Windows IT Support Engineer - Vulnerability Management ((OS & 3rd Party Application Security)

Windows IT Support Engineer – Vulnerability Management (OS & 3rd Party Application Security)

Canary Wharf, UK

Long Term Contract (Inside Ir35)

Hybrid (2 days a week)

Job Summary:

We are looking for a Windows IT Support Engineer specializing in Vulnerability Management with hands-on experience in managing operating system (OS) and third-party application vulnerabilities. The ideal candidate will be responsible for identifying, analyzing, and remediating vulnerabilities across Windows environments while ensuring system security, compliance, and operational stability.

Key Competencies:

• Windows OS Security
• Vulnerability Management (OS & Applications)
• Patch Management & Remediation
• Risk Assessment
• IT Support & Troubleshooting

Key Responsibilities:

• Perform vulnerability assessments and scans on Windows OS and third-party applications using industry-standard tools.
• Identify, analyze, and prioritize OS-level and application-level vulnerabilities based on severity, risk, and business impact.
• Plan and execute remediation activities, including patching, upgrades, and configuration fixes.
• Manage and support Windows patch management lifecycle (monthly patches, emergency fixes, etc.).
• Ensure timely resolution of vulnerabilities within defined SLAs.
• Work closely with infrastructure, security, and application teams to implement fixes and mitigation strategies.
• Validate remediation efforts and conduct post-patch verification.
• Maintain documentation for vulnerability reports, remediation trackers, and audit readiness.
• Monitor systems regularly to ensure security compliance and performance stability.
• Support incident troubleshooting related to security gaps and vulnerabilities.

Required Skills & Qualifications:

Technical Skills:

• Strong hands-on experience with Windows Operating Systems (Windows 10/11, Windows Server).
• Experience in managing third-party application vulnerabilities (e.g., Java, Adobe, browsers, etc.).
• Proficiency in vulnerability management tools (Qualys, Nessus, Rapid7, etc.).
• Knowledge of Patch Management Tools (SCCM, WSUS, Intune).
• Understanding of CVE, CVSS scoring, and vulnerability lifecycle management.
• Experience in remediation, patch deployment, and security hardening.
• Familiarity with Active Directory, Group Policy (GPO).
• Basic scripting knowledge (PowerShell preferred) for automation.

Preferred Qualifications:

• Certifications such as Microsoft Certified, CompTIA Security+, CEH (good to have)
• Experience working in enterprise IT or security operations environment
• Exposure to audit/compliance frameworks (ISO 27001, SOC2, etc.)