Windows Security Engineer

Windows Security Engineer - London / Hybrid

£150,000 plus excellent benefits and bonus - 3 days per week in their London office

A career within a Global Information Security Team, working for an amazing Asset Management / Hedge Fund, my client seeks a high-level experienced Windows Security Engineer, ideally coming from a similar environment.

The Global Information Security team’s mission is to ensure the development, implementation, and management of a comprehensive program that effectively protects the confidentiality, integrity, and availability of the companies information assets. The team is comprised of security professionals with expertise in a diverse portfolio of security disciplines.

They are looking for someone to be based in their central London office (3 days/ week), who can work in a fast paced / high profile Hedge Fund environment, with demanding investment / wealth management specialists.

What you’ll do as the Windows Security Engineer:

• Design and implement secure Windows Server and Active Directory architectures at scale.
• Architect and maintain hybrid identity solutions integrating on-premise AD with EntraID (Azure AD) and Okta.
• Configure and manage AD delegation models following least privilege principles.
• Implement and maintain identity protection solutions (eg: Defender for Identity, CrowdStrike Identity Protection, Quest Active Roles, etc).
• Develop and enforce security standards for Windows Server deployments, including bare metal, VMware and public cloud (AWS, Azure, GCP).
• Collaborate with Endpoint Engineering teams to secure Windows endpoints using solutions including SCCM and InTune.
• Configuration management for Windows Firewall and ASR rules across their endpoint estate.
• Help to monitor and mature their Windows patching and vulnerability management program Windows.
• Perform security assessments and audits of Windows infrastructure.
• Monitor and respond to security incidents related to Windows infrastructure.
• Collaborate with infrastructure and security teams on identity and access management initiatives.

What’s required to be successful within the Windows Security Engineer position:

• Bachelor's degree in Computer Science, Information Security, or related field.
• 7+ years of experience in Windows Server administration and security with deep expertise in Active Directory, Group Policy, AzureAD/EntraID, ADFS, DFS, SMB/CIFS, IIS, SQL Server, Kerberos, LDAP, NTLM, DNS, WMI, LAPS, Bitlocker and related Microsoft Server technologies.
• Experience with all common versions of Windows Server (2012, 2016, 2019, 2022 & 2025) and Windows 10-11 desktop OS.
• Strong general knowledge of core infrastructure (Networking, storage, virtualization/VMware, etc)
• Advanced knowledge of AD delegation models and associated best practices.
• Experience with identity protection platforms (Defender for Identity, CrowdStrike Identity Protection, etc.).
• Proficiency navigating and triaging Windows event logs.
• Familiarity with Centrify as means of integrating Linux with Active Directory.
• Familiarity with Quest Active Directory security products (eg: Active Roles).
• Proficiency with PowerShell required.

Windows Security Engineer - London / Hybrid

£150,000 plus excellent benefits and bonus - 3 days per week in their London office