Security and Infrastructure Engineer

The Firm

Payne Hicks Beach is a 45 partner firm of solicitors based in offices at 10 New Square, Lincoln’s Inn.  In total the firm comprises approximately 218 staff.  The firm provides specialist legal services to private and commercial clients.  We are best known for our family and private client work and are widely regarded as one of the very best of the small number of firms in the UK who provide these specialist services at the highest level.  We also have an excellent reputation in many other areas of law (rated in both Chambers and Legal 500).

Our offices are located in one of the finest squares in London, a building which the firm has occupied since 1770.

More information about the departments and the work of the firm may be found on our website, the address of which is www.phb.co.uk

The Team

The IT Department is a dynamic and robust team working together to satisfy all of the firm’s IT needs.  The role offers the successful candidate the opportunity to gain experience in a wide range of IT specialties and to have an active role in contributing to the progressive evolution of our IT systems and services.

Normal office hours are from 8.00am to 7:00pm, Monday to Friday, with allocated out of hours assistance.

The Role

As a Security and Infrastructure Engineer, you will play a pivotal role in assisting safeguard our IT environment. You will work closely with the firm’s external infrastructure and security partners to support the implementation of the IT roadmap, ensuring alignment with business objectives and security best practices. Additionally, post implementation, you will be responsible for the configuration, monitoring, maintenance, and improvement of our security and infrastructure systems. Your expertise will help us maintain a secure and resilient IT landscape, ensuring that alerts are appropriately configured, vulnerabilities are promptly addressed, and our cloud-based infrastructure is optimised and compliant.

Key Responsibilities

• Security & Compliance: Implement and manage security policies and procedures to protect the firm’s data and systems in compliance with industry best practices and regulatory requirements.
• Vulnerability Management: Monitor, assess, and remediate security vulnerabilities across the firm’s infrastructure, ensuring timely patching and updates.
• Monitoring & Incident Response: Maintain continuous monitoring of the firm’s IT environment, investigating and responding to security incidents with urgency.
• Identity & Access Management: Manage and enhance security around user authentication and access controls.
• Disaster Recovery & Business Continuity: Contribute to the development and testing of business continuity and disaster recovery plans.
• Working with External 3rd Parties: Collaborate with external providers for new projects and ongoing security improvements.

The individual

You should have the following attributes:

• Proven Experience: 3+ years of experience in IT security and infrastructure engineering, preferably in a professional services environment.
• Cloud-based Infrastructure: Strong understanding of cloud-based networking, identity management, and security best practices.
• Threat Detection & Response: Experience in configuring, analysing, and responding to security alerts and incidents.
• Vulnerability Management: Knowledge of vulnerability assessment tools, patching methodologies, and risk remediation strategies.
• Automation & Scripting: Proficiency in PowerShell or other scripting languages to automate security processes.
• Compliance Awareness: Understanding of regulatory and legal security frameworks, including ISO 27001, GDPR, and other relevant security standards.
• Problem-Solving Skills: Ability to analyse complex security challenges and implement effective solutions.
• Communication & Stakeholder Engagement: Ability to translate technical security requirements into business-friendly language and collaborate with legal professionals and IT stakeholders.

Key Responsibilities

• Security & Compliance: Implement and manage security policies and procedures to protect the firm’s data and systems in compliance with industry best practices and regulatory requirements.
• Vulnerability Management: Monitor, assess, and remediate security vulnerabilities across the firm’s infrastructure, ensuring timely patching and updates.
• Cloud-based Infrastructure: Configure, monitor, maintain, and improve cloud-based infrastructure, ensuring scalability, security, and operational efficiency.
• Monitoring & Incident Response: Maintain continuous monitoring of the firm’s IT environment, investigating and responding to security incidents with urgency.
• Identity & Access Management: Manage and enhance security around user authentication and access controls, leveraging Microsoft’s security stack.
• Disaster Recovery & Business Continuity: Contribute to the development and testing of business continuity and disaster recovery plans.
• Working with External 3rd Parties: Collaborate with external providers and other vendors, for new projects and ongoing security improvements.

Desirable Qualifications

• Security certifications
• Experience working in a legal or professional services environment
• Familiarity with security information and event management (SIEM) solutions
• Understanding of zero-trust security architecture