Infrastructure Cyber Engineer

Location for this role is flexible; however, presence will be required in our offices on occasion. Based in our Aberdeen, Edinburgh or Glasgow office.

Job Purpose

The role is responsible for evaluating threats and risks to the firm's infrastructure, in particular Azure and Microsoft 365. As the firm grows and more infrastructure moves to the Cloud, this new role will play a significant part in ensuring that projects, platforms and services are securely delivered.

As part of the infrastructure team, working alongside the firm’s Cyber Security Analyst, the Infrastructure Cyber Engineer will ensure the security of key platforms is continuously improved, including ensuring the Azure tenant remains protected and configured in line with security best practice. The successful candidate will need to be current with M365 and Azure security features, configuration settings and changes. The role holder will support the infrastructure team with incident response and assist with infrastructure maintenance and configuration, whether on premise or Cloud, aligning with security audit and testing requirements. They will also be responsible for investigating and responding to security alerts provided by systems such as Arctic Wolf, Darktrace, BitSight, Silverfort, Varonis and DMARC as escalated by the firm’s Cyber Security Analyst.

The role will be split between M365 and Azure security and system hardening both on-premises and in Azure but flexibility is required and the role is expected to assist with other infrastructure tasks depending on the team's workload. The successful candidate can be based in Aberdeen, Edinburgh or Glasgow, with flexibility on travel as there will be a requirement to work from any of our offices on occasion.

Core Tasks

• Review and remediation of M365 security and Azure landing space.
• Monitor and investigate alerts from security solutions and mitigate/treat risks including configuration recommendations arising from penetration and vulnerability testing of systems.
• Monitor the security of the network using a variety of network and cyber security tools and work with vendors to troubleshoot cyber security incidents.
• Work with the infrastructure team in the secure administration of network hardware and equipment, including routers, switches, hubs, and other systems as required.
• Work with Business Assurance colleagues to ensure Brodies continuously improves its Cyber and Information Security posture and complies with internal and external audits and standards.
• Assist with Disaster Recovery and Incident Response processes.
• Assist with the maintenance of policies and procedures documentation.
• Support the maintenance of Brodies' Information Security defences and certifications.
• Work with internal and external auditors as required and on preparation for audit visits.
• Investigate security alerts from the various information security systems, assess risk, triage and resolve problems, and complete incident reports.
• Work with the Infrastructure Manager on project work as required and coordinate some infrastructure projects from kick-off to completion.
• Be aware of Brodies’ information security policies, and protect information assets from unauthorised access, disclosure, modification, destruction or interference at all times.
• Be technical lead in infrastructure to cloud migration projects such as Azure site recovery.

Person Specification

To be successful in this role, you will be comfortable collaborating with technical and non-technical colleagues alike and managing the demands of key stakeholders. You will have excellent communication skills, both written and verbal, and will use them to build relationships with others. You will relish the opportunity to effect change and will be a keen problem solver with the ability to consider various viewpoints and business needs. You will be able to work as part of a team and individually, proactively identifying what is required and managing your workload. You will have a good understanding of offensive and defensive techniques, and an awareness of frameworks such as OWASP, Cyber Essentials Plus and ISO27001. Previous experience in Infrastructure, Network or Security, M365 and Azure or similar roles is preferred. Certification in Azure such as MS Azure Fundamentals, MS Azure security engineer associate, MS azure solutions architect. Legal or professional services experience is desirable but not essential.

Qualifications

The following qualifications are desirable:

• Certifications
• Cloud Compliance & Governance
• Knowledge on frameworks like GDPR, HIPAA, PCI-DSS, and secure migration best practices.

Skills

• Expertise in designing scalable, reliable, secure infrastructure (physical, virtual, cloud).
• Network Design & Management
• Strong knowledge of TCP/IP, DNS, DHCP, firewalls, IDS/IPS, VLANs, routing protocols, and network topologies.
• Proficiency with AWS, Azure, or GCP architecture, security controls, IAM, encryption, compliance (e.g., FedRAMP).
• Experience with VMware, Hyper-V or KVM, and container technologies like Docker/Kubernetes.
• Administration of Windows/Linux servers, patch management, backup/recovery, secure configurations.
• Cybersecurity Controls & Incident Response
• Familiar with incident response, threat detection, vulnerability assessments, SIEM, penetration testing, risk management.
• DevSecOps & Automation
• Skilled in Infrastructure-as-Code (Terraform, Ansible), CI/CD pipelines, and integrating security into DevOps cycles.
• Scripting & Tooling
• Proficiency in scripting languages such as Python, PowerShell, Bash for automation and forensic tasks.

Additional Skills

• Able to research problems and translate requirements into solutions.
• Proven problem solving and troubleshooting abilities.
• Able to effectively prioritise and execute tasks in a fast-paced environment.
• Confident communicator at all levels.
• Able to prioritise, manage competing priorities and manage change with ease.