digital solutions.

What's the role?

Working as part of the Infrastructure team, your role as Security Engineer is to build, support and continuously improve technical threat identification, mitigation and response measures, both physical and cloud-based, that ensure the security of LCP’s infrastructure and data.

Key Responsibilities

Infrastructure and Cloud Security:

  1. Secure LCP’s infrastructure, spanning multiple physical offices in the UK and abroad and numerous MS Cloud subscriptions, through a balanced-risk approach
  2. Design, implement, and maintain technical security controls and countermeasures to mitigate identified risks
    • Deliver standardized security measures for cloud resource templates and configuration baselines, enabling approved teams to self-serve pre-configured resources.
    • Automate manual or repetitive tasks to improve the efficiency of technical security measures
    • Implement and manage technical security tooling (e.g., Microsoft Defender for Cloud, Defender for Endpoint, Nessus) and provide training as required
    • Maintain and develop awareness of emerging threats and vulnerabilities and the techniques used to mitigate them
    • Develop information security practices, standards and trends within a modern, increasingly cloud-based and Agile/DevOps oriented environment

Threat Detection and Incident Response:

  1. Work with an outsourced Security Operations Centre to
    • Enhance LCP’s Sentinel SIEM platform, developing and maintaining runbooks for automated response
      • Maintain threat detection and response processes alongside the InfoSec team
    • Perform proactive threat hunting and respond to new and emerging security threats and vulnerabilities
    • Conduct in-depth security incident investigations, collaborating with both technical and non-technical stakeholders to identify root causes, threat vectors, scope of compromise, and recommend remedial and preventative actions

Security Operations and Risk Management:

  1. Conduct regular vulnerability scans, analyse results, and report on identified risks
    • Manage endpoint security, including antivirus, anti-malware, and access controls
    • Perform system hardening through compliance audits, timely patch updates, and enforcement of security measures
    • Develop, document, and maintain security policies, procedures, and compliance reports
    • Provide audit and risk assessment support, ensuring compliance with regulatory requirements, and accreditations like Cyber Essentials Plus and ISO 27001

Collaboration and Stakeholder Engagement:

  1. Collaborate with InfoSec to deliver key security initiatives and ensure adherence to patching and vulnerability management policies
    • Partner with Product and Platform teams to implement secure coding practices and infrastructure security measures
    • Act as a trusted advisor and technical point of contact within the firm's engineering community

Operational Security Tasks:

  1. Develop processes for security operational tasks and tooling, including SIEM, EDR, and Vulnerability Management
    • Scope, conduct, and assess penetration testing activities
  2. Participate in the on-call rota providing 24/7 support across 365 days of the year for critical and high priority incidents

What skills and experience are we looking for?

  1. First-hand experience and knowledge of modern information security methodologies, techniques and tooling, spanning both physical and cloud infrastructure
  2. Experience of securing infrastructure within a DevOps organisation – including secure coding standards, automation and enterprise monitoring and reporting tools
  3. Experience of security controls and countermeasures within IP based networks, WAN technologies, virtual server technologies and Microsoft Cloud
  4. First-hand experience with modern Security Information and Event Management (SIEM) solutions and related workflow automation, Sentinel SIEM, creation of Runbooks and in Threat Hunting
  5. Ability to proactively own and coordinate resolving security issues, to ensure solutions continue to meet business needs
  6. Ability to break a problem down into its component parts to identify and diagnose root causes, troubleshooting and identify problems across different technology capabilities
  7. Strong planning and organisational skills, including the ability to coordinate several work streams simultaneously, while balancing priorities and quality
  8. Excellent communication skills with a capacity to present, discuss and explain issues coherently and logically, both in writing and orally
  9. Ability to balance conflicting and changing demands through prioritisation and pragmatism

What’s in it for you?

Take a look at our and Career stories pages to see why our people love being here! As well as joining a multi-award winning, fun, collaborative, people first organisation where your personal and professional skills will be developed to make you the best you can be, we offer an attractive benefits package designed to promote your overall wellbeing so that you are able to perform to your full potential both in and out of work. Currently our core benefits package includes:

For you:

  1. Professional study support (where applicable)
  2. Access to our internal Wellbeing, LGBTQ+, Multicultural and Women’s networks

For your family:

  1. Life assurance
  2. Income protection
  3. Enhanced maternity/paternity/adoption and shared parental leave

For your health:

  1. 26 days annual leave (pro-rata for part-time working) plus bank holidays (most of which can be taken flexibly!) with options to buy & sell holiday
  2. Private medical insurance
  3. Discounted gym memberships, critical illness and dental insurance through our flexible benefits
  4. Eye care vouchers
  5. Cycle to work scheme
  6. Digital GP services

For your wealth:

  1. Competitive pension scheme
  2. Discretionary bonus scheme
  3. High street discounts
  4. Season ticket loans

For others:

  1. Volunteering opportunities

For the environment:

  1. Electric vehicle salary sacrifice scheme (qualifying period applies)

And much more!

