Infrastructure Security Operations Engineer

The Infrastructure Security Operations Engineer – Vulnerability Management SME will be responsible for maintaining and improving Endava’s global security posture, with a primary focus on vulnerability management, endpoint security, and application control. This role requires expertise in Intune for endpoint management and policy enforcement, ThreatLocker for application control, and patch management strategies to minimize security risks. The engineer will also act as an escalation point for infrastructure security-related incidents, ensuring compliance with Endava’s security policies and industry standards.

Principal Functional Responsibilities

• Vulnerability Management & Remediation
  • Lead vulnerability remediation efforts across infrastructure and endpoints.
  • Collaborate with other IT functions to ensure vulnerabilities are addressed promptly.
  • Maintain and enhance vulnerability management processes to align with compliance and security frameworks.
• Endpoint Management & Security (Intune)
  • Configure and enforce security policies using Microsoft Intune for endpoint compliance.
  • Manage and optimize device security baselines, including endpoint hardening, encryption, and conditional access policies.
  • Provide operational support for Microsoft Defender ATP and related endpoint protection solutions.
• Patch Management
  • Design and implement patch management strategies for servers, workstations, and cloud infrastructure.
  • Ensure timely deployment of security patches and updates across all systems.
  • Develop and maintain automated patch deployment workflows to minimize operational impact.
• Application Management & Control (ThreatLocker)
  • Administer and maintain ThreatLocker for application control, whitelisting, and execution restrictions.
  • Define and enforce policies to prevent unauthorized application usage and mitigate security threats.
  • Monitor and analyze application security events, responding to potential security incidents.
• Security Incident Response & Compliance
  • Act as an escalation point for security incidents and vulnerabilities affecting infrastructure.
  • Ensure all security controls comply with regulatory and company security standards.
  • Support security audits, compliance assessments, and reporting.
• Continuous Improvement & Collaboration
  • Work closely with IT Operations, Cloud, and Security teams to drive security initiatives.
  • Participate in security infrastructure upgrades and optimizations.
  • Stay up to date with emerging threats, vulnerabilities, and industry best practices.