At a Glance
- Tasks: Lead cybersecurity strategy and protect vital information assets.
- Company: Join Hellios, a fast-growing leader in supplier information and risk management.
- Benefits: Competitive salary, career growth, and a dynamic work environment.
- Other info: Be part of a vibrant team dedicated to innovation and excellence.
- Why this job: Make a real impact in cybersecurity while working with cutting-edge technologies.
- Qualifications: 10+ years in information security with strong leadership skills.
The predicted salary is between 60000 - 80000 € per year.
Location: Kemp House, Chawley Park, Cumnor, Oxford
Reporting to: Chief Information Security Officer
Job summary: To support and evolve our web-based Supplier Information & Risk management systems and business offerings.
The Cyber Security Engineer is responsible for establishing and maintaining the enterprise vision, strategy, and programme to ensure information assets, technologies, and data are adequately protected. This role will lead the organisation's cybersecurity strategy in alignment with Irish and EU regulatory requirements including GDPR, NIS2 Directive, DORA (where applicable), and Central Bank of Ireland guidance (if regulated). The Cyber Security Engineer will work closely with executive leadership and the Board to manage cyber risk and ensure resilience across the organisation.
KEY RESPONSIBILITIES
- Cybersecurity Strategy & Governance: Develop, implement, and maintain the enterprise-wide information security strategy. Align security initiatives with business objectives and risk appetite. Establish and maintain security governance frameworks (e.g., ISO 27001, NIST CSF, Cyber Essentials). Report regularly to the Executive Team and Board on cybersecurity posture and risk.
- Risk Management & Compliance: Lead enterprise cyber risk assessments and mitigation programmes. Ensure compliance with GDPR and Data Protection Commission guidance, NIS2 Directive (where applicable), and DORA (for financial services organisations). Oversee third-party and supply chain security risk management. Lead audit engagements and regulatory inspections related to cybersecurity.
- Security Operations & Incident Response: Oversee security operations including SOC, threat detection, and vulnerability management. Develop and maintain incident response and crisis management plans. Lead response to major security incidents and coordinate with regulators and law enforcement where necessary. Ensure business continuity and disaster recovery capabilities are robust and tested.
- Architecture & Engineering Oversight: Provide security architecture oversight for cloud, on-premises, and hybrid environments. Ensure secure software development practices (DevSecOps). Oversee identity and access management (IAM) and zero-trust initiatives.
- Data Protection & Privacy: Work closely with the Data Protection Officer (DPO) to ensure technical and organisational measures are appropriate. Ensure strong data classification, encryption, and retention controls.
- Leadership & Culture: Develop cybersecurity awareness programmes across the organisation. Foster a strong security-first culture.
Required Experience & Qualifications
- Bachelor's in Information Security, Computer Science, Engineering, or related field.
- Relevant professional certifications such as: CISSP, CISM, CRISC, CISA, ISO 27001 Lead Implementer/Auditor.
- 10+ years in information security, with at least 5 years in a cybersecurity engineering role.
- Experience operating in regulated environments (e.g., financial services, healthcare, telecoms).
- Strong knowledge of cybersecurity regulatory frameworks.
- Proven experience leading incident response at enterprise scale.
- Experience reporting to Board-level stakeholders.
Technical Expertise
- Security frameworks: ISO 27001, NIST CSF, COBIT.
- Cloud security (AWS, Azure, GCP).
- Identity & Access Management (IAM).
- SIEM, SOAR, EDR/XDR platforms.
- Threat intelligence and vulnerability management.
- Data protection technologies.
- Secure SDLC and DevSecOps practices.
Competencies & Attributes
- Strategic thinker with strong commercial awareness.
- Excellent communication and stakeholder management skills.
- Strong leadership and team development capability.
- High integrity and ethical standards.
- Crisis management expertise.
- Ability to influence at Board and Executive level.
The Company
Hellios is a leading supplier information and risk management company operating in the financial services and defence industry. Established with the primary objective to benefit major blue-chip companies and their suppliers, Hellios provides a single streamlined approach by sharing data across an industry community in areas including modern slavery, cyber security and GDPR. Since its inception as a startup in 2012, Hellios has experienced rapid growth, expanding to over 145 employees and establishing offices across the UK, The Netherlands, Spain, and Ireland. The Company is continuing to grow quickly, and a key part of this role is to prepare the Company for further growth. At Hellios, we are guided by an ethos centred on delivering unparalleled service quality and innovative technology. Our commitment rests upon nurturing enduring, sustainable relationships with both our buyer and supplier clientele.
Cyber Security Engineer in Oxford employer: Hellios
Hellios is an exceptional employer located in the picturesque setting of Chawley Park, Cumnor, Oxford, offering a dynamic work culture that prioritises innovation and collaboration. Employees benefit from a strong commitment to professional growth, with opportunities to lead impactful cybersecurity initiatives while ensuring compliance with critical regulations. The company fosters a security-first mindset, encouraging team members to develop their skills in a supportive environment that values integrity and excellence.
StudySmarter Expert Advice🤫
We think this is how you could land Cyber Security Engineer in Oxford
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the cybersecurity field. Attend meetups, webinars, or even local events. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your projects, certifications, and any relevant experience. This is your chance to demonstrate what you can bring to the table beyond just a CV.
✨Tip Number 3
Prepare for interviews by researching the company and its cybersecurity practices. Be ready to discuss how your experience aligns with their needs, especially around compliance and risk management. Tailor your answers to show you understand their challenges.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, we love seeing candidates who are proactive about their job search!
We think you need these skills to ace Cyber Security Engineer in Oxford
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Cyber Security Engineer role. Highlight your relevant experience, especially in cybersecurity strategy and compliance with regulations like GDPR and NIS2. We want to see how your skills align with our needs!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about cybersecurity and how you can contribute to our mission at Hellios. Be sure to mention any specific projects or achievements that showcase your expertise.
Showcase Your Technical Skills:Don’t forget to highlight your technical expertise in areas like cloud security, IAM, and incident response. We’re looking for someone who can hit the ground running, so make sure we know what tools and frameworks you’re familiar with!
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way to ensure your application gets into the right hands. Plus, you’ll get a feel for our company culture while you’re there!
How to prepare for a job interview at Hellios
✨Know Your Cybersecurity Frameworks
Familiarise yourself with key cybersecurity frameworks like ISO 27001 and NIST CSF. Be ready to discuss how you've applied these in past roles, especially in regulated environments. This shows you understand the importance of compliance and governance.
✨Demonstrate Incident Response Experience
Prepare specific examples of how you've led incident response efforts in previous positions. Highlight your ability to coordinate with stakeholders and manage crises effectively. This will showcase your leadership skills and crisis management expertise.
✨Align with Business Objectives
Understand how cybersecurity initiatives align with business goals. Be prepared to discuss how you've developed strategies that not only protect information assets but also support overall business objectives. This demonstrates your strategic thinking and commercial awareness.
✨Showcase Your Communication Skills
Since you'll be reporting to Board-level stakeholders, practice articulating complex cybersecurity concepts in simple terms. Highlight your experience in stakeholder management and how you've fostered a security-first culture within teams. Strong communication is key!
