DV Cleared Security Engineer

DV Cleared Security Engineer - 3 days a week on site

As a Security Engineer, you'll help design, build, and deliver secure digital solutions in highly secure environments. You'll work alongside engineers, architects, and delivery specialists to develop technology that enables faster, safer decision-making for critical operations.

We are looking for someone who has experience with deploying and managing both security tooling (vulnerability scanning, EDR Agents, etc) and identity solutions (Directory services, IdPs, Privileged Access Management solutions). You will need to have a basic understanding of threat frameworks (such as ATT&CK) and MOD assurance policies, as well as experience working at a technical low design level. Finally, you will need knowledge and experience of Agile, DevSecOps, CI/CD Principles and their application in secure environments.

Your work may include:

Credential Lifecycle Management:

• Manually creating or bulk-importing passwords, SSH keys, and API keys
• Configuring and verifying Remote Password Changing (RPC) to ensure credentials rotate on a set schedule without service interruption.
• Checking our Servers can successfully communicate with target systems to validate that stored credentials are still correct.

Discovery & Network Visibility:

• Running regular Discovery scans across Active Directory and network segments to identify new privileged accounts, service accounts, and dependencies.
• Mapping how service accounts are used by Windows Services, Scheduled Tasks, or IIS Application Pools to ensure rotation doesn't break critical systems.

System Maintenance & Performance:

• Proactive management of technical vulnerabilities and system security.
• Monitoring the status of Distributed Engines (DE) to ensure they are online and processing tasks like heartbeats and password changes without latency.
• Monitor and improve performance and ensure all secrets are bound to launchers, and secret templates are used and updated as required.
• Configuring and verifying automated database backups (full, differential, and log) to meet Recovery Point Objectives (RPO).
• Applying security patches and upgrades to our platforms
• Maintain the Licenses/certifications and update where required
• Check the results of recent Discovery scans to see if new privileged accounts, service accounts, or dependencies were found.

Access Governance:

• Managing Role-Based Access Control (RBAC) by creating roles, defining folder structures, and setting granular permissions for users and groups.

Audit & Compliance:

• Generating and reviewing audit logs and reports (eg, most active users, failed heartbeats) to detect unusual activity and prove compliance.
• Configuring launchers to record privileged sessions, allowing or disallowing for full keystroke and video audits of administrative work.

Technical Troubleshooting:

• Resolving issues related to Firewall requests, load balancer configuration.

Security Oversight

• Monitor Active Sessions: Session Monitoring for any currently active privileged sessions, particularly on high-value assets like Domain Controllers.
• Troubleshoot any Remote Password Changing (RPC) failures from the previous 24 hours to prevent account lockouts or "stale" credentials.
• Correlate server alerts with your SIEM to investigate suspicious activity, such as multiple failed login attempts or large-scale secret exports.

Security Clearance
Due to the nature of the work, candidates must be UK sole nationals and hold current DV clearance