Cyber Security Engineer

We are currently looking for an experienced Cyber Security Engineer to join our IT team on a full-time, permanent basis to help deliver our Modern Workplace strategy. This role can be based in Newcastle, Bristol or Plymouth and falls under our hybrid working policy. We would ask that you reside close enough to one of our office locations so that you can visit weekly/a few days a fortnight as per current working practices.

The team: First-class IT systems are absolutely key to the success of any business in today's commercial world and the legal sector is no exception. Womble Bond Dickinson (UK) LLP prides itself on being at the forefront of technological advancements within the legal profession, something we've become well known for. To remain competitive in our markets, and to continue supporting our growth strategies, our team of dedicated IT professionals have a key role to play, ensuring the integrity of the IT infrastructure, development of new and existing systems and excellent support to all of our employees, and clients.

The role: The purpose of this role is to protect the confidentiality, integrity, and availability of the firm's information systems and data. The Cyber Security Engineer is responsible for the design, implementation, operation, and continuous improvement of cyber security controls across a complex and heavily third-party integrated technology estate. This role is critical to maintaining the firm's security posture, meeting regulatory and client security requirements, supporting audits and accreditations, and enabling the safe operation and evolution of the firm's IT services.

What we are looking for? We are open to different industry backgrounds, so you do not necessarily need to have worked within the legal sector. What is most important is your expert knowledge, approach, attitude and ability to communicate your ideas and contribute to improving the future direction of our infrastructure journey.

• Operate, maintain and enhance the firm's cyber security controls across endpoint, email, identity, network, cloud and application layers.
• Manage and integrate a broad ecosystem of third-party cyber security platforms, including managed detection and response services, email security gateways, vulnerability management tools, privileged access management and threat intelligence services.
• Lead and support cyber security incident response activities, including investigation, containment, remediation and post incident review.
• Oversee security monitoring, alerting and response processes, working closely with managed service providers where applicable.
• Conduct and coordinate vulnerability assessment and remediation activities across infrastructure, endpoints, applications and cloud services.
• Support regulatory, client and internal audits (e.g. ISO 27001), including evidence gathering, control validation and remediation planning.
• Maintain security policies, standards, procedures and technical documentation on the IT Wiki.
• Work closely with infrastructure, applications, data and supplier teams to embed security by design across projects and services.
• Provide third line support for security related incidents and escalations from the Service Desk and wider IT teams.
• Assess and manage cyber security risks associated with new technologies, suppliers and business initiatives.
• Support threat intelligence activities and ensure emerging threats are assessed for relevance to the firm's environment.
• Provide guidance, mentoring and knowledge sharing to improve cyber security awareness and capability across IT.

To be considered you must meet the minimum requirements and ideally have a mix of the following certifications:

• Recognised cyber security certifications (e.g. CC, SSCP, CISSP, CEH, Security+, or equivalent).
• Microsoft cloud security aligned certifications (e.g. SC-100, SC-200, SC-300, AZ-500).
• Strong hands-on experience operating enterprise cyber security platforms from multiple vendors.
• Proven experience working in regulated environments with formal audit and compliance requirements.
• Strong understanding of cyber security frameworks, risk management and control assurance.
• Ability to clearly articulate technical security risks to non-technical stakeholders.

• Security operations (SecOps), incident response and threat analysis.
• Managed detection and response (MDR) service oversight and integration.
• Email security, endpoint protection, vulnerability management and identity security platforms.
• Privileged access management (PAM) solutions.
• Cloud and hybrid infrastructure security.
• Supplier and third-party security risk assessment.
• Experience within legal, professional services or similarly regulated environments.
• Experience of scoping and delivering technical projects.

In addition to your technical skills, we are looking for a candidate who has the right attitude, mindset and is driven, hungry to learn and able to excel in their area of expertise and is eager to contribute with a desire to be successful.