Location
Kemp House, Chawley Park, Cumnor, Oxford
Job Title
Cyber Security Engineer
Reporting To
Chief Information Security Officer
Job Summary
To support and evolve our web‑based Supplier Information & Risk management systems and business offerings. The Cyber Security Engineer is responsible for establishing and maintaining the enterprise vision, strategy, and programme to ensure information assets, technologies, and data are adequately protected. This role will lead the organisation’s cybersecurity strategy in alignment with Irish and EU regulatory requirements including GDPR, NIS2 Directive, DORA (where applicable), and Central Bank of Ireland guidance (if regulated). The Cyber Security Engineer will work closely with executive leadership and the Board to manage cyber risk and ensure resilience across the organisation.
Key Responsibilities
* Cybersecurity Strategy & Governance
o Develop, implement, and maintain the enterprise‑wide information security strategy.
o Align security initiatives with business objectives and risk appetite.
o Establish and maintain security governance frameworks (e.g., ISO 27001, NIST CSF, Cyber Essentials).
o Report regularly to the Executive Team and Board on cybersecurity posture and risk.
* Risk Management & Compliance
o Lead enterprise cyber risk assessments and mitigation programmes.
o Ensure compliance with:
+ GDPR and Data Protection Commission guidance
+ NIS2 Directive (where applicable)
+ DORA (for financial services organisations)
o Oversee third‑party and supply‑chain security risk management.
o Lead audit engagements and regulatory inspections related to cybersecurity.
* Security Operations & Incident Response
o Oversee security operations including SOC, threat detection, and vulnerability management.
o Develop and maintain incident response and crisis management plans.
o Lead response to major security incidents and coordinate with regulators and law enforcement where necessary.
o Ensure business continuity and disaster recovery capabilities are robust and tested.
* Architecture & Engineering Oversight
o Provide security architecture oversight for cloud, on‑premises, and hybrid environments.
o Ensure secure software development practices (DevSecOps).
o Oversee identity and access management (IAM) and zero‑trust initiatives.
* Data Protection & Privacy
o Work closely with the Data Protection Officer (DPO) to ensure technical and organisational measures are appropriate.
o Ensure strong data classification, encryption, and retention controls.
* Leadership & Culture
o Develop cybersecurity awareness programmes across the organisation.
o Foster a strong security‑first culture.
Required Experience & Qualifications
* Bachelor’s in Information Security, Computer Science, Engineering, or related field.
* Relevant professional certifications such as:
o CISSP
o CISM
o CRISC
o CISA
o ISO 27001 Lead Implementer/Auditor
Experience
* 10+ years in information security, with at least 5 years in a cybersecurity engineering role.
* Experience operating in regulated environments (e.g., financial services, healthcare, telecoms).
* Strong knowledge of cybersecurity regulatory frameworks.
* Proven experience leading incident response at enterprise scale.
* Experience reporting to Board‑level stakeholders.
Technical Expertise
* Security frameworks: ISO 27001, NIST CSF, COBIT
* Cloud security (AWS, Azure, GCP)
* Identity & Access Management (IAM)
* SIEM, SOAR, EDR/XDR platforms
* Threat intelligence and vulnerability management
* Data protection technologies
* Secure SDLC and DevSecOps practices
Competencies & Attributes
* Strategic thinker with strong commercial awareness
* Excellent communication and stakeholder management skills
* Strong leadership and team development capability
* High integrity and ethical standards
* Crisis management expertise
* Ability to influence at Board and Executive level
The Company
Hellios is a leading supplier information and risk management company operating in the financial services and defence industry. Established with the primary objective to benefit major blue‑chip companies and their suppliers, Hellios provides a single streamlined approach by sharing data across an industry community in areas including modern slavery, cyber security and GDPR. Since its inception as a startup in 2012, Hellios has experienced rapid growth, expanding to over 145 employees and establishing offices across the UK, The Netherlands, Spain, and Ireland. The Company is continuing to grow quickly, and a key part of this role is to prepare the Company for further growth. At Hellios, we are guided by an ethos centred on delivering unparalleled service quality and innovative technology. Our commitment rests upon nurturing enduring, sustainable relationships with both our buyer and supplier clientele.
#J-18808-Ljbffr