Senior Security Engineer

Working within the Directory Services Security Team (DSST) we are looking for a senior security engineer to proactively prevent and resolve all issues relating to accounts, groups, and management of the Active Directory Infrastructure. This role protects the group from cyber threats which seek to impact the confidentiality, integrity, and availability of group assets.

As a Senior Security Engineer, you will own the development and implementation of sophisticated security measures to protect our systems and data. You will identify vulnerabilities, develop robust security protocols, and ensure compliance with industry standards. Your expertise will guide the organization towards a proactive security posture and develop a culture of security awareness. Remediation of any vulnerabilities found on servers and in the Active Directory Infrastructure.

Identification of all Admin accounts and security groups. Identification of all nominated privileged accounts in all Domains and remediation plan to resolve, including planned disablements and planned deletions in batches through CAB. Identification of all privileged accounts that have not been enrolled into Beyond Trust and remediation thereof. Identification of all inactive/empty security groups and remediation thereof. Identification of all Admin accounts and Group owners and remediating the account to ensure that the admin account and the security groups meet the standards set down in the IDAM standard. Assisting with the creation of a valid description for all Security Groups, so that they can be onboarded into Sail Point IDN for recertification. Deletion of orphaned SIDs for any accounts/groups that have been deleted incorrectly. Managing non-adherence to this policy. Liaise with business owners and departmental heads so that we can both discover and document all the above and their status. Update a PowerBI/CNX or Splunk dashboard and be prepared to outline solution and rationale to senior team members.

The ideal candidate will possess a broad expertise including solutions design, solution finding, resolution, PowerShell scripting, and documentation. Deep knowledge of cybersecurity principles, tools, and technologies. A dedication to staying updated with the latest cybersecurity trends, threats, and standard approach. The candidate should be an excellent communicator and should be able to handle with all levels of seniority. Attention to detail, communication and partnership.

• Remediate any security Vulnerabilities found on any of the in-scope devices.
• Remediate discrepancies with various types of AD accounts.
• Investigate via direct contact with users and establish ownership of all groups.
• Use PowerShell to populate relevant Management fields.
• Able to use the AD tools to advanced level.
• Help to form a Global Group Naming Scheme and contribute to standards document for this.
• Progress reports to be setup in PowerBI/CNX or Splunk by liaising with the appropriate team.
• Good communicator.
• Self- starter who takes initiative.
• Familiar with Service Now and Change management processes.
• Able to communicate with a level of staff.
• Recommends alterations to development and design that improve quality of systems and/or procedures.
• Adhere to and help shape policies and procedures, as well as implement appropriate controls and compliance monitoring to effectively deliver and safeguard information assets.
• Write and maintain appropriate documentation for all Remediated Admin groups and Security Groups.
• Keep a written plan of all Admin accounts and Security groups to be remediated.
• Help take responsibility for all engineering input and project outputs for this project.
• Contribute to providing frequent status reports of all implementation tasks and maintain risks and issues for management as and if they arise.
• Ensure changes are correctly impact assessed and implemented and are represented at CAB.
• Assist with all Security related project work as well as BAU tasks as directed by Team leader/Manager.
• Understand existing complex environment and navigate to a successful implementation of products
• Assist in the delivery of all Security Initiatives and implementations some of which will be at weekends or unsociable hours.
• Provide full aftercare assistance for all Admin and security group remediation implementations
• Follow the existing standards and processes

• Very good Active Directory Knowledge in an Enterprise environment – Hierarchy / management group design, deployment, configuration and BAU support.
• Experience with all aspects of AD user and group Management.
• Must be excellent liaising with Service line owners and customers.
• Excellent document authoring skills
• Experience working in an Enterprise environment with strong change control practices
• PowerBI & PowerApps.
• Hands-on experience with ServiceNow (OSM) as the primary ITSM tool.
• Expertise in working with a PAM product such as Beyond Trust.
• Experience working with advanced Excel using Pivot tables etc.
• Maintain proficiency as a Windows Security Architect with Active Directory Systems Speciality
• Ability to develop, test, implement and document solutions to a very high standard.
• Excellent investigation and solution finding skills of complex issues and ability to locate application owners and work closely with them.
• Self-motivated and self-starter who can work independently as well as part of a team.
• High level of accuracy. Able to take direction from others.
• Quick learn new concepts and products with ease.
• Ability to think quickly and look for alternative solutions in complicated situations.

People are at the heart of what we do and drive the success of our business. Our colleagues thrive personally and professionally through our shared values of Integrity, Partnership, Innovation and Excellence are at the core of our culture. We embrace diversity and actively seek to attract people with unique backgrounds and perspectives. We are always looking at ways to become more agile, so we meet the needs of our teams and customers. We believe that an inclusive collaborative workplace is pivotal to our success and supports the potential and growth of all colleagues at LSEG.

LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth.

Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership, Excellence and Change underpin our purpose and set the standard for everything we do, every day. They go to the heart of who we are and guide our decision making and everyday actions.

Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. You will experience the critical role we have in helping to re-engineer the financial ecosystem to support and drive sustainable economic growth. Together, we are aiming to achieve this growth by accelerating the just transition to net zero, enabling growth of the green economy and creating inclusive economic opportunity.

LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives.

We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone’s race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs.

Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) (we) may hold about you, what it’s used for, and how it’s obtained, your rights and how to contact us as a data subject.

If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice.