IT/Cyber Security Analyst
On site
London, United Kingdom
Full Time
01-04-2025
Job Specifications
The Role
The IT Security Analyst is a global role within the ION Analytics Division. The role will support the division’s security strategy through the identification, mitigation and remediation of information security risks to the business. This role reports to the divisional CISO.
As a member of the Analytics’ IT Security Team, the successful candidate will be responsible for handling escalations from the Group-wide CSIRT Team, improving the security posture, vulnerability management/reporting through to remediation, ensuring security standards are upheld as well as providing input in to security control configuration and policies. The Security Analyst’s other responsibilities include meeting KPI targets defined by management and performing various other duties assigned by the divisional CISO.
We are looking for a hard-working, dedicated and motivated individual. Excellent communication skills are a must and the role holder will be expected to cultivate working relationships with other teams and colleagues of varying technical ability. The role would suit a technically strong candidate looking to drive forward career progression within a dedicated security team. Ideally the candidate will have come from related security and systems administration roles, focusing on workstation, server and network technologies.
Key Responsibilities
This role may require some overnight, weekend and on-call activities.
The Primary Responsibilities Of This Role Are To
Protect and defend: identify, analyze and mitigate threats to IT systems and/or networks.
Use defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network to protect information, information systems, and networks from threats.
Respond to security alerts to mitigate immediate and potential threats. Use mitigation, preparedness, and response and recovery approaches, as needed, to maintain information security and minimize impacts.
Conduct assessments of threats and vulnerabilities; determine deviations from acceptable configurations, enterprise or local policy; assess the level of risk; and develop and/or recommend appropriate mitigation countermeasures.
Operate and maintain: configure, tune, maintain and operate key security controls, technologies, and other risk mitigations
As a member of the Security team, it is expected that the person in this role will:
Execute ongoing, operational business-as-usual (BAU) tasks to meet management-defined KPIs and SLAs, and deliver security projects in line with management-defined priorities and deadlines
Stay current with the latest security news, threats, intelligence, tactics, techniques, and vulnerabilities. Research and analyze new threats and vulnerabilities to determine exposure.
Perform threat hunting and review, triage, investigate and escalate security alerts raised by the Group-Wide SOC team, security tools, technologies, and services (e.g. endpoint security, network security, DLP, SIEM, etc.)
Assist and/or lead efforts to isolate, contain, respond to, and recover from security incidents
Identify, review, prioritize, plan, coordinate, and follow-up on the remediation of vulnerabilities
Configure, customize, tune, manage, troubleshoot, and maintain to ensure effective and efficient operation of security technologies, such as SIEM & endpoint security, intrusion detection/prevention systems, etc. This may also include scripting, automation, and orchestration across various platforms.
Define, document, and follow approved processes for all the responsibilities included in this job description. Create and maintain documentation for systems, including design and operation.
Review systems, configurations, and process to ensure and report on compliance with ION policy, client requirements, audit controls, regulations, and industry best practices. Provide best practice security recommendations to IT and other teams within ION, based on review results.
Respond to information security-related inquiries and requests.
Required Skills, Experience And Qualifications
Degree/diploma/certifications in a technology-related field and/or relevant working experience; highly desired certifications include:
PenTest+, Security+, OSCP, CCSP, CEH, GCIH, GMON
3+ years' experience in IT Security and/or IT
Must have fundamental programming/scripting capabilities (e.g. python, powershell, bash, etc.)
Must have in-depth understanding of operating systems (Windows/Linux)
The Following General Characteristics Are Required
A team player with the ability to work independently and unsupervised
Ability to own delegated tasks and see them through to completion
Ability to manage time and prioritize work to maximize productivity
Excellent communication skills (both written and verbal)
Exceptional attention to detail and quality
Excellent problem-solving techniques and trouble analysis skills
The Candidate Should Have a Good Knowledge Of
Endpoint security concepts, controls, and best practices for Servers (e.g. Windows and Linux)
General IT networking concepts, protocols, standards and network security concepts, controls, and best practices
Cryptography fundamentals and data security controls and best practices
Forensic investigation techniques
Prior experience deploying, configuring, managing, and/or operating security technologies is preferred, such as endpoint security (e.g. AV/EPP/EDR), SIEM, DLP, SWG, CASB, UEBA, IDS, IPS, firewalls, IAM/PIM/PAM, vulnerability management, MDM, etc.
About Us
We’re a diverse group of visionary innovators who provide trading and workflow automation software, high-value analytics, and strategic consulting to corporations, central banks, financial institutions, and governments. Founded in 1999, we’ve achieved tremendous growth by bringing together some of the best and most successful financial technology companies in the world.
Over 2,000 of the world’s leading corporations, including 50% of the Fortune 500 and 30% of the world’s central banks, trust ION solutions to manage their cash, in-house banking, commodity supply chain, trading and risk.
Over 800 of the world’s leading banks and broker-dealers use our electronic trading platforms to operate the world’s financial market infrastructure.
ION is a rapidly expanding and dynamic group with 13,000 employees and offices in more than 40 cities around the globe,
Our ever-expanding global footprint, cutting edge products, and over 40,000 customers worldwide provide an unparalleled career experience for those who share our vision.
ION is committed to maintaining a supportive and inclusive environment for people with diverse backgrounds and experiences. We respect the varied identities, abilities, cultures, and traditions of the individuals who comprise our organization and recognize the value that different backgrounds and points of view bring to our business.
ION adheres to an equal employment opportunity policy that prohi...
About the Company
We’re visionary innovators who are delivering mission-critical trading and workflow automation software to financial institutions, corporations, central banks, and governments. By combining our passion for automation with a strategic view on the industries we serve, we design solutions that improve decision-making, simplify complex processes, and empower people. Simply put, we help our customers do more, faster and better than before. We believe our investments in research and development are shaping the future of automation... Know more
Related Jobs
- Company Name
- Excelerate
- Job Title
- Azure Cloud Security Consultant | Remote - UK | Contract
- Job Description
- Azure Cloud Security Consultant | Remote | Contract Are you an Azure security specialist looking for your next opportunity? We are hiring an Azure Cloud Security Consultant to support large-scale smart infrastructure transformation projects across sectors such as energy, transport, and city planning. You will play a key role in designing and implementing security measures for cutting-edge cloud environments. Location: Remote (UK-based candidates preferred) Contract: Outside IR35 Rate: £250-550+ per day (negotiable, dependent on experience) Hours: Flexible, with core hours of 10am–4pm Key Responsibilities: Design and implement security controls for Azure cloud environments using Azure Defender, Microsoft Security Center, and AD security policies Conduct risk assessments, vulnerability analysis, and threat modeling to strengthen security posture Integrate security automation and compliance monitoring into CI/CD pipelines using Terraform, Bicep, and Azure DevOps Manage IAM, encryption policies, and network security to ensure