At a Glance
- Tasks: Lead cybersecurity strategy and protect vital information assets.
- Company: Join Hellios, a fast-growing leader in supplier information and risk management.
- Benefits: Competitive salary, growth opportunities, and a dynamic work environment.
- Other info: Be part of a culture focused on service quality and innovation.
- Why this job: Make a real impact in cybersecurity while working with innovative technologies.
- Qualifications: 10+ years in information security with strong leadership skills.
The predicted salary is between 60000 - 80000 € per year.
Location: Kemp House, Chawley Park, Cumnor, Oxford
Reporting to: Chief Information Security Officer
Job summary: To support and evolve our web-based Supplier Information & Risk management systems and business offerings.
The Cyber Security Engineer is responsible for establishing and maintaining the enterprise vision, strategy, and programme to ensure information assets, technologies, and data are adequately protected. This role will lead the organisation's cybersecurity strategy in alignment with Irish and EU regulatory requirements including GDPR, NIS2 Directive, DORA (where applicable), and Central Bank of Ireland guidance (if regulated). The Cyber Security Engineer will work closely with executive leadership and the Board to manage cyber risk and ensure resilience across the organisation.
KEY RESPONSIBILITIES
- Cybersecurity Strategy & Governance
- Develop, implement, and maintain the enterprise-wide information security strategy.
- Align security initiatives with business objectives and risk appetite.
- Establish and maintain security governance frameworks (e.g., ISO 27001, NIST CSF, Cyber Essentials).
- Report regularly to the Executive Team and Board on cybersecurity posture and risk.
- Risk Management & Compliance
- Lead enterprise cyber risk assessments and mitigation programmes.
- Ensure compliance with: GDPR and Data Protection Commission guidance, NIS2 Directive (where applicable), DORA (for financial services organisations).
- Oversee third-party and supply chain security risk management.
- Lead audit engagements and regulatory inspections related to cybersecurity.
- Security Operations & Incident Response
- Oversee security operations including SOC, threat detection, and vulnerability management.
- Develop and maintain incident response and crisis management plans.
- Lead response to major security incidents and coordinate with regulators and law enforcement where necessary.
- Ensure business continuity and disaster recovery capabilities are robust and tested.
- Architecture & Engineering Oversight
- Provide security architecture oversight for cloud, on-premises, and hybrid environments.
- Ensure secure software development practices (DevSecOps).
- Oversee identity and access management (IAM) and zero-trust initiatives.
- Data Protection & Privacy
- Work closely with the Data Protection Officer (DPO) to ensure technical and organisational measures are appropriate.
- Ensure strong data classification, encryption, and retention controls.
- Leadership & Culture
- Develop cybersecurity awareness programmes across the organisation to foster a strong security-first culture.
Required Experience & Qualifications
- Bachelor's in Information Security, Computer Science, Engineering, or related field.
- Relevant professional certifications such as: CISSP, CISM, CRISC, CISA, ISO 27001 Lead Implementer/Auditor.
- 10+ years in information security, with at least 5 years in a cybersecurity engineering role.
- Experience operating in regulated environments (e.g., financial services, healthcare, telecoms).
- Strong knowledge of cybersecurity regulatory frameworks.
- Proven experience leading incident response at enterprise scale.
- Experience reporting to Board-level stakeholders.
Technical Expertise
- Security frameworks: ISO 27001, NIST CSF, COBIT.
- Cloud security (AWS, Azure, GCP).
- Identity & Access Management (IAM).
- SIEM, SOAR, EDR/XDR platforms.
- Threat intelligence and vulnerability management.
- Data protection technologies.
- Secure SDLC and DevSecOps practices.
Competencies & Attributes
- Strategic thinker with strong commercial awareness.
- Excellent communication and stakeholder management skills.
- Strong leadership and team development capability.
- High integrity and ethical standards.
- Crisis management expertise.
- Ability to influence at Board and Executive level.
The Company
Hellios is a leading supplier information and risk management company operating in the financial services and defence industry. Established with the primary objective to benefit major blue-chip companies and their suppliers, Hellios provides a single streamlined approach by sharing data across an industry community in areas including modern slavery, cyber security and GDPR. Since its inception as a startup in 2012, Hellios has experienced rapid growth, expanding to over 145 employees and establishing offices across the UK, The Netherlands, Spain, and Ireland. The Company is continuing to grow quickly, and a key part of this role is to prepare the Company for further growth. At Hellios, we are guided by an ethos centred on delivering unparalleled service quality and innovative technology. Our commitment rests upon nurturing enduring, sustainable relationships with both our buyer and supplier clientele.
Cyber Security Engineer employer: Hellios
Hellios is an exceptional employer, offering a dynamic work environment in the heart of Oxford where innovation meets commitment to quality. As a Cyber Security Engineer, you will not only lead critical cybersecurity initiatives but also benefit from a culture that prioritises employee growth and development, alongside competitive remuneration and comprehensive benefits. Join us in shaping the future of risk management while enjoying the unique advantages of working within a rapidly expanding company that values collaboration and integrity.
StudySmarter Expert Advice🤫
We think this is how you could land Cyber Security Engineer
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the cybersecurity field. Attend meetups, webinars, or industry conferences. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your projects, certifications, and any relevant experience. This is your chance to demonstrate your expertise in cybersecurity frameworks and incident response strategies. Make it easy for potential employers to see what you bring to the table.
✨Tip Number 3
Prepare for interviews by brushing up on common cybersecurity scenarios and challenges. Be ready to discuss how you've handled incidents in the past and how you align security initiatives with business objectives. Confidence is key, so practice makes perfect!
✨Tip Number 4
Don't forget to apply through our website! We love seeing candidates who are genuinely interested in joining our team. Tailor your application to highlight how your experience aligns with our mission at Hellios, and let us know why you're excited about the role.
We think you need these skills to ace Cyber Security Engineer
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Cyber Security Engineer role. Highlight relevant experience and skills that align with our job description, especially in cybersecurity strategy and risk management.
Craft a Compelling Cover Letter:Your cover letter should tell us why you're the perfect fit for this role. Share specific examples of your past achievements in cybersecurity and how they relate to the responsibilities outlined in the job description.
Showcase Your Certifications:Don’t forget to mention your relevant certifications like CISSP or CISM. These are crucial for us to see your qualifications and commitment to the field of cybersecurity.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role without any hiccups!
How to prepare for a job interview at Hellios
✨Know Your Cybersecurity Frameworks
Familiarise yourself with key cybersecurity frameworks like ISO 27001 and NIST CSF. Be ready to discuss how you've applied these in past roles, especially in regulated environments. This shows you understand the importance of compliance and governance.
✨Demonstrate Incident Response Experience
Prepare specific examples of how you've led incident response efforts in your previous positions. Highlight your ability to coordinate with stakeholders and manage crises effectively. This will showcase your leadership skills and crisis management expertise.
✨Align with Business Objectives
Understand how cybersecurity initiatives align with business goals. Be prepared to discuss how you've developed strategies that not only protect information assets but also support overall business objectives. This demonstrates your strategic thinking and commercial awareness.
✨Showcase Your Communication Skills
Since you'll be reporting to Board-level stakeholders, practice articulating complex cybersecurity concepts in simple terms. Prepare to explain how you've communicated risks and strategies to non-technical audiences in the past. Strong communication is key in this role!
