At SiXworks, we build secure digital solutions that support Defence and National Security missions. Our teams work on complex problems where reliability, security, and speed of innovation matter.
We’re looking for a Security Engineer who enjoys solving difficult technical challenges and wants their work to have real operational impact.
What You’ll Do
As a Security Engineer, you’ll help design, build, and deliver secure digital solutions in highly secure environments. You’ll work alongside engineers, architects, and delivery specialists to develop technology that enables faster, safer decision‑making for critical operations.
Your work may include:
* Credential Lifecycle Management:
o Manually creating or bulk‑importing passwords, SSH keys, and API keys
o Configuring and verifying Remote Password Changing (RPC) to ensure credentials rotate on a set schedule without service interruption
o Checking our servers can successfully communicate with target systems to validate that stored credentials are still correct
* Discovery & Network Visibility:
o Running regular Discovery scans across Active Directory and network segments to identify new privileged accounts, service accounts, and dependencies
o Mapping how service accounts are used by Windows Services, Scheduled Tasks, or IIS Application Pools to ensure rotation doesn’t break critical systems
* System Maintenance & Performance:
o Proactive management of technical vulnerabilities and system security
o Monitoring the status of Distributed Engines (DE) to ensure they are online and processing tasks such as heartbeats and password changes without latency
o Monitor and improve performance and ensure all secrets are bound to launchers, and secret templates are used and updated as required
o Configuring and verifying automated database backups (full, differential, and log) to meet Recovery Point Objectives (RPO)
o Applying security patches and upgrades to our platforms
o Maintain the Licenses / certifications and update where required
o Check the results of recent Discovery scans to see if new privileged accounts, service accounts, or dependencies were found
* Access Governance:
o Managing Role‑Based Access Control (RBAC) by creating roles, defining folder structures, and setting granular permissions for users and groups
* Audit & Compliance:
o Generating and reviewing audit logs and reports (e.g., most active users, failed heartbeats) to detect unusual activity and prove compliance
o Configuring launchers to record privileged sessions, allowing or disallowing for full keystroke and video audits of administrative work
* Technical Troubleshooting:
o Resolving issues related to firewall requests, load balancer configuration
* Security Oversight:
o Monitor Active Sessions: Session Monitoring for any currently active privileged sessions, particularly on high‑value assets like Domain Controllers
o Troubleshoot any Remote Password Changing (RPC) failures from the previous 24 hours to prevent account lockouts or “stale” credentials
o Correlate server alerts with your SIEM to investigate suspicious activity, such as multiple failed login attempts or large‑scale secret exports
What We’re Looking For
* Deploying and managing security tooling (vulnerability scanning, EDR Agents, etc)
* Deploying and managing identity solutions (Directory services, IdPs, Privileged Access Management solutions)
* Basic understanding of threat frameworks (such as ATT&CK)
* High standards in written report and/or design documentation
* Working at a technical low level design level with the project team
* Knowledge and experience of Agile, DevSecOps, CI/CD principles and their application in secure environments
* Understanding of MOD assurance and policies
Just as important are curiosity, strong problem solving ability, and the motivation to continuously improve how technology is designed and delivered.
Benefits
We offer competitive salaries and a package that supports your wellbeing and development, including 25 days annual leave + bank holidays, free Private Medical cover and Life Assurance, generous pension (10% employer, 5% employee contribution), bonus and professional development and training support. In addition to secure parking, gym, café & restaurant on site and lots of open break out spaces.
A word on UK Security Clearance
Due to the secure nature of the position and working environment, you must have or be eligible to obtain the highest level of Security Clearance. More details relating to UK Security Clearance can be found here: United Kingdom Security Vetting: clearance levels - GOV.UK (www.gov.uk)
#J-18808-Ljbffr