THE FIRM
Montagu Evans is an independent, market leading property consultancy. Headquartered in London with offices in Scotland and Manchester. Our work encompasses planning and development, property management, specialist valuations and transactions across the United Kingdom.
We’re a group of people that are excellent individually and exceptional together. We’re people that care about people, not just bricks and mortar. We care about our legacy, we create spaces that people use to live, work, communicate and connect.
We’re a partnership and the people who run the business are empowered to create their own teams to exceed our client’s requests. This highly flexible and collaborative approach, tailoring the talent to the complexity of the work, has enabled us to develop an exceptional business that has spanned nearly a century.
We encourage an honest and straight forward approach to our work and relationships. We embrace individuality, whilst relying on working together and never accepting the status quo.
We give everyone the opportunity to be the best version of themselves. We trust and support each other. We recognise that our people are the heart of our success and only by identifying, supporting, and promoting them will we be able to provide continued outstanding client service.
Together we are Montagu Evans.
Montagu Evans is committed to maintaining an inclusive work environment. One that embraces all everyone. Read more here https://www.montagu-evans.co.uk/about/diversity/
THE TEAM
The IT team is small, and very busy team that manage both on premise and cloud-based environments, and work with a number of service providers to deliver a seamless, secure IT services to the business. The team is continuing with its Cloud First strategy and is involved with a number of projects and initiatives to continually improve the IT environment as well as aligning to the firm’s Evolution 2.0 business plan.
The firm has achieved ISO 9001, ISO 27001 and Cyber Essentials Plus certifications and IT play a key role in actively maintaining and continually improving these. The team is now looking to expand to take on additional expertise and capacity to further improve the secure delivery of IT services to the business.
ROLE OVERVIEW
The IT Security Engineer role is a new role in the firm and will be responsible for all aspects of IT security, both technical and procedural. Supporting security aspects of key project initiatives for the business, and working with other members of the IT team, the role will focus on delivering secure IT services to all of Montagu Evans offices. The role will also assist with the growth of the firm’s Information Security capability and work with the Head of IT and external partners to evolve and deliver a cyber security strategy and roadmap.
This position is a technically focused role but will also involve direct engagement with business, clients, and suppliers. This person must have excellent customer facing skills, as the IT team sits in the same environment as business teams, and regularly engages with all departments and all levels of seniority. The role will include engaging with a number of service and software providers, both existing and new, to maintain and improve the security, reliability, and availability of these to the business.
MAIN DUTIES, RESPONSIBILITIES, ACCOUNTABILITIES
- Monitoring, supporting and maintaining the IT environment, primarily Microsoft cloud, for access, infrastructure and application security threats and issues.
- Working with 3rd party network and cloud service providers for BAU and service improvement activities.
- Lead role on patch management reporting, and the testing of security patches and updates to IT systems.
- Lead on anti-virus compliance and regular management reporting.
- Recording and investigating potential security threats and escalating those findings to the Head of IT.
- Manage and refine end point security and data loss prevention methods.
- Manage regular penetration tests, vulnerability scans, and any resultant remediation activities.
- Define, update and report on adherence to Information Security policies and processes.
- Work with IT and project teams to ensure ‘Secure by Design’ is incorporated in technology related projects.
- Contribution to, refinement and rehearsal of cyber response policies and protocols.
- Lead on the support on GDPR, in particular with Data Breach reporting and Subject Access Requests.
- Assist with internal and external compliance audits.
- Documentation of security / network configurations.
- Any additional duties as reasonably requested.
DESIRED KNOWLEDGE, SKILLS, EXPERIENCE & QUALIFICATION
Technical Skills
- Demonstrable experience of Microsoft Azure/Office 365/Exchange Online and Mimecast
- Over 3 years of working within ISO27001 / Cyber Essentials Plus environments.
- Knowledge of cybersecurity principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management.
- Experience of networking protocols and technologies including Cisco Meraki, switches, firewalls, IDS / IPS
- Technical proficiency of MFA and SSO technologies is required.
- Experience of DMARC and DLP would be beneficial.
- Good working knowledge of Information Security Incident and Event Management.
- Demonstrable knowledge of the latest IT security trends as wells as threats and emerging technologies.
- ITIL Foundation with a working experience of Incident, Problem and Change Management.
- Experience of project management best practices.
Personal Skills
- Excellent customer service skills with a helpful and responsive approach.
- Proactive approach with a ‘can-do’ attitude.
- Excellent organisational and time management skills with the ability to manage tasks efficiently.
- Works successfully as part of a team, sharing knowledge, collaborating with, and supporting colleagues.
- Clear and concise written and oral communication skills.
- Flexible in approach and adaptable to change.
- Resilient and calm under pressure.
- Motivated, results and delivery focused with a commitment to quality of work.
- A commitment to the highest level of integrity.
