Cyber Security Analyst
Our Ways of Working:We believe that we do our best work when we are together, but also appreciate that everyone works in different ways. That’s why we operate with three working models which look to define where and how our people work - Remote, Hybrid, Site/Office - based. Although we believe the majority of our people will choose our hybrid working model (at least 2 days in the office each week), for some of our teams that don't require as much in-person connection and collaboration, we offer fully remote working (with paid travel to the Moonpig office up to 6 times per year). Remote roles are specified directly on our job advertsAt Moonpig Group our mission is to help people connect and create moments that matter. We’re an international group made up of four brilliant brands – Moonpig in the UK, Ireland, US and Australia, and Greetz in the Netherlands – with our newest additions Buyagift and Red Letter Days having joined the Group in 2022. We were founded with a goal to disrupt the traditional greetings industry. Two decades on, we’re an established leader within the online gifting market, offering a wide range of products to customers across the world.Moonpig is an iconic brand and innovator, with clear values (read more about our values here!). These values set our teams and our business up for success in an environment that’s fun, supportive and challenging. They’re the glue that binds us together and we think of them as a platform to help us deliver our best work. You have every chance to drive impact here at Moonpig, and most importantly, we genuinely want you!What you’ll be doingThe Cyber Security Analyst is key in ensuring risk based, cost effective and integrated Security controls are implemented and maintained. Within this role you will assume operational responsibilities for the maintenance of Cyber Security technologies and additionally recommend/implement areas of improvement to address Cyber Security risks, working closely alongside the Security Operations Manager and the Product Security team.
Key Responsibilities:
- Actively participating in efforts to counter security breaches and contributing to strategies for reducing the likelihood of future security incidents.
- triage various alerts, including secret detection and vulnerability scanning alerts, with a focus on effective prioritisation.
- Collaborate in the implementation of technology controls, working closely with the team to address business risks in various technology service areas.
- Contribute to the preparation of reports assessing the effectiveness of security policies, incident responses, and disaster recovery plans, providing valuable insights.
- Support the development of updates and training programs to enhance network security and contribute to employee security awareness.
- Participate in the analysis of security breaches to identify causes and contribute to updates in incident responses and disaster recovery plans.
- Collaborate with the Risk and Compliance team and assist in coordinating security plans with external vendors.
- Contribute to the creation of procedures for IT employees and participate in security awareness training programs.
- Participate in and contribute to Threat Modelling sessions to identify and address potential security threats.
- Play a key role in vulnerability management activities, contributing to the creation and management of vulnerability tickets.
About You:
- A background in cyber security and experience in security operations, including incident and event management experience.
- Strong analytical skills, adept at interpreting data and delivering actionable insights.
- Ability to engage stakeholders at all levels Articulate, with the ability to make technical recommendations sound simple
- Knowledge of common cyber security frameworks and controls
- Demonstrate a positive, collaborative, and pragmatic approach in navigating cyber security challenges.