Job Description
Company Introduction
Our client is a company operating within the fashion and retail supply chain.
Job Responsibilities and Duties
- Implement, configure, and optimise AWS-native security controls across the production environment, including GuardDuty, Security Hub, AWS Config, CloudTrail, IAM, AWS WAF, VPC Flow Logs, KMS, and Secrets Manager;
- Strengthen logging visibility, IAM baselines, access controls, and least-privilege security practices across systems and applications;
- Manage and support MFA enforcement across cloud platforms, SaaS systems, and internal applications;
- Maintain and enhance perimeter security environments, including firewall configurations, VPN infrastructure, intrusion prevention systems, and deep inspection policies;
- Design, implement, and maintain centralised logging and SIEM solutions across multiple platforms and environments;
- Support ongoing WordPress security hardening initiatives, including WAF tuning, plugin lifecycle management, and production security improvements;
- Conduct vulnerability assessments, external attack-surface monitoring, and remediation tracking activities;
- Collaborate with external IT service providers on endpoint security, MDM, patch management, encryption, and EDR controls across the organisation;
- Develop and maintain automation processes related to user access management and cross-system offboarding workflows;
- Maintain vendor security and access governance processes, including onboarding, periodic reviews, and offboarding procedures;
- Coordinate and support external penetration testing exercises and remediation activities;
- Contribute to phishing simulation programmes, security awareness initiatives, and internal user training;
- Draft and maintain practical cybersecurity policies, standards, incident response procedures, and security documentation;
- Support incident response activities, including investigation, containment, remediation, credential rotation, and post-incident hardening.
Experience
- Minimum of 7 years’ hands-on experience within cybersecurity engineering or infrastructure security roles;
- Strong practical experience with AWS security services and cloud security best practices;
- Experience administering FortiGate or other next-generation firewall environments;
- Strong understanding of identity and access management across cloud, SaaS, and on-premise environments, including Google Workspace, Microsoft 365 / Entra ID, Auth0, SSO, and Active Directory;
- Experience with WordPress security hardening, including WAF configuration and Wordfence administration;
- Scripting and automation experience using PowerShell, Bash, Python, or similar technologies;
- Proven experience handling cybersecurity incidents, remediation, and post-incident security improvements;
- Experience designing practical security controls and policies within SME environments;
- Familiarity with ASP.NET / IIS environments, Odoo ERP systems, n8n platforms, GoPhish, or WP Engine hosting environments will be considered an asset.
Personal Skills
- Strong analytical and problem-solving abilities;
- Proactive and solution-oriented mindset;
- Ability to work independently and manage multiple priorities effectively;
- Strong organisational and documentation skills;
- Excellent communication and stakeholder management abilities;
- High level of accountability, attention to detail, and professionalism;
- Ability to work effectively within fast-paced and evolving technical environments.