100 Incident Response Plans jobs in London
Senior Security Analyst
London, London
Janus Henderson Investors
Posted 13 days ago
Job Viewed
Job Description
Why work for us?
A career at Janus Henderson is more than a job, it's about investing in a brighter future together.
Our Mission at Janus Henderson is to help clients define and achieve superior financial outcomes through differentiated insights, disciplined investments, and world-class service. We will do this by protecting and growing our core business, amplifying our strengths and diversifying where we have the right.
Our Values are key to driving our success, and are at the heart of everything we do:
Clients Come First - Always | Execution Supersedes Intention | Together We Win | Diversity Improves Results | Truth Builds Trust
If our mission, values, and purpose align with your own, we would love to hear from you!
Your opportunity
+ Lead the identification, assessment, and remediation of vulnerabilities across applications, infrastructure, and cloud environments, collaborating with development and operations teams for effective solutions.
+ Optimise vulnerability scanning profiles, dashboards, and reports to ensure comprehensive coverage and actionable insights, while analysing data to prioritise risks and provide clear remediation guidance.
+ Contribute to the continuous improvement of vulnerability management processes, policies, and procedures, including supporting incident response activities and aligning with industry best practices.
+ Identify potential security risks and document clear, actionable remediation options or mitigating controls aligned with industry best practices.
+ Contribute to other cybersecurity initiatives, utilizing our standards and procedures while adhering to industry best practices.
+ Perform risk assessments and execute system tests to ensure proper functioning of data processing activities and security measures.
+ Ensure that security controls in both new and existing computer systems comply with established security policies and guidelines.
+ Assist in incorporating regulatory compliance requirements, such as SOX and GLBA, into the organization's security roadmap.
+ Conduct thorough security incident investigations, including maintaining chain of custody, implementing containment measures, performing root cause analysis, and identifying preventive strategies.
+ Supporting incident response with vulnerability intelligence during security events.
+ Participate in the Information Security on-call rotation
What to expect when you join our firm
+ Hybrid working and reasonable accommodations
+ Generous Holiday policies
+ Excellent Health and Wellbeing benefits including corporate membership to ClassPass
+ Paid volunteer time to step away from your desk and into the community
+ Support to grow through professional development courses, tuition/qualification reimbursement and more
+ All-inclusive approach to Diversity, Equity and Inclusion
+ Maternal/paternal leave benefits and family services
+ Complimentary subscription to Headspace - the mindfulness app
+ All employee events including networking opportunities and social activities
+ Lunch allowance for use within our subsidized onsite canteen
Must have skills
+ 3+ years in an Information Security role with proven experience in Vulnerability Management
+ Proven hands-on experience with vulnerability management platforms and in a vulnerability management role
+ Experience in information security incident response
+ Knowledge of vulnerability management (remediation and configuration) and other security scanner tools.
+ Strong understanding of vulnerability assessment methodologies and risk scoring
+ Strong collaboration skills working with application and infrastructure teams within a security context
+ In-depth working knowledge of security best practices and frameworks (e.g., MITRE ATT&CK, OWASP Top 10, NIST)
+ Excellent verbal and written communication skills
+ Ability to manage multiple projects and tasks.
+ Analytical ability to capture and summarise information, find solutions to various tactical and strategic problems and prioritise work
+ Exposure to public cloud infrastructure (SaaS, IaaS, and PaaS)
+ Familiarity with patch management processes and tools
Nice to have skills
+ 5+ years of experience within Incident Response and Vulnerability Management
+ Knowledge of Tenable.sc and/or Tenable.io
+ Knowledge of cloud security vulnerabilities and associated scanning techniques
+ Experience with scripting or automation to enhance vulnerability management processes (e.g. Python) and to drive efficiency and innovation
+ Relevant Information Security certifications (e.g. CompTIA Security+, CySA+, CEH, SANS, Cloud Certifications).
Supervisory responsibilities
+ No
Potential for growth
+ Mentoring
+ Leadership development programs
+ Regular training
+ Career development services
+ Continuing education courses
You will be expected to understand the regulatory obligations of the firm, and abide by the regulated entity requirements and JHI policies applicable for your role.
At Janus Henderson Investors we're committed to an inclusive and supportive environment. We believe diversity improves results and we welcome applications from all backgrounds. Don't worry if you don't think you tick every box, we still want to hear from you! We understand everyone has different commitments and while we can't accommodate every flexible working request we're happy to be asked about work flexibility and our hybrid working environment. If you need any reasonable accommodations during our recruitment process, please get in touch and let us know at
#LI-LN2 #LI-HYBRID
Janus Henderson (including its subsidiaries) will not maintain existing or sponsor new industry registrations or licenses where not supported by an employee's job functions (as determined by Janus Henderson at its sole discretion).
All applicants must be willing to comply with the provisions of Janus Henderson Investment Advisory Code of Ethics related to personal securities activities and other disclosure and certification requirements, including past political contributions and political activities. Applicants' past political contributions or activity may impact applicants' eligibility for this position. Janus Henderson is an equal opportunity /Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. All applications are subject to background checks.
A career at Janus Henderson is more than a job, it's about investing in a brighter future together.
Our Mission at Janus Henderson is to help clients define and achieve superior financial outcomes through differentiated insights, disciplined investments, and world-class service. We will do this by protecting and growing our core business, amplifying our strengths and diversifying where we have the right.
Our Values are key to driving our success, and are at the heart of everything we do:
Clients Come First - Always | Execution Supersedes Intention | Together We Win | Diversity Improves Results | Truth Builds Trust
If our mission, values, and purpose align with your own, we would love to hear from you!
