Senior Windows Security Engineer | Technology-Driven Quantitative Trading Firm

Senior Windows Security Engineer | Technology-Driven Quantitative Trading Firm

Up to c. £325k Comp Package | Hybrid Working

Role Overview

We’re representing a leading global trading and technology firm seeking a Senior Windows Security Engineer to take ownership of the security posture across its Windows systems environment. Sitting within the broader Windows Engineering group, this position plays a key role in safeguarding the firm’s critical infrastructure and ensuring secure, resilient operations across a global technology platform. This newly created senior role is ideal for an experienced engineer with depth and judgment in Windows platform security. You’ll be responsible for designing and implementing robust security controls, driving vulnerability management initiatives, and developing automation to scale protection across thousands of endpoints and servers.

The role is technically hands‑on, strategic in influence, and well suited to an engineer who thrives on solving complex security challenges at scale.

Key Responsibilities

• Design, implement, and maintain platform‑level security controls across Windows systems in hybrid environments.
• Lead efforts to harden the Windows estate, including application control, host firewalls, auditing, and encryption.
• Drive vulnerability management and patching strategy, ensuring consistent remediation across enterprise endpoints and servers.
• Build automation in PowerShell and related frameworks to streamline detection, response, and compliance workflows.
• Integrate and optimise endpoint protection and EDR solutions, ensuring effective coverage and minimal user friction.
• Collaborate with platform engineers to embed secure‑by‑default practices into system configuration and deployment pipelines.
• Evaluate new security tools, conduct proof‑of‑concepts, and contribute to the strategic roadmap for Windows platform defence.
• Monitor, investigate, and respond to potential threats targeting the Windows ecosystem, using telemetry and event data to identify patterns.
• Partner with identity, networking, and infrastructure teams on projects related to Active Directory, Entra ID, and PKI.
• Produce technical documentation and guidance to support operational consistency and knowledge sharing across teams.

What You’ll Bring…

• 8–14 years’ professional experience in Windows systems or security engineering roles within large, distributed environments.
• Deep knowledge of Windows internals and operating system security controls, including kernel‑level understanding of process, memory, and privilege management.
• Proven ability to design and implement scalable endpoint security measures (AV/EDR, vulnerability scanning, patch orchestration, and configuration baselines).
• Familiarity with security frameworks and best practices, including OS hardening, access management, and least‑privilege enforcement.
• Hands‑on experience with Active Directory, Entra ID, and PKI environments, including certificate lifecycle management.
• Strong automation and scripting ability using PowerShell, with the capability to build repeatable, efficient security workflows.
• Understanding of threat tactics and countermeasures relevant to Windows environments, including lateral movement and persistence techniques.
• Experience working in mission‑critical hybrid infrastructures, balancing risk, uptime, and performance.
• Excellent communication skills – able to translate complex technical issues into actionable insights for non‑specialist teams.
• (Preferred) Exposure to vulnerability assessment tooling, SIEM integration, or event correlation pipelines.