Cyber Security Engineer
Job Description
Job title: Cyber Security Engineer
Company: Hogan Lovells
Job description: Keen to become part of a truly global, collaborative team of professionals? Your journey begins here.
Job Title
Cyber Security Engineer
Department
Information Security
Office Location
London and Birmingham
Reports To
Head of Security Operations and Intelligence
Working Hours
35 hours per week, 9:30am to 5:30pm but additional hours may be required. We are happy to consider agile and flexible working patterns. Our approach to hybrid working allows for up to 40% of time working from home and 60% working in the office, please contact a member of the recruitment team to discuss further.
Firm Description
Hogan Lovells is one of the leading global law firms. Our distinctive market position is founded on our exceptional breadth of our practice, on deep industry knowledge, and on our ‘one team’ global approach. Formed through the combination of two top international law firms, Hogan Lovells has over 40 offices in the Americas, Asia-Pacific, Europe, the Middle East and Africa.
With a presence in the world’s major financial and commercial markets, we are well placed to provide excellent business-oriented advice to our clients locally and internationally. Our people are the key to our success, which is why we seek to recruit and retain the most talented individuals in all regions of our global practice.
In the UK Hogan Lovells has offices in Birmingham and London. The Birmingham office opened in 2015 and has a number of practice areas including Corporate/Commercial, Disputes, Finance and Real Estate, as well as our Legal Delivery Centre and business services departments. The office has recently trebled in size and moved into a new fitted out space in the Colmore Building.
DEPARTMENT DESCRIPTION
The General Counsels’ office is legal counsel to the firm. We are involved with all legal matters relating to conflicts, ethics, engagement terms and business intake; compliance with law and legal requirements in all of our jurisdictions; interactions with regulators; general firm policies; risk management and matters affecting the reputation of the firm; and legal issues in the business of the firm such as contracts and agreements.
ROLE OVERVIEW
The Cyber Security Engineer will deploy, manage, and maintain the security tooling i.e., mail gateway, web gateway, firewalls, IPS/IDS, EDR, etc. This will include elements of lifting and shifting to the cloud and working with agent-based security solutions, as well as configuring rules, alerts, and alarms.
The Cyber Security Engineer will also work with multiple vendors and service providers to ensure security risks, security events and security incidents are detected and investigated. They will ensure the tooling is on, working and meeting the required service levels.
The qualified candidate must be strong in multiple security domains and be prepared to respond to technical issues. There will be an element of on-call duties and supporting investigations and remediation activities.
Key Responsibilities / Accountabilities
Support the IT teams in procuring, commissioning, administering and decommissioning Security Operations tooling.
Ensure Security Operations tooling is appropriate, documented and kept up to date.
Identifying security tooling which requires updating and upgrading, and which tooling is no longer fit for purpose.
Work with Security Architects on High-Level Design and Low-Level Design documentation.
Participate in the Change Management process, where appropriate.
Engage with our Security Service Provider(s) and ensure their work is accurate and timely; there will be a need to follow up investigations internally and apply the recommended actions accordingly.
Specific duties or responsibilities may be reviewed from time to time to reflect
changes in personnel and management structure, staff location or services.
All members of the firm participate in our Responsible Business program.
Person Specification
Qualifications and Training
Bachelor’s degree in computer science, cyber security, or related field preferred. Equivalent work experience can substitute for a degree.
Industry certifications in cyber security, such as Microsoft Learn (SC), GIAC qualifications, CISSP, etc.
Knowledge and Experience
3 to 5 years of information security or cyber security preferred.
Experience and/or certifications which provide working knowledge of firewalls, IPS/IDS, gateways etc.
Experience and/or certification in the OSI model, network security, cloud security, zero trust principles.
Cloud experience, ideally with MS Azure though open to AWS, GCP, Oracle Cloud.
Experience in implementing various security controls, such as NIST, CSA, HIPAA, PCI, etc.
Experience with implementation of security tools such as WAF, IPS/IDS, SIEM, Data Leakage Prevention, Automation and Orchestration, Encryption, etc.
Experience with MS Sentinel and ServiceNow.
Agile Working Statement
Our goal is to embed flexibility across our business by giving everyone the opportunity to work in an agile way, whether as a regular pattern or on an ad hoc basis, and we will be happy to discuss this further.
Equal Opportunities Employment Statement
It is the policy of Hogan Lovells to provide equal opportunities for all employees in relation to recruitment, training and promotion. Decisions in these areas will be made only by reference to the requirements of the job and shall not be influenced by any consideration of racial or ethnic origin, religion, sex , gender and gender identity, age, sexual orientation, marital and civil partnership status, pregnancy or disability.
