Cyber Security Officer

Aiimi is looking for an experienced Cyber Security Officer to take ownership of our cybersecurity function and drive best practice across the organisation. As the Cyber Security Officer, you will be responsible for leading our cybersecurity strategy and implementation. You will ensure compliance with data protection standards, conduct risk assessments, manage incident response, and foster a strong security culture across the organization. This role is ideal for someone who enjoys both strategic planning and technical execution in a fast-paced, client-focused environment., Security Strategy & Governance

• Develop and maintain the company's cybersecurity policies, procedures, and incident response plans.
• Take full ownership for maintaining the organisationsISO27001, Cyber Essentials, and Cyber Essentials Plus accreditations, ensuring continuous compliance and successful renewals.
• Lead security awareness initiatives and training for staff.

• Conduct regular security assessments, audits, and penetration tests.
• Manage and work with our external ISO27001 auditor, facilitating all external audit activities and overseeing the remediation of findings.
• Identify, analyse, and mitigate cybersecurity risks across internal systems and client solutions.
• Maintain up-to-date threat intelligence and advise leadership on emerging risks.

• Secure cloud environments e.g. Azure, and data pipelines used for AI and analytics.
• Manage firewalls, endpoint protection, and vulnerability scanning tools.
• Oversee identity and access management (IAM), encryption, and key management practices.

• Ensure compliance with GDPR, UK Data Protection Act, and other relevant regulations.
• Collaborate with legal and compliance teams on data privacy impact assessments (DPIAs).
• Support client RFPs and due diligence processes with security documentation.

• Monitor and respond to security incidents, conducting root cause analyses and remediation.
• Coordinate with external vendors or managed security services (MSSPs) when needed.
• Manage the operational relationship with Aiimi's managed XDR service provider, ensuring the service level agreements (SLAs) are met and integration with internal workflows are effective.

• Proven experience in a cybersecurity role, ideally within a tech or data-focused SME.
• Strong understanding of cloud security principles (preferably Azure).
• Working knowledge of data protection laws (e.g. GDPR) and compliance frameworks (ISO 27001, Cyber Essentials Plus).
• Understanding of hybrid cloud environment with on-prem infrastructure (AD, DNS etc).
• Understanding of networking technologies (FortiGate Firewall & Azure Networking).
• Hands‑on experience with security tools (e.g.,Microsoft Sentinel SIEM, Defender for Endpoint, endpoint protection, vulnerability scanners).
• Ability to assess risk in data‑centric AI/ML environments.

• Relevant certifications: AZ-104, SC-300, CISSP, CISM, CompTIA Security+, or similar.
• Familiarity with secure DevOps and CI/CD pipeline practices.
• Understanding of AI/ML data pipelines, model security, or adversarial AI concerns.

• 25 Days holiday (excluding bank holidays) – increasing by a day every 2 years.
• Mental health and wellbeing support, including access to counselling.
• Annual wellbeing allowance (e.g. personal training, fitness, wellness apps).
• Up to 10 % of your salary in employee benefits, including critical illness cover, life insurance, and private healthcare (post‑probation).
• Generous company pension contribution.
• Ongoing professional development and training opportunities.