IT Security Engineer – Managed Service Provider in London

An established Managed Service Provider is seeking an experienced IT Security Engineer to take ownership of security delivery across a portfolio of client environments. This role is responsible for maintaining, improving, and evolving client security posture, acting as the senior technical authority for security-related matters. You will work across network, endpoint, and cloud security, lead incident response activities, and drive proactive security improvements while working closely with clients and internal engineering teams.

Key Responsibilities

• Own the day-to-day security posture of assigned client environments, ensuring controls are effective, maintained, and aligned to best practice.
• Design, implement, and manage security solutions across network, endpoint, and cloud platforms.
• Act as the senior escalation point for complex security incidents, leading investigation, containment, remediation, and post-incident review.
• Proactively identify security risks through vulnerability assessments, threat analysis, and environment reviews, driving remediation to completion.
• Maintain and optimise security configurations within Microsoft Azure and AWS, including identity, access controls, and monitoring.
• Lead the deployment, configuration, and tuning of endpoint protection and EDR platforms.
• Oversee security monitoring, alerting, and reporting, ensuring incidents are triaged and resolved effectively.
• Lead Cyber Essentials and Cyber Essentials Plus technical delivery, including gap analysis, remediation, and audit preparation.
• Act as a trusted technical advisor to clients, clearly communicating risks, priorities, and recommended security improvements.
• Define, maintain, and improve security standards, documentation, and operational procedures across the business.
• Provide technical guidance and informal mentoring to junior engineers.

Technical Skills & Experience

• Strong hands-on experience with firewalls and perimeter security (Fortinet, Palo Alto, WatchGuard, or similar).
• Advanced experience with endpoint security and EDR solutions (Microsoft Defender for Endpoint, Sophos, Bitdefender).
• Experience working with SIEM, logging, and security monitoring platforms.
• Strong understanding of secure network design: VLANs, VPNs, DNS, TCP/IP, segmentation, and access control.
• Proven experience securing Microsoft Azure and AWS environments, including identity management, RBAC, conditional access, and threat protection.
• Demonstrated experience leading security incident response, including investigation, containment, remediation, and lessons learned.
• Experience with vulnerability management, penetration testing reviews, and risk prioritisation.

Compliance & Governance

• Strong working knowledge of Cyber Essentials and Cyber Essentials Plus, including hands-on remediation.
• Good understanding of GDPR, ISO 27001, and NIST, with the ability to apply controls pragmatically.

Background

• Experience working in an MSP or multi-client environment is highly desirable.
• Comfortable operating in client-facing roles, including presenting findings and recommendations.

Personal Attributes

• Confident, credible communicator able to influence technical and non-technical stakeholders.
• Proactive, accountable, and comfortable owning security decisions and outcomes.
• Methodical problem-solver with a strong security-first mindset.
• Ongoing training, certifications, and professional development.
• Funded social events, referral bonuses, and staff recognition schemes.