We are seeking a hands-on Infrastructure & Security Engineer with deep expertise across security architecture, server, and network domains. Security is the core priority of this role. The successful candidate will take a leading part in strengthening and evolving the firm's security posture in response to an increasingly sophisticated threat landscape, including emerging risks associated with AI.
This is a technically demanding role that combines proactive security ownership with infrastructure delivery. The successful candidate will act as a security-first thinker across everything they touch, from day-to-day operations through to strategic infrastructure design, and will be expected to drive meaningful improvements to the firm's defensive capabilities.
This role is office-based and requires five days per week on-site presence.
Key Responsibilities
-
Lead the firm's security operations function, owning threat detection, incident response, and vulnerability management end-to-end
-
Monitor, triage, and respond to security events across the environment, including log analysis, anomaly detection, and threat hunting, with a strong awareness of modern and AI-enabled attack vectors
-
Own and drive security hardening across all infrastructure — servers, endpoints, network devices, and cloud-adjacent systems — ensuring consistent application of best practices and compliance with security policies
-
Design and implement secure infrastructure solutions, embedding security requirements from the outset rather than retrofitting them
-
Conduct regular vulnerability assessments and penetration testing exercises, prioritising and remediating findings in a timely manner
-
Manage and continuously improve security tooling, including SIEM, EDR, firewalls, IDS/IPS, and endpoint protection platforms
-
Act as the escalation point for security-related incidents across 2nd and 3rd line, providing expert guidance and driving resolution
-
Support and maintain network infrastructure including firewalls, switches, VPNs, and wireless systems (primarily Cisco-based), with a security lens on all configuration and change
-
Operate across Windows and Linux (Red Hat/CentOS) environments, ensuring both are maintained to a consistent security baseline
-
Collaborate with infrastructure and technology teams to embed security into project delivery and BAU processes
-
Develop and maintain security documentation including incident response playbooks, SOPs, architecture diagrams, and runbooks
-
Stay current with the evolving threat landscape, bringing proactive recommendations to improve the firm's security posture over time
-
Participate in an on-call rotation to support critical systems and respond to security incidents outside business hours
Requirements
-
Minimum 7+ years’ experience in infrastructure, networking, and security roles
-
Strong hands-on experience with Windows Server and Linux (Red Hat/CentOS)
-
Solid networking knowledge, including TCP/IP, VLANs, VPNs, DNS, DHCP, with practical experience in Cisco environments
-
Demonstrated experience implementing and supporting security controls, including:
-
Patch management and system hardening
-
Endpoint protection and monitoring
-
Identity and access management
-
Good understanding of cyber security principles, including modern threat landscapes and evolving risks (e.g. automation and AI-driven attack vectors)
-
Experience with virtualisation (VMware) and enterprise storage (SAN/NAS)
-
Scripting or automation experience (e.g. PowerShell, Bash) is advantageous
-
Experience in financial services or regulated environments is preferred
-
Strong troubleshooting skills with a structured and analytical approach
-
Able to balance BAU responsibilities with project delivery effectively
-
A thoughtful and forward-looking mindset, with the ability to identify risks and propose improvements
-
Clear and confident communicator, able to engage with both technical and non-technical stakeholders
-
Self-motivated, accountable, and willing to take ownership of issues end-to-end
-
Collaborative and adaptable, with a practical and solutions-focused approach