3rd Line Engineer (Security)

Job Title: 3rd Line Engineer (Security)

Ready to take your career to the next level?

We’re one of the UK’s most forward-thinking law firms, built on a foundation of innovation, collaboration, and ambition. Join us, and let’s shape the future together.

** Note to agencies – we are in a period of exclusive direct sourcing for this role and are not accepting applications from agencies. 

________________________________________

The role in 60 seconds

• Role: 3rd Line Engineer (Security)
• Team: Core Infrastructure and Apps (CIA) 
• Location: Hybrid working from Bristol, Southampton or Exeter
• Working Pattern: Full-time
• Why this role matters: This is a pivotal opportunity to ensure the security and supportability of enterprise applications by proactively managing updates, patches, and configuration changes. This role focuses on maintaining a secure and compliant application landscape by coordinating with internal teams and vendors to apply timely updates, reduce vulnerabilities, and ensure systems remain within support lifecycles.

________________________________________

What you’ll do

This position reports directly to the Technical Lead and requires the successful candidate to be within commuting distance of one of our key office locations: Bristol, Southampton, or Exeter. A minimum of two office-based days per week is expected, scheduled in alignment with business needs and agreed upon with the Technical Lead Manager. Occasional travel to other office locations may be required to support operational and project activities.

The Core Infrastructure and Apps (CIA) team provides third line technical support and servicing across the traditional Microsoft Windows Server and Microsoft 365 ecosystems and primary Legal Applications that reside upon them.

The team reports into the Technical Lead and are responsible for all aspects of the Microsoft platforms and applications on them from escalated incidents and requests, patching, servicing, monitoring and optimising by applying best practices and security measures and controls.

The primary objective of this role is to ensure that critical line-of-business applications remain secure, supported, and up to date—through proactive patching, configuration management, and lifecycle oversight.

This is in close collaboration with our managed services partner and third-party software providers and other internal IT teams.

It’s an exciting time to be joining, as the roadmap over the next 2 years involves significant investment and transformation of our service to be cloud first and Azure native where possible. Key projects include iManage cloud adoption, upgrades of our major legal application portfolio, integration works with firm acquisitions within the Microsoft 365 platform, replacement of ITSM tooling with ServiceNow, Cloud Virtual PC evaluation and migration of key workloads into Azure, of which the CIA team will have significant input and contribution towards

Key Responsibilities

• Ensure critical line-of-business applications remain secure, supported, and compliant through proactive patching, updates, and configuration management within change control processes and thorough testing and communications plans
• Collaborate with Cyber Security team to ensure alignment with Operating System, runtimes and Application patching lifecycle and support to prevent and mitigate vulnerabilities
• Detect and remediate legacy applications and runtimes/middleware and ensure phased and tested removal from the environment
• Support the onboarding and operational readiness of new applications, ensuring they meet security and supportability requirements
• Assist with internal audits, compliance reviews, and reporting related to application security and operational integrity
• Examine and apply security hardening to existing applications and services to align with industry baselines such as CIS and NIST
• Recommend and apply best practice security controls to
• Work alongside other IT teams to assist in defining and refining least privilege role-based access control for applications and services
• Working within the team to provide third line support and resolution for incidents, requests and problems within an ITIL framework for business-critical applications and productivity tools
• Serve as a primary liaison between application vendors and internal/external support teams as required to ensure supportable, stable and available solutions for our userbase
• Support a dynamic roadmap of transformation, including the migration of core business applications to cloud platforms
• Create and maintain comprehensive technical documentation artefacts such as high and low-level designs, runbooks, workflows and knowledge articles for 1st-3rd line support use and architectural approval
• Make constructive recommendations to improve the platforms and related processes by conducting technical research and creation of artefacts such as solutions option papers and present to senior stakeholders to drive continuous improvement and modernity
• Evaluate third-party proposals to ensure alignment with business objectives and technical accuracy and compatibility with the environment
• Monitor system alerts and respond according to predefined procedures
• Collaborate with Managed Services Partner on application packaging requests, testing and deployments
• Seek out and proactively suggest methods of efficiency and automation where possible such as scripting and templates
• Work within an Agile based sprint model of delivery
• Support the onboarding and upskilling of new and existing team members

________________________________________

What we’re looking for

We are seeking a highly capable and adaptable individual with a strong foundation in enterprise application support and modern cloud technologies. The ideal candidate will demonstrate the following:

Technical Expertise (essential)

