IT Security and Compliance Engineer

We are recruiting for an IT Security & Compliance Engineer to join our growing Technology function and play a key role in shaping the firms security posture.

This role is perfect for someone with an infrastructure background who is eager to deepen their expertise in security governance and modern cloud technologies. You will work at the heart of the firms security operations taking ownership of daily weekly and monthly checks managing 1st and 2nd line security tickets monitoring SIEM activity and supporting phishing and other security assurance tests. Youll collaborate closely with our IT Security Officer and wider technical teams helping to analyse outputs recommend improvements and contribute to a proactive and continually improving security environment.

As part of our move to cloud technologies youll have the opportunity to get hands on with new tools and platforms helping to shape how they are implemented and embedded across the firm. You will also support the review of change control documentation maintain strong housekeeping across Active Directory and other applications and develop meaningful reporting and dashboards using Power BI to provide insights into security performance compliance posture and wider IT risks. The role is highly collaborative offering the chance to bounce ideas within the team support ongoing improvement initiatives and work alongside colleagues across IT and the wider business.

A core part of this position involves supporting and maintaining our compliance frameworks including ISO 27001 and Cyber Essentials Plus. Youll be involved in maintaining policies and procedures supporting audits and assessments assisting with client assurance and supplier security reviews and helping to embed security awareness throughout the firm. Full training is available giving you the opportunity to grow into an ISO 27001 expert while deepening your understanding of governance risk and compliance. Youll provide clear and effective security guidance engage with internal and external stakeholders and play an important role in ensuring the firm meets its information security objectives.

This is a fantastic opportunity for someone who not only enjoys hands on security operations but also wants exposure to governance compliance cloud security and continuous improvement projects. With access to new technologies development opportunities and a collaborative team environment this role offers a strong pathway for progression into senior engineering cloud security or governance focused positions.

As the IT Security and Compliance Engineer you will:

• Conduct daily weekly and monthly threat intelligence and security checks distributing results as required.
• Manage internal SIEM / Defender alerts IT security incident tickets and escalate issues promptly.
• Assist in scheduling and monitoring security tests using the Firms security tools analysing outputs and recommending improvements.
• Ensure good housekeeping standards are maintained across Active Directory and supporting applications.

Compliance & Governance

• Maintain and update the Firms ISO 27001 policies and procedures ensuring alignment with ISO 27001 controls and ISO 27002 guidance.
• Support planning and delivery of the Firms Cyber Essentials Plus certification activities.
• Provide monthly account management reports to the IT Security Officer.
• Support the Firms supplier security assurance process.

Patching & Configuration

• Ensure Microsoft and non Microsoft security updates are patched in line with Firm standard SLAs.
• Monitor patching compliance and collaborate with IT teams to resolve gaps.

Bid & Client Assurance Support

• Provide support in the Firms client bid and tender process contributing security related documentation and responses.

Supplier Security Assessments

• Assess new suppliers against Walker Morris policies and procedure
• Provide risk assessment reports to stakeholders
• Manage the Contract Database when new suppliers are onboarded

Service Desk & Internal Support

• Provide security guidance to the Service Desk where appropriate.
• Manage 1st line security tickets and escalate to relevant internal teams when necessary.

Information Security Responsibilities

• Handle information in accordance with the Firms Information Security Policies and Procedures.
• Promote and encourage a security aware culture across the organisation.
• Proactively report any information security concerns incidents or weaknesses.
• Support the Firm in achieving its information security objectives as outlined in the Information Security Manual.

We are looking for:

• Strong knowledge of ISO 27001 controls and ISO 27002 guidance.
• Practical understanding of Cyber Essentials Plus requirements and assessment processes.
• Experience in 2ndline ticket management within an IT or security environment.
• Ability to create and maintain Power BI security and compliance reports.
• Hands-on experience with Microsoft 365 security and compliance tools including:
  • Microsoft Defender (Endpoint Identity 365)
  • Microsoft Purview (Compliance Data Governance)
  • Microsoft M365 Security tools like Microsoft Defender Purview Sentinel

Desirable Skills

• Familiarity with vulnerability management workflows.
• Experience working within an Information Security Management System (ISMS).
• Understanding of security patching and configuration management best practices.
• Knowledge of Power BI reporting to provide a centralised security dashboard.

Some of our benefits include:

• Salary reflective of your experience circa. 45000.
• Earn up to 10% of your salary with our annual bonus scheme.
• Minimum of 25 days annual leave plus Bank Holidays per year increasing to 31 days with length of service with the opportunity to buy/sell up to 5 days holiday per year.
• Auto enrolled into the workplace pension scheme and well contribute a minimum of 6% of your salary.4x your annual salary in the event of a death in service.
• Hybrid and flexible working with 40-60% of your time spent in the office

Find out more about working at Walker Morrishere.

Company Values

Our shared values represent our culture and the things that are important to us. They define who we are as a Firm as an employer and what we expect of our people. They provide direction and purpose by influencing the decisions that we make and the actions that we take. Its really important that all candidates and employees demonstrate these values in their day-to-day activities:

• Embrace the fact everyone is different and unique.
• You can be serious without wearing a suit.
• Never lose sight of the bigger picture.
• Two heads are better than one.
• Take the bull by the horns.
• We win & lose together.

Walker Morris is committed to being an inclusive employer. We welcome applications regardless of sexual orientation gender identity and expression age neuro diversity or disability status family or parental status race religion or ethnicity.Click hereto find out more about our diversity and inclusion work.

If you need any reasonable adjustments throughout the recruitment process please dont hesitate to ask. We are aDisability Confident employer.