It Security Engineer

As an IT Security Engineer, you will be responsible for protecting systems, networks and data from cyber threats and ensuring compliance with security standards.Identification of vulnerabilities, responding to security incidents and conducting regular assessments of the Achilles security posture.Results & ResponsibilitiesSecurity OperationsThreat Monitoring: Monitor network traffic for suspicious activity, detect and respond to potential threats, and provide recommendations for mitigation.Security Audits: Conduct internal audits of Achilles teams to ensure ISO *****, SOC 2 Type 2 and ENS requirements are met.Firewall and VPN Management: Configure and manage firewalls, VPNs, and related network security devices to ensure optimal protection.Collaboration: Work with other IT teams to ensure security is embedded in infrastructure designs and processes.Patch Management: Ensure timely updates and patches to network devices to mitigate vulnerabilities.Documentation: Maintain detailed documentation of network configurations, security incidents, and changes made to systems.Information SecurityCompliance and Audits: Ensuring that the organisation complies with ISO ***** requirements and other related standards.Preparing for internal and external audits.Incident Management: Handling security incidents and breaches, ensuring proper reporting and analysis.Ensuring that corrective actions from security incidents are implemented and that lessons learned are incorporated into future improvements.Vendor and Third-Party Management: Ensuring that third-party vendors and service providers comply with the organisation's security policies and ISO *****, SOC 2 Type 2 and ENS requirements.Continuous Improvement: Monitoring the effectiveness of the ISMS and implementing improvements as needed.Collaboration: Working closely with IT, legal, compliance, and other departments to ensure a unified approach to security.Collaborating on the integration of ISO *****, SOC 2 Type 2 and ENS requirements into broader IT or business processes.Personal DevelopmentTaking personal responsibility for skills development, particularly to enhance security capabilities.Actively participating in the performance management process and taking responsibility for delivering agreed objectives.RelationshipsManage and develop relationships with third party providers and internal stakeholdersBeing a security 'go to person'.PERSON SPECIFICATIONKnowledgeUnderstanding of ISO ***** principles, threat modelling, vulnerability assessments, and risk treatment methodologies.Deep understanding of network security principles (e.g., firewalls, VPNs, intrusion detection systems, SIEM), and network protocols.Knowledge of encryption methods, access control mechanisms, and endpoint security tools.Knowledge of compliance frameworks (ISO *****, SOC 2, ENS, PCI DSS) and best practices.Knowledge and experience with securing cloud environments (Azure).Knowledge of network architectures.ExperienceMinimum of 5 years of experience in IT Security, with a proven track record in a similar role.Technical skills:Strong understanding of network protocols, including TCP/IP, DNS, routing, and switching.Experience of security toolsets (Mimecast Portal and DMARC, Sophos Central, Qualys, Duo, Taegis XDR, Microsoft Entra ID, Copilot and InTune).Soft skills:Strong problem-solving and analytical skills.Excellent communication skills, both verbal and written.Ability to work both independently and collaboratively in a fast-paced environment.Preferred skills:Experience in conducting penetration testing and threat hunting.Scripting experience (PowerShell) for automation of security tasks.QualificationsIT Diploma level or equivalent experience.ISO ***** Lead Auditor desirable.CISSP, CEH, CCNA Security, or other relevant security certifications are highly desirable.Fluent in English and Spanish, with the ability to communicate effectively in both written and spoken form.CompetenciesDecision MakingIdentifies and evaluates the range of options open to themArticulates the assumptions made and the risks involved in decisions takenAnalyses information carefully to identify facts, patterns, trends and missing data that may impact on a decisionCommunicates decisions clearly to those who are affectedAchieving ResultsFocuses on performance outcomes despite uncertain or difficult circumstancesActively links own efforts to those of others within the team to avoid overlap, rework or delaysSpots opportunities to deliver beyond expectations, where this would help others perform more effectivelySets own targets and objectives with clear reference to how these contribute to the departmental business planManaging ChangeResponds constructively and quickly to shifting goalposts or changing requirementsCopes effectively with rapid change or increased demandsReprioritises own work or the work of the team in response to external pressuresIs flexible in their approach; adapts their working style to suit the needs of the situationDrive & MotivationAddresses multiple demands without losing focus or energyIncreases efforts in the face of difficulties or obstacles and recovers quickly after setbacksRemains calm and focused during stressful or challenging situations; concentrates only on things they can control or influenceEncourages others during challenging times with their positive, can-do attitudeCreative CapacityUses initiative to resolve recurring problems in own role or teamTakes calculated risks to improve own performanceTries out new ways of workingAllocates time to identifying and resolving the root causes of problems

Knowledge Understanding of ISO ***** principles, threat modelling, vulnerability assessments, and risk treatment methodologies. Deep understanding of network security principles (e.g., firewalls, VPNs, intrusion detection systems, SIEM), and network protocols. Knowledge of encryption methods, access control mechanisms, and endpoint security tools. Knowledge of compliance frameworks (ISO *****, SOC 2, ENS, PCI DSS) and best practices. Knowledge and experience with securing cloud environments (Azure). Knowledge of network architectures. Experience Minimum of 5 years of experience in IT Security, with a proven track record in a similar role. Technical skills: Strong understanding of network protocols, including TCP/IP, DNS, routing, and switching. Experience of security toolsets (Mimecast Portal and DMARC, Sophos Central, Qualys, Duo, Taegis XDR, Microsoft Entra ID, Copilot and InTune). Soft skills: Strong problem-solving and analytical skills. Excellent communication skills, both verbal and written. Ability to work both independently and collaboratively in a fast-paced environment. Preferred skills: Experience in conducting penetration testing and threat hunting. Scripting experience (PowerShell) for automation of security tasks. Qualifications IT Diploma level or equivalent experience. ISO ***** Lead Auditor desirable. CISSP, CEH, CCNA Security, or other relevant security certifications are highly desirable. Fluent in English and Spanish, with the ability to communicate effectively in both written and spoken form. Competencies Decision Making Identifies and evaluates the range of options open to them Articulates the assumptions made and the risks involved in decisions taken Analyses information carefully to identify facts, patterns, trends and missing data that may impact on a decision Communicates decisions clearly to those who are affected Achieving Results Focuses on performance outcomes despite uncertain or difficult circumstances Actively links own efforts to those of others within the team to avoid overlap, rework or delays Spots opportunities to deliver beyond expectations, where this would help others perform more effectively Sets own targets and objectives with clear reference to how these contribute to the departmental business plan Managing Change Responds constructively and quickly to shifting goalposts or changing requirements Copes effectively with rapid change or increased demands Reprioritises own work or the work of the team in response to external pressures Is flexible in their approach; adapts their working style to suit the needs of the situation Drive & Motivation Addresses multiple demands without losing focus or energy Increases efforts in the face of difficulties or obstacles and recovers quickly after setbacks Remains calm and focused during stressful or challenging situations; concentrates only on things they can control or influence Encourages others during challenging times with their positive, can-do attitude Creative Capacity Uses initiative to resolve recurring problems in own role or team Takes calculated risks to improve own performance Tries out new ways of working Allocates time to identifying and resolving the root causes of problems