Windows Security Specialist

Windows Security Specialist

Job Description

[Up to c. £250k Comp Package | Hybrid Working]

Are you an experienced Windows security engineer looking to take ownership of critical infrastructure in a global, high-performance environment? Our client, a leading investment firm, is seeking a specialist to strengthen their Windows security posture, enhance identity protection, and drive automation across their ecosystem. This role offers the opportunity to work at the intersection of cybersecurity and Windows engineering, securing both on-premise and cloud-based systems at scale...

Key Responsibilities

• Design and implement secure Windows Server and Active Directory environments, ensuring high availability and resilience
• Manage and optimise hybrid identity solutions, integrating on-prem Active Directory with Entra ID (Azure AD) and Okta
• Define and enforce robust access controls, implementing least-privilege delegation models within AD
• Deploy and maintain identity protection tools such as Defender for Identity, CrowdStrike Identity Protection, and Quest Active Roles
• Establish and maintain security baselines for Windows infrastructure, covering on-prem servers, virtualised environments (VMware), and cloud platforms (AWS, Azure, GCP)
• Collaborate with endpoint engineering teams to enhance security configurations using SCCM, InTune, and Windows Firewall policies
• Lead Windows patching and vulnerability management efforts, ensuring timely remediation of security risks
• Conduct security audits, assess risks, and strengthen identity and access management (IAM) practices
• Monitor security alerts and respond to incidents affecting Windows environments, proactively mitigating threats
• Work closely with cross-functional teams, contributing to security strategy and best practices

What You Bring...

• 6+ years of experience in Windows Server security and administration, with deep knowledge of Active Directory, Group Policy, Kerberos, LDAP, NTLM, DNS, and related technologies
• Expertise across multiple Windows Server versions (2012-2025) and Windows 10/11 desktop environments
• Strong background in infrastructure security, covering networking, storage, and virtualisation (VMware)
• Hands-on experience with identity protection solutions such as Defender for Identity and CrowdStrike Identity Protection
• Advanced PowerShell scripting skills for automation and security configuration
• Familiarity with integrating Linux systems with Active Directory using Centrify
• (Preferred) Experience with Quest Active Directory security products such as Active Roles

...

Apply for this role

All fields marked with * are required.