Principal Windows Security Engineer

Principal Security & Systems Engineer - Windows, Automation, Endpoint SecurityLondon - HybridIndustry Leading Compensation Quant Capital is partnered with a leading trading firm looking to hire a Senior IT Security Engineer to strengthen its global security posture. This sits within a high-performing engineering group and suits someone who can take ownership, make clear technical decisions and build security controls that scale. You will work across Windows engineering, endpoint security, automation, vulnerability management and platform hardening. The role mixes hands-on engineering with advisory responsibility and proactive threat mitigation. The environment is fast moving and technically demanding, and you will be the person wider IT teams rely on for clarity and sound judgement. What you'll be doing:Designing and implementing security controls across Windows platformsDriving vulnerability management initiatives and closing remediation at scaleBuilding automation around configuration, monitoring and incident responseImproving endpoint security across EDR, AV, patching and OS hardeningWorking with core infrastructure including AD / Entra ID, PKI and networkingMonitoring emerging threats and advising on technical riskSupporting global IT teams in a large distributed environment

What you'll need:Strong Windows security engineering experienceSolid understanding of host-based controls: application control, firewalling, logging, encryptionHands-on experience with EDR, endpoint protection, scanning and patchingBackground in OS hardening, privileged access and security best practiceKnowledge of common attack techniques and the controls that mitigate themGood grasp of Active Directory / Entra ID and PKIHigh-level PowerShell scripting skillsClear communicator who can influence, collaborate and take ownership This role suits someone who wants meaningful responsibility, enjoys working under pressure and can solve complex security problems across a global environment. Discretion guaranteed. We never share profiles without your approval.