Security Analyst
We are seeking a Security Analyst with a strong focus on secure systems design, threat
analysis, and operational resilience. You will be responsible for reviewing and strengthening
our security posture across infrastructure, development processes, and internal procedures.
This includes assessing current practices, identifying vulnerabilities, advising on
best-in-class controls, and helping us operate to the highest security standards.
This role involves working closely with development, infrastructure, and wider business
teams to embed secure practices, guide technical decisions, and ensure proper enforcement
of processes. You will also manage third-party security engagements, coordinate annual
penetration testing, and assist with the investigation and management of security incidents.
You will play a key role in analysing attack vectors, monitoring emerging threats, and
proposing improvements that make our systems more robust and future-proof.
What will I be doing?
* Review and improve existing security policies, procedures, and workflows.
* Assess infrastructure and applications for vulnerabilities.
* Coordinate penetration tests, audits, and third-party assessments.
* Assist with security incident investigations and follow-up actions.
* Analyse potential attack vectors and recommend mitigation steps.
* Work with engineering teams to enhance secure coding and deployment.
* Help enforce security standards across departments.
* Maintain clear security documentation and guidelines.
What we're looking for
* 2–4+ years in cybersecurity or a related technical security role.
* Good understanding of secure systems, networks, cloud services, and common attack
* techniques.
* Experience with vulnerability scanning and incident response.
* Ability to interpret security findings and propose practical fixes.
* Strong communication and collaboration skills.
* Detail-oriented and comfortable taking ownership.
Nice to have
* AWS security experience or cloud hardening knowledge.
* Security certifications (Security+, GSEC, SSCP, CEH, etc.).
* Familiarity with threat-modelling frameworks (STRIDE, MITRE ATT&CK).
* Experience managing third-party audits or security reviews.
* Background in regulated or high-availability environments.