Job Description

We currently have an exciting opportunity to join our IT department as a Cyber Security Lead, on a full time basis in our Glasgow office.

What will your role look like?

Our IT team is made up of enthusiastic and experienced IT professionals who provide innovative technology in a collaborative and supportive environment. This role sits within our IT networking and security team who are responsible for maintaining key cyber security technologies along with the underlying network infrastructure. For this role we are looking to recruit an experienced Cyber Security Lead, who would like the opportunity to expand their knowledge further in this area. You will be responsible for managing a small team of cyber security engineers, driving new cyber security initiatives, maximising the value we get from existing cyber security technologies including our M365 tenancy and assisting with colleagues and the IT Network & Security Manager to deliver the IT business plan.


Our firm invests in the latest industry leading technologies to facilitate the delivery of our ground-breaking business solutions. We adopt integrated ways of working such as "DevOps" and employ Agile/Scrum methodology approach to manage our work.

Though this is a varied role, your key tasks will include:

Manage, mentor, and help to develop the cyber security team. Using Azure Devops, set and manage the teams project related and non-service desk tasks for the upcoming year. Manage, or act in an advisory capacity to members of the team for all service request tickets that relate to cyber security. Ensure the team comply with agreed service desk SLA's. Look to adopt and get more value from our existing Microsoft Licensing Agreement. Work closely with the Security Operating Centre and Networking engineers, to drive security initiatives across the wider team. Participate in and deliver multi-discipline/cross team projects acting as the cyber security subject matter expert. Act as the technical lead and escalation point for all cyber security related queries. Research and advise on the latest cyber security best practises and solutions, make recommendations to the business where necessary. Provide a key technical mentoring capability to staff, participating in knowledge transfer and training sessions (a strong technical cyber security background is required for this role.) Ensure cyber security platforms are actively monitored and responded to in an appropriate way. Make use of automation tools to drive up efficiency, where possible. Technical involvement in scoping, researching, vendor selection, implementation, configuration, documentation and roll out of strategic security technologies - working with industry leading vendors. Work with fellow team members and the IT Network & Security Manager to build strategic partnerships and relationships with key vendors and suppliers. Evaluate emerging technologies in the marketplace and to raise a business case for adoption where tangible benefits can be brought to the firm. Continuous improvement - drive through identified improvements and/or additional controls and procedures as necessary to sustain our ISO-27001 and Cyber Essentials accreditation. Adhere to the firm's Information Security standards, policies and procedures ensuring that they are embedded in everything that we do. Act in advisory capacity, to external audits and due diligence questionnaires.

Key Technologies:

Strong practical knowledge of M365 stack from a security perspective (Defender, Azure) Vulnerability Management Web Application Filtering DLP Cloudflare Secure File Transfer Firewalls Remote Access/VPN PKI Infrastructure DNS Email Gateways Security Audits ISO27001 Cyber Essentials

Desirable Technologies:

Azure DevOps (Scrum principles, Release Pipelines) Knowledge of Mitre Attack Framework Strong Networking Principals ITIL (Supervising Service Desk Queue) Strong Interest In all aspects of security Scripting (PowerShell, Python, Azure CLI, Yaml, etc) Microsoft Operating Systems (Desktop, Server) Exchange Online

To succeed in and enjoy this role you are likely to have a real passion for and want to develop your career further within IT Security, you will currently be working at an architect level with a high level of experience in industry leading security products. In addition, you will be used to managing a small team of people. You should have experience (at a senior level) of implementing complex IT security projects and security infrastructure, ideally covering some of the specific technologies in our estate as well as sound document authoring skills. You will enjoy working as a part of a team and be adept at communicating complex technical concepts to the business and colleagues alike. Experience of working in an Agile/Scrum environment would be beneficial as would the ability to work in partnership with industry leading technology providers to deliver new projects.

Qualifications:

Degree in IT, or relevant experience.

The following IT Certifications would be advantageous (but not essential):

Microsoft Certified Cybersecurity Architect Expert Microsoft - MCSE, MCSA, MCITP Security + Network + Checkpoint - CCSA, CCSE

In addition to a competitive salary and access to our profit share scheme, we offer:

A flexible selection of employee benefits, so you can choose a package that best matches your lifestyle and needs. A collaborative and encouraging work environment where your thinking and ideas are encouraged. On site mental health and wellbeing assistance. A commitment to helping you develop both personally and professionally, with mentoring opportunities and access to our award-winning learning portal, Aspire. Regular social activities, in addition to three days paid volunteering leave each year and a day's leave to celebrate your birthday. Hybrid working so you can enjoy the positive wellbeing of working from home as well as the benefits of meeting colleagues in our sociable, modern office environments - with the expectation of two 'in-office' days per week. A flexible working window, allowing colleagues the freedom to work flexibly between the hours of 7am and 7pm.

Please note, we recruit on a rolling basis so early applications are recommended to avoid disappointment.


We work alongside employers, trustees and financial services institutions, offering independent pensions, investments, benefits and risk consulting services, as well as data and technology solutions.


That's the who and the what. More important is the 'why'. The work we do may not always seem the sexiest. But it's difficult, it's complex, and it's important. We help our clients, their employees, members and customers make decisions that have real and direct consequences on their financial futures.


For 100 years we've taken this responsibility seriously. Together, as a team and with our clients and partners, we're here to build better futures.