Your opportunity
+ Lead the identification, assessment, and remediation of vulnerabilities across applications, infrastructure, and cloud environments, collaborating with development and operations teams for effective solutions.
+ Optimise vulnerability scanning profiles, dashboards, and reports to ensure comprehensive coverage and actionable insights, while analysing data to prioritise risks and provide clear remediation guidance.
+ Contribute to the continuous improvement of vulnerability management processes, policies, and procedures, including supporting incident response activities and aligning with industry best practices.
+ Identify potential security risks and document clear, actionable remediation options or mitigating controls aligned with industry best practices.
+ Contribute to other cybersecurity initiatives, utilizing our standards and procedures while adhering to industry best practices.
+ Perform risk assessments and execute system tests to ensure proper functioning of data processing activities and security measures.
+ Ensure that security controls in both new and existing computer systems comply with established security policies and guidelines.
+ Assist in incorporating regulatory compliance requirements, such as SOX and GLBA, into the organization's security roadmap.
+ Conduct thorough security incident investigations, including maintaining chain of custody, implementing containment measures, performing root cause analysis, and identifying preventive strategies.
+ Supporting incident response with vulnerability intelligence during security events.
+ Participate in the Information Security on-call rotation
What to expect when you join our firm
+ Hybrid working and reasonable accommodations
+ Generous Holiday policies
+ Excellent Health and Wellbeing benefits including corporate membership to ClassPass
+ Paid volunteer time to step away from your desk and into the community
+ Support to grow through professional development courses, tuition/qualification reimbursement and more
+ All-inclusive approach to Diversity, Equity and Inclusion
+ Maternal/paternal leave benefits and family services
+ Complimentary subscription to Headspace - the mindfulness app
+ All employee events including networking opportunities and social activities
+ Lunch allowance for use within our subsidized onsite canteen
Must have skills
+ 3+ years in an Information Security role with proven experience in Vulnerability Management
+ Proven hands-on experience with vulnerability management platforms and in a vulnerability management role
+ Experience in information security incident response
+ Knowledge of vulnerability management (remediation and configuration) and other security scanner tools.
+ Strong understanding of vulnerability assessment methodologies and risk scoring
+ Strong collaboration skills working with application and infrastructure teams within a security context
+ In-depth working knowledge of security best practices and frameworks (e.g., MITRE ATT&CK, OWASP Top 10, NIST)
+ Excellent verbal and written communication skills
+ Ability to manage multiple projects and tasks.
+ Analytical ability to capture and summarise information, find solutions to various tactical and strategic problems and prioritise work
+ Exposure to public cloud infrastructure (SaaS, IaaS, and PaaS)
+ Familiarity with patch management processes and tools
Nice to have skills
+ 5+ years of experience within Incident Response and Vulnerability Management
+ Knowledge of Tenable.sc and/or Tenable.io
+ Knowledge of cloud security vulnerabilities and associated scanning techniques
+ Experience with scripting or automation to enhance vulnerability management processes (e.g. Python) and to drive efficiency and innovation
+ Relevant Information Security certifications (e.g. CompTIA Security+, CySA+, CEH, SANS, Cloud Certifications).
Supervisory responsibilities
+ No
Potential for growth
+ Mentoring
+ Leadership development programs
+ Regular training
+ Career development services
+ Continuing education courses
You will be expected to understand the regulatory obligations of the firm, and abide by the regulated entity requirements and JHI policies applicable for your role.
At Janus Henderson Investors we're committed to an inclusive and supportive environment. We believe diversity improves results and we welcome applications from all backgrounds. Don't worry if you don't think you tick every box, we still want to hear from you! We understand everyone has different commitments and while we can't accommodate every flexible working request we're happy to be asked about work flexibility and our hybrid working environment. If you need any reasonable accommodations during our recruitment process, please get in touch and let us know at
#LI-LN2 #LI-HYBRID
Janus Henderson (including its subsidiaries) will not maintain existing or sponsor new industry registrations or licenses where not supported by an employee's job functions (as determined by Janus Henderson at its sole discretion).
All applicants must be willing to comply with the provisions of Janus Henderson Investment Advisory Code of Ethics related to personal securities activities and other disclosure and certification requirements, including past political contributions and political activities. Applicants' past political contributions or activity may impact applicants' eligibility for this position. Janus Henderson is an equal opportunity /Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. All applications are subject to background checks.
This advertiser has chosen not to accept applicants from your region.
0
Information Security Analyst
London, London
Vitesse PSP
Posted today
Job Viewed
Job Description
We are Vitesse – the treasury and payment partner of choice for insurance.
Formed in 2014 by a team of proven FinTech entrepreneurs, we are an FCA-regulated business providing global claim funds management and payment solutions. Operating one of the largest banking and payment settlement networks in the world, we give our customers direct access to 200 countries and currencies. Through a single integration, insurers can use this network to pay claims in as fast as 45 seconds and deliver a superior claimant experience. Our market-leading treasury proposition provides insurers with transparency and control over their claim funds, even when delegated to third-parties, allowing them to have their money in the right place, at the right time, to make that all-important payment when customers need it most.
With over 260 employees across our London headquarters, Europe, and the US, $93m Series C funding secured, our US licence approved and exceeding £15bn in processed transactions, we are only just getting started.
We are collaborative, customer centric and work with integrity, whilst partnering with some of the biggest insurance leaders including Lloyd’s of London and Many Pets. We take huge pride in our company culture, ensuring that everyone has a part to play, an opportunity to be heard, be involved, and the ability to make a real difference. As we continue to scale up, we want like-minded humans to join us on this exciting journey. Are you ready?
