Identity, Security & Endpoint Engineer

Identity, Security & Endpoint Engineering - Fintech Payments Client

100% remote and London one visit a month

Up to £80k + Benefits

We're looking for a sharp, automation-driven Identity, Security & Endpoint Engineer to help build and evolve secure-by-design digital workplace capabilities for a leading fintech payments organisation.

Sitting within the CTO function and working alongside Digital Workplace portfolio owners, you'll engineer the identity, data security, and endpoint automation foundations that keep a regulated, high-velocity fintech running safely and efficiently.

This is a deep technical, non-customer-facing engineering role focused on automation, standardisation, and continuous improvement across Microsoft 365, Entra ID, Purview, Priva, Intune, and Defender.

What You'll Own

Identity Governance & Lifecycle Automation

  • Design and automate identity life cycle processes using Entra ID Lifecycle Workflows and SCIM provisioning.
  • Integrate HRIS systems to deliver seamless joiner/mover/leaver automation.
  • Maintain Access Packages, Entitlement Management, Access Reviews, and Conditional Access aligned to zero-trust principles.
  • Engineer identity protection patterns that scale across a regulated fintech environment.

Data Security, Governance & Privacy

  • Build and optimise data governance architectures using Microsoft Purview (DLP, labels, retention, classification, insider risk).
  • Deploy and tune Microsoft Priva for privacy risk management, data minimisation, and SRR automation.
  • Embed GDPR, ISO 27001, and DPA-aligned controls into productised workplace services.
  • Ensure data protection policies are consistently engineered, automated, and auditable.

Threat Protection & Security Engineering

  • Configure and optimise Microsoft Defender across Endpoint, Identity, Cloud Apps, and Email.
  • Tune detections, analyse alerts, and uplift preventative controls across identity and data planes.
  • Support adoption of zero-trust, least privilege, and continuous access evaluation.

Automation & Integration

  • Build scalable automations using Power Automate, Logic Apps, and Microsoft Graph API.
  • Develop reusable scripts, workflow templates, and integration components.
  • Reduce operational overhead through automation-first engineering.

Endpoint, Device & Provisioning Engineering

Unified Endpoint Management (Windows, macOS, iOS, Android)

  • Engineer Intune baselines for compliance, configuration, app deployment, and reporting.
  • Build custom remediation scripts and automation workflows.
  • Implement Defender for Endpoint across all device platforms.

Zero-Touch Provisioning & Device Lifecycle

  • Build and maintain Autopilot, hardware hash processes, and automated provisioning flows.
  • Engineer device life cycle automation for JML processes.
  • Contribute to a unified provisioning blueprint enabling a true zero-touch DaaS model.

Cross-Platform Device Management

  • Develop Apple management via Apple Business Manager, ADE, and MDM tooling.
  • Implement macOS configuration, FileVault, and app delivery via Intune/Jamf.
  • Engineer Android Enterprise provisioning (zero-touch, work profile, COPE).

Security, Encryption & Access Controls

  • Implement BitLocker, FileVault, PKI, SCEP, and certificate-based authentication.
  • Maintain endpoint security baselines, ASR rules, and platform hardening.

What You'll Produce

  • Engineering documentation, deployment guides, automation catalogues, and configuration standards.
  • Reusable engineering patterns for Operations and Pre-Sales.
  • Contributions to product documentation, CSDs, and internal knowledge bases.
  • Input into PoCs, MVPs, and strategic technology evaluations.

What You Bring

  • Strong experience across identity life cycle automation, data security, and endpoint engineering.
  • Deep knowledge of Microsoft 365, Entra ID, Purview, Priva, Intune, and Defender.
  • Ability to build scalable automations and integrations in a managed service or enterprise environment.
  • Excellent documentation and engineering standardisation skills.
  • Understanding of compliance frameworks (GDPR, ISO 27001, DPA 2018).
  • Self-driven learner with a passion for emerging Microsoft identity and security capabilities.
  • Experience working with cross-functional engineering, operations, and pre-sales teams.

Certifications

Required:

  • SC-300
  • SC-400
  • SC-200

Preferred:

  • SC-100
  • Additional Microsoft Security, Compliance, or Automation certifications.

RSG Plc is acting as an Employment Agency in relation to this vacancy.

Apply Now
Apply Now

Job Details

Company
Amber Resourcing Ltd
Location
London, United Kingdom
Hybrid / Remote Options
Employment Type
Permanent
Salary
GBP 75,000 - 80,000 Annual
Posted