Security Engineer

Title: Security Engineer

Contract Type: Permanent
Location: Office based 20-40% at either Stratford, London, E15 4PH or Manchester

Persona: Agile (1-2 days working in the office, 3-4 days working from home)
Salary: £51,000 -£59,000 per annum dependant on experience and location

Closing date for completed applications: 5th March 2025

Early applications are encouraged as we reserve the right to close the advertisement and interview earlier than stated.

A great opportunity has arisen for an experienced Security Engineer to join L&Q at a very exciting time, where we will invest, grow and transform our business to provide a better service to customers old and new. There is huge investment in Technology, Modern Workplace and move to full Microsoft Azure and Azure Stack and a great place to get involved in all parts of the transformation.

We are looking for an adaptable and forward-thinking Security Engineer, able to help shape the future Technology Landscape of L&Q. They will assist in the development and implementation of roadmaps, data mapping and engagement that ensure the security and risk strategy meet regulatory requirements within the broad area of Technology. Attention to detail and a high level of accuracy are key.

The Security Engineer will report directly into the Cloud & Infrastructure Lead. The role will be aligned to the Enterprise Services and Security function, but specifically within the Cloud & Infrastructure and Information Security teams, who’s focus it is to provide exceptional service to all customers, internal and external to the business. This person will be an enabler with an innovative attitude and a proactive, positive approach.

The Security Engineer will be responsible for, but not limited to the following:

1. Security patching and hardening across server and network infrastructure.
2. Monitoring, detecting, and responding to security threats across hybrid environments.
3. Managing and enhancing security configurations for Windows VMs, SQL databases, and PaaS solutions like Logic Apps.
4. Administering security tools, including firewalls, endpoint protection, and vulnerability management systems.
5. Ensuring data security by managing encryption, access controls, and compliance requirements.
6. Performing security assessments, audits, and penetration testing.
7. Developing security automation processes for identity and access management (IAM), network security, and patch management.
8. Collaborating with stakeholders to ensure security best practices are integrated into new and existing solutions.
9. Managing third parties delivering security, cloud, or infrastructure services.
10. Keeping up to date with emerging threats and security trends, advising the organization on proactive measures.

Skills and Experience:

1. Strong experience with security in Azure, including Defender for Cloud, Security Center, and Key Vault.
2. Hands-on expertise with security configurations for Windows VMs and SQL databases.
3. Knowledge of network security, firewalls, IDS/IPS, and SIEM solutions.
4. Experience with security automation using PowerShell, Azure Policy, or Infrastructure-as-Code (IaC).
5. Strong understanding of compliance frameworks (ISO 27001, NIST, CIS Benchmarks, GDPR).
6. Experience in threat detection, incident response, and forensic analysis. Familiarity with Identity and Access Management (IAM) principles, Azure AD, and MFA.
7. Experience working in a DevSecOps environment and improving IT systems to adhere to security guidelines proactively and reactively.

Experience of working with the Microsoft stack:

1. Azure
2. Office 365
3. Windows Server
4. Microsoft Exchange
5. CCM
6. Active Directory Domain Services
7. Active Directory Federation Services
8. Active Directory Certificate Services

Experience working with the following technologies:

1. VMware/Hyper V
2. HP 3PAR
3. Commvault
4. Waf, App Gateway and Firewalls
5. Open Source
6. SolarWinds
7. Experience working in a DevOps environment, creating a DevOps pipeline
8. Good working knowledge of on-premises and cloud-based security management technologies, such as Service Design, Security Monitoring and Security Performance Management
9. Working knowledge of ISO27001 & PCI DSS and experience of improving IT systems to adhere to security guidelines, acting both proactively and reactively
10. Understanding of CIS controls, e.g. Hardening
11. Successful experience designing & documenting technical infrastructure designs as part of a Systems Development Lifecycle process
12. Track record of delivering complex technical solutions to tight timescale

If successful you will be required to travel to our Manchester Office, Sale, M33 6AG or London, E15 4PH. The main office will be the office closest to you and expenses can be claimed when required to make additional journeys to other sites.

If you are interested in this role and have the experience required, then apply without delay!

*We are a multi-site organisation, so some roles may require occasional travel between offices but expenses will be covered.

Our commitments:

At L&Q, people are at the heart of our business and our success depends on employing the best people and getting the best from them. This is why we are committed to developing our people. It’s only by investing in a well-trained and motivated workforce that we can continue to prosper and sustain business success.

In addition to our support and training, the successful candidate will have access to our full suite of benefits including 28 days holiday rising to 31 days with length of service, excellent Pension scheme, an employee assistance programme and non-contributory life assurance.

We are committed to supporting your work-life balance and recognise the changing demands and circumstances in life.

We are recognised externally for our commitment to inclusion. We are a Stonewall Diversity Champion, a Disability Confident (Committed) employer and have signed the Time to Change Employer Pledge to demonstrate our commitment to end mental health discrimination in the workplace.

We expect all of our employees to support our environmental policy and social responsibility work. We are an employer committed to environmental and social responsibility.

L&Q is a regulated charitable housing association and one of the UK’s most successful independent social businesses. The L&Q Group houses around 250,000 people in more than 97,000 homes, primarily across London and the South East.

As a charitable organisation, our role goes beyond providing homes and housing services. We are a long-term partner in the neighbourhoods where we work. We hope to build aspiration, opportunity and confidence in our communities through our £250 million L&Q Foundation and our skills academy.

Our vision is that everyone has a quality home they can afford, and we combine our social purpose with commercial drive to create homes and neighbourhoods everyone can be proud of.

#J-18808-Ljbffr