Your Mission:
We are seeking a skilled and motivated Information Security Analyst to join our team, reporting into the CISO. You will play a crucial role in safeguarding our organisations digital assets and infrastructure from cyber threats. You will be responsible for analysing security measures, identifying vulnerabilities, and help implement effective solutions to mitigate risks.
This role has a requirement for the jobholder to be part of an out of hours call-out rota, which will usually be 1 in 4 or 5 weeks, in addition to being available for short-term assignments in the US to support our North American business.
The role will require at least 2 days onsite in our London office.
The ideal candidate will have a strong understanding of information security principles, excellent analytical skills, and the ability to adapt to evolving threats in the cybersecurity landscape.
Your Responsibilities:
Governance: Risk / Compliance / Assurance:
- Monitor security systems including intrusion detection, firewalls, and SIEM. Collaborate with our external SOC to detect and respond to security incidents in a timely manner.
- Participate in incident response activities, including incident triage, containment, eradication, and recovery efforts.
- Conduct thorough investigations of security incidents and provide detailed reports on findings and recommendations for remediation.
- Help contribute to regular security assessments and audits to identify vulnerabilities and weaknesses in systems, networks, devices, and applications.
- Serve as a subject matter expert on security-related matters, providing guidance and support to other teams and departments as needed, and as reported through the help desk system.
- Collaborate with IT teams and other stakeholders, contributing to the design and implementation of security controls and measures to protect against cyber threats.
- Stay up to date with the latest security trends, technologies, and best practices, and provide recommendations for continuous improvement.
- Assist with the management of security awareness training and workshops for employees to educate them about security risks and best practices for maintaining a secure work environment.
- Participate in the development and maintenance of disaster recovery plans to ensure the organisation's ability to respond to and recover from security incidents.
- Collaborate with internal teams during due diligence exercises to ensure that key security controls are documented as part of each submission.
Requirements
- Certifications such as CISSP, CISM, or CompTIA Security+, certifications are highly desirable.
- Proven experience working in information security, with a good understanding of security principles, protocols, and technologies.
- Experience with information security standards including ISO 27001, NIST and Cyber Essentials.
- Experience with security assessment tools and techniques, including vulnerability scanning and penetration testing.
- Good understanding of Microsoft Azure, Office 365 and Microsoft E5 security tooling.
- Strong analytical and problem-solving skills, with the ability to analyse complex systems and identify security risks and vulnerabilities.
- Excellent communication and interpersonal skills, with the ability to effectively convey technical information to non-technical stakeholders.
- Ability to work independently and collaboratively in a fast-paced environment, with a strong sense of accountability and attention to detail.
- Sound judgment and decision-making abilities, especially in high-pressure situations requiring quick and accurate assessments.
- High ethical standards and a commitment to maintaining confidentiality.
Benefits
- 25 days Holiday per year (increasing by 1 day per years' service, up to 30 days) + Bank Holidays
- Hybrid working arrangements – minimum 2 days in the office, Tuesday - Thursday
- Contributory pension scheme
- Enhanced Parental leave
- Cycle to Work Scheme
- Private Medical Insurance with AXA
- Unlimited access to therapy sessions through our partner, Oliva
- Discounted Gym membership through Gympass
- Financial Coaching with Octopus Wealth
- 2 days of volunteering leave per year
- Sabbatical after 5 years’ service
- Life Assurance - MetLife (UK employees only)
- Ongoing Learning and Development to support you reach your career goals
We are Vitesse – the payment provider of choice for the insurance and treasury industry.
Formed in 2014 by a team of proven FinTech entrepreneurs, we are an FCA regulated payments business that is driven to be the payment partner of choice for the insurance market, by providing global payment services and treasury optimisation. Operating one of the largest domestic banking and payment settlement networks in the world, we give our customers direct access to more than 170 countries and territories, covering over 110 currencies. Through a single integration, insurers can use this network to pay claims in as fast as 45 seconds, delivering a better customer experience to their claimants. Our market-leading treasury optimisation service brings complete control and transparency to insurers and allows them to have their money in the right place, at the right time, to make that all important payment - fast, and when their customers need it most.
With now over 160 employees across Europe and our London headquarters, $26m series B funding in 2022 in the bag and approaching £8bn in processed transactions, we are only just getting started.
We are collaborative, customer centric and work with integrity, whilst partnering with some of the biggest insurance leaders including Lloyd’s of London and Many Pets. We take huge pride in our company culture, ensuring that everyone has a part to play, an opportunity to be heard, be involved, and the ability to make a real difference.
As we continue to scale up, we want like-minded humans to join us on this exciting journey. Are you ready?
Vitesse at our best – our values
The Vitesse values are a true reflection of what it takes to thrive in our business, so it’s important to us that any employee who joins our business is aligned with these 3 attributes
Confident Humility
We don’t do ego and we know that unless we all win, none of us win. We admit when we’re wrong, ask for help and always think about the wider business before ourselves.
Driven to Succeed
We see the opportunity ahead of us and we won’t stop until we fulfil the potential we know we have. We hold ourselves to high standards and deliver high quality outcomes for Vitesse and our customers.
Tenacious Responsibility
We take ownership for our actions and decisions, and face into the challenges that come our way. We are committed to seeing things through to completion, even in the face of adversity.
