IT Security Engineer

Job Title:

IT Security Engineer

Location:

London

The IT Security Engineer will be responsible for supporting the implementation, operation, and continuous improvement of Verne's security operations capability across all regions, covering corporate IT environments and the interfaces to OT environments that support data centre operations. Based in the UK headquarters, this role will work closely with Compliance, Operations, IT, the Head of Information Security, and Verne's SOC to help ensure that security controls are effective, practical, well documented, and capable of meeting both ISO-aligned requirements and demanding customer audit expectations.

This is a senior individual contributor role with significant responsibility for the day-to-day operation of security monitoring, incident handling, security tooling, and technical control implementation across the organisation. The role also has operational ownership of core security platforms and appliances, including their technical architecture, configuration, testing, change control, and ongoing reliability across IT environments and controlled IT/OT boundaries.

This role operates within Verne's broader information security framework and works closely with the Head of Information Security, who retains overall responsibility for enterprise security strategy, policy, and programme leadership.

• Support the implementation, operation, and continuous improvement of Verne's security operations activities across all regions.
• Define, maintain, and improve the technical architecture and deployment approach for operational security platforms and appliances across the organisation, in alignment with Verne's wider information security framework.
• Own the administration, configuration, maintenance, and controlled change of key security platforms and appliances, including firewall infrastructure, centralised management platforms, SIEM, and related monitoring and protection technologies.
• Manage firewall rulesets, segmentation, policy deployment, firmware lifecycle, and associated controls across corporate IT environments and relevant OT-connected environments.
• Sandbox, test, sequence, and implement upgrades, patches, and configuration changes to security platforms in a disciplined manner, ensuring continuity of service and avoiding disruption to critical IT and OT operations.
• Maintain and support the practical enforcement of separation between IT and OT environments, ensuring that network boundaries, access paths, and security controls remain appropriate for both operational and development activities.
• Work with Infrastructure, Operations, and project teams to ensure that new deployments, system changes, and development activities preserve the intended security posture and controlled separation between IT and OT environments.
• Monitor, triage, investigate, and coordinate response to security alerts, incidents, suspicious activity, and control failures across the estate.
• Act as a key operational interface with Verne's SOC, ensuring alerts, escalations, investigations, response actions, and service expectations are properly coordinated and followed through.
• Configure and continuously improve logging, alerting, dashboards, correlation rules, and reporting to strengthen visibility across networks, systems, endpoints, and relevant services.
• Support vulnerability management and remediation tracking, including following up on findings from scanning, audits, incidents, or control reviews and helping ensure timely closure.
• Support incident response processes, including investigation, containment, escalation, documentation, lessons learned, and corrective action tracking.
• Help maintain effective operational controls relating to access control, privileged access, endpoint protection, secure configuration, and other day-to-day security disciplines.
• Produce and maintain high-quality documentation, including security procedures, control descriptions, incident records, change records, exception logs, evidence packs, and knowledge base material.
• Support the maintenance of operational security records and evidence required to meet IMS requirements, ISO-aligned controls, and customer audit expectations.
• Work with Compliance to ensure that security operations activities, records, and controls align with IMS requirements and support internal and external audits.
• Support customer audits, due diligence requests, control walkthroughs, and remediation programmes related to cyber security and operational security controls.
• Support recurring reporting, dashboards, service trends, and control metrics for review by relevant stakeholders.
• Work within formal ticketing, incident, and change control processes, ensuring actions are properly logged, traceable, and closed out.
• Collaborate with site and central teams to ensure that security requirements remain practical and effective in critical operational environments and contribute to good operational discipline across the business.

The role will…