Endpoint Security & Exposure Engineer
United Kingdom · London, UK
At Jacobs, we're challenging today to reinvent tomorrow by solving the world's most critical problems for thriving cities, resilient environments, mission-critical outcomes, operational advancement, scientific discovery and cutting-edge manufacturing, turning abstract ideas into realities that transform the world for good.
This is an exciting opportunity to join Jacobs' Cyber Security team as an Endpoint Security & Exposure Management Engineer. You'll play a key role in reducing cyber risk by driving vulnerability remediation, strengthening endpoint security controls, and improving visibility of security exposure across a global technology estate.
Working across infrastructure, cloud, desktop engineering, and security teams, you'll help ensure vulnerabilities are identified, prioritised, and remediated effectively while supporting key security capabilities including application control, privilege management, and endpoint hardening.
If you're passionate about vulnerability management, exposure reduction, and delivering measurable security outcomes, this is an opportunity to make a real impact within a global organisation.
Day to Day
• Lead vulnerability and exposure management activities across enterprise environments, ensuring security risks are identified, prioritised, and remediated effectively
• Work closely with technology teams to drive remediation programmes and reduce organisational cyber risk
• Support and enhance endpoint security capabilities, including application control, allowlisting, privilege management, and endpoint hardening
• Use data, reporting, and dashboards to provide visibility of cyber exposure, remediation performance, and security outcomes
• Assess emerging vulnerabilities and threats, providing risk-based recommendations and guidance to stakeholders
• Act as a trusted security partner across infrastructure, cloud, application, and operational teams, helping embed secure practices and improve resilience
What You'll Bring
• Experience in cybersecurity, vulnerability management, security engineering, or endpoint security
• Strong understanding of risk-based vulnerability management and remediation prioritisation
• Experience working with vulnerability management platforms such as Tenable, Qualys, or Rapid7
• Experience with ServiceNow Vulnerability Response or similar remediation workflow platforms
• Knowledge of endpoint security technologies including application control, privilege management, and endpoint protection
• A collaborative approach with strong stakeholder engagement and communication skills
• The ability to translate technical security risks into meaningful business outcomes
Desirable Experience
• Experience implementing Zero Trust principles
• Exposure to Microsoft Defender for Endpoint, Intune, Active Directory, and Entra ID
• Experience working within cloud environments including Azure, AWS, or Google Cloud
• Knowledge of frameworks such as NIST, ISO 27001, CIS Controls, Cyber Essentials Plus, and NCSC CAF
• Industry certifications including CISSP, CISM, Security+, GIAC, Microsoft Security, or ServiceNow certifications
What's In It For You
• Shape how cyber risk is managed across a global organisation
• Take ownership of a critical vulnerability and exposure management capability
• Work with leading security technologies across endpoint, cloud, and enterprise environments
• Influence security strategy and drive measurable improvements to Jacobs' security posture
• Collaborate with talented cybersecurity, infrastructure, cloud, and engineering professionals around the world
• Enjoy genuine flexibility with remote and hybrid working options and no mandated office attendance requirements
• Be part of a team committed to innovation, continuous improvement, and security excellence
Benefits
• A global network of expertise and opportunity
• A culture founded on safety, integrity, inclusion, and belonging
• Flexible working arrangements that support your well-being and potential
• Opportunities to make a real-world impact through our global giving and volunteering programs
• Up to 10% pension
• 24 days (+10 days bought) holidays
• Free medical and income protection insurance and many more!
#LI-JW8 #Digital&Data
Technical Skills
Endpoint Security
• Application control and allowlisting technologies
• Privilege management solutions
• Endpoint hardening methodologies
• Zero Trust security principles
• Least-privilege administration
• Endpoint security architecture
Vulnerability & Exposure Management
• Vulnerability assessment and management
• Exposure management practices
• Risk prioritization frameworks
• Attack surface management
• Patch and remediation management
• Security risk analysis
Platforms & Technologies
• Microsoft Windows Server and Windows 11
• Linux operating systems
• Active Directory and Entra ID
• Microsoft Intune
• Microsoft Defender for Endpoint
• Cloud platforms (Azure, AWS, or Google Cloud)
• ServiceNow Vulnerability Response
Scripting & Automation
• PowerShell
• Python
• API integrations and workflow automation
• Security reporting and dashboard development
Preferred Qualifications
• Experience implementing Zero Trust security controls.
• Experience with endpoint detection and response (EDR) platforms.
• Familiarity with security frameworks including:
o NIST Cybersecurity Framework
o CIS Controls
o ISO 27001
o NCSC Cyber Assessment Framework
o Cyber Essentials Plus
o Defence Cyber Certification, Levels 0-3
o ACSC Essential Eight
• Experience with cloud security and hybrid infrastructure environments.
• Experience leading vulnerability remediation programs across multiple technology domains.
Preferred Certifications
• CISSP
• GIAC Security Certifications
• CompTIA Security+
• Certified Information Security Manager (CISM)
• ServiceNow Certified Implementation Specialist
• Tenable Certified Professional
• Qualys Certified Specialist
• Microsoft Security Certifications
Key Competencies
• Strong analytical and problem-solving skills.
• Excellent stakeholder management and communication abilities.
• Ability to translate technical risk into business impact.
• Strong organizational and prioritization skills.
• Collaborative approach to driving remediation and risk reduction.
• Continuous improvement mindset focused on measurable security outcomes.
Success Measures
• Reduction in privileged access risk.
• Increased endpoint security control coverage.
• Reduction in critical and high-risk vulnerabilities.
• Improved vulnerability remediation performance and SLA compliance.
• Improved visibility of enterprise cyber exposure.
• Successful implementation of least-privilege principles across the endpoint estate.
• Measurable reduction in organizational attack surface and cyber risk
We value collaboration and believe that in-person interactions are crucial for both our culture and client delivery. We empower employees with our hybrid working policy, allowing them to split their work week between Jacobs offices/projects and remote locations enabling them to deliver their best work.
Your application experience is important to us, and we’re keen to adapt to make every interaction even better. If you require further support or reasonable adjustments with regards to the recruitment process (for example, you require the application form in a different format), please contact the team via Careers Support.
| City | State | Country |
|---|---|---|
| London | Greater London | United Kingdom |
| Bristol | Bristol City | United Kingdom |
| Manchester | Greater Manchester | United Kingdom |
| Glasgow | Lanarkshire | United Kingdom |
| Birmingham | West Midlands | United Kingdom |
| Cardiff | South Glamorgan | United Kingdom |


