Security Engineer Visa Sponsorship Uk
Job Description
Location: London or Winchester
Hybrid: 2 days per week (40%) onsite
On Call: Participation in an on-call rota, following successful completion of the probation period (1 week in 6)
About Lane Clark & Peacock (LCP):
LCP is a leading independent consultancy that combines advanced analytics with human expertise to create a positive, data-driven future. We offer specialized services in pensions, financial services, energy, health, and analytics. Our strength lies in using cutting-edge technology and analytics to provide solutions that help our clients stay ahead in a rapidly evolving digital landscape.
About the Role:
As part of the Infrastructure team, you will take on the role of Security Engineer. Your main responsibility will be to enhance and maintain the security of LCP’s infrastructure—both physical and cloud-based. You will help build, improve, and support the systems that identify and mitigate security threats to protect our data and resources.
Key Responsibilities:
Infrastructure and Cloud Security:
- Secure LCP’s infrastructure across various UK and international offices, as well as multiple MS Cloud subscriptions, through a risk-balanced approach.
- Design, implement, and maintain security controls to address identified risks.
- Standardize security configurations and cloud resource templates to allow teams to self-serve pre-configured resources.
- Automate security tasks to increase efficiency and minimize manual work.
- Implement and manage security tools such as Microsoft Defender for Cloud, Defender for Endpoint, and Nessus, with necessary training provided.
- Stay updated on emerging threats and vulnerabilities, and develop methods to mitigate them.
- Foster best practices for information security in an increasingly cloud-based, Agile, and DevOps-oriented environment.
Threat Detection and Incident Response:
- Collaborate with an outsourced Security Operations Centre to enhance and maintain the Sentinel SIEM platform, developing automated response runbooks.
- Oversee threat detection and response processes in collaboration with the InfoSec team.
- Conduct proactive threat hunting and investigate emerging security threats.
- Lead in-depth security incident investigations, working with technical and non-technical teams to identify root causes, threat vectors, and recommend remedial actions.
Security Operations and Risk Management:
- Perform regular vulnerability scans, analyze results, and report on risks.
- Manage endpoint security, including antivirus, anti-malware, and access control systems.
- Conduct system hardening through compliance audits, patch management, and enforcement of security standards.
- Develop and maintain security policies, procedures, and compliance reports.
- Support audits and risk assessments, ensuring compliance with regulations such as Cyber Essentials Plus and ISO 27001.
Collaboration and Stakeholder Engagement:
- Partner with InfoSec to deliver security initiatives and ensure compliance with patching and vulnerability management policies.
- Work with Product and Platform teams to enforce secure coding practices and infrastructure security.
- Serve as a trusted advisor within the engineering community.
Operational Security Tasks:
- Develop and manage security operational processes and tools such as SIEM, EDR, and Vulnerability Management.
- Lead penetration testing activities, from scoping to assessments.
- Participate in the on-call rota, providing 24/7 support for critical and high-priority incidents.
Skills and Experience Required:
- Expertise in modern security methodologies, techniques, and tools, for both physical and cloud-based infrastructures.
- Experience securing infrastructure in a DevOps environment, including secure coding standards, automation, and monitoring tools.
- Proficiency with security controls in IP networks, WAN technologies, virtual server tech, and Microsoft Cloud.
- Familiarity with SIEM tools, particularly Sentinel, along with workflow automation, runbooks, and threat hunting.
- Ability to proactively manage security issues, ensuring solutions align with business needs.
- Strong troubleshooting skills, with the ability to break down complex issues and resolve them across various technologies.
- Excellent organizational skills, with the ability to juggle multiple projects while balancing priorities.
- Exceptional communication skills, with the ability to present and explain technical issues clearly to both technical and non-technical audiences.
Benefits:
LCP offers a range of benefits designed to promote overall well-being and support your professional growth, including:
For You:
- Professional study support (where applicable)
- Access to internal networks such as Wellbeing, LGBTQ+, Multicultural, and Women’s networks
For Your Family:
- Life assurance
- Income protection
- Enhanced maternity, paternity, adoption, and shared parental leave
For Your Health:
- 26 days of annual leave (pro-rata for part-time) plus bank holidays, with options to buy & sell holidays
- Private medical insurance
- Discounted gym memberships, critical illness, dental insurance, and more
- Eye care vouchers
- Cycle-to-work scheme
- Digital GP services
For Your Wealth:
- Competitive pension scheme
- Discretionary bonus scheme
- High street discounts
- Season ticket loans
For Others:
- Volunteering opportunities
For the Environment:
- Electric vehicle salary sacrifice scheme (subject to qualifying period)
Inclusivity at LCP:
LCP is committed to creating an inclusive workplace where diversity is celebrated. We support people of all backgrounds, including those with disabilities, and encourage anyone requiring adjustments during the application process to reach out to accessibilityaware@lcp.uk.com.
Sponsorship:
LCP holds a sponsorship license for skilled worker visas and can support applications if the role matches the visa criteria. Please check the UK Government’s requirements for skilled worker sponsorship before applying.
Recruitment Agencies:
LCP operates a Preferred Supplier List (PSL) for recruitment agencies. We do not accept unsolicited CVs from agencies outside of our PSL and will only pay agency fees if there’s a signed agreement.
