What will you be doing?
Under the guidance of the Head of Infrastructure or Security Lead you will:
1. Secure LCP’s infrastructure, spanning multiple physical office (UK and Europe) and numerous Cloud subscriptions, through a balanced-risk approach
2. Design and implement technical information security controls and countermeasures, ensuring alignment with the risks they are intended to mitigate
3. Work with an outsourced Security Operations Centre (SOC), maintaining threat detection and response processes in conjunction with the InfoSec team to ensure its continued effectiveness
4. Effectively operate established technical information security controls and countermeasures, ensuring adherence to policy and compliance requirements
5. Deliver standardised security measures for cloud resource templates and configuration baselines, that enable approve teams to efficiently self-serve pre-configured resources
6. Automate manual or repetitive tasks, improving the end-to-end efficiency of technical security measures
7. Respond to new and emerging security threats and vulnerabilities, effectively engaging in cross-functional collaboration as needed
8. Conduct security incident investigations, collaborating with technical and non-technical stakeholders as appropriate, with the aim of identifying root cause, threat vector utilised, scope of compromise and related remedial and preventative actions
9. Implement and administer technical security tooling (Such as Defender for Cloud, Defender for End-Point, Nessus, etc), training others as required
10. Optimise the cost of cloud-based security measures, ensuring they remain fit-for-purpose and right-sized as part of overall infrastructure efficiency
11. Constantly maintain and develop awareness ofEmerging threats and vulnerabilities and the techniques used to mitigate themEmerging information security practices, standards and trends within a modern, increasingly cloud-based and Agile/DevOps oriented environment
12. Coordinate with internal and external stakeholders
13. Partner with InfoSec to deliver on key information security risk related initiatives, ensuring compliance to patching and vulnerability policies
14. Partner with Product and Platform team members in respect of secure coding practices and security measures within the infrastructure resources they utilise
15. Establish and cultivate relationships, being a trusted advisor and technical point of contact within the firms engineering community
What skills and experience are we looking for?
16. First-hand experience and knowledge of modern information security methodologies, techniques, and tooling, spanning both physical and cloud infrastructure
17. Knowledge of key security standards/frameworks including ISO, NIST, and CIS
18. Experience of securing infrastructure within a DevOps organisation – including secure coding standards, automation and enterprise monitoring and reporting tools specifically within Microsoft Azure
19. Demonstrable experience of security controls and countermeasures within IP based networks, WAN technologies, virtual server technologies and Microsoft Cloud on Windows and Linux
20. Demonstrable experience working with DLP and EDR technologies such as Microsoft Defender
21. Demonstrable first-hand experience with modern Security Information and Event Management (SIEM) solutions and related workflow automation (SOAR)
22. Ability to proactively own and coordinate resolving security issues, to ensure solutions continue to meet business needs
23. Ability to break a problem down into its component parts to identify and diagnose root causes, troubleshooting and identify problems across different technology capabilities
24. Strong planning and organisational skills, including the ability to coordinate several work streams simultaneously, while balancing priorities and quality
25. Excellent communication skills with a capacity to present, discuss and explain issues coherently and logically, both in writing and orally
26. Ability to balance conflicting and changing demands through prioritisation and pragmatism
What’s in it for you?
Take a look at our and Career stories pages to see why our people love being here! As well as joining a multi-award winning, fun, collaborative, people first organisation where your personal and professional skills will be developed to make you the best you can be, we offer an attractive benefits package designed to promote your overall wellbeing so that you are able to perform to your full potential both in and out of work. Currently our core benefits package includes:
For you:
27. Hybrid working (see top of the advert for details)
28. Professional study support (where applicable)
29. Access to our internal Wellbeing, LGBTQ+, Multicultural and Women’s networks
For your family:
30. Life assurance
31. Income protection
32. Enhanced maternity/paternity/adoption and shared parental leave
For your health:
33. 26 days annual leave (pro-rata for part-time working) plus bank holidays (most of which can be taken flexibly!) with options to buy & sell holiday
34. Private medical insurance
35. Discounted gym memberships, critical illness and dental insurance through our flexible benefits
36. Eye care vouchers
37. Cycle to work scheme
38. Digital GP services
For your wealth:
39. Competitive pension scheme
40. Discretionary bonus scheme
41. High street discounts
42. Season ticket loans
For others:
43. Volunteering opportunities
For the environment:
44. Electric vehicle salary sacrifice scheme (qualifying period applies)