Salary: 100,000 - 100,000 GBP per year Requirements:
* We are seeking a Windows Security Engineer with a Bachelor's degree in Computer Science, Information Security, or a related field. You should have at least 7 years of experience in Windows Server administration and security, demonstrating deep expertise in Active Directory, Group Policy, AzureAD/EntraID, ADFS, DFS, SMB/CIFS, IIS, SQL Server, Kerberos, LDAP, NTLM, DNS, WMI, LAPS, BitLocker, and other related Microsoft Server technologies. Experience with all common versions of Windows Server (2012, 2016, 2019, 2022 & 2025) and Windows 10-11 desktop OS is essential. You should possess strong general knowledge of core infrastructure, including networking, storage, and virtualization/VMware. Advanced knowledge of AD delegation models and best practices is required, along with experience with identity protection platforms such as Defender for Identity and CrowdStrike Identity Protection. Proficiency in PowerShell is a must, and familiarity with Centrify for integrating Linux with Active Directory, as well as Quest Active Directory security products like Active Roles, is a benefit.
Responsibilities:
* As our Windows Security Engineer, you will be responsible for designing and implementing secure Windows Server and Active Directory architectures at scale. You will architect and maintain hybrid identity solutions, integrating on-premise Active Directory with EntraID (Azure AD) and Okta. Your role will include configuring and managing AD delegation models following least privilege principles, as well as implementing and maintaining identity protection solutions. You will develop and enforce security standards for Windows Server deployments across bare metal, VMware, and public cloud environments (AWS, Azure, GCP). Collaboration with Endpoint Engineering teams to secure Windows endpoints using solutions such as SCCM and InTune will be a key part of your role. Additionally, you will manage configuration for Windows Firewall and ASR rules, monitor and mature the Windows patching and vulnerability management program, perform security assessments and audits of Windows infrastructure, and respond to security incidents related to Windows infrastructure. You will also collaborate with infrastructure and security teams on identity and access management initiatives.
Technologies:
* AWS
* Active Directory
* Architect
* Azure
* Cloud
* Firewall
* GCP
* LDAP
* Linux
* PowerShell
* SQL
* Security
* SMB
* VMware
* Windows
More:
We offer a competitive salary of £150,000, along with excellent benefits and bonuses. This position is based in London, where you'll work in a hybrid model, spending 3 days per week in our central London office. This opportunity is within a Global Information Security Team at an esteemed Asset Management/Hedge Fund, where you will be part of a mission-driven team focused on protecting the confidentiality, integrity, and availability of our information assets. If you thrive in a fast-paced and high-profile Hedge Fund environment, with a strong background in security disciplines, we would love to hear from you.