Information Security Engineer (Endpoint Protection)

Join the Information Security Engineering team at John Lewis Partnership to help build a secure future for an iconic brand. We work to protect our customers, Partners, and business against an ever-evolving cyber threat landscape.

The John Lewis Partnership’s Information Security strategy is bold and ambitious. We provide a collection of security services, delivered via people, processes and technology. Working collaboratively, these services ensure that customers can shop with us efficiently, safely and securely, every single day.

Our Threat Defence team is at the forefront of our cyber resilience, proactively monitoring threats, identifying vulnerabilities, and engineering robust security defences.
Working in the Endpoint Protection pod, alongside the SIEM and Network pods, you'll be instrumental in developing cutting-edge capabilities and empowering our Security Operations Centre to stay ahead of the latest threats.

This is a great opportunity to directly shape our security posture, getting hands-on with next-generation cyber security tools. You'll thrive in an agile, supportive, and highly collaborative team where innovation isn't just encouraged, it's expected.

In addition to your contractual pay, any time worked between 22:00 - 06:00 will attract Night Premium at a rate of £5.25 per hour. This will also apply to existing Partners who have enrolled onto Enhanced Hours Premium arrangements.

• Salary: £55,000 - £72,000 depending on experience

• Contract type: Permanent

• Working pattern/flexible working: Based at our Bracknell Head Office with a flexible hybrid model (typically 1 day per week in the office, primarily Tuesdays, with ad-hoc visits as required by business needs), we support a healthy work-life balance

• On-Call: Participate in a supportive on-call rota (approx. 1 week in 6), with flexibility for leave and personal commitments

Key Responsibilities

In this hands-on technical engineering role, you will:

• Own the Endpoint Protection Ecosystem: Act as the senior engineer for our Endpoint Detection and Response (EDR) and Vulnerability Management platforms, ensuring 100% agent coverage and maximum efficacy across various operating systems.
   

• Optimise SentinelOne: Lead the configuration, policy tuning, and architectural evolution of SentinelOne EDR to proactively block sophisticated threats and ransomware.
   

• Engineering for Defence: Develop and deploy automated workflows for endpoint isolation, threat remediation, and health checks to ensure our critical security tooling remains resilient.
   

• Strategic Delivery: Drive the roadmap for security tool deployments, prioritising Endpoint Security while supporting integrated protections across Cloud and SaaS environments.
   

• Vulnerability & Hygiene: Leverage tools like Rapid7 and Google SecOps (Chronicle) to identify endpoint weaknesses and correlate telemetry for a unified view of our security posture.
   

• Collaborative Security: Partner with Infrastructure and DevOps teams to bake endpoint protection into the hardware lifecycle and standard builds.

Essential skills/experience you’ll need

• Extensive proven Security Engineering expertise in at least one of these core areas:

  • Endpoint Security: Endpoint Detection and Response, management of platform rules, supporting agents, and service improvements

  • Vulnerability Scanning: Configuration and management of Endpoint, Network, and Web App scanning. Maintaining scanning infrastructure
     

• Proven track record of successful agile delivery (Scrum or Kanban)
   

• Strong collaboration skills working with development, operations, and infrastructure teams within a security context

• In-depth working knowledge of security best practices and frameworks (e.g. Mitre ATT&CK, NIST)

Desirable skills/experience you may have

• Experience with SIEM tooling and detection development (Google SecOps/Chronicle proficiency is of specific benefit)
   

• Experience securing Google Cloud environments, utilising tools such as Google Security Command Center or AWS Security Hub
   

• Relevant Information Security certifications (e.g. CISSP) or a related degree

• Email Security: e.g. Secure Email Gateways, Phishing Protection

#LI-HEADOFFICE

#LI-SM1

#LI-HYBRID

We’re the largest employee owned business in the UK and home of our cherished brands, John Lewis and Waitrose. We’re not just employees, we’re Partners, driven by our purpose to build a happier world. As we look to our future, there’s never been a more exciting time to join us.  

We’re ruthlessly focused on being brilliant at retail. We continue to innovate, adapt and diversify. Never Knowingly Undersold on price, quality and service in John Lewis and passionately serving food-lovers in Waitrose.   

As Partners we all share the responsibility of ownership and in its rewards. We use our voices to contribute to our success, working together through the good and challenging times, holding true to our behaviours and treating everyone with kindness and respect. 

We all own making the Partnership somewhere we belong. Embracing our differences and creating an environment where we’re free to be ourselves and can THRIVE. Growing ourselves individually, and as a collective. 

As Partners, we make all the difference. And, we all own it.  

Important points to note:  

It’s important to note that some of our roles are subject to pre-employment vetting (which may include DBS checks for successful candidates). If required, you’ll be informed and provided with information about vetting during the recruitment process and we encourage you to complete any vetting documents quickly to avoid delays. Any DBS checks required will be carried out by a third-party registered body and financial probity checks may also be required for some of our roles.  

We occasionally close vacancies early in the event we receive a high volume of applications, and therefore, we recommend you apply early. If you require a reasonable adjustment due to a disability which means you may need longer to complete your application please contact us as soon as possible.

We want all of our Partners to have a good work-life balance and we support flexible working. This might mean flexible or compressed hours, job sharing or shorter hour contracts, where possible. Please discuss this further with the hiring manager during your interview.