Junior Security Engineer in London

This entry-level position is within the Information Security team at the London Metal Exchange (LME). The role supports secure delivery of infrastructure and applications, identity and access management (IAM), and secure configuration management, with a strong focus on automation across each discipline.

Key Responsibilities

• Assist in deployment and maintenance of security tools and platforms (e.g., E-Mail Security, DLP, SIEM, Endpoint Protection).
• Develop and support automation of security tools, configuration, and updates using scripting (Python, PowerShell, Bash, NPM).
• Contribute to Infrastructure as Code (IaC) efforts using Terraform or Ansible.
• Help monitor and maintain secure configurations across Windows, Linux, and Kubernetes environments.
• Assist in implementing role-based access controls (RBAC) and least privilege principles in code.
• Help automate IAM workflows and integrate identity controls into CI/CD pipelines.
• Support implementation of access controls and enforcement of least privilege across platforms and services.
• Help automate access governance workflows and integrate identity-related controls into development and operational pipelines.
• Assist in access reviews and secure onboarding/offboarding of users and systems.
• Contribute to integration of security controls into CI/CD pipelines (e.g., SAST, DAST, secrets management).
• Collaborate with engineering teams to embed security into build and deployment processes.
• Participate in development of secure, scalable, and resilient infrastructure solutions.
• Provide support for incident response and troubleshooting related to security tooling and access controls.
• Provide support for Red/Blue team testing and penetration testing.
• Help maintain documentation, standards, and procedures related to security engineering and platform protection.
• Participate in on-call and weekend support rotations as needed.

Qualifications Required

• A university degree or equivalent qualifications in a STEM subject such as Computer Science, or Engineering and/or Information Systems.
• Desirable: Entry-level certifications such as CompTIA Security+, Microsoft SC-900, or AWS Cloud Practitioner.

Required Knowledge and Experience

• Up to 2 years of experience in IT, security engineering, or DevOps (internships or academic projects included).
• Basic understanding of:

• IAM concepts and tools (e.g., LDAP, oAuth, IdP).
• Networking and security protocols (TCP/IP, HTTPS, DNS, Firewalls, Proxy).
• Operating systems (Windows, Linux/Unix, Kubernetes).
• Scripting or programming (Python, Bash, PowerShell).
• CI/CD tools and cloud platforms (e.g., Ansible Tower, Bitbucket, Hashicorp Vault, Pipelines, AWS, Azure).
• Security tooling (e.g., EDR, SIEM, Antivirus).

Personal Qualities

• Curiosity about emerging threats and technologies.
• Ability to assess and prioritize tasks/risks.
• Attention to detail.
• Enthusiastic about security engineering and automation.
• Strong analytical and problem-solving skills.
• Effective communicator with good documentation habits.
• Team-oriented, proactive, and adaptable in a fast-paced environment.
• Willingness to learn and grow within a critical infrastructure environment.
• Commitment to continuous learning.

The LME is committed to creating a diverse environment and is proud to be an equal opportunity employer. In recruiting our teams, we welcome unique contributions in terms of education, ethnicity, race, sex, gender identity, national origin, age, languages, religion, disability, sexual orientation, and beliefs. We want every LME employee to feel our commitment to showing respect for all and encouraging open collaboration and communication.