End User Compute Security Operations Engineer

Description

End User Computing Security Operations engineers are responsible for operational management of the WTW endpoint security layer ensuring the stability of the service and service innovation., Achieving this through analysis and solutioning. An engineer is expected to be strategically focused at all times, also looking at automation opportunities with the current services to simplify the operational model.

The Security Operations Engineer will assist the Security operations manager and Security Engineering Specialists to provide operational support and management of the relevant End Point security platforms. A successful candidate should expect to spend much of their time managing, supporting and maintaining the day-to-day aspects of the End User Computing security platforms, analyzing current services, identifying/communicating operational improvements, assisting in the delivery of new solutions, administering patching cycles and addressing identified vulnerabilities with end user platforms.

The Role

• Provide Operational Engineering and support against the global End User Computing platforms with a specific slant towards security solutions (e.g Intune, Microsoft Defender for Endpoint, Windows Update for Business etc).
• Work with EUC Operations and Info Sec Operations to maintain and administer endpoint security controls and policies, with a focus on day-to-day operations, troubleshooting and reporting.
• Identify engineering operational improvements, articulate to platform owners and deliver improvement programmes.
• Maintain Information Security focus through risk mitigation and data loss prevention practices.
• Engage in investigations to address identified Vulnerabilities in end user platforms and mange the deployment of the appropriate fix.
• Make use of existing tools, skills and experience to provide fixes at scale to ensure robust security of endpoints ( Windows PCs, Mac OS, IOS, Azure Virtual devices and 365 machines)
• Work closely with Information Security teams to ensure speedy responses to latest threats
• Participate in the production of quality reporting showing status of global workstations estate against required security SLAs and KPIs
• Creation of high-quality technical documentation and training material
• Ensure the smooth operation of monthly patching cycles both on MS platforms and third parties.
• Assist in the development and maturity of associated patch and vulnerability processes
• Provide relevant data and evidence to internal and external audit team as and where required.
• Ensure compliance of workstations against other types of security controls (such as configuration). Investigate and provide remediation steps to ensure compliance.
• Assist with the management and regular review of WTW compliance against Industry benchmarks
• Assist with the running of regular pen tests against owned systems and process.
  
  

• An ITIL qualification is desirable but not essential
• A basic understanding of how applications interact with the Windows Operating System is critical as is experience in Enterprise Microsoft products and expertise in Active Directory
• 3+ Years’ experience with core technologies such as SCCM, Intune, Active Directory, Group Policy, Windows 10/11, Microsoft 365 Suite
• 3+ years experience with patch management technologies (including Windows Update for Business), methodologies and processes including deep technical investigative skills
• Demonstrable experience in other related security roles is desirable, particularly those relating to workstations configuration
• Experience with PowerBi, Power Automate and Log Analytics desirable
• Can demonstrate fundamental Microsoft Azure competency/awareness
• Has experience developing scripted solutions with Microsoft PowerShell
• Will be a self-motivated achiever, quickly grasp and interpret salient information with the ability to take a can-do approach without the need for supervision
• Experience with MS Defender for Endpoint (MDE) is desirable
• Experience with PatchMyPC (or similar 3rd party patching tool) desirable
• Experience with EPM desirable.