IT Engineer (Cloud, Security & Governance Focus)

Company Overview

We are a growing technology-driven organization with approximately 180 users and multiple cloud-based systems. While we rely on outsourced IT partners for support we are strengthening our internal capabilities in IT management governance cloud security and information systems oversight.

We are seeking a proactive IT Engineer (Cloud Security & Governance) to support day-to-day IT operations and drive structured improvements across our cloud and information systems landscape. This role is ideal for someone with strong technical capability organizational discipline and security awareness who is eager to contribute to cloud governance IT security and ISMS compliance frameworks.

Key Responsibilities

1. IT Operations & Vendor Coordination

• Serve as the first internal point of contact for IT-related issues coordinating with outsourced IT providers to ensure smooth resolution.
• Monitor IT service requests and follow up to ensure SLAs are achieved.
• Support user onboarding/offboarding access provisioning and device setup.
• Maintain IT asset inventories (hardware software and cloud accounts).

2. Cloud Systems Governance & Documentation

• Conduct a full review of existing cloud platforms (e.g. Microsoft 365 Azure AWS Google Workspace and other SaaS applications).
• Map current accounts permissions and configurations identifying security and compliance gaps.
• Create and maintain cloud governance documentation including:

1. System ownership and responsibilities
2. Access control policies and procedures
3. Configuration and change management standards
4. Data retention and backup procedures

• Establish procedures for ongoing governance monitoring and reporting.
• Develop and implement a Cloud Governance Framework that ensures consistency and control across all platforms.

3. IT Security & Compliance

• Support the ongoing implementation and maintenance of the Information Security Management System (ISMS) in line with ISO 27001.
• Assist in managing access reviews risk assessments and corrective actions.
• Monitor endpoint protection patch management and device compliance.
• Help define and document security controls for authentication MFA encryption and data protection across cloud systems.
• Support internal and external security audits by maintaining evidence and tracking remediation.

4. Policy Process & Continuous Improvement

• Draft and maintain IT and security policies including acceptable use cloud management device management and change control.
• Create procedural documents for IT service delivery and cloud operations.
• Support awareness training initiatives to build security culture among users.
• Proactively identify areas for improvement in IT operations governance and compliance processes.

5. Collaboration & Reporting

• Liaise with vendors and internal stakeholders to ensure IT systems align with business and compliance needs.
• Provide regular reports on IT and cloud system health risks and improvement initiatives.
• Work closely with the VP of Information Systems to deliver on the IT governance and security roadmap

Qualifications & Experience

• 4/5 years experience in IT support IT administration or system/cloud management.
• Experience working with cloud environments (Microsoft 365 Google Workspace AWS or Azure)
• Understanding of information security principles risk management and compliance frameworks (ISO 27001 GDPR NIST).
• Hands-on experience with vulnerability management patch control and endpoint security.
• Strong documentation process mapping and reporting skills.
• Experience managing or coordinating outsourced IT vendors or MSPs.
• Excellent communication organization and analytical skills.

Desirable Education and Accreditations:

Bachelors degree (or equivalent) in Information Technology Computer Science Information Systems or Cybersecurity.

Certifications such as:

• ITIL Foundation (v4) for IT service management and governance
• CompTIA Security or (ISC)² Certified in Cybersecurity (CC)
• Microsoft Certified: Google Cloud Digital Leader
• Microsoft SC-900: Security Compliance & Identity Fundamental
• CIPP/E CGRC or CRISC Microsoft 365 Certified: Administrator / Fundamentals or similar.
• ISO/IEC 27001 Advanced Risk & Implementer Training