We are an Equal Opportunity Employer We are committed to creating an inclusive environment that enables everyone to perform at their best, where we recognise the rights of all individuals to mutual respect and where there is an unbiased acceptance of others. Our policies and practices aim to promote an environment that is free from all forms of Unfair discrimination and values the diversity of all people. At the heart of our policy, we seek to treat people fairly and with dignity and respect.
This advertiser has chosen not to accept applicants from your region.
1
Cyber Security Analyst,AWS Security
London, London
Amazon
Posted 8 days ago
Job Viewed
Job Description
Description
Amazon Web Services (AWS) is the leading cloud provider, providing virtualized infrastructure, storage, networking, messaging, and many other services to customers all over the world. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises, run their operations and applications on AWSu2019 multi-tenant infrastructure
About Amazon Security
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasnu2019t followed a traditional path, or includes alternative experiences, donu2019t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazonu2019s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
AWS values curiosity and connection. Our employee-led and company-sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do.
Training & Career Growth
Weu2019re continuously raising our performance bar as we strive to become Earthu2019s Best Employer. Thatu2019s why youu2019ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, thereu2019s nothing we canu2019t achieve.
Key job responsibilities
As a Security Engineer, youu2019ll help to build and manage services that detect and automate the mitigation of cybersecurity threats across Amazonu2019s infrastructure. Youu2019ll work with data scientists, software development engineers, and other security engineers across multiple teams to develop innovative security solutions. Our services protect the AWS cloud for all customers and preserves our customersu2019 trust in us. Youu2019ll get to use the full power and breadth of AWS technologies to build services that proactively protect AWS customers, both internally and externally, from security threats.
You will be working in a team of industry-leading security experts working with UK customers to operate and continuously improve industry-leading security programs and processes. This team manages the underlying security programs and processes for personnel security, physical and logical accreditations, education, awareness and training, assurance, and cyber security.
Basic Qualifications
Degree or Equivalent experience in a technical field. Experience of working in a Security Operations Centre (SOC) performing security investigations, penetration testing and/or incident response in the context of large organisations
* Understanding of security threats, hands-on experience detecting and defending from
cyber-attacks, and experience using big data analytics and orchestration to address security challenges
* Ability to develop code with at least one modern language such as Java, Go, TypeScript, Python, Rust and security code review
Preferred Qualifications
* Understanding of the Mitre ATT&CK framework and knowledge of host and network telemetry data (e.g., process lists, application logs, NetFlow)
* Have awareness and understanding of current cyber security threats, actors and their techniques
* Experience with data science, big data analytics technology stack, analytic development for endpoint and network security, and streaming technologies (e.g., Kafka, Spark Streaming, and Kinesis)
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region youu2019re applying in isnu2019t listed, please contact your Recruiting Partner.
Amazon Web Services (AWS) is the leading cloud provider, providing virtualized infrastructure, storage, networking, messaging, and many other services to customers all over the world. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises, run their operations and applications on AWSu2019 multi-tenant infrastructure
About Amazon Security
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasnu2019t followed a traditional path, or includes alternative experiences, donu2019t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazonu2019s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
AWS values curiosity and connection. Our employee-led and company-sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do.
Training & Career Growth
Weu2019re continuously raising our performance bar as we strive to become Earthu2019s Best Employer. Thatu2019s why youu2019ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, thereu2019s nothing we canu2019t achieve.
Key job responsibilities
As a Security Engineer, youu2019ll help to build and manage services that detect and automate the mitigation of cybersecurity threats across Amazonu2019s infrastructure. Youu2019ll work with data scientists, software development engineers, and other security engineers across multiple teams to develop innovative security solutions. Our services protect the AWS cloud for all customers and preserves our customersu2019 trust in us. Youu2019ll get to use the full power and breadth of AWS technologies to build services that proactively protect AWS customers, both internally and externally, from security threats.
You will be working in a team of industry-leading security experts working with UK customers to operate and continuously improve industry-leading security programs and processes. This team manages the underlying security programs and processes for personnel security, physical and logical accreditations, education, awareness and training, assurance, and cyber security.
Basic Qualifications
Degree or Equivalent experience in a technical field. Experience of working in a Security Operations Centre (SOC) performing security investigations, penetration testing and/or incident response in the context of large organisations
* Understanding of security threats, hands-on experience detecting and defending from
cyber-attacks, and experience using big data analytics and orchestration to address security challenges
* Ability to develop code with at least one modern language such as Java, Go, TypeScript, Python, Rust and security code review
Preferred Qualifications
* Understanding of the Mitre ATT&CK framework and knowledge of host and network telemetry data (e.g., process lists, application logs, NetFlow)
* Have awareness and understanding of current cyber security threats, actors and their techniques
* Experience with data science, big data analytics technology stack, analytic development for endpoint and network security, and streaming technologies (e.g., Kafka, Spark Streaming, and Kinesis)
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region youu2019re applying in isnu2019t listed, please contact your Recruiting Partner.
This advertiser has chosen not to accept applicants from your region.
2
Cyber Security Analyst,AWS Security
London, London
Amazon
Posted 8 days ago
Job Viewed
Job Description
Description
Amazon Web Services (AWS) is the leading cloud provider, providing virtualized infrastructure, storage, networking, messaging, and many other services to customers all over the world. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises, run their operations and applications on AWSu2019 multi-tenant infrastructure
About Amazon Security
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasnu2019t followed a traditional path, or includes alternative experiences, donu2019t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazonu2019s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
AWS values curiosity and connection. Our employee-led and company-sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do.
Training & Career Growth
Weu2019re continuously raising our performance bar as we strive to become Earthu2019s Best Employer. Thatu2019s why youu2019ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, thereu2019s nothing we canu2019t achieve.
