Security Engineer

Douglas, Isle of Man
5 days ago
Create job alert

Overview

Our leading Douglas-based Finance Sector Client is expanding its Finance Team as they progress an ambitious transformation programme. As they evolve the technology organisation, they require an experienced Security Engineer.

Note - this role is based on the Isle of Man, so requires candidates to either be based on the island currently or be open to relocation.

Reporting to the Head of IT Security, the Security Engineer will assist with the translation of the company's Information Security policies and standards into practical operational procedures. You will work as part of the IT Security Team in areas including the design, implementation and maintenance of robust security measures across network and cloud environments, ensuring protection against potential threats, adherence to industry standards, and proactive incident response. This will include providing security consultancy services to the Change Team.

In this role you will

  • Ensure continual alignment of Information Security Policies with industry standards, regulatory requirements, and evolving cyber threats

  • Develop and communicate an effective strategy for the implementation of Information Security Policies across all departments and systems within the organisation

  • Establish mechanisms to regularly monitor and, measure compliance with Information Security Policies, addressing non-compliance issues

  • Maintain updated documentation, providing easy access to policies, guidelines, and procedures for all staff members

  • Establish a robust mechanism to ensure alignment with relevant Information Security Frameworks (e.g., ISO 27000 series, NIST, etc.), mapping organisational policies and practices to the framework's requirements

  • Conduct periodic internal assessments to evaluate adherence to Information Security Frameworks and compliance standards, driving continuous improvement and implement corrective actions based on assessment findings

  • Stay updated with industry trends, best practices, regulatory standards and amendments in Information Security Frameworks

  • Develop strategic plans outlining security objectives and domain roadmaps for network and Cloud environments aligned with organisational goals

  • Develop and implement security focused Architecture Building Blocks (ABBs) and Solution Building Blocks (SBBs) in collaboration with the Architecture team

  • Ensure adherence to industry best practices, regulatory standards, and internal security policies across network and Cloud environments

  • Develop and implement incident response plans specific to network and Cloud security incidents, outlining clear protocols for detection, containment, and recovery

  • Identify and establish partnerships with external security entities, including vendors, consultants, industry groups, or security forums

  • Regularly assess the performance and alignment of external security partners with organisational security objectives

  • Establish channels for continuous intelligence gathering from external partners regarding emerging threats, vulnerabilities, and best practices

  • Foster an environment of knowledge sharing and cooperation to leverage expertise from external entities

  • Develop a comprehensive framework for assessing the security posture of Material IT Suppliers, outlining assessment criteria, methodologies, and evaluation metrics

  • Working with the Head of IT Service, establish mechanisms to verify and validate the compliance of material IT suppliers with agreed-upon security standards, contractual obligations, and regulatory requirements

  • Conduct thorough assessments to identify security risks associated with material IT suppliers, considering factors like data handling, access controls, and compliance

  • Implement tools or systems for continuous monitoring of security practices and performance of material IT suppliers

  • Develop a standardised framework for conducting comprehensive risk assessments across the organisation's systems, applications, and infrastructure

  • Conduct periodic risk assessments to identify, analyse, and prioritise potential risks and threats to the organisation's assets and operations

  • Develop and implement risk mitigation strategies based on the findings from risk assessments, vulnerability testing, and penetration testing reports

  • Organise and oversee regular vulnerability assessments and penetration testing activities to identify weaknesses and potential entry points for cyber threats

  • Develop and maintain incident response plans aligned with identified risks and potential threats

    The ideal candidate for the role of Security Engineer will have:

    • Hold a degree in Computer Science, Information Security, or related field (or equivalent experience)

    • Advanced certifications (or working towards such a certification) such as CISSP, CISM, or equivalent are preferred

    • 5+ years in network and / or Cloud security roles, demonstrating progressive responsibility

    • Proven experience in designing and implementing security solutions in network and Cloud environments

    • Extensive experience in IT security, with a focus on Security Operations, Access Management, and Policy Development

    • Strong knowledge of security frameworks, such as NIST and ISO27000 series

    • Up-to-date knowledge of emerging security threats, trends, and technologies

    • Expertise in network security protocols, cloud security solutions (Azure/AWS/GCP), firewalls, intrusion detection systems, VPNs

    • Proficient in vulnerability assessment tools, incident response frameworks, and risk management methodologies

    • Analytical mindset and problem-solving abilities to assess security risks and propose appropriate mitigation strategies

    • A basic understanding for compliance and risk management

Related Jobs

View all jobs

Security Engineer, Senior, London, Bank 75k

Security Engineer - FTC

Security Engineer

Security Engineer II, Industry Products - Fixed

Security Engineer, AWS Security

Security Engineer – London - £37,000 + D2D Travel

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

UK Visa & Work Permits Explained: Your Essential Guide for International Cyber Security Talent

Cyber security is one of the fastest-growing fields in today’s digital age. As cyber threats proliferate—ranging from data breaches and ransomware attacks to sophisticated nation-state incursions—organisations worldwide are investing more than ever to protect their systems, networks, and customer data. The United Kingdom, in particular, is emerging as a hub for advanced cyber defence, AI-driven threat detection, and compliance consulting. For international cyber security professionals, the UK offers a wealth of career opportunities, spanning financial services, government contracts, tech start-ups, and global corporations. However, stepping into the UK’s cyber security job market requires a clear understanding of the country’s visa and work permit processes. If you are an international candidate with expertise in areas like intrusion detection, penetration testing, or security architecture, navigating these immigration pathways can be daunting. This article aims to demystify the visa process—highlighting key routes, eligibility criteria, and practical tips—to help you seamlessly transition into the British cyber security ecosystem.

Top UK Cyber Security Labs and Institutes: Defending the Digital Frontier

As digital technologies continue to advance at a blistering pace, cyber security has become one of the most critical and fast-growing sectors in the UK—and globally. From protecting financial networks and e-commerce platforms to securing critical national infrastructure, cyber security practitioners are on the front lines of the digital economy. The United Kingdom, with its robust academic institutions, thriving tech industry, and strong government support, stands out as a global leader in cyber security innovation. In this comprehensive blog post for CyberSecurityJobs.tech (using “cyber security” as two words, but retaining the site name for consistency with your domain), we spotlight the top cyber security labs and institutes across the UK, dive into emerging trends, and highlight how you can forge a successful career in this ever-evolving field. Whether you are a recent graduate, a seasoned IT professional pivoting into security, or simply intrigued by the challenges of defending modern networks, this guide aims to show you where to look for opportunities—and how to stand out.

Shadowing and Mentorship in Cybersecurity: Gaining Experience Before Your First Full-Time Role

How to Find Mentors, Build Industry Connections, and Develop Real-World Skills in a Rapidly Evolving Field Introduction Cybersecurity has become one of the most crucial, fast-growing fields in the tech industry—yet it can also be one of the most challenging areas to break into for new professionals. As cyber threats escalate worldwide, organisations of all shapes and sizes are looking for skilled individuals who can protect their data, systems, and networks from attacks. Whether your ultimate aim is to become a penetration tester, security analyst, incident responder, threat intelligence expert, or compliance specialist, the path to a full-time cybersecurity role typically requires more than just theoretical knowledge. This is where shadowing and mentorship come into play. Working alongside an experienced cybersecurity professional allows you to see how theories and frameworks apply in real-world scenarios—something textbooks, online courses, or even certifications cannot fully replicate. Mentors can provide the critical guidance, industry insights, and networking connections needed to help you progress from cybersecurity enthusiast to a confident, job-ready candidate. In this article, we explore why mentorship is so vital in cybersecurity, how job shadowing can sharpen your practical understanding, and how to secure these opportunities—whether through formal mentorship programmes or informal connections. We’ll also cover tips on demonstrating your value as a mentee, strategies for building long-term professional relationships, and ways to measure your growth so you’re ready to step into that first full-time cyber role with confidence.