Hybrid role 3 & 2 - Advantageous to have worked in a Law firm. Internationally renowned city law firm have an exciting new position available within the organisation, its a completely new role, an expansion of its Cyber Security operations and capacity. It is advantageous to have worked within a law firm or professional services group. Youll work closely with the Cyber team and IT Colleagues, ensuring systems and services are both secure and stable, enabling the firm to deliver an outstanding service to its clients and achieve its strategic goals, thus ensuring the cybersecurity Ops team manage identified threats and risks and ensure adoption and adherence to standards. Key Responsibilities include Provide expertise and cybersecurity requirements to the firms' change programme to ensure that security good practise is fully embedded into change initiatives, and security by design principles are applied. Provide 3rd line support to the IT service desk, responding to support requests and incident tickets which have been triaged and escalated to the cybersecurity operations team, and provide out of hours support through participation in an on-call rota. Undertake routine monitoring of security alerts generated by systems and consumed by the cybersecurity team, investigating, analysing and responding to them as required. Co-ordinate and undertake regular reviews of security tools to ensure they are maintained in a fully operational state across all in scope assets and are tuned to incorporate new features or changes to the operational environment. Co-ordinate and undertake threat modelling to identify and analyse potential security threats, and ensure the necessary controls are in place to manage the threat and associated risks. Co-ordinate and undertake regular threat hunting, analysing logs and event data across the firms' systems, and procuring threat intelligence to inform the hunts. Provide technical leadership during security incident response, from identification through to containment, eradication, recovery and post incident review, reporting and recommendations; liaising with external IR providers as required. Maintain Incident response playbooks and undertake regular IR exercises. Ensure that the internal team and managed service security providers have clear roles and responsibilities, and services are joined up and operated seamlessly. Ensure that the day-to-day operations of the wider IT systems are compliant with the firms' security policies and standards. Conduct risk assessments and recommend security improvements. Provide guidance on secure configuration and hardening the security of systems. Manage penetration testing activities conducted by third party testers and any remediation activities required. Fulfil 3rd line support and service request tickets. Develop, document and maintain security procedures and cybersecurity operational documentation. Oversee and drive vulnerability management activities with the technical systems owners. Ensure audit trails, system logs and other monitoring data sources are reviewed regularly, and are following policies and audit requirements. Provide out-of-hours support for security incidents. Key Skills & Experience Required 5 years' experience in cybersecurity or information security. Bachelor's Degree in Cybersecurity, or similar, Industry certifications such as CompTIA Security, GIAC, CISM, CISSP or other relevant certifications preferred. Strong understanding of network and end point security, incident response, threat intelligence, and vulnerability management. Experienced with security tools such as SIEM platforms, EDR/XDR solutions, firewalls, IDS/IPS. Strong knowledge of Microsoft Azure cloud security technologies and concepts. Familiar with cybersecurity frameworks such as NIST CSF, ISO27001, CIS Controls. Strong analytical, and problem-solving skills. Good understanding of best practice security operations and architectures. Knowledgeable on security and data protection legislations and regulations, and the security requirements resulting from them.