IT Security and Resilience Specialist

ROLE OVERVIEW //We are recruiting for an experienced IT Security and Resilience Specialist to join the IT Infrastructure Engineering Team. Which is part of the Technology Department, and the wider Business Services function based at the firm’s head office in London. This is a hybrid role that is both hands-on and process-focused, ensuring that our disaster recovery (DR), failover, and operational resilience capabilities are effective, tested, annually reviewed and continually improved.The Security & Resilience Specialist will plan and execute DR and resilience testing, drive remediation activities through to closure, and ensure that evidence and documentation meet client, regulatory, and audit standards. This is not a purely administrative role; the successful candidate will work directly with infrastructure and security teams to fix issues as well as document them. KEY RESPONSIBILITIES //The key responsibilities of this role are set out below and there may be others which are not listed. You may be required on occasion to work outside our normal working hours of 9:30am to 5:30pm.Cyber Security & EngineeringConstantly review and improve the firm’s security posture and external security rating. Identify vulnerabilities in hardware and software to be remediated by Engineering\\Operations teams.Understand current and emerging security threats.Assist and lead in Incident Response investigations and mitigation.Evaluate, test and recommend security enhancements.Support CE+ accreditationIdentify security risks and exposures, determine the cause of security violations and suggest procedures to halt future incidents.Perform targeted regular and ad-hoc scans to identify potential breaches of the firm data and security and data protection policiesIdentify, analyse, monitor and minimise areas of risk that pertain to Information technology.Resilience Plan and run DR, failover, and resilience tests end-to-end, including test design, leading its orchestration and execution, evidence capture, and reporting.Validate Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs) through realistic testing.Ensure DR runbooks, procedures, and evidence packs are accurate, up-to-date, and practical.Working with Engineers to automate recovery testing and evidence collection where feasible (e.g. scripting, orchestration tools).Act as the primary technical liaison with the Business Continuity Planning (BCP) team, providing input into BIAs and ensuring Infrastructure can meet resilience obligations.Maintain a central log of resilience activities, including issues, actions, and progress against remediation targets.Produce clear updates and dashboards for senior stakeholders.Delivery-focused: equally comfortable running a failover test as updating\\reviewing runbooks.Structured and organised with strong attention to detail.Able to work independently while interfacing effectively with Cyber Security, BCP, and Infrastructure teams.Excellent communicator who can translate technical findings into clear business impact.CANDIDATE PROFILE //Candidates for this position must have:Hands-on experience with disaster recovery, failover testing, and operational resilience in IT infrastructure.Solid understanding of business continuity and security frameworks (e.g. ISO27001, ISO23001 NIST) and how to evidence controls.Experience producing and maintaining high-quality technical documentation and runbooks.Strong coordination skills with cross-functional teams.Proficiency with infrastructure tooling and at least one scripting language (PowerShell or Python preferred).Experience and understanding of hyperconverged infrastructure preferably with Nutanix, VMWare, Commvault and hybrid cloud infrastructure (Azure or similar).Knowledge of vulnerability management, monitoring/alerting, and automation/orchestration platforms.Certifications such as Microsoft SC-200, Certified Ethical Hacker and CBCP or CBCI equivalent DR/resilience credentials.We welcome applications irrespective of race, colour, ethnic or national origin, disability, sex, gender identity, sexual orientation, age, religion, belief or marital status.