Salary: £75,000 - 75,000 per year Requirements: We need someone with experience deploying and managing security tooling such as vulnerability scanning and EDR agents. We need someone with experience deploying and managing identity solutions such as directory services, IdPs, and Privileged Access Management solutions. We need a basic understanding of threat frameworks such as ATT&CK and MOD assurance policies. We need experience working at a technical low design level. We need knowledge and experience of Agile, DevSecOps, CI/CD principles, and their application in secure environments. Due to the nature of the work, candidates must be UK sole nationals and hold current SC clearance. Responsibilities: We help design, build, and deliver secure digital solutions in highly secure environments. We work alongside engineers, architects, and delivery specialists to develop technology that enables faster, safer decision-making for critical operations. We manage credential lifecycle activities, including manually creating or bulk-importing passwords, SSH keys, and API keys. We configure and verify Remote Password Changing to ensure credentials rotate on schedule without service interruption. We check that our servers can successfully communicate with target systems to validate stored credentials. We run regular discovery scans across Active Directory and network segments to identify privileged accounts, service accounts, and dependencies. We map how service accounts are used by Windows Services, Scheduled Tasks, or IIS Application Pools to ensure rotation does not break critical systems. We proactively manage technical vulnerabilities and system security. We monitor the status and performance of Distributed Engines to ensure they are online and processing tasks without latency. We ensure secrets are bound to launchers and that secret templates are used and updated as required. We configure and verify automated database backups to meet Recovery Point Objectives. We apply security patches and upgrades to our platforms. We maintain licenses and certifications and update them where required. We review discovery scan results to identify new privileged accounts, service accounts, or dependencies. We manage Role-Based Access Control by creating roles, defining folder structures, and setting granular permissions for users and groups. We generate and review audit logs and reports to detect unusual activity and prove compliance. We configure launchers to record privileged sessions, including keystroke and video audits where required. We resolve issues related to firewall requests and load balancer configuration. We monitor active privileged sessions, particularly on high-value assets such as Domain Controllers. We troubleshoot Remote Password Changing failures from the previous 24 hours to prevent account lockouts or stale credentials. We correlate server alerts with our SIEM to investigate suspicious activity such as multiple failed login attempts or large-scale secret exports. Technologies: API Active Directory CI/CD DevSecOps Firewall Support Network Security Windows RBAC More: We are seeking an SC Cleared Security Engineer to work 3 days a week on site in highly secure environments. You will join our team of engineers, architects, and delivery specialists to support secure digital solutions for critical operations. This role involves hands-on security engineering, operational oversight, compliance support, and troubleshooting across privileged access, credential management, monitoring, and platform maintenance. last updated 24 week of 2026