Key job responsibilities
As a Security Engineer, youu2019ll help to build and manage services that detect and automate the mitigation of cybersecurity threats across Amazonu2019s infrastructure. Youu2019ll work with data scientists, software development engineers, and other security engineers across multiple teams to develop innovative security solutions. Our services protect the AWS cloud for all customers and preserves our customersu2019 trust in us. Youu2019ll get to use the full power and breadth of AWS technologies to build services that proactively protect AWS customers, both internally and externally, from security threats.
You will be working in a team of industry-leading security experts working with UK customers to operate and continuously improve industry-leading security programs and processes. This team manages the underlying security programs and processes for personnel security, physical and logical accreditations, education, awareness and training, assurance, and cyber security.
Basic Qualifications
Degree or Equivalent experience in a technical field. Experience of working in a Security Operations Centre (SOC) performing security investigations, penetration testing and/or incident response in the context of large organisations
* Understanding of security threats, hands-on experience detecting and defending from
cyber-attacks, and experience using big data analytics and orchestration to address security challenges
* Ability to develop code with at least one modern language such as Java, Go, TypeScript, Python, Rust and security code review
Preferred Qualifications
* Understanding of the Mitre ATT&CK framework and knowledge of host and network telemetry data (e.g., process lists, application logs, NetFlow)
* Have awareness and understanding of current cyber security threats, actors and their techniques
* Experience with data science, big data analytics technology stack, analytic development for endpoint and network security, and streaming technologies (e.g., Kafka, Spark Streaming, and Kinesis)
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region youu2019re applying in isnu2019t listed, please contact your Recruiting Partner.
Amazon Web Services (AWS) is the leading cloud provider, providing virtualized infrastructure, storage, networking, messaging, and many other services to customers all over the world. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises, run their operations and applications on AWSu2019 multi-tenant infrastructure
About Amazon Security
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasnu2019t followed a traditional path, or includes alternative experiences, donu2019t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazonu2019s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
AWS values curiosity and connection. Our employee-led and company-sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do.
Training & Career Growth
Weu2019re continuously raising our performance bar as we strive to become Earthu2019s Best Employer. Thatu2019s why youu2019ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, thereu2019s nothing we canu2019t achieve.
Key job responsibilities
As a Security Engineer, youu2019ll help to build and manage services that detect and automate the mitigation of cybersecurity threats across Amazonu2019s infrastructure. Youu2019ll work with data scientists, software development engineers, and other security engineers across multiple teams to develop innovative security solutions. Our services protect the AWS cloud for all customers and preserves our customersu2019 trust in us. Youu2019ll get to use the full power and breadth of AWS technologies to build services that proactively protect AWS customers, both internally and externally, from security threats.
You will be working in a team of industry-leading security experts working with UK customers to operate and continuously improve industry-leading security programs and processes. This team manages the underlying security programs and processes for personnel security, physical and logical accreditations, education, awareness and training, assurance, and cyber security.
Basic Qualifications
Degree or Equivalent experience in a technical field. Experience of working in a Security Operations Centre (SOC) performing security investigations, penetration testing and/or incident response in the context of large organisations
* Understanding of security threats, hands-on experience detecting and defending from
cyber-attacks, and experience using big data analytics and orchestration to address security challenges
* Ability to develop code with at least one modern language such as Java, Go, TypeScript, Python, Rust and security code review
Preferred Qualifications
* Understanding of the Mitre ATT&CK framework and knowledge of host and network telemetry data (e.g., process lists, application logs, NetFlow)
* Have awareness and understanding of current cyber security threats, actors and their techniques
* Experience with data science, big data analytics technology stack, analytic development for endpoint and network security, and streaming technologies (e.g., Kafka, Spark Streaming, and Kinesis)
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region youu2019re applying in isnu2019t listed, please contact your Recruiting Partner.
This advertiser has chosen not to accept applicants from your region.
3
Cyber Security Analyst, AWS Security
London, London
Amazon
Posted 13 days ago
Job Viewed
Job Description
Description
Amazon Web Services (AWS) is the leading cloud provider, providing virtualized infrastructure, storage, networking, messaging, and many other services to customers all over the world. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises, run their operations and applications on AWS' multi-tenant infrastructure
About Amazon Security
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
AWS values curiosity and connection. Our employee-led and company-sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do.
Training & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
Key job responsibilities
As a Security Engineer, you'll help to build and manage services that detect and automate the mitigation of cybersecurity threats across Amazon's infrastructure. You'll work with data scientists, software development engineers, and other security engineers across multiple teams to develop innovative security solutions. Our services protect the AWS cloud for all customers and preserves our customers' trust in us. You'll get to use the full power and breadth of AWS technologies to build services that proactively protect AWS customers, both internally and externally, from security threats.
You will be working in a team of industry-leading security experts working with UK customers to operate and continuously improve industry-leading security programs and processes. This team manages the underlying security programs and processes for personnel security, physical and logical accreditations, education, awareness and training, assurance, and cyber security.
Basic Qualifications
Degree or Equivalent experience in a technical field. Experience of working in a Security Operations Centre (SOC) performing security investigations, penetration testing and/or incident response in the context of large organisations
* Understanding of security threats, hands-on experience detecting and defending from
cyber-attacks, and experience using big data analytics and orchestration to address security challenges
* Ability to develop code with at least one modern language such as Java, Go, TypeScript, Python, Rust and security code review
Preferred Qualifications
* Understanding of the Mitre ATT&CK framework and knowledge of host and network telemetry data (e.g., process lists, application logs, NetFlow)
* Have awareness and understanding of current cyber security threats, actors and their techniques
* Experience with data science, big data analytics technology stack, analytic development for endpoint and network security, and streaming technologies (e.g., Kafka, Spark Streaming, and Kinesis)
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.
