Infrastructure Security Operations Engineer

Technology is our how. And people are our why. For over two decades, we have been harnessing technology to drive meaningful change.

By combining world-class engineering, industry expertise and a people-centric mindset, we consult and partner with leading brands from various industries to create dynamic platforms and intelligent digital experiences that drive innovation and transform businesses.

From prototype to real-world impact - be part of a global shift by doing work that matters.

Job Description

The
Infrastructure Security Operations Engineer – Vulnerability Management SME
will be responsible for maintaining and improving Endava's global security posture, with a primary focus on
vulnerability management, endpoint security, and application control
. This role requires expertise in
Intune for endpoint management and policy enforcement
,
ThreatLocker for application control
, and
patch management strategies
to minimize security risks. The engineer will also act as an escalation point for infrastructure security-related incidents, ensuring compliance with Endava's security policies and industry standards.

Principal Functional Responsibilities

• Vulnerability Management & Remediation
• Lead vulnerability remediation efforts across infrastructure and endpoints.
• Collaborate with other IT functions to ensure vulnerabilities are addressed promptly.
• Maintain and enhance vulnerability management processes to align with compliance and security frameworks.
• Endpoint Management & Security (Intune)
• Configure and enforce security policies using
  Microsoft Intune
  for endpoint compliance.
• Manage and optimize device security baselines, including endpoint hardening, encryption, and conditional access policies.
• Provide operational support for
  Microsoft Defender ATP
  and related endpoint protection solutions.
• Patch Management
• Design and implement patch management strategies for servers, workstations, and cloud infrastructure.
• Ensure timely deployment of security patches and updates across all systems.
• Develop and maintain automated patch deployment workflows to minimize operational impact.
• Application Management & Control (ThreatLocker)
• Administer and maintain
  ThreatLocker
  for application control, whitelisting, and execution restrictions.
• Define and enforce policies to prevent unauthorized application usage and mitigate security threats.
• Monitor and analyze application security events, responding to potential security incidents.
• Security Incident Response & Compliance
• Act as an escalation point for security incidents and vulnerabilities affecting infrastructure.
• Ensure all security controls comply with regulatory and company security standards.
• Support security audits, compliance assessments, and reporting.
• Continuous Improvement & Collaboration
• Work closely with
  IT Operations, Cloud, and Security teams
  to drive security initiatives.
• Participate in security infrastructure upgrades and optimizations.
• Stay up to date with emerging threats, vulnerabilities, and industry best practices.

Qualifications

Education & Certifications

• Bachelor's degree in
  Computer Science, Cybersecurity, Engineering, or Telecommunications
  (or equivalent experience).
• Security-related certifications and ITIL are a plus.

Experience & Skills

• 3+ years of experience
  in
  Security Operations, Vulnerability Management, or Endpoint Security.
• Expertise in
  Vulnerability Management
  tools and best practices.
• Strong knowledge of
  Microsoft Intune
  for endpoint policy management.
• Hands-on experience with
  ThreatLocker
  (or similar) for application control and whitelisting.
• Proficiency in
  patch management methodologies
  across Windows, macOS, and Linux environments.
• Familiarity with
  Microsoft Defender ATP
  ,
  Palo Alto Prisma
  , and
  other EDR/XDR solutions
  .
• Experience working with
  Active Directory, DNS, and Group Policies
  .
• General knowledge of
  cloud security (Azure, AWS, SaaS environments)
  .
• Strong understanding of
  incident management, change management, and security compliance
  .
• Excellent analytical skills, problem-solving abilities, and communication skills.

Preferred Qualifications

• Experience with
  PowerShell
  for security automation.

Knowledge of
zero-trust security models and modern endpoint security frameworks
.

Additional Information

At Endava, we're committed to creating an open, inclusive, and respectful environment where everyone feels safe, valued, and empowered to be their best. We welcome applications from people of all backgrounds, experiences, and perspectives—because we know that inclusive teams help us deliver smarter, more innovative solutions for our customers. Hiring decisions are based on merit, skills, qualifications, and potential. If you need adjustments or support during the recruitment process, please let us know.