Infrastructure and Security Engineer - Moreton-in-Marsh THE BAMFORD COLLECTION IS A GROUP OF CONSCIOUSLY MINDED LIFESTYLE BRANDS COMMITTED TO NOURISHING AND NURTURING PEOPLE AND PLANET. What drives and inspires us is the belief that we have a responsibility not just to protect the world around us but to have a positive impact on it too. The group encompasses an organic farm and retailer; a considered clothing label; botanical skincare, bath and body collections; wellness destinations around the world; and hospitality experiences that foster a sense of community and celebrate the healing power of escapism. We champion a slow and sustainable way of living, encouraging our customers to make choices that are greener for the planet as well as kinder to their bodies and minds. We are more than a group of businesses striving to make a difference. We are a way of life. ABOUT THE ROLE We are looking for a strategic and proactive Infrastructure & Security Engineer responsible for the design, implementation, and maintenance of secure, scalable, and reliable IT infrastructure across all Bamford Collection locations. This is a varied and interesting role that covers existing infrastructure, both physical and virtual, to new sites and IT Security. You will work with outsourced partners to optimise security operations and align infrastructure growth with evolving business needs. 40 hours a week, 5 days in the office based at the Daylesford Farm, Gloucestershire. Salary 50,000 per annum. RESPONSIBILITIES Manage and improve the current IT infrastructure architecture, both physical and virtual, at all sites. Manage infrastructure projects including new site setups, upgrades, and cloud migrations. Liase with outsourced partners and our MSP re infrastructure and security. Ensure high availability and performance of core systems (network, servers, storage, firewalls). Lead the implementation of compliance frameworks (e.g., PCI-DSS, GDPR etc). Manage Backups. Document current infrastructure. Be responsible for the security of the organisation. Develop and manage disaster recovery and business continuity strategies. Improve and enforce cybersecurity strategies including endpoint protection, access control, threat detection, and incident response. Manager and improve web and mail filtering via Mimecast, umbrella, fortigate, Meraki etc. Monitor and report on system health, vulnerabilities, and patch management. Collaborate with IT Manager to ensure operational alignment and support SKILLS YOU WILL BRING Strong experience of physical infrastructure from MPLS, Fibre to switches and waps. Strong experience of virtual infrastructure from Vlans to VPNs. Experience in all Microsoft products, Cisco Meraki, Umbrella, Fortinet etc. AV and CCTV systems experience. A background in a retail and/or hospitality environment with POS. Demonstrable knowledge of relevant current technology and emerging trends. Microsoft infrastructure including Windows Server Administrator, Active Directory AAD Administrator, Group Policy, and Microsoft 365 services and Azure Cloud resource management. LAN / WAN / WIFI / TCP-IP / Firewalls / Switching/ Routing configuration and admin (Cisco). Deploying and managing virtualized environments using VMware vSphere, ESXi, and vCenter. Server and storage hardware technology. Identity & Access Management (IAM), Expertise in Microsoft Entra ID (formerly Azure AD), role-based access control (RBAC), and multi-factor authentication (MFA). Cloud Security, Experience securing Azure environments, including Microsoft Defender for Cloud, Sentinel, and compliance frameworks like PCIDSS. Threat Protection & Incident Response: Ability to identify vulnerabilities, implement threat protection, and respond to security incidents. Patch Management & Endpoint Security: Experience in patching complex estate, ensuring regular updates, patching, and endpoint protection. Familiarity with backup and disaster recovery tools and practices. Experience with monitoring tools (e.g., SolarWinds, PRTG, or similar). PERKS AND BENEFITS Discounts: We offer a range of discounts on our products, treatments, and dining experiences from day one. Volunteering Days: Employees are offered one paid day per year to volunteer with a charity of their choice. Private Medical: We offer subsidised private medical insurance through Bupa. Pension Scheme: Pay up to 9% of your salary into your pension each month; we contribute up to 4.5%. Life Assurance: We offer life assurance cover, equivalent of up to a year of your annual salary. Mental Health Support: Our Employee Assistance Programme provides 24-hour support, seven days a week.