Security Engineer

It starts with our people, which is why we're looking for a Security Engineer to join our Technology team in London or Manchester. Reporting to the Information Security Manager, you will play a critical role in ensuring the security and integrity of our information systems and data. This position acts as a technical subject-matter expert across multiple IT areas and serves as a resource for other teams, with specific expertise in firewall operations, load balancing configuration, XDR operations, and vulnerability management systems., * Intrusion Detection/Prevention: Manage and monitor IDS and IPS to identify and mitigate potential threats.

• Policy Management: Develop, implement, and enforce information security policies and procedures to protect the firm's data and technology infrastructure.
• VPN Administration: Administer and maintain virtual private networks to ensure secure remote access for employees.
• Incident Response: Investigate and resolve security issues, participate in incident-response initiatives, and respond to security-related alerts promptly.
• Vulnerability Management: Oversee the vulnerability assessment program, ensuring all network devices are maintained with the most current patches and updates.
• Cloud Security: Manage and secure cloud-based systems to protect against unauthorized access and data breaches.
• Security Assessments: Perform regular vulnerability testing and security assessments to identify and address potential security risks. Participate in external security assessments as required by clients.
• Alerts and Monitoring: Continuously monitor security alerts and logs to detect and respond to threats in real time.
• Problem Resolution: Manage network security problem resolution, including assisting other members of Technology in reviewing and resolving security-related problems.

Additional Requirements

• Develop requirements for firewalls and related security technologies.
• Research new architectures and technologies.
• Take the lead in recommending new technologies, processes, and practices that maintain or increase operational efficiencies and maintain required security certifications.
• Provide expertise in all technologies used by the department.
• Manage vendor relationships.
• Propose, collect, and report on key performance indicators and measures of systems security.
• Prepare and maintain security-related documentation.
• Follow departmental policies and procedures including change-management procedures.
• Make recommendations on improvements to procedures.
• Perform other duties and responsibilities as requested.
• Deal professionally with both internal and external clients on all levels.

• Experience: Minimum of 5 years of experience in information security engineering or a related field.
• Technical Expertise:

• Hands-on proficiency with Palo Alto products.
• Strong experience with Tenable vulnerability-management solutions.
• Experience in managing security for cloud-based systems.
• Critical thinking: Excellent problem-solving skills and the ability to think critically to resolve complex security issues.
• Communication: Strong verbal and written communication skills to articulate security issues and solutions effectively.
• Team collaboration: Ability to work collaboratively with other technology team members and departments to ensure comprehensive security measures.
• Certifications: Relevant certifications such as CISSP, CISM, CEH, or equivalent are preferred but not required.

• Additional Requirements:

• Availability: Must be available for on-call duties as part of the incident-response team.
• Customer focus: Strongly service-oriented with enthusiasm for the challenges of providing services and resources in a large, multi-office law-firm setting.
• Flexibility: Ability to be flexible and adaptable to support priorities and strategies of the firm; ability to spot value-add opportunities.