EUC Security Solution Architect in London

Taking the lead in shaping secure end-user computing environments aligned with CIS controls in a dynamic retail landscape. Working on impactful, large-scale security transformation projects that enhance customer trust and business resilience. Leveraging cutting-edge security technologies and collaborating with experts to deliver innovative, enterprise-level solutions.

This role as an End User Compute Security Architect will play a key part in strengthening security controls aligned with CIS standards within the retail industry. It involves contributing to enterprise security initiatives, enhancing data protection and endpoint security and supporting large-scale projects impacting customer-facing systems. The role offers exposure to complex retail environments, collaboration with cross-functional teams and access to modern security tools and cutting-edge technologies to design and implement robust security solutions.

Your responsibilities:

• Design and shape secure EUC (end-user computing) solutions across laptops, desktops, VDI and mobile devices (android and iOS) using tools like Intune and MECM.
• Put strong endpoint protection in place using EDR/XDR tools such as CrowdStrike and Microsoft Defender to detect and respond to threats.
• Make sure all devices meet security standards by enforcing compliance, policies and configurations through MDM and Intune.
• Protect sensitive data on endpoints using encryption (BitLocker), Microsoft Purview and DLP controls.
• Work closely with identity teams to implement secure access using Conditional Access, Zero Trust principles and tools like Zscaler.
• Keep track of vulnerabilities and risks using EPSS and CISA KEV and ensure timely remediation across endpoints.
• Set up monitoring and alerting using tools like Microsoft Sentinel and Defender to quickly identify and respond to security incidents.
• Collaborate with cloud and security teams to improve visibility and risk posture using platforms like WiZ.
• Manage the full lifecycle of devices—from onboarding and patching to secure decommissioning—using MECM and Intune.
• Provide technical guidance to teams and stakeholders, ensuring the EUC environment stays secure, compliant and aligned with best practices.

Your Profile:

• Strong experience working with CIS Controls v8.1 and implementing security best practices.
• Proven expertise in end-user computing (EUC) security architecture across enterprise environments.
• Hands-on experience with endpoint security tools such as CrowdStrike, Microsoft Defender and other EDR/XDR solutions.
• Deep knowledge of device management and compliance using Intune, Workspace ONE, SCCM and MDM/MAM solutions.
• Solid understanding of identity and access management, including MFA, Conditional Access and Zero Trust principles.
• Experience implementing data protection controls like BitLocker, DLP and Microsoft Purview.
• Strong knowledge of vulnerability management using EPSS, CISA KEV and remediation strategies.
• Experience with security monitoring and SIEM tools such as Microsoft Sentinel.
• Ability to design and implement secure endpoint configurations, patching and lifecycle management.
• Excellent stakeholder engagement skills with the ability to provide technical leadership and security guidance.

Desirable skills/knowledge/experience:

• Good understanding of mapping EUC security capabilities to CIS Controls v8.1.
• Experience in implementing Zero Trust architecture within end-user environments.
• Familiarity with advanced threat protection and threat intelligence integration across endpoints.
• Working knowledge of security frameworks such as NIST, ISO 27001 alongside CIS Controls.
• Understanding of secure software and application control policies on endpoints.
• Experience in audit, compliance reporting and risk management aligned with enterprise security programs.
• Experience in automation.
• Ability to evaluate and onboard emerging security tools and technologies to strengthen CIS control coverage.