We are seeking a hands‑on Infrastructure & Security Engineer with deep expertise across security architecture, server, and network domains. Security is the core priority of this role. The successful candidate will take a leading part in strengthening and evolving the firm’s security posture in response to an increasingly sophisticated threat landscape, including emerging risks associated with AI.
This is a technically demanding role that combines proactive security ownership with infrastructure delivery. The successful candidate will act as a security‑first thinker across everything they touch, from day‑to‑day operations through to strategic infrastructure design, and will be expected to drive meaningful improvements to the firm’s defensive capabilities.
This role is office‑based and requires five days per week on‑site presence.
Key Responsibilities
Lead the firm’s security operations function, owning threat detection, incident response, and vulnerability management end‑to‑end
Monitor, triage, and respond to security events across the environment, including log analysis, anomaly detection, and threat hunting, with a strong awareness of modern and AI‑enabled attack vectors
Own and drive security hardening across all infrastructure — servers, endpoints, network devices, and cloud‑adjacent systems — ensuring consistent application of best practices and compliance with security policies
Design and implement secure infrastructure solutions, embedding security requirements from the outset rather than retrofitting them
Conduct regular vulnerability assessments and penetration testing exercises, prioritising and remediating findings in a timely manner
Manage and continuously improve security tooling, including SIEM, EDR, firewalls, IDS/IPS, and endpoint protection platforms
Act as the escalation point for security‑related incidents across 2nd and 3rd line, providing expert guidance and driving resolution
Support and maintain network infrastructure including firewalls, switches, VPNs, and wireless systems (primarily Cisco‑based), with a security lens on all configuration and change
Operate across Windows and Linux (Red Hat/CentOS) environments, ensuring both are maintained to a consistent security baseline
Collaborate with infrastructure and technology teams to embed security into project delivery and BAU processes
Develop and maintain security documentation including incident response playbooks, SOPs, architecture diagrams, and runbooks
Stay current with the evolving threat landscape, bringing proactive recommendations to improve the firm’s security posture over time
Participate in an on‑call rotation to support critical systems and respond to security incidents outside business hours
Minimum 7+ years’ experience in infrastructure, networking, and security roles
Strong hands‑on experience with Windows Server and Linux (Red Hat/CentOS)
Solid networking knowledge, including TCP/IP, VLANs, VPNs, DNS, DHCP, with practical experience in Cisco environments
Demonstrated experience implementing and supporting security controls, including:
Patch management and system hardening
Endpoint protection and monitoring
Identity and access management
Good understanding of cyber security principles, including modern threat landscapes and evolving risks (e.g. automation and AI‑driven attack vectors)
Experience with virtualisation (VMware) and enterprise storage (SAN/NAS)
Scripting or automation experience (e.g. PowerShell, Bash) is advantageous
Experience in financial services or regulated environments is preferred
Strong troubleshooting skills with a structured and analytical approach
Able to balance BAU responsibilities with project delivery effectively
A thoughtful and forward‑looking mindset, with the ability to identify risks and propose improvements
Clear and confident communicator, able to engage with both technical and non‑technical stakeholders
Self‑motivated, accountable, and willing to take ownership of issues end‑to‑end
Collaborative and adaptable, with a practical and solutions‑focused approach
#J-18808-Ljbffr…
