You will work across our infrastructure landscape—Azure Kubernetes Services (AKS), Azure Virtual Machines, networking components, and application workloads—to ensure systems are protected from vulnerabilities, misconfigurations, and emerging threats. You’ll champion secure‑by‑design principles, automate security controls, and maintain strong monitoring and incident response practices.
The role requires close collaboration with Developers, Cloud Engineers, Product Managers, and external suppliers. You will also contribute to the continuous improvement of LBR’s cloud security posture, proactively identifying risks, recommending enhancements, and promoting a strong DevSecOps culture.
Key Responsibilities
- Work closely with Development, Cloud Engineering, and Product teams to embed security into cloud and application architectures.
- Provide guidance on secure design patterns and technical security recommendations.
- Support colleagues in understanding secure engineering principles and emerging threats.
- Enhance and maintain secure IaC using Terraform, ensuring compliance with internal policies and standards.
- Embed automated security checks into Azure DevOps CI/CD pipelines, including static analysis, dependency scanning, and IaC scanning.
- Ensure Kubernetes workloads follow best practices: RBAC, network policies, secrets management, image security, and ingress protections.
- Support secure configuration of Azure VMs hosting legacy or specialised products.
- Operate and enhance container vulnerability scanning
- Monitor CVEs relevant to Centellic’s stack and coordinate remediation activities with engineering teams.
- Perform regular reviews of Terraform modules, container images, Helm charts, and AKS configurations to identify misconfigurations and risks.
- Work with monitoring tooling (e.g., Datadog or Azure Monitor) to detect anomalous or suspicious activity.
- Maintain alerting rules, dashboards, and security signals supporting rapid detection and response.
- Participate in incident response alongside the Principal Developer, Cloud Engineer and developers, including root‑cause analysis and post‑incident improvements.
- Contribute to 24/7 support rotations where required.
- Ensure infrastructure and deployments adhere to LBR policies, including identity management, least privilege, encryption, and network security requirements.
- Maintain and improve secrets management using Azure Key Vault and Kubernetes secrets best practices.
- Support audits, documentation requirements, and risk assessments.
- Stay current with cloud‑security trends, threats, tools, and techniques.
- Recommend and trial new technologies to enhance security, governance, automation, and efficiency.
- Proactively identify opportunities to strengthen security posture across AKS, VM workloads, network layers, and CI/CD processes.
Skills Knowledge and Expertise
- Strong ability to diagnose and resolve complex cloud and security issues across infrastructure, applications, and DevOps tooling.
- Ability to translate security requirements into practical engineering tasks.
- Clear communicator able to explain security concepts to non‑security stakeholders.
- Works calmly under pressure with strong time‑management skills.
- Curious, proactive, and able to independently identify improvements.
- Security best practices for Azure, including networking, RBAC, managed identities, logging, and monitoring.
- Kubernetes security: network policies, PodSecurityStandards, RBAC, image security, secrets, ingress security, and high‑availability configurations.
- Terraform and Terraform‑security concepts (policies, modules, scanning tools).
- Azure DevOps CI/CD, including YAML pipelines, secure build pipelines, artifact management, and release governance.
- Container technologies: container hardening, image optimisation, multi‑stage builds, secure base image selection.
- Trivy (or similar), dependency scanning, and SAST/DAST tools.
- Scripting with Python, Bash, or PowerShell for automation.
- Git and branching strategies with a security‑focused approach.
- Knowledge of WAF, API security, OWASP Top 10, and common cloud‑security frameworks.
- WAF rules management, including creation, tuning, and monitoring.
- SSL/TLS configuration best practices, certificate lifecycle management.
- Experience with Cloudflare security features including WAF, SSL, and Zero Trust options.
About Centellic
Through proprietary data, deep market expertise and AI-enabled technology, our platforms are embedded in client workflows. That capability is underpinned by our events, which bring the market together to share perspective and deepen understanding of the issues shaping each sector. Together, they give organizations earlier visibility of emerging trends, and the clarity and confidence to act when decisions matter.
Benefits
Start of employment:
- Eye care
- Employee Assistance Programme
- A day off for your birthday
- Pension (4% employer contribution and 4% employee contribution)
- Life assurance
- Cycle to work scheme
- Season ticket loan
- £350 annual wellbeing allowance to contribute to gym memberships or fitness classes
- Puregym access
- Perks at work platform access
- Private healthcare
- Company socials
- Access to Employee Affinity Networks
- Mentoring scheme
- Volunteering Day
- Mortgage Advice
- Work from anywhere (2 weeks)
- Generous parental leave
‘We are proud to be an equal opportunities employer and are committed to ensuring that all candidates are given the same opportunity to succeed regardless of their sex, gender identity/expression or reassignment, sexual orientation, marital status, race, colour, nationality, ethnic or national origin, religion, age or disability.’
About
Please visit our website for more information.
Skills Required
- Experience securing Azure cloud services including AKS, Azure VMs, networking, RBAC and managed identities
- Kubernetes security: PodSecurityStandards, RBAC, network policies, secrets management, image security, ingress protections
- Terraform experience, including modules, policies and IaC scanning
- Azure DevOps CI/CD pipelines experience (YAML pipelines, secure build/release practices)
- Container security and vulnerability scanning (Trivy or similar) and container hardening
- Experience with SAST/DAST and dependency scanning tools
- Scripting for automation using Python, Bash, or PowerShell
- Experience with monitoring and detection tooling (Datadog or Azure Monitor) and alerting/dashboards
- Secrets management experience, especially Azure Key Vault and Kubernetes secrets best practices
- Git and branching strategies with security-focused workflows
- Knowledge of WAF, API security, OWASP Top 10, SSL/TLS and certificate lifecycle management
- Experience with Cloudflare security features including WAF, SSL and Zero Trust options
- Familiarity reviewing Terraform modules, Helm charts, container images and AKS configurations for misconfigurations
- Ability to participate in incident response and 24/7 support rotations when required
What We Do
Law Business Research (LBR) is a technology-enabled information services business powering the global legal industry with intelligence, analytics and performance data. We are a fast-growing, innovative company with a dynamic and diverse culture, and we take great pride in delivering a world-class, cutting-edge service to our global clients. By applying the latest technology to the fast-moving legal world, we enable our users to find their competitive edge and decide with confidence, armed with the insight they need. LBR delivers trusted intelligence and insight to users around the world through a range of tools and platforms that combine proprietary data and unique analysis. We make sense of complex, fast-changing information and enhance critical decision-making. With an international team of over 500 experienced professionals, LBR has a proven track record of informing, engaging and connecting legal practitioners. Our specialist platforms help clients enhance their decision-making, manage legal risk and drive improved performance.





.jpg)


