Role summary/purpose of job

In conjunction with the firm's chosen IT partner, operate and manage the firm's internal IT security infrastructure which includes all anti-virus/anti-malware systems, Public Key Infrastructure, privileged access management systems and SAML 2.0 single sign-on technologies.

The person in role will be responsible for managing and developing our infrastructure to provide continued, effective defence against cyber threats. They will evaluate threats to the environment and adjusts to an ever-changing threat landscape. By applying practical security knowledge, they will develop new detective measures and practices to protect the firm.

Function Overview

The Infrastructure, Cloud and Security function is responsible for overseeing, maintaining and developing IT Systems according to the existing company policies and best practices in cooperation with internal IT Teams and external service providers.

Key responsibilities and deliverables

• Ensures the correct application of operational procedures;

• Ensures that documentation of the supported components is available and in an appropriate format for those providing support;

• Identifies operational problems and is accountable for their resolution in accordance with agreed standards and procedures;

• Provides reports and proposals for improvement;

• Provides security advice as needed to the IT department;

• Contribute to internal and external audits – client and external frameworks such as ISO27001, Cyber Essentials;

• Responsible for implementing best practice server hardening in line with industry standards;

• Manages processes relating to the installation, maintenance and operation of security infrastructure including AV, PKI, Active Directory and Active Directory Federation Services (ADFS 2.0);

• Responsible for the implementation of agreed changes and maintenance routines;

• Regularly reviewing infrastructure to ensure best practices are being followed and where necessary to escalate problems/issues (process or compliance).

Key requirements

Essential

• Networking knowledge – TCP/IP, DHCP, DNS;

• Knowledge and hands on experience of current Windows server operating environments, Active Directory and Group Policy;

• Exposure to and working knowledge of –

  • AV systems (Preferably Microsoft Defender – Endpoint, Cloud and Identity);

  • Microsoft Azure, Entra ID, Microsoft Intune and Azure AD Sync

  • Single sign-on technologies - SAML 2.0 protocol, ADFS 2.0;

  • PKI – including Active Directory-integrated;

• Knowledge of network security devices and associated protocols;

• Experience & knowledge of mobile device security

Desirable

• SIEM experience;

• Good knowledge around information security best practices;

• Working knowledge of Google Cloud Platform

• Patch management

• Privileged access management solutions;

• Exposure to advanced endpoint anti-malware solutions;

• Powershell scripting;

• Experience of conducting penetrations tests/vulnerability scans.

Desirable Qualifications

• ITIL Service Management Foundation certification (or equivalent);

• MCSA, MCSE, MCP;

• CEH

Technical and People Skills

• Demonstrate ability to work independently and take leadership where required  

• Demonstrate ability to work on multiple highly complex projects simultaneously. 

• Clear and concise written and oral communication skills 

• The ability to build working relationships with a range of people at all levels across the business 

• Proactive approach with a 'can-do' attitude 

• Identifies and communicates opportunities to improve the way that work is done  

• Excellent organisational and time management skills with the ability to manage tasks efficiently and under self-supervision 

• Works successfully as part of a team, sharing knowledge, collaborating with and supporting colleagues 

• Excellent customer service skills with a helpful and responsive approach 

• Flexible in approach and adaptable to change 

• Resilient and calm under pressure 

• Motivated, results and delivery focused with a commitment to quality of work 

• Takes ownership and actively looks for personal learning and development opportunities 

• Demonstrates sound judgement 

• A commitment to the highest level of integrity 

• Focuses on finding the right solutions and problem solving 

• An understanding of working across cultural boundaries 

• Demonstrates Being Freshfields principles

Inclusion

Freshfields is an equal opportunities employer and all applications received by the firm will be considered based on their merit alone and we welcome applications from all suitably qualified individuals regardless of background. All offers of employment will be conditional on the candidate having/securing the right to work in the UK and providing the firm with evidence of that right (as required by the Immigration, Asylum and Nationality Act 2006) prior to employment commencing.

Freshfields is a Ban the Box employer. We ask applicants to disclose criminal convictions only when a conditional job offer is made. A conviction does not automatically lead to withdrawal of the offer: we make decisions on a case-by-case basis and take a number of factors into account (e.g. the role you are applying for and the circumstances of the offence). You would have the opportunity to discuss the matter with us before we make a decision.