We continuously strive to build an inclusive workplace where all forms of diversity are valued, including age, background, disability, gender, gender identity, gender expression, race, religion or sexual orientation.

LCP is committed to making our opportunities accessible to all and would welcome you getting in touch to let us know if an adjustment can be made to help with your application. This may be extra time for assessments, pre-interview site visits, interview structure or questions, or asking us about building accessibility. Whatever it may be, please get in touch via our dedicated email address.

#J-18808-Ljbffr

Related Jobs

View all jobs

Security Engineer, Senior, London, Bank 75k

Security Engineer

Security Engineer

Security Engineer (12 Month FTC) - Kingston UponHull

Security Engineer (Network, OT, Cloud and Web)

Security Engineer - Offensive Security

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Careers Jobs

10 Must-Read Cyber Security Books for UK Professionals: Boost Your Career and Stay Ahead of Threats

With rapid advancements in digital infrastructure, cloud computing, and the Internet of Things (IoT), cyber threats continue to evolve at lightning speed. For organisations across the UK—and globally—robust cyber security is no longer optional: It’s a strategic imperative. From healthcare and finance to government agencies and tech start-ups, every sector needs skilled professionals to safeguard critical data and protect users. If you’re looking to break into or advance within the cyber security industry, staying updated on the latest techniques, threat landscapes, and defence strategies is paramount. One of the best ways to build and sharpen your expertise is by reading authoritative, high-quality books that combine foundational knowledge with cutting-edge insights. In this guide, we’ve compiled a list of ten books that cater to various skill levels, spanning ethical hacking and threat intelligence to secure software development and cryptography. By diving into these resources, you’ll fortify your understanding of cyber security fundamentals, explore hands-on techniques for defending systems, and gain the strategic perspective needed to excel in roles throughout the UK’s thriving cyber security landscape.

Careers

Navigating Cybersecurity Career Fairs Like a Pro: Preparing Your Pitch, Questions to Ask, and Follow-Up Strategies to Stand Out

In a world where digital threats are escalating and online infrastructure underpins nearly every aspect of our personal and professional lives, cybersecurity has swiftly become one of the most sought-after career fields. Demand for skilled cybersecurity professionals outstrips supply, both in the UK and globally. From ethical hackers and penetration testers to governance, risk, and compliance (GRC) specialists, the opportunities are extensive—and lucrative. Amidst this surge in demand, cybersecurity career fairs provide an invaluable chance to meet potential employers face-to-face, gain industry insights, and make connections that can accelerate your career trajectory. Unlike applying to countless jobs online, these events bring companies, security leaders, and aspiring candidates together under one roof. When approached with the right strategy, a single conversation at a cybersecurity fair can open the door to your dream job. In this comprehensive guide, we’ll explore how to prepare thoroughly, engage confidently, and follow up effectively after a cybersecurity career fair. By incorporating these insights into your approach, you’ll stand out from the crowd and maximise your chances of securing the perfect role in this fast-growing field.

Jobs

Common Pitfalls Cyber Security Job Seekers Face and How to Avoid Them

The cyber security industry in the UK and worldwide is experiencing rapid growth. With cyber attacks growing in sophistication and frequency, organisations are investing more resources than ever into defending their digital assets. From penetration testers and threat analysts to security architects and compliance officers, cyber security professionals are in high demand across a variety of sectors—including finance, healthcare, government, and retail. Yet, in spite of this high demand, the process of landing a cyber security role can be more challenging than many candidates anticipate. The stakes are high: prospective employers entrust cyber professionals with their most sensitive data, their compliance posture, and often their core business operations. Therefore, they’re looking for candidates who can demonstrate not just technical know-how, but also excellent communication, adaptability, and an awareness of the broader business context. In this article, we’ll explore the most common pitfalls that cyber security job seekers face, especially in the UK market, and how to avoid them. Whether you’re a recent graduate, a professional transitioning from a different field, or an experienced practitioner aiming for a senior role, these insights will help you stand out and secure the opportunities that fit your skill set and career goals.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.