• Proven experience in a 3rd line application support role, ideally within a legal or professional services environment.
• Strong understanding of application lifecycle management, including patching, upgrades, and vendor support models.
• Hands-on experience with applying security updates and configuration changes to enterprise applications and platforms.
• Familiarity with vulnerability management tools such as Qualys and Microsoft Defender, and the ability to remediate findings in collaboration with a Cyber Security Team.
• Strong working knowledge of Microsoft Windows Server Hybrid environments and Microsoft 365 and complementary solutions, including:
  • Entra ID
  • Microsoft Teams
  • Exchange Online
  • Windows 11
  • Intune
  • Defender
  • Mimecast
  • Windows Server – Active Directory, Group Policy, IIS, PKI, NPS
  • M365 apps (MS Office) – including templates, add-ins and macros
• Scripting using PowerShell and Microsoft Graph
• Familiarity with Azure DevOps for managing and tracking workloads within an Agile sprint delivery model
• Understanding of industry standards for Cyber Security, such as Cyber Essentials, NIST, CIS Benchmarks
• Understanding of Information Security standards such as ISO 27001 (desired)
• Industry standard certification, such as Microsoft 365 Modern Work Administrator (MD-102/MS-102), Azure Administrator (AZ-104), Windows Server Hybrid Administrator (AZ-800/AZ-801) and ITILv4 is advantageous

Legal Application Knowledge (highly desired – candidates with experience preferred)

Working knowledge of key legal business applications, including:

• iManage (document management) on-premises and cloud versions
• Elite 3E (practice management)
• InTapp Time (time recording)
• Elite MatterSphere (case and matter management – small footprint)
• Chrome River/Emburse (expenses)
• HighQ (secure file share and collaboration)
• Litera products – Metadact, Compare, DocXTools

Ability to act as a technical lead for these platforms, liaising with vendors and internal teams to ensure stability, upgrades, and integration.

Other Technologies (awareness and exposure)

• Virtual Cloud PC services such as Azure Virtual Desktop, Windows 365
• Power Platform awareness – Power Automate, Power Apps
• Dynamics 365 and Peppermint CX365
• LogicMonitor monitoring platform or similar
• Signature 365
• External domain and certificate management
• Print and Scan services - Equitrac, ShareScan, Kappris
• PowerShell App Deployment Toolkit (PSADT)
• Cisco Switching and networking fundamentals (DNS, DHCP, VLANs, load balancing)
• Cisco Meraki
• ServiceNow
• Qualys
• Hands-on experience with Microsoft Azure Security and Identity Management

Infrastructure & Vendor Management

• Experience working in environments where core infrastructure (e.g., networking, data centres) is delivered via managed service providers.
• Ability to review and challenge third-party technical proposals in the best interests of the business.

Problem Solving & Communication

• Demonstrated ability to troubleshoot complex technical issues and deliver effective, scalable solutions
• Work in a methodical controlled manner, remaining calm and composed during complex technical scenarios
• Able to work autonomously and to schedule own resource appropriately
• Strong communication skills, with the ability to explain technical concepts clearly to both technical and non-technical stakeholders
• Excellent written and verbal communication, including documentation, reporting, and presenting to senior audiences

Professional Attributes

• Highly organised with excellent time management and the ability to prioritise effectively under pressure
• A detail-oriented mindset with a passion for accuracy and quality
• Committed to continuous professional development, self-reflection, and knowledge sharing across teams
• Proven track record of owning and delivering work to a high standard, meeting deadlines and objectives consistently

________________________________________

Join a seriously ambitious firm

At Foot Anstey, we’re committed to making a difference for our people, our clients, and society. Here’s what makes us stand out:

• An ambitious growth strategy that opens up opportunities for our people to make their mark.
• A client base that spans household names, thriving startups, and ambitious enterprises.
• A culture built on our values of being refreshingly human, entrepreneurial, inclusive and collaborative.
• A strong focus on being a responsible business with a commitment to sustainability and giving back to our communities.
• Comprehensive professional development and training – whatever your role and level we have training that will support you to achieve your goals.

________________________________________

Progressive benefits tailored to you

We believe our people are our greatest asset. That’s why we offer a comprehensive benefits package designed to support your professional growth and personal wellbeing, including:

• Competitive salary and performance-linked bonus.
• Enhanced parental leave policies.
• Private healthcare and wellbeing initiatives (e.g., mental health support, gym memberships).
• An open, flexible working environment.
• Find out more about our benefits and work environment here Life at Foot Anstey | Foot Anstey

________________________________________

Ready to apply?

• Hit the "Apply Now" button.
  • Send us your CV and a quick note on why this role is perfect for you.
  • Our team will review your application and be in touch, whatever the outcome.
• Invited for interview?
  • With a straightforward process typically involving two interviews, our talent acquisition team will guide you through every step, ensuring you feel confident and prepared to show us what you can do.
  • We’re here to support your individual needs. If you require any adaptations or adjustments, we’re more than happy to accommodate these. Before your interview, we’ll contact you to discuss the themes we’ll cover and answer any questions you might have.
  • If you’d like to visit our offices prior to your interview or would like help testing your kit for your virtual interview, just let us know.

Let’s make your next career move the start of something extraordinary.