The successful candidate will play a crucial role in designing, implementing, and maintaining cutting-edge security measures. We are looking for a forward-thinking Security Engineer to join our IT Security team and help us stay ahead of emerging threats and will work closely with the Head of IT Security to translate our Information Security policies into actionable procedures, helping ensure our systems are protected and compliant. The main responsibilities will include: • Policy Implementation: Partner with the Head of IT Security to align, review, and implement Information Security Policies across all departments and systems. • Compliance Assurance: Develop mechanisms to monitor and measure compliance with Information Security Policies, addressing any issues proactively. • Network and Cloud Security: Help drive initiatives to design and implement security solutions for our Azure and M365 environments, ensuring adherence to industry best practices and regulatory standards. • Supplier Security Assessment: Evaluate and ensure the security posture of IFGL's Material IT Suppliers, ensuring compliance with security standards and contractual obligations. • Risk Assessment: Conduct risk assessments, analyse vulnerability and penetration testing reports, and develop risk mitigation strategies. • Access Management: Help develop and maintain a robust Role-Based Access Control Framework, ensuring efficient management of access rights.

• Ideally a Degree in Computer Science, Information Security, or related field (or equivalent experience). • Advanced certifications such as CISSP, CISM, or equivalent are preferred but not essential. • 5+ years of experience in network and/or Cloud security roles. • Proven experience in designing and implementing security solutions in Azure and M365 environments. • Strong knowledge of security frameworks (e.g., NIST, ISO27000 series). • Expertise in network security protocols, Azure security solutions, firewalls, intrusion detection systems, VPNs, etc. • Proficient in vulnerability assessment tools, incident response frameworks, and risk management methodologies. • Ability to collaborate effectively with cross-functional teams. • Analytical mindset to interpret security data and make informed decisions. • Strong relationship management skills, comfortable dealing with stakeholders at all levels.