Senior Cloud Security Engineer

Role summary/purpose of job

In conjunction with the firm's chosen IT partner, operate and manage the firm's internal IT security infrastructure which includes all anti-virus/anti-malware systems, Public Key Infrastructure, privileged access management systems and SAML 2.0 single sign-on technologies.

The person in role will be responsible for managing and developing our infrastructure to provide continued, effective defence against cyber threats. They will evaluate threats to the environment and adjusts to an ever-changing threat landscape. By applying practical security knowledge, they will develop new detective measures and practices to protect the firm.

Location Overview: Manchester

The Freshfields Global Centre provides both business and legal services to the firm. Our services are delivered in a way which supports the global nature of our firm and our clients, enables our fee earners to deliver exceptional service to our clients and to do that in a way which is efficient and effective.

Function Overview

The Infrastructure, Cloud and Security function is responsible for overseeing, maintaining and developing IT Systems according to the existing company policies and best practices in cooperation with internal IT Teams and external service providers.

Key responsibilities and deliverables

• Ensures the correct application of operational procedures;

• Ensures that documentation of the supported components is available and in an appropriate format for those providing support;

• Identifies operational problems and is accountable for their resolution in accordance with agreed standards and procedures;

• Provides reports and proposals for improvement;

• Provides security advice as needed to the IT department;

• Contribute to internal and external audits – client and external frameworks such as ISO27001, Cyber Essentials;

• Responsible for implementing best practice server hardening in line with industry standards;

• Manages processes relating to the installation, maintenance and operation of security infrastructure including AV, PKI, Active Directory and Active Directory Federation Services (ADFS 2.0);

• Responsible for the implementation of agreed changes and maintenance routines;

• Regularly reviewing infrastructure to ensure best practices are being followed and where necessary to escalate problems/issues (process or compliance).

Key requirements

Essential

• Networking knowledge – TCP/IP, DHCP, DNS;

• Knowledge and hands on experience of current Windows server operating environments, Active Directory and Group Policy;

• Exposure to and working knowledge of –

  • AV systems (Preferably Microsoft Defender – Endpoint, Cloud and Identity);

  • Microsoft Azure, Entra ID, Microsoft Intune and Azure AD Sync

  • Single sign-on technologies - SAML 2.0 protocol, ADFS 2.0;

  • PKI – including Active Directory-integrated;

• Knowledge of network security devices and associated protocols;

• Experience & knowledge of mobile device security

Desirable

• SIEM experience;

• Good knowledge around information security best practices;

• Working knowledge of Google Cloud Platform

• Patch management

• Privileged access management solutions;

• Exposure to advanced endpoint anti-malware solutions;

• Powershell scripting;

• Experience of conducting penetrations tests/vulnerability scans.

Desirable Qualifications

• ITIL Service Management Foundation certification (or equivalent);

• MCSA, MCSE, MCP;

• CEH

Technical and People Skills

• Demonstrate ability to work independently and take leadership where required  

• Demonstrate ability to work on multiple highly complex projects simultaneously. 

• Clear and concise written and oral communication skills 

• The ability to build working relationships with a range of people at all levels across the business 

• Proactive approach with a 'can-do' attitude 

• Identifies and communicates opportunities to improve the way that work is done  

• Excellent organisational and time management skills with the ability to manage tasks efficiently and under self-supervision 

• Works successfully as part of a team, sharing knowledge, collaborating with and supporting colleagues 

• Excellent customer service skills with a helpful and responsive approach 

• Flexible in approach and adaptable to change 

• Resilient and calm under pressure 

• Motivated, results and delivery focused with a commitment to quality of work 

• Takes ownership and actively looks for personal learning and development opportunities 

• Demonstrates sound judgement 

• A commitment to the highest level of integrity 

• Focuses on finding the right solutions and problem solving 

• An understanding of working across cultural boundaries 

• Demonstrates Being Freshfields principles

Freshfields Overview

Freshfields Bruckhaus Deringer is a major international law firm, providing business law advice of the highest quality. We want to be the law firm that clients turn to for legal advice where it most matters, wherever in the world that may be. The Firm has over 2,400 lawyers in 28 offices around the world, providing a comprehensive service to national and multinational corporations, financial institutions, and governments.

Our people make our firm - we are a people business and want to create a welcoming and supportive environment where all can flourish. We see diversity as a strength which creates fresh perspectives and generates new ideas. We enjoy our work and are determined to do an outstanding job. We deliver best when working in teams. Our culture is a product of the combined mindsets and behaviours of our people which is through the Being Freshfields principles, outlined below:

• we show respect to everyone

• we are there for one another

• we are open with each other

• we are positive role models

We think and work globally - we do not just say we are one firm; we act like one firm right across the world. We work wherever our clients need us. This is how we define ourselves, not by reference to where we have offices. Cross-border work is not just what we do, it is what we excel at. We understand what it really takes to work across different legal systems and commercial environments and to bridge language and cultural gaps.

We aim to add value in everything we do - we are passionate about helping our clients succeed. We use our experience and creativity to help clients make judgements and achieve their goals. In everything we do, we seek to make a real difference to the communities in which we operate.

Freshfields is committed to promoting equality and diversity and to developing a culture that values differences, recognising that employees from a variety of backgrounds make important and positive contributions to our business and how we service our clients.

Inclusion

Freshfields is an equal opportunities employer and all applications received by the firm will be considered based on their merit alone and we welcome applications from all suitably qualified individuals regardless of background. All offers of employment will be conditional on the candidate having/securing the right to work in the UK and providing the firm with evidence of that right (as required by the Immigration, Asylum and Nationality Act 2006) prior to employment commencing.

Freshfields is a Ban the Box employer. We ask applicants to disclose criminal convictions only when a conditional job offer is made. A conviction does not automatically lead to withdrawal of the offer: we make decisions on a case-by-case basis and take a number of factors into account (e.g. the role you are applying for and the circumstances of the offence). You would have the opportunity to discuss the matter with us before we make a decision.