Cybersecurity Analyst/Engineer

Cybersecurity Engineer (ISO27001 & SOC 2 Lead)

Location: London (3 days per week onsite)
Must have Right to Work: Cannot provide sponsorship

Overview

A newly created role to take ownership of ISO27001 and SOC 2 certification, ongoing compliance, and the organisation's overall security posture. This position exists because elements of the work have been covered ad‑hoc by internal staff, but now require a dedicated specialist to lead, maintain, and operationalise the security programme.

You will work closely with senior leadership as well as engineering teams, acting as an authoritative voice on cybersecurity, helping strengthen defences, reduce risk, and ensure the organisation is always audit‑ready.

This is an excellent opportunity for someone with strong SysAdmin/Network Engineering foundations who has transitioned or is transitioning into cybersecurity and wants to operate as the central technical security owner.

Key Responsibilities

Security Governance & Compliance (ISO27001 & SOC 2)

Own and maintain ISO27001 and SOC 2 certification processes.
Lead evidence collection, control implementation, compliance documentation, and readiness for external audits.
Maintain and improve runbooks, processes, and policies.
Strengthen vulnerability management capabilities and ensure clear remediation workflows.Security Operations

Monitor and respond to security alerts across endpoints, networks, and cloud workloads.
Investigate incidents, support containment and recovery, and communicate clearly with engineering teams.
Tune noisy alerts, improve detection logic, and refine SIEM visibility.
Maintain and optimise the EDR environment (Sophos).Security Administration

Maintain and improve security configurations across AWS, Linux/Windows endpoints, networks, and identity systems.
Oversee IAM best practices, least privilege, and access governance (joiner/mover/leaver processes).
Manage firewall configurations (primarily Sophos).
Assist in hardening infrastructure, patching cycles, and ensuring consistent baseline security.Security Design & Architecture

Contribute to the architecture of secure infrastructure and cloud systems.
Provide guidance on secure networks, segmentation, and future identity tooling.
Collaborate with engineers to ensure security considerations are integrated early in designs.
Act as a subject-matter authority, offering clear reasoning and well-structured recommendations.Technical Environment

Experience with some of the following is preferred (not all required):

EDR: Sophos
Cloud: AWS
SIEM: Wallix
Firewalls: Sophos-based
Operating Systems: Windows & Linux
Networking: VLANs, routing, switching, DNS, DHCP, VPN
Scripting: PowerShell, Bash, or Python
Identity: No current central identity solution-opportunity to shape this areaA strong networking/sysadmin foundation is important, and an ideal candidate has progressed (or is intentionally progressing) into a cybersecurity-focused career.

What We're Looking For

Essential

Strong systems administration or network engineering background.
Hands-on experience in incident response, vulnerability management, or security operations.
Clear, articulate communicator able to explain technical risk to non-technical stakeholders.
Strong technical troubleshooting skills across network, endpoint, and cloud.
Ability to develop clear documentation, runbooks, and consistent security processes.
Fluency in English (spoken and written).
Motivated, proactive, and able to operate as the security point-of-contact.Desirable

Experience in finance or retail environments (not essential).
Exposure to ISO27001, SOC 2, or other security frameworks.
Someone who has the curiosity, deep technical interest, and "security mindset" needed to anticipate and defend against threats.Benefits

Annual performance bonus
Healthcare, pension, and life assurance

Services advertised by Gold Group are those of an Agency and/or an Employment Business.
We will contact you within the next 14 days if you are selected for interview. For a copy of our privacy policy please visit our website