Security Engineer - Enterprise Markets

Manchester, Glasgow, London or Newbury/Hybrid

A Bit About Us

At Gamma, we’re a dynamic, forward-thinking team revolutionizing the way businesses connect and communicate. We provide voice, data, and mobile solutions to businesses across the UK, Germany, Spain, and the Benelux region. We’re expanding rapidly to bring digital automation and Gamma-powered services to Enterprise, Public Sector and Small to medium businesses, both directly and through a growing network of channel partners. We move fast with a start‑up mindset, but we have the stability of a leading European business. Our team thrives on collaboration, innovation, and the belief that diverse perspectives make us stronger. Join us, and you’ll have the opportunity to make an impact, grow your career, and be part of a company that celebrates inclusivity and fresh ideas.

Who are we looking for?

We are seeking a skilled and client-focused Security Engineer with strong expertise in Vulnerability Management and Network Security engineering. This role operates within a managed service provider environment, delivering security services to enterprise clients, with a primary focus on risk‑based vulnerability management alongside network security, firewall optimisation, and access control. The successful candidate will be responsible for identifying, assessing, prioritising, and driving remediation of vulnerabilities across complex enterprise environments. They will also contribute to strengthening overall cyber resilience by aligning vulnerability management with Managed Detection and Response (MDR) operations, supporting Secure Access Service Edge (SASE) frameworks, and advancing Zero Trust security models across network, identity, and access control layers. This is a hands‑on engineering role requiring deep technical expertise across vulnerability management and network security, combined with strong stakeholder engagement. The role ensures security risks are proactively reduced, controls are optimised, and remediation is delivered in line with contractual SLAs and cyber security best practices.

What will you be doing day‑to‑day?

Key Responsibilities

Vulnerability Management Services

• Deliver end-to-end vulnerability management services to clients, including discovery, assessment, prioritisation, reporting, and remediation tracking
• Operate and maintain vulnerability scanning tools (e.g., Qualys, Nessus, Rapid7) across multiple client environments
• Perform regular vulnerability scans, validation, and re‑testing to ensure remediation effectiveness
• Analyse vulnerability data, eliminate false positives, and provide actionable remediation guidance tailored to client environments
• Prioritise vulnerabilities using risk‑based methodologies (CVSS, exploitability, business impact, threat intelligence)
• Track remediation activities and ensure closure within agreed SLAs and service metrics
• Produce client‑facing reports, dashboards, and service reviews, highlighting risk posture, trends, and key improvement areas
• Act as a trusted advisor to clients, providing best practice recommendations on vulnerability and risk reduction strategies

Security Engineering & Detection

• Support deployment and optimisation of Microsoft Sentinel and SIEM/XDR platforms
• Contribute to detection engineering (use case development, rule tuning, alert optimisation)
• Onboard and integrate telemetry across network, endpoint, cloud, and identity sources
• Support threat detection across SIEM, NDR, and identity platforms
• Collaborate with SOC teams to improve detection coverage and reduce false positives
• Align vulnerability insights with MDR workflows and threat detection use cases

Network Security & Remediation

• Identify, analyse, and manage network and system vulnerabilities across enterprise environments
• Collaborate with infrastructure, cloud, and application teams to drive remediation activities to completion
• Troubleshoot and resolve network/security issues linked to vulnerabilities and access controls
• Support secure network architecture and ensure adherence to security and compliance standards
• Support SASE architectures (e.g. Prisma, Cisco Secure) and secure connectivity models
• Contribute to Zero Trust implementation, including least privilege and identity controls
• Strengthen security posture across hybrid environments (network, cloud, SaaS, identity)

Pre‑Sales & Client Engagement

• Support pre‑sales activities, including solution design and vulnerability management offerings
• Provide SME input into RFPs, bids, and technical workshops
• Assist with onboarding clients and transitioning services into BAU
• Build strong client relationships and act as a trusted technical advisor
• Support service adoption and continuous improvement initiatives

Governance, Reporting & Documentation

• Maintain accurate records of vulnerabilities, remediation plans, and audit evidence
• Support client audits, compliance requirements, and security assessments
• Contribute to service improvement initiatives, automation, and process optimisation
• Ensure adherence to ITIL‑based service management practices where applicable

Breach Attack Simulation (BAS)

• Design, implement, and maintain Breach & Attack Simulation scenarios to continuously validate the effectiveness of security controls across the enterprise.
• Configure and operate BAS platforms to simulate real‑world threat actor techniques (MITRE ATT&CK aligned) and identify control gaps.
• Analyse BAS results to prioritise vulnerabilities, misconfigurations, and detection gaps, feeding findings into the vulnerability management lifecycle.

What you’ll need

• Strong experience in delivering vulnerability management services, ideally within a managed service or consultancy environment
• Deep understanding of vulnerability lifecycle management (discovery / assessment / remediation / validation / reporting)
• Hands‑on experience with Tufin (SecureTrack / SecureChange) or similar tools such as Palo Alto Panorama or Cisco Defense Orchestrator
• Proficiency with vulnerability scanning tools (Qualys, Nessus, Rapid7)
• Solid knowledge of network security principles (firewalls, VPNs, segmentation, protocols)
• Experience working with client stakeholders and managing competing priorities
• Ability to translate technical vulnerabilities into business risk and remediation actions
• Strong analytical, troubleshooting, and communication skills

Nice to haves

• Certifications such as CCNA / Security+ / CEH / CISSP (or working towards)
• Experience in multi‑client or managed security service provider (MSSP) environments
• Familiarity with multi‑vendor firewalls (Cisco, Palo Alto, Check Point)
• Knowledge of compliance frameworks (ISO 27001, NIST, CIS, PCI‑DSS)
• Exposure to risk‑based vulnerability management and threat intelligence integration
• Understanding of ITIL service delivery and SLA‑driven environments
• Experience with SASE, Zero Trust, MDR/XDR platforms
• Experience with RSA Authentication Manager or similar IAM solutions

What do we offer you?

• We believe in work‑life balance, offering 25 days of annual leave, plus an extra day off for your birthday. We also provide a volunteer day to support a charity that matters to you.
• Enhanced maternity and paternity pay and childcare vouchers help you thrive as a parent.
• A pension plan with 4.59% contribution from Gamma alongside your own contributions.
• Group income protection and life assurance (four times your salary) for peace of mind.
• Tax‑efficient share save and share incentive plans to share in Gamma’s growth.
• Private medical insurance through Vitality, extending to your immediate family.
• Electric Vehicle scheme through Octopus and a Cycle to Work scheme for sustainable commuting.

A few things to note

• Unfortunately, we can't offer visa sponsorship or relocation support for this role.
• This role is hybrid but requires three days a week onsite at either our Manchester, Glasgow, London or Newbury sites.
• If you feel you could be a good fit for Gamma but do not think that you meet all the requirements, we still encourage you to apply as you could be the person that we are looking for!
• Gamma is an equal‑opportunity employer. We care about inclusion and believe in having diverse teams where everyone can be their true authentic selves. We value each person and their range of backgrounds and actively encourage people from underrepresented backgrounds to apply.
• We don't discriminate based on any protected characteristics e.g., race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, marital status, disability, or age.
• We are a family‑friendly employer with a culture based on trust, autonomy, and flexibility to help you create a work‑life balance and enjoy working here at Gamma.
• For recruitment agencies – we have a network of fantastic partners that support us in our hiring from time to time. We’re not looking to increase that network currently, so please don’t send speculative CVs.