Lead Information Security Engineer
Location: London (Hybrid – 3 days office / 2 days remote)
Type: Permanent
An international law firm is seeking a Lead Information Security Engineer to join its global IT function in London. You’ll play a key role in developing secure architectures, managing risk, and driving security strategy across cloud and on-premise environments.
Key Responsibilities
* Design and maintain secure authentication and authorization frameworks.
* Manage security risks, incidents, and DLP (Data Loss Prevention) processes.
* Implement and enhance cloud security (Azure, Microsoft 365, iManage).
* Lead incident response, risk assessments, and compliance reviews.
* Collaborate globally to embed security best practices.
* Support policy development, security awareness, and business continuity.
Skills & Experience
* 5+ years’ experience in Information Security.
* Strong technical knowledge of networking, authentication, and cloud (Azure/O365).
* Experience with DLP, incident response, and ISO 27002 standards.
* Familiarity with tools such as Microsoft Defender, CrowdStrike, CyberArk, Rapid7, or Palo Alto.
* CISSP or CEH certification preferred.
* Excellent communication, problem-solving, and stakeholder management skills.
Additional Details
* Standard hours: 9:00am–5:00pm with on-call participation.
* Hybrid working (3 office / 2 remote).
* Up to 20% domestic/international travel.
If you are interested please email your CV to megan.seymour@stottandmay.com for immediate consideration