Cyber Security Analyst

  • London
  • Full Time (Permanent)
  • Hybrid
  • Security Team
Apply for this role

About the role

We are looking for a hands-on Cyber Security Analyst to join our InfoSec team and help secure our growing platform and products.

This role requires an analyst with a good grasp of security governance, ensuring we maintain a high standard of security, operational resilience, and regulatory compliance as we scale.

What you’ll be doing

  • Security Operations: Reviewing inbound requests from the Secure Operations Centre and helping to prioritise and raise awareness of security events.

  • Vendor Security Reviews: Execute vendor security assessments and due diligence reviews for new and existing third-party suppliers, maintaining required documentation for the Vendor Governance Forum.

  • Audit Support: Assist the team in achieving and maintaining compliance with key regulatory and industry frameworks, including GDPR, ISO 27001, SOC 2, and PCI DSS, by working with stakeholders to gather evidence and documenting controls.

  • Policy & Standards: Help translate high-level security policies into practical, actionable security standards and control requirements for engineering teams.

  • Risk Reporting: Document and track identified risks from AppSec, vendor reviews, and operations, ensuring they are accurately captured and reported.

  • Security Training: Support the delivery of security awareness and training programs tailored for technical and non-technical staff.

  • Security Programmes: Working with Product teams to execute and improve security programmes such as Disaster Recovery.

What we're looking for

Experience & Skills

  • Proven experience as a Security Analyst, or similar role

  • Practical experience in conducting vendor security assessments and performing technical due diligence on third parties

  • Good working knowledge of common security frameworks and regulations (e.g., ISO 27001, SOC 2, PCI DSS), with experience supporting audit processes

  • Awareness or practical experience with AI-powered security tooling (e.g., AI-driven monitoring, generative AI for code review, or AI defense mechanisms)

  • Excellent communication skills, capable of explaining complex security concepts to both technical and non-technical audiences

Desirable

  • Experience with Engineering and Automation tooling (e.g., GitHub, Terraform, Python)

  • Experience with GRC platforms (e.g., Vanta, Drata)

Interview process

  • Intro Call with People Team: A brief conversation to get to know you and your background

  • Call with InfoSec team member: A deeper dive into your experience and how it aligns with our vision

  • Technical and Cultural Interview: A deeper session where you’ll meet with several team members and stakeholders to discuss your motivations and expertise, and your approach to delivery and collaboration

Apply for this role