Amazon Web Services (AWS) is the leading cloud provider, providing virtualized infrastructure, storage, networking, messaging, and many other services to customers all over the world. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises, run their operations and applications on AWS' multi-tenant infrastructure
About Amazon Security
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
AWS values curiosity and connection. Our employee-led and company-sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do.
Training & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
Key job responsibilities
As a Security Engineer, you'll help to build and manage services that detect and automate the mitigation of cybersecurity threats across Amazon's infrastructure. You'll work with data scientists, software development engineers, and other security engineers across multiple teams to develop innovative security solutions. Our services protect the AWS cloud for all customers and preserves our customers' trust in us. You'll get to use the full power and breadth of AWS technologies to build services that proactively protect AWS customers, both internally and externally, from security threats.
You will be working in a team of industry-leading security experts working with UK customers to operate and continuously improve industry-leading security programs and processes. This team manages the underlying security programs and processes for personnel security, physical and logical accreditations, education, awareness and training, assurance, and cyber security.
Basic Qualifications
Degree or Equivalent experience in a technical field. Experience of working in a Security Operations Centre (SOC) performing security investigations, penetration testing and/or incident response in the context of large organisations
* Understanding of security threats, hands-on experience detecting and defending from
cyber-attacks, and experience using big data analytics and orchestration to address security challenges
* Ability to develop code with at least one modern language such as Java, Go, TypeScript, Python, Rust and security code review
Preferred Qualifications
* Understanding of the Mitre ATT&CK framework and knowledge of host and network telemetry data (e.g., process lists, application logs, NetFlow)
* Have awareness and understanding of current cyber security threats, actors and their techniques
* Experience with data science, big data analytics technology stack, analytic development for endpoint and network security, and streaming technologies (e.g., Kafka, Spark Streaming, and Kinesis)
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.
This advertiser has chosen not to accept applicants from your region.
4
Security Analyst, Bug Bounty
London, London
Meta
Posted 13 days ago
Job Viewed
Job Description
**Summary:**
Meta Security is looking for a Security Analyst to join our Bug Bounty program. You will be responsible for communicating with and validating security vulnerabilities from a community of security researchers around the globe. You will gain insights of Meta's codebase to understand the root cause of each vulnerability, and have the opportunity to play a key role in one of the largest bug bounty programs in the world.The Bug Bounty program incentivizes security researchers to search for, find and report security vulnerabilities across Meta's family of products, including Facebook, Instagram, WhatsApp and Quest. The program serves as the final level of protection per Meta's Shift Left operating model, aiming to discover and resolve vulnerabilities that have landed in production and are at risk of being exploited, and acts as a feedback loop for other security efforts.
**Required Skills:**
Security Analyst, Bug Bounty Responsibilities:
1. Analyze, assess, and respond to various security vulnerabilities we receive as part of our Bug Bounty program
2. Follow up with researchers on unclear reports
3. Understand the root cause of security vulnerabilities to help the product team fix them
4. Play an active role in continuing to grow and develop the bug bounty program and other internal security and privacy initiatives
5. Own expansions to the program, including private bounties
6. Own critical submissions to resolution - liaise a plan with product teams, advise on the right mitigation strategy
7. Implement bug fixes and feature enhancements to the program's public and internal code base
**Minimum Qualifications:**
Minimum Qualifications:
8. Familiarity with web security issues (e.g. OWASP top 10)
9. Ability to follow bug reports, reproduce and triage them
10. Proficient in clear written and verbal communication
**Preferred Qualifications:**
Preferred Qualifications:
11. Participation in bug bounty programs (not necessarily Meta's bug bounty program)
12. Experience with analyzing source code to find security vulnerabilities
13. Contributions to the security community (public research, blogging, presentations, etc)
14. Experience writing in scripting languages and willingness to learn new languages
**Industry:** Internet
Meta Security is looking for a Security Analyst to join our Bug Bounty program. You will be responsible for communicating with and validating security vulnerabilities from a community of security researchers around the globe. You will gain insights of Meta's codebase to understand the root cause of each vulnerability, and have the opportunity to play a key role in one of the largest bug bounty programs in the world.The Bug Bounty program incentivizes security researchers to search for, find and report security vulnerabilities across Meta's family of products, including Facebook, Instagram, WhatsApp and Quest. The program serves as the final level of protection per Meta's Shift Left operating model, aiming to discover and resolve vulnerabilities that have landed in production and are at risk of being exploited, and acts as a feedback loop for other security efforts.
**Required Skills:**
Security Analyst, Bug Bounty Responsibilities:
1. Analyze, assess, and respond to various security vulnerabilities we receive as part of our Bug Bounty program
2. Follow up with researchers on unclear reports
3. Understand the root cause of security vulnerabilities to help the product team fix them
4. Play an active role in continuing to grow and develop the bug bounty program and other internal security and privacy initiatives
5. Own expansions to the program, including private bounties
6. Own critical submissions to resolution - liaise a plan with product teams, advise on the right mitigation strategy
7. Implement bug fixes and feature enhancements to the program's public and internal code base
**Minimum Qualifications:**
Minimum Qualifications:
8. Familiarity with web security issues (e.g. OWASP top 10)
9. Ability to follow bug reports, reproduce and triage them
10. Proficient in clear written and verbal communication
**Preferred Qualifications:**
Preferred Qualifications:
11. Participation in bug bounty programs (not necessarily Meta's bug bounty program)
12. Experience with analyzing source code to find security vulnerabilities
13. Contributions to the security community (public research, blogging, presentations, etc)
14. Experience writing in scripting languages and willingness to learn new languages
**Industry:** Internet
This advertiser has chosen not to accept applicants from your region.
5
Senior Information Security Analyst
SW1A 0AA London, London
£70000 Annually
WhatJobs
Posted today
Job Viewed
Job Description
Our client is seeking a highly skilled and motivated Senior Information Security Analyst to join their dynamic, fully remote team. This is a critical role focused on safeguarding sensitive data and ensuring the integrity of our client's digital infrastructure. You will be instrumental in developing, implementing, and maintaining robust security policies and procedures, conducting thorough risk assessments, and responding to security incidents.
The ideal candidate will possess a deep understanding of current cybersecurity threats and vulnerabilities, along with extensive experience in security best practices. Responsibilities include managing security frameworks, leading vulnerability scanning and penetration testing initiatives, and providing expert guidance on security-related matters to various departments. You will also play a key role in incident response, forensic analysis, and post-incident reviews to prevent future occurrences. Collaboration is key; you'll work closely with IT operations, development teams, and business stakeholders to embed security into all aspects of the organization.
We are looking for individuals with a proven track record in information security, preferably with experience in cloud security (AWS, Azure, GCP). A strong knowledge of compliance regulations such as GDPR and ISO 27001 is essential. The ability to communicate complex technical concepts to non-technical audiences, both verbally and in writing, is crucial. As this is a fully remote role, you must be a self-starter, highly organized, and capable of working independently with minimal supervision. Excellent problem-solving skills and a proactive approach to security are highly valued. Join us and make a significant impact on our client's security posture from the comfort of your home office.
Qualifications:
The ideal candidate will possess a deep understanding of current cybersecurity threats and vulnerabilities, along with extensive experience in security best practices. Responsibilities include managing security frameworks, leading vulnerability scanning and penetration testing initiatives, and providing expert guidance on security-related matters to various departments. You will also play a key role in incident response, forensic analysis, and post-incident reviews to prevent future occurrences. Collaboration is key; you'll work closely with IT operations, development teams, and business stakeholders to embed security into all aspects of the organization.
We are looking for individuals with a proven track record in information security, preferably with experience in cloud security (AWS, Azure, GCP). A strong knowledge of compliance regulations such as GDPR and ISO 27001 is essential. The ability to communicate complex technical concepts to non-technical audiences, both verbally and in writing, is crucial. As this is a fully remote role, you must be a self-starter, highly organized, and capable of working independently with minimal supervision. Excellent problem-solving skills and a proactive approach to security are highly valued. Join us and make a significant impact on our client's security posture from the comfort of your home office.
Qualifications:
- Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
- 5+ years of experience in information security, with a focus on risk management, incident response, and security architecture.
- In-depth knowledge of network security, endpoint security, cloud security, and data protection.
- Experience with SIEM tools, IDS/IPS, firewalls, and other security technologies.
- Relevant certifications such as CISSP, CISM, or GIAC are highly desirable.
- Excellent analytical and problem-solving skills.
- Strong communication and interpersonal skills.
- Proven ability to work effectively in a remote team environment.
This advertiser has chosen not to accept applicants from your region.
Be The First To Know
About the latest Incident response plans Jobs in London !
6
Senior Information Security Analyst
SW1A 0AA London, London
£60000 Annually
WhatJobs
Posted today
Job Viewed
Job Description
Our client, a leading financial services firm based in London, England, UK , is seeking an experienced Senior Information Security Analyst to bolster their cybersecurity capabilities. This is a hybrid role, offering a blend of remote flexibility and in-office collaboration, allowing you to contribute to a dynamic security team. You will play a critical role in protecting the organisation's digital assets against evolving cyber threats.
Key Responsibilities:
Key Responsibilities:
- Develop, implement, and maintain security policies, procedures, and controls across the organisation.
- Monitor security systems, including SIEM, IDS/IPS, and endpoint protection, for potential threats and anomalies.
- Conduct vulnerability assessments and penetration testing to identify and remediate security weaknesses.
- Investigate and respond to security incidents, performing forensic analysis and providing detailed post-incident reports.
- Collaborate with IT teams to ensure secure system configurations and network architecture.
- Stay abreast of the latest cybersecurity trends, threats, and regulatory requirements.
- Develop and deliver security awareness training to employees.
- Contribute to the development and maintenance of the organisation's incident response plan.
- Manage and configure security tools and technologies.
- Provide expert advice and guidance on information security best practices to all levels of the organisation.
- Proven experience in information security, with a focus on security analysis and incident response.
- In-depth knowledge of security frameworks (e.g., ISO 27001, NIST) and compliance standards.
- Proficiency in security monitoring tools, vulnerability scanners, and penetration testing methodologies.
- Strong understanding of network security, cryptography, and application security.
- Experience with cloud security (AWS, Azure, GCP) is a plus.
- Excellent analytical and problem-solving skills, with a keen attention to detail.
- Strong communication and interpersonal skills, with the ability to explain complex technical concepts to non-technical audiences.
- Relevant certifications such as CISSP, CISM, CEH, or equivalent.
- Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent work experience.
This advertiser has chosen not to accept applicants from your region.
7
Lead Information Security Analyst
SW1A 0AA London, London
£70000 Annually
WhatJobs
Posted 1 day ago
Job Viewed
Job Description
Our client, a prominent financial institution, is seeking a seasoned Lead Information Security Analyst to spearhead their cybersecurity efforts in **London, England, UK**. This is a critical, on-site role where you will be instrumental in safeguarding sensitive data and protecting the organisation against evolving cyber threats. You will lead a team of security professionals, develop and implement robust security strategies, and manage incident response activities.
Key Responsibilities:
Key Responsibilities:
- Develop, implement, and maintain comprehensive information security policies, procedures, and standards.
- Lead and mentor a team of information security analysts, providing technical guidance and career development.
- Oversee the operation and enhancement of security infrastructure, including firewalls, intrusion detection/prevention systems, and SIEM solutions.
- Conduct regular vulnerability assessments and penetration testing, and manage remediation efforts.
- Develop and manage the incident response plan, coordinating timely and effective responses to security breaches.
- Ensure compliance with relevant regulations and industry best practices (e.g., GDPR, ISO 27001).
- Conduct security awareness training for employees.
- Evaluate and recommend new security technologies and solutions.
- Perform risk assessments and develop mitigation strategies.
- Act as a key point of contact for security-related matters, liaising with internal departments and external auditors.
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Master's degree preferred.
- Minimum of 8 years of progressive experience in information security, with at least 3 years in a leadership role.
- In-depth knowledge of cybersecurity principles, frameworks, and technologies.
- Proven experience with SIEM tools, vulnerability management, incident response, and threat intelligence.
- Strong understanding of network security, application security, and cloud security concepts.
- Relevant certifications such as CISSP, CISM, or CEH are highly desirable.
- Excellent leadership, communication, and analytical skills.
- Ability to work under pressure and manage critical security incidents.
- Experience in the financial services sector is a strong advantage.
This advertiser has chosen not to accept applicants from your region.
8
Senior Information Security Analyst
EC2N 2AB London, London
£70000 Annually
WhatJobs
Posted 1 day ago
Job Viewed
Job Description
Our client, a rapidly expanding FinTech firm, is seeking a highly skilled and experienced Senior Information Security Analyst to join their dedicated security team. This is a fully remote position, allowing you to contribute to our robust security posture from anywhere within the UK. You will be at the forefront of protecting our organisation's digital assets, systems, and sensitive data from evolving cyber threats. This role requires a deep understanding of cybersecurity principles, threat detection, incident response, and security best practices.
Key responsibilities include monitoring security alerts, investigating potential security incidents, performing vulnerability assessments and penetration testing, developing and implementing security policies and procedures, and providing security awareness training to staff. You will play a crucial role in managing and enhancing our security infrastructure, including firewalls, intrusion detection/prevention systems, SIEM solutions, and endpoint security tools. The ideal candidate will possess exceptional analytical and problem-solving skills, a proactive approach to identifying and mitigating risks, and a strong understanding of relevant compliance frameworks (e.g., ISO 27001, GDPR, PCI DSS). Experience with cloud security (AWS, Azure, GCP) and scripting languages (e.g., Python, Bash) is highly desirable. This is an excellent opportunity for a seasoned security professional to take on significant responsibility, influence security strategy, and work within a dynamic, innovative, and remote-first environment. You will be instrumental in safeguarding our operations and maintaining the trust of our clients.
Responsibilities:
Key responsibilities include monitoring security alerts, investigating potential security incidents, performing vulnerability assessments and penetration testing, developing and implementing security policies and procedures, and providing security awareness training to staff. You will play a crucial role in managing and enhancing our security infrastructure, including firewalls, intrusion detection/prevention systems, SIEM solutions, and endpoint security tools. The ideal candidate will possess exceptional analytical and problem-solving skills, a proactive approach to identifying and mitigating risks, and a strong understanding of relevant compliance frameworks (e.g., ISO 27001, GDPR, PCI DSS). Experience with cloud security (AWS, Azure, GCP) and scripting languages (e.g., Python, Bash) is highly desirable. This is an excellent opportunity for a seasoned security professional to take on significant responsibility, influence security strategy, and work within a dynamic, innovative, and remote-first environment. You will be instrumental in safeguarding our operations and maintaining the trust of our clients.
Responsibilities:
- Monitor and analyse security alerts from various security tools (SIEM, IDS/IPS, EDR).
- Investigate and respond to security incidents, conducting root cause analysis.
- Perform regular vulnerability assessments and penetration testing.
- Develop, implement, and maintain security policies, standards, and procedures.
- Manage and configure security technologies such as firewalls, WAFs, and VPNs.
- Conduct security awareness training for employees.
- Assess and mitigate security risks across the organisation.
- Collaborate with IT teams to ensure secure system configurations.
- Stay current with the latest cybersecurity threats, trends, and technologies.
- Contribute to the development of incident response plans and disaster recovery strategies.
- Ensure compliance with relevant industry regulations and standards.
- Provide technical guidance and mentorship to junior security staff.
- Bachelor's degree in Computer Science, Cybersecurity, or a related field.
- Significant experience (5+ years) in information security.
- Strong understanding of network security, endpoint security, and application security.
- Proficiency with SIEM, IDS/IPS, and vulnerability scanning tools.
- Experience with incident response and forensic analysis.
- Knowledge of cloud security principles (AWS, Azure, GCP).
- Relevant certifications such as CISSP, CISM, or CompTIA Security+.
- Excellent analytical, problem-solving, and communication skills.
- Ability to work independently and manage tasks effectively in a remote setting.
This advertiser has chosen not to accept applicants from your region.
9