A well-established financial services firm in Central London is seeking an experienced EUC Engineer to join its small, high-performing IT team. This is a hands-on role with ownership of the firm's Microsoft Intune, Defender for Endpoint and Entra ID environments. The successful candidate will be responsible for endpoint security, device compliance, EDR investigations, identity controls and modern endpoint management across the business.
This role is primarily office-based, with four days per week in their London office (closest station - London Bridge) and one day working from home. The ideal candidate will have proven ownership of Microsoft Intune and Microsoft Defender for Endpoint environments, strong experience securing and managing modern endpoints, and a track record of delivering improvements and stability within SME, financial services, professional services, or MSP environments.
This is not a traditional desktop support role. The successful candidate will play a key role in managing endpoint security, investigating security alerts, maintaining security baselines, supporting EDR operations, and driving continuous improvement across the organisation's endpoint estate.
Key responsibilities of this EUC Engineer role will include:
- Own and manage Windows 11, iOS, and Android endpoints using Microsoft Intune, including Autopilot provisioning, device configuration, compliance policies, patching, update management, and application deployment.
- Maintain endpoint security standards, device lifecycle management, and secure configuration baselines aligned to Microsoft and industry best practices.
- Administer and support Microsoft Defender for Endpoint, including alert triage, investigation, machine isolation, remediation activities, and EDR-related security operations.
- Manage Attack Surface Reduction (ASR) policies, device control policies, endpoint security settings, and Intune security baselines.
- Create, maintain, and improve endpoint compliance frameworks aligned to organisational security policies and recognised security benchmarks.
- Manage identity and access through Entra ID, including Conditional Access, MFA, device compliance, device registration, and identity-related troubleshooting.
- Investigate and resolve complex endpoint, identity, and security incidents, acting as a senior technical escalation point across the business.
- Deliver vulnerability remediation and patch management activities in line with business risk and security requirements.
- Develop automation and operational improvements using PowerShell, Microsoft Graph, and Microsoft security tooling.
- Contribute to IT projects including endpoint refreshes, office moves, infrastructure upgrades, and technology improvements.
- Produce and maintain high-quality technical documentation and end-user knowledge articles.
Ideal skills & experience:
- 4–5 years' experience in an endpoint engineering, EUC engineering, modern workplace, or senior 2nd line role within a financial services, professional services, SME, or MSP environment.
- Demonstrable hands-on ownership of Microsoft Intune, including device management, compliance policies, application deployment, and endpoint configuration.
- Strong practical experience administering Microsoft Defender for Endpoint, including security alert investigation, EDR capabilities, remediation activities, and endpoint security management.
- Good understanding of endpoint security principles including security baselines, hardening, Attack Surface Reduction policies, vulnerability management, and compliance controls.
- Strong experience with Entra ID (Azure AD), including Conditional Access, MFA, device compliance, and identity management.
- Strong Windows 11 troubleshooting and endpoint engineering skills.
- Experience using PowerShell and Microsoft Graph for automation and operational improvements.
- Confident troubleshooting complex endpoint, identity, access, and security-related issues.
- Excellent communication skills with a proactive and ownership-driven approach.
Desirable experience:
- Experience supporting Microsoft Secureworks MDR environments.
- Exposure to Meraki networking technologies.
- Exposure to Egnyte governance and collaboration platforms.
- Experience supporting Azure infrastructure services.
This is an excellent opportunity to join a close-knit IT team, offering a technically varied and impactful role where you will have genuine ownership of the endpoint environment and play a key role in strengthening endpoint security, compliance, and operational stability across the business.
The salary on offer is £45,000 – £60,000 per annum, dependent on experience.