MAIN RESPONSIBILITIES:

• Infrastructure Security Design & Implementation: Develop, implement, and maintain robust security architectures and controls for cloud and on-premises infrastructures, supporting business growth while ensuring security best practices are followed.
• Threat Management: Proactively monitor and respond to security incidents, vulnerabilities, and threats, applying advanced techniques to safeguard systems from cyber-attacks.
• System Hardening & Configuration: Ensure that all infrastructure systems (e.g., servers, databases, networks) are securely configured and maintained with the latest security patches and updates, following industry standards like CIS benchmarks.
• Network Security: Implement and manage firewalls, VPNs, IDS/IPS, and other network security technologies to secure connectivity and prevent unauthorized access across the company’s digital assets.
• Incident Response & Remediation:Lead efforts in incident detection, response, and remediation for infrastructure-related security incidents, ensuring rapid mitigation and future prevention.
• Collaboration & Integration: Work closely with our IT and software engineering teams to integrate security into system development and provide security guidance where needed.
• Compliance & Best Practices: Ensure compliance with relevant data protection laws (e.g., GDPR), security frameworks, and internal policies, contributing to audits and risk assessments where required.
• Automation & Optimisation: Identify opportunities for automation within security operations, from threat detection to patch management, to drive efficiency and scalability.
• Continuous Improvement: Stay up to date with emerging security trends, vulnerabilities, and technologies, and continually improve security processes and policies to adapt to a dynamic threat landscape.

THE CORE ATTRIBUTES WE WOULD VALUE IN THIS ROLE:

• Proven Experience: Experience in infrastructure security engineering or a related role, ideally within the financial or insurance sectors.
• Technical Expertise: Strong knowledge of cloud (Azure, O365, Amazon) and server infrastructure, networks, firewalls, and endpoint systems.
• Security Tools & Technologies: Proficiency with security tools such as SIEM, IDS/IPS, vulnerability scanners, firewalls, endpoint protection, alert and remediation, and encryption technologies.
• Certifications: Relevant certifications such as CISSP, CISM, CCSP, CEH, or AWS/Azure security certifications are highly desirable.
• Scripting & Automation: Experience in automating security tasks using scripting languages (PowerShell).
• Analytical Skills: Strong analytical and problem-solving skills with the ability to think critically and adapt to fast-paced environments.
• Communication: Excellent written and verbal communication skills, with the ability to translate complex security issues into business-friendly language.