Salary: £70,000 - 85,000 per year Requirements: Strong systems administration or network engineering background. Hands-on experience in incident response, vulnerability management, or security operations. Clear, articulate communicator able to explain technical risk to non-technical stakeholders. Strong technical troubleshooting skills across network, endpoint, and cloud. Ability to develop clear documentation, runbooks, and consistent security processes. Fluency in English (spoken and written). Motivated, proactive, and able to operate as the security point-of-contact. (Desirable) Experience in finance or retail environments. (Desirable) Exposure to ISO27001, SOC 2, or other security frameworks. (Desirable) Curiosity, deep technical interest, and a security mindset needed to anticipate and defend against threats. Responsibilities: Own and maintain ISO27001 and SOC 2 certification processes. Lead evidence collection, control implementation, compliance documentation, and readiness for external audits. Maintain and improve runbooks, processes, and policies. Strengthen vulnerability management capabilities and ensure clear remediation workflows. Monitor and respond to security alerts across endpoints, networks, and cloud workloads. Investigate incidents, support containment and recovery, and communicate clearly with engineering teams. Tune noisy alerts, improve detection logic, and refine SIEM visibility. Maintain and optimise the EDR environment (Sophos). Maintain and improve security configurations across AWS, Linux/Windows endpoints, networks, and identity systems. Oversee IAM best practices, least privilege, and access governance (joiner/mover/leaver processes). Manage firewall configurations (primarily Sophos). Assist in hardening infrastructure, patching cycles, and ensuring consistent baseline security. Contribute to the architecture of secure infrastructure and cloud systems. Provide guidance on secure networks, segmentation, and future identity tooling. Collaborate with engineers to ensure security considerations are integrated early in designs. Act as a subject-matter authority, offering clear reasoning and well-structured recommendations. Technologies: AWS Cloud Firewall IAM Support Linux Network Security Windows Bash PowerShell Python VPN More: We are excited to introduce a newly created role for a Cybersecurity Engineer specializing in ISO27001 and SOC 2 compliance. This position is essential for taking ownership of our certification processes and enhancing the overall security posture of our organization. You will be working closely with senior leadership and engineering teams, leading our security initiatives. We offer an annual performance bonus, healthcare, pension, and life assurance as part of our benefits package. This role is located in London, with a hybrid working model of three days onsite and is open to candidates with the right to work, as we cannot provide sponsorship. last updated 10 week of 2026