Cyber Security Engineer

Overview

We are seeking a hands-on IT & Cyber Security Engineer to join our IT team within a large Irish multinational where security excellence and operational delivery go hand in hand.

Cybersecurity is the core focus of this role. The successful candidate will own and drive the organisation’s security accreditation and certification programme while continuously improving security maturity toward recognised industry standards. The role requires awareness of the regulatory landscape including NIS2 and GDPR obligations.

This is a key role responsible for embedding practical security controls, governance, and standards that keep the organisation secure and audit-ready. The role also contributes across the wider IT function in a collaborative, hands-on environment.

Key Responsibilities

Cyber & Information Security

Security Controls & Accreditation

• Own and maintain Cyber Essentials Plus (CE+) accreditation and ongoing readiness
• Enhance security maturity aligned with ISO 27001 and recognised industry frameworks
• Ensure security controls align with recognised industry best practices across:

• Boundary firewalls and internet gateways
• Secure configuration of servers, endpoints, and cloud services
• User access control and privileged access management
• Malware protection and endpoint security
• Patch and vulnerability management

• Prepare and maintain documentation, evidence, and artefacts required for security audits and technical assurance activities
• Support external assessors during audits, penetration testing, and verification activities

Security Operations & Governance

• Own and evolve security policies, procedures, and standards aligned with CE+, ISO 27001, and broader frameworks (e.g. CIS, NIST)
• Maintain awareness of applicable regulatory obligations including NIS2 and GDPR, particularly in the context of incident response and breach notification
• Manage and optimise security configurations within Microsoft 365 and Azure, including:

• Conditional access and Entra ID
• Multi-factor authentication (MFA)
• Device compliance via Microsoft Intune
• Microsoft Defender for Endpoint and Defender for Identity
• Microsoft Sentinel for security monitoring and incident detection

• Identify security risks and vulnerabilities and drive remediation through to closure
• Lead and coordinate cyber incident and breach management, including detection, investigation, containment, remediation, and lessons learned
• Deliver security awareness and acceptable-use training

Systems Administration & General IT

• Act as a senior escalation point for IT support issues
• Support and administer core platforms including Microsoft 365, Azure, Active Directory, and VMware / vCentre
• Ensure systems are securely configured by default in line with industry best practice
• Contribute to general IT improvement initiatives in a small, hands-on environment

Essential Qualifications & Skills

• Degree in Computer Science, Information Technology, or a related discipline
• 4–5 years’ hands-on experience in an IT role with cybersecurity as a primary focus
• Demonstrable experience implementing and owning security controls aligned to recognised frameworks (e.g. CE+, ISO 27001, CIS, NIST)
• Practical experience with firewalls and boundary protection, identity and access management (including MFA and least privilege), patch management, vulnerability remediation, and endpoint protection
• Hands-on experience with the Microsoft security stack: Defender for Endpoint, Defender for Identity, Sentinel, Intune, and Entra ID
• Strong experience with Microsoft 365, Azure, Active Directory, and VMware / vCentre
• Understanding of NIS2, GDPR, and applicable regulatory obligations as they relate to security operations
• Experience owning and maintaining security policies and procedures
• Familiarity with security audit processes, evidence requirements, and technical testing expectations
• Comfortable working in a small, generalist IT team and contributing beyond core security responsibilities
• Strong collaboration and communication skills with a practical, delivery-focused mindset

Advantageous Skills

• Cyber security certifications (e.g. CompTIA Security+, SSCP, or equivalent)
• Hands-on experience with ISO 27001 implementation or ISMS development
• Experience tuning and operating SIEM tools, e.g. Microsoft Sentinel
• Exposure to SOC environments or incident response operations
• Experience supporting security certification or re-certification activities

Personal Attributes

• Proactive and confident taking ownership in a small organisation
• Strong attention to detail, particularly around audit readiness and evidence
• Pragmatic mindset, balancing strong security with real-world IT delivery
• Curious and committed to continuous improvement in cybersecurity practices