Cyber Security Engineer

Job title: Cyber Security Engineer Location: Kemp House, Chawley Park, Cumnor, Oxford Reporting to: Chief Information Security Officer Job summary:

To support and evolve our web-based Supplier Information & Risk management systems and business offerings

The Cyber Security Engineer is responsible for establishing and maintaining the enterprise vision, strategy, and programme to ensure information assets, technologies, and data are adequately protected.

This role will lead the organisation's cybersecurity strategy in alignment with Irish and EU regulatory requirements including GDPR
, NIS2 Directive
, DORA (where applicable), and Central Bank of Ireland guidance (if regulated). The Cyber Security Engineer will work closely with executive leadership and the Board to manage cyber risk and ensure resilience across the organisation.

• Develop, implement, and maintain the enterprise-wide information security strategy.
• Align security initiatives with business objectives and risk appetite.
• Establish and maintain security governance frameworks (e.g., ISO 27001, NIST CSF, Cyber Essentials).
• Report regularly to the Executive Team and Board on cybersecurity posture and risk.

• Lead enterprise cyber risk assessments and mitigation programmes.
• Ensure compliance with:
• GDPR and Data Protection Commission guidance
• NIS2 Directive (where applicable)
• DORA (for financial services organisations)
• Oversee third-party and supply chain security risk management.
• Lead audit engagements and regulatory inspections related to cybersecurity.

• Oversee security operations including SOC, threat detection, and vulnerability management.
• Develop and maintain incident response and crisis management plans.
• Lead response to major security incidents and coordinate with regulators and law enforcement where necessary.
• Ensure business continuity and disaster recovery capabilities are robust and tested.

• Provide security architecture oversight for cloud, on-premises, and hybrid environments.
• Ensure secure software development practices (Dev Sec Ops ).
• Oversee identity and access management (IAM) and zero-trust initiatives.

• Work closely with the Data Protection Officer (DPO) to ensure technical and organisational measures are appropriate.
• Ensure strong data classification, encryption, and retention controls.

• Develop cybersecurity awareness programmes across the organisation.
  
  Foster a strong security-first culture.

• Bachelor's in Information Security, Computer Science, Engineering, or related field.
• Relevant professional certifications such as:
• CISSP
• CISM
• CRISC
• CISA
• ISO 27001 Lead Implementer/Auditor

• 10+ years in information security, with at least 5 years in a cybersecurity engineering role.
• Experience operating in regulated environments (e.g., financial services, healthcare, telecoms).
• Strong knowledge of cybersecurity regulatory frameworks.
• Proven experience leading incident response at enterprise scale.
• Experience reporting to Board-level stakeholders.

• Security frameworks: ISO 27001, NIST CSF, COBIT
• Cloud security (AWS, Azure, GCP)
• Identity & Access Management (IAM)
• SIEM, SOAR, EDR/XDR platforms
• Threat intelligence and vulnerability management
• Data protection technologies
• Secure SDLC and Dev Sec Ops  practices

• Strategic thinker with strong commercial awareness
• Excellent communication and stakeholder management skills
• Strong leadership and team development capability
• High integrity and ethical standards
• Crisis management expertise
• Ability to influence at Board and Executive level

Hellios is a leading supplier information and risk management company operating in the financial services and defence industry. Established with the primary objective to benefit major blue‑chip companies and their suppliers, Hellios provides a single streamlined approach by sharing data across an industry community in areas including modern slavery, cyber security and GDPR.

Since its inception as a startup in 2012, Hellios has experienced rapid growth, expanding to over 145 employees and establishing offices across the UK, The Netherlands, Spain, and Ireland. The Company is continuing to grow quickly, and a key part of this role is to prepare the Company for further growth.

At Hellios, we are guided by an ethos centred on delivering unparalleled service quality and innovative technology. Our commitment rests upon nurturing enduring, sustainable relationships with both our buyer and supplier clientele. To delve deeper into Hellios' core values shaping the culture embraced by our team, partners, and our customer‑centric approach, please visit our website at