Job Description
* Microsoft Azure,Vulnerability Management, Security Controls
* Cloud Security, ISO 27001, NIST
* Third party management/MSP/SOC
Security Engineer - HybridCambridgeshire
Our client is a global importer and supplier in the retail sector. They have a brand new vacancy for a Security Engineer to help protect and strengthen their technology environment as they continue their digital transformation journey.
Reporting to the Head of IT Infrastructure, you'll be responsible for designing, implementing, and continually improving security controls that safeguard systems, data, and operations. You'll work closely with internal IT teams, trusted partners, and business stakeholders to deliver secure, scalable solutions that support business continuity and future growth.
This is a hands-on role where you'll have real ownership and influence over the security posture in a business where reliability and availability are critical.
Responsibilities
* Design, implement, and enhance security infrastructure and operational security systems
* Monitor, respond to, and investigate security incidents to maintain high service availability
* Drive security improvements through automation, reliability, and best-practice controls
* Support cloud security adoption and the modernisation of on-prem and cloud environments
* Manage and collaborate with MSSP and key security vendors
* Ensure compliance with recognised frameworks and standards including ISO 27001, CIS Controls, and NIST
* Support business-critical projects and wider digital transformation initiatives
Skills and Experience
* 3-5 years' experience in a security engineering or similar IT security role
* Hands-on experience with security technologies (firewalls, SIEM, endpoint protection, vulnerability management tools, etc.)
* Experience supporting security solutions in both cloud and on-prem environments
* Proven experience in responding to and investigating security incidents
* Experience working with third-party vendors and managed security service providers
* Strong organisational skills with the ability to prioritise operational and project work
* Ability to clearly explain technical security topics to non-technical stakeholders
* Relevant certifications such as CompTIA Security+, SSCP, or equivalent (desirable)