IT Security Analyst

Farrer & Co is an independent law firm, with a rich history. A centuries-long tradition of advising private families, individuals and charitable institutions is today complemented by our work with Businesses, Financial Services, Individuals, Families and Family Offices (IFFO), Education and Not For Profit organisations.

We look to be the market leader in our chosen areas of expertise, advising clients on the contentious and non-contentious legal, business and personal issues they face.

Our reputation and success is based on the goodwill of numerous close client relationships. We are trusted advisers, acting in our clients' long-term interests and paying careful attention to quality and personal service.

Our clients tell us they value us for our integrity, good judgement and professional excellence, as well as our broad perspective, practical solutions and value for money. They describe us as 'a likeable bunch' too.

As a progressive technology team, Farrers IT have delivered a number of industry firsts. We lead on cloud based systems and mobility, delivering projects and managing systems which allow our staff to work regardless of their location. Technology is key to our business, so proactive and forward thinking IT staff are essential elements in our success.

The IT Security Analyst's role is to manage and maintain the firm's IT security systems and processes. This position is a technically focused role working alongside the IT Security Architect. The role has primary responsibility for managing our core suite of security tools (including vulnerability scanning, patch management, anti-virus, intrusion detection/prevention) as well as advising on security aspects of all existing and incoming IT systems.

The IT Department's mission is to meet and exceed customer expectations and deliver outstanding service. We contribute to the success of the firm through the provision of timely and consistently high quality service at every point of customer contact.

• Continual improvement of the firm's IT Security posture through constant awareness of issues and threats, applying the appropriate controls in a timely and effective manner whilst maintaining productivity;

• Complete regular vulnerability scans across the firms network;

• Take a lead role on patch management, including the testing and application of security patches and updates to IT systems;

• Lead on anti-virus compliance and regular management reporting;

• Analysing and reporting on anomalous behaviour;

• Recording and investigating potential security threats and escalating those findings to the IT Security Architect and IT Management as appropriate;

• Collaborate with relevant IT Department colleagues and third parties to maintain and manage border security, including pathways into and out of our network;

• Advise on server and desktop OS hardening techniques to reduce exposure;

• Define, develop and report on adherence to policy and process;

• Manage and refine end point security and data loss prevention methods;

• Work with internal project teams to ensure 'Security By Design' in any IT system implemented;

• Support the IT Security Architect on strategic security projects such as Cyber Essentials+, ISO27001, GDPR and new security systems;

• Keeping abreast of latest IT security measures and controls;

• Contribution to, refinement and rehearsal of cyber response policies and protocols.

Essential:

• Strong Windows operating system experience including server and desktop OS hardening

• Solid vulnerability scanning and patch management skills

• Anti-virus and DLP management in an enterprise environment

• Ability to identify security threats, trends and anomalies

• Logical thinker and creative problem solver

• Excellent written and verbal communication skills

• Self-motivated and able to take responsibility

Desirable:

• Experience in one or more of the following would also be advantageous:

  • Management of SIEM tools

  • Experienced in firewall management including and intrusion detection/prevention protocols

  • Cloud based services:

    • Microsoft Azure/Office 365/Exchange Online

    • Mimecast

    • Cloud based authentication services (Okta/OneLogin)

• Formal security-related qualification, such as CEH

• Our office hours are 09.30 to 17.30 but it is essential that the applicant is committed, flexible and prepared to work beyond the normal office hours when necessary and in response to demand;

• Overtime at weekends will be required from time-to-time in order to support project work;

• We expect the successful applicant to bring the experience, commitment and passion to further define the job description and embed the principles of good IT Security in the culture of the firm.