Endpoint Security & Exposure Engineer

Jacobs
Birmingham, United Kingdom
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Compensation
£ 63K

Job location

Birmingham, United Kingdom

Tech stack

Microsoft Windows
Microsoft Active Directory
Amazon Web Services (AWS)
Azure
Cloud Computing
Cloud Computing Security
CompTIA Security+
Computer Security
Linux
Python
Microsoft Security Essentials
Windows Server
Powershell
Zero Trust Network Access
Software Vulnerability Management
Google Cloud Platform
Cloud Platform System
Microsoft InTune
Azure Security Center
CIS Benchmarks
Api Management
Qualys
ServiceNow
Vulnerability Analysis

Job description

Endpoint Security & Exposure Engineer This is an exciting opportunity to join Jacobs' Cyber Security team as an Endpoint Security & Exposure Management Engineer. You'll play a key role in reducing cyber risk by driving vulnerability remediation, strengthening endpoint security controls, and improving visibility of security exposure across a global technology estate.

Working across infrastructure, cloud, desktop engineering, and security teams, you'll help ensure vulnerabilities are identified, prioritised, and remediated effectively while supporting key security capabilities including application control, privilege management, and endpoint hardening.

If you're passionate about vulnerability management, exposure reduction, and delivering measurable security outcomes, this is an opportunity to make a real impact within a global organisation.

Day to Day

  • Lead vulnerability and exposure management activities across enterprise environments, ensuring security risks are identified, prioritised, and remediated effectively

  • Work closely with technology teams to drive remediation programmes and reduce organisational cyber risk

  • Support and enhance endpoint security capabilities, including application control, allowlisting, privilege management, and endpoint hardening

  • Use data, reporting, and dashboards to provide visibility of cyber exposure, remediation performance, and security outcomes

  • Assess emerging vulnerabilities and threats, providing risk-based recommendations and guidance to stakeholders

  • Act as a trusted security partner across infrastructure, cloud, application, and operational teams, helping embed secure practices and improve resilience

Requirements

  • Experience in cybersecurity, vulnerability management, security engineering, or endpoint security

  • Strong understanding of risk-based vulnerability management and remediation prioritisation

  • Experience working with vulnerability management platforms such as Tenable, Qualys, or Rapid7

  • Experience with ServiceNow Vulnerability Response or similar remediation workflow platforms

  • Knowledge of endpoint security technologies including application control, privilege management, and endpoint protection

  • A collaborative approach with strong stakeholder engagement and communication skills

  • The ability to translate technical security risks into meaningful business outcomes

Desirable Experience

  • Experience implementing Zero Trust principles

  • Exposure to Microsoft Defender for Endpoint, Intune, Active Directory, and Entra ID

  • Experience working within cloud environments including Azure, AWS, or Google Cloud

  • Knowledge of frameworks such as NIST, ISO 27001, CIS Controls, Cyber Essentials Plus, and NCSC CAF

  • Industry certifications including CISSP, CISM, Security+, GIAC, Microsoft Security, or ServiceNow certifications, * Application control and allowlisting technologies

  • Privilege management solutions

  • Endpoint hardening methodologies

  • Zero Trust security principles

  • Least-privilege administration

  • Endpoint security architecture

Vulnerability & Exposure Management

  • Vulnerability assessment and management

  • Exposure management practices

  • Risk prioritization frameworks

  • Attack surface management

  • Patch and remediation management

  • Security risk analysis

Platforms & Technologies

  • Microsoft Windows Server and Windows 11

  • Linux operating systems

  • Active Directory and Entra ID

  • Microsoft Intune

  • Microsoft Defender for Endpoint

  • Cloud platforms (Azure, AWS, or Google Cloud)

  • ServiceNow Vulnerability Response

Scripting & Automation

  • PowerShell

  • Python

  • API integrations and workflow automation

  • Security reporting and dashboard development

Preferred Qualifications

  • Experience implementing Zero Trust security controls.

  • Experience with endpoint detection and response (EDR) platforms.

  • Familiarity with security frameworks including:

o NIST Cybersecurity Framework

o CIS Controls

o ISO 27001

o NCSC Cyber Assessment Framework

o Cyber Essentials Plus

o Defence Cyber Certification, Levels 0-3

o ACSC Essential Eight

  • Experience with cloud security and hybrid infrastructure environments.

  • Experience leading vulnerability remediation programs across multiple technology domains.

Preferred Certifications

  • CISSP

  • GIAC Security Certifications

  • CompTIA Security+

  • Certified Information Security Manager (CISM)

  • ServiceNow Certified Implementation Specialist

  • Tenable Certified Professional

  • Qualys Certified Specialist

  • Microsoft Security Certifications

Key Competencies

  • Strong analytical and problem-solving skills.

  • Excellent stakeholder management and communication abilities.

  • Ability to translate technical risk into business impact.

  • Strong organizational and prioritization skills.

  • Collaborative approach to driving remediation and risk reduction.

  • Continuous improvement mindset focused on measurable security outcomes.

Success Measures

  • Reduction in privileged access risk.

  • Increased endpoint security control coverage.

  • Reduction in critical and high-risk vulnerabilities.

  • Improved vulnerability remediation performance and SLA compliance.

  • Improved visibility of enterprise cyber exposure.

  • Successful implementation of least-privilege principles across the endpoint estate.

  • Measurable reduction in organizational attack surface and cyber risk https://careers.jacobs.com/en_US/careers/JobDetail/42232 London|Greater London|United Kingdom Bristol|Bristol City|United Kingdom Manchester|Greater Manchester|United Kingdom Glasgow|Lanarkshire|United Kingdom Birmingham|West Midlands|United Kingdom Cardiff|South Glamorgan|United Kingdom Digital and Data Enterprise Functions

About the company

What's In It For You * Shape how cyber risk is managed across a global organisation * Take ownership of a critical vulnerability and exposure management capability * Work with leading security technologies across endpoint, cloud, and enterprise environments * Influence security strategy and drive measurable improvements to Jacobs' security posture * Collaborate with talented cybersecurity, infrastructure, cloud, and engineering professionals around the world * Enjoy genuine flexibility with remote and hybrid working options and no mandated office attendance requirements * Be part of a team committed to innovation, continuous improvement, and security excellence Benefits * A global network of expertise and opportunity * A culture founded on safety, integrity, inclusion, and belonging * Flexible working arrangements that support your well-being and potential * Opportunities to make a real-world impact through our global giving and volunteering programs, Joining Jacobs not only connects you locally but globally. Our values stand on a foundation of safety, integrity, inclusion and belonging. We put people at the heart of our business, and we truly believe that by supporting one another through our culture of caring, we all succeed. We value positive mental health and a sense of belonging for all employees. With safety and flexibility always top of mind, we've gone beyond traditional ways of working so you have the support, means and space to maximize your potential. You'll uncover flexible working arrangements, benefits, and opportunities, from well-being benefits to our global giving and volunteering program, to exploring new and inventive ways to help our clients make the world a better place. No matter what drives you, you'll discover how you can cultivate, nurture, and achieve your goals - all at a single global company. Find out more about life at Jacobs. We aim to embed inclusion and belonging in everything we do. We know that if we are inclusive, we're more connected and creative. We accept people for who they are, and we champion the richness of different perspectives, lived experiences and backgrounds in the workplace, as a source of learning and innovation. We are committed to building vibrant communities within Jacobs, including through our Jacobs Employee Networks, Communities of Practice and our Find Your Community initiatives, allowing every employee to find connection, purpose, and belonging. Find out more about our Jacobs Employee Networks here. Jacobs partners with VERCIDA to help us attract and retain talent from a wide range of backgrounds. For greater online accessibility please visit www.vercida.com/uk/employers/jacobs to view and access our roles. As a disability confident employer, we will interview all disabled applicants who meet the minimum criteria for a vacancy. We welcome applications from candidates who are seeking flexible working and from those who may not meet all the listed requirements for a role. We value collaboration and believe that in-person interactions are crucial for both our culture and client delivery. We empower employees with our hybrid working policy, allowing them to split their work week between Jacobs offices/projects and remote locations enabling them to deliver their best work. Your application experience is important to us, and we're keen to adapt to make every interaction even better. If you require further support or reasonable adjustments with regards to the recruitment process (for example, you require the application form in a different format), please contact the team via Careers Support.

Apply for this position