Windows IT Support Engineer – Vulnerability Management (OS & 3rd Party Application Security) at Xoriant, London Canary Wharf, £Contract Rate
- Contract Spy
- Canary Wharf, London, UK
- Jun 01, 2026
Contract Description
Windows IT Support Engineer – Vulnerability Management (OS & 3rd Party Application Security)
Canary Wharf, UK
Long Term Contract (Inside Ir35)
Hybrid (2 days a week)
Job Summary:
We are looking for a Windows IT Support Engineer specializing in Vulnerability Management with hands-on experience in managing operating system (OS) and third-party application vulnerabilities. The ideal candidate will be responsible for identifying, analyzing, and remediating vulnerabilities across Windows environments while ensuring system security, compliance, and operational stability.
Key Competencies:
- Windows OS Security
- Vulnerability Management (OS & Applications)
- Patch Management & Remediation
- Risk Assessment
- IT Support & Troubleshooting
Key Responsibilities:
- Perform vulnerability assessments and scans on Windows OS and third-party applications using industry-standard tools.
- Identify, analyze, and prioritize OS-level and application-level vulnerabilities based on severity, risk, and business impact.
- Plan and execute remediation activities, including patching, upgrades, and configuration fixes.
- Manage and support Windows patch management lifecycle (monthly patches, emergency fixes, etc.).
- Ensure timely resolution of vulnerabilities within defined SLAs.
- Work closely with infrastructure, security, and application teams to implement fixes and mitigation strategies.
- Validate remediation efforts and conduct post-patch verification.
- Maintain documentation for vulnerability reports, remediation trackers, and audit readiness.
- Monitor systems regularly to ensure security compliance and performance stability.
- Support incident troubleshooting related to security gaps and vulnerabilities.
Required Skills & Qualifications:
Technical Skills:
- Strong hands-on experience with Windows Operating Systems (Windows 10/11, Windows Server).
- Experience in managing third-party application vulnerabilities (e.g., Java, Adobe, browsers, etc.).
- Proficiency in vulnerability management tools (Qualys, Nessus, Rapid7, etc.).
- Knowledge of Patch Management Tools (SCCM, WSUS, Intune).
- Understanding of CVE, CVSS scoring, and vulnerability lifecycle management.
- Experience in remediation, patch deployment, and security hardening.
- Familiarity with Active Directory, Group Policy (GPO).
- Basic scripting knowledge (PowerShell preferred) for automation.
Preferred Qualifications:
- Certifications such as Microsoft Certified, CompTIA Security+, CEH (good to have)
- Experience working in enterprise IT or security operations environment
- Exposure to audit/compliance frameworks (ISO 27001, SOC2, etc.)
Discovering Direct IT Contract Opportunities for Contract Spy members.