Cybersecurity Engineer (ISO27001 & SOC 2)
Must have Right to Work: Cannot provide sponsorship
Overview
A newly created role to take ownership of ISO27001 and SOC 2 certification, ongoing compliance, and the organisation’s overall security posture. This position exists because elements of the work have been covered ad‑hoc by internal staff, but now require a dedicated specialist to lead, maintain, and operationalise the security programme.
You will work closely with senior leadership as well as engineering teams, acting as an authoritative voice on cybersecurity, helping strengthen defences, reduce risk, and ensure the organisation is always audit‑ready.
This is an excellent opportunity for someone with strong SysAdmin/Network Engineering foundations who has transitioned or is transitioning into cybersecurity and wants to operate as the central technical security owner.
Key Responsibilities
Security Governance & Compliance (ISO27001 & SOC 2)
* Own and maintain ISO27001 and SOC 2 certification processes.
* Lead evidence collection, control implementation, compliance documentation, and readiness for external audits.
* Maintain and improve runbooks, processes, and policies.
* Strengthen vulnerability management capabilities and ensure clear remediation workflows.
Security Operations
* Monitor and respond to security alerts across endpoints, networks, and cloud workloads.
* Investigate incidents, support containment and recovery, and communicate clearly with engineering teams.
* Tune noisy alerts, improve detection logic, and refine SIEM visibility.
* Maintain and optimise the EDR environment (Sophos).
Security Administration
* Maintain and improve security configurations across AWS, Linux/Windows endpoints, networks, and identity systems.
* Oversee IAM best practices, least privilege, and access governance (joiner/mover/leaver processes).
* Manage firewall configurations (primarily Sophos).
* Assist in hardening infrastructure, patching cycles, and ensuring consistent baseline security.
Security Design & Architecture
* Contribute to the architecture of secure infrastructure and cloud systems.
* Provide guidance on secure networks, segmentation, and future identity tooling.
* Collaborate with engineers to ensure security considerations are integrated early in designs.
* Act as a subject-matter authority, offering clear reasoning and well-structured recommendations.
Technical Environment
Experience with some of the following is preferred (not all required):
* EDR: Sophos
* Cloud: AWS
* SIEM: Wallix
* Firewalls: Sophos-based
* Networking: VLANs, routing, switching, DNS, DHCP, VPN
* Scripting: PowerShell, Bash, or Python
* Identity: No current central identity solution—opportunity to shape this area
A strong networking/sysadmin foundation is important, and an ideal candidate has progressed (or is intentionally progressing) into a cybersecurity-focused career.
What We’re Looking For
* Strong systems administration or network engineering background.
* Hands-on experience in incident response, vulnerability management, or security operations.
* Clear, articulate communicator able to explain technical risk to non-technical stakeholders.
* Strong technical troubleshooting skills across network, endpoint, and cloud.
* Ability to develop clear documentation, runbooks, and consistent security processes.
* Fluency in English (spoken and written).
* Motivated, proactive, and able to operate as the security point-of-contact.
* Experience in finance or retail environments (not essential).
* Exposure to ISO27001, SOC 2, or other security frameworks.
* Someone who has the curiosity, deep technical interest, and “security mindset” needed to anticipate and defend against threats.
#J-18808-Ljbffr