Information Security Engineer

The Information Security team defends the company’s digital infrastructure by designing, implementing, and improving the company’s cybersecurity architecture. This is a critical role responsible for protecting infrastructure, cloud, edge devices, and data against unauthorized use, modification, exfiltration, or damage. This role identifies threats, manages projects and engineers solutions that impact the entire company. An ideal candidate for this role is technical, dedicated to learning new things, security-minded, strong initiative, and able to manage projects autonomously.

This role is office-based in the central London Medpace office. You must be located within commuting distance to be considered for this position. 

• Design, deploy, and maintain enterprise security solutions with minimal oversight, collaborating with global IT teams to protect Medpace’s systems (e.g., implementing new security tools or architectures).
• Own the administration and reliability of key security platforms (such as privileged access management, EDR, and SIEM), ensuring they are well-configured, up-to-date, and fully operational; coordinate upgrades and fixes proactively.
• Lead cross-functional security projects (e.g., cloud security improvements, network segmentation plans, identity security enhancements) from planning through execution, coordinating with stakeholders across departments to deliver results.
• Serve as a technical escalation point for complex security incidents or issues, independently investigating and resolving advanced problems (especially during off-hours for global coverage) and providing guidance to SOC Analysts and IT teams as needed.
• Improve and automate security operations by developing scripts, integrations, or workflows to reduce manual effort, enhance detection capabilities, and streamline incident response (e.g., building security automation in cloud or SIEM).
• Integrate security into enterprise systems and processes, working closely with Network, Cloud, and DevOps teams to embed robust security controls and best practices into infrastructure and software lifecycles.
• Document architectures, procedures, and solutions, ensuring knowledge is captured and shared; mentor and cross-train team members (especially developing Analysts) to strengthen overall team capabilities.
• Stay current with emerging threats and technologies, continuously researching new security trends, tools, and techniques to drive innovative improvements in the organization’s security posture.

• Bachelor’s degree in Information Systems, Cybersecurity, or a related field.
• 4+ years of experience in IT/Information Security (with at least 2 years in a security engineering role or similar).
• In-depth knowledge of enterprise IT environments, including Windows Server/Active Directory, networks, and cloud architectures (Azure preferred), and how to secure them.
• Proven hands-on experience with security technologies, including some variety of SIEM, endpoint detection & response, identity/privileged access management, and cloud security tools.
• Excellent communication and documentation skills, with the ability to clearly explain complex security concepts to both technical and non-technical stakeholders and coordinate effectively across teams.
• Strong analytical and problem-solving skills, capable of independently troubleshooting and resolving complex security issues.
• Proficiency in scripting or automation (e.g., PowerShell, Python) to integrate and automate security processes.
• Self-motivated and continuously learning, with the ability to quickly adapt to new technologies and evolving threats.

Nice to Have:

• Experience in one or more specialized security domains is a plus – for example, DevSecOps pipeline security, cloud security architecture (Azure/AWS), network segmentation, AI governance, advanced identity management, red-team/pentesting, or enterprise vulnerability management tools.
• Familiarity with regulated industries (e.g., healthcare, financial, defense) and related compliance frameworks (ISO 27001, NIST, GDPR, etc.) is beneficial.
  
  

Medpace is a full-service clinical contract research organization (CRO). We provide Phase I-IV clinical development services to the biotechnology, pharmaceutical and medical device industries. Our mission is to accelerate the global development of safe and effective medical therapeutics through its scientific and disciplined approach. We leverage local regulatory and therapeutic expertise across all major areas including oncology, cardiology, metabolic disease, endocrinology, central nervous system, anti-viral and anti-infective. Headquartered in Cincinnati, Ohio, employing more than 6,000 people across 40+ countries.

People. Purpose. Passion. Make a Difference Tomorrow. Join Us Today.

The work we’ve done over the past 30+ years has positively impacted the lives of countless patients and families who face hundreds of diseases across all key therapeutic areas. The work we do today will improve the lives of people living with illness and disease in the future.

Medpace Perks

• Flexible work environment 
• Competitive compensation and benefits package
• Competitive PTO packages
• Structured career paths with opportunities for professional growth
• Company-sponsored employee appreciation events
• Employee health and wellness initiatives

Awards

• Recognized by Forbes as one of America's Most Successful Midsize Companies in 2021, 2022, 2023 and 2024
• Continually recognized with CRO Leadership Awards from Life Science Leader magazine based on expertise, quality, capabilities, reliability, and compatibility

What to Expect Next

A Medpace team member will review your qualifications and, if interested, you will be contacted with details for next steps.

Full-service contract research organization providing clinical development services across therapeutic areas. Headquartered in Cincinnati, OH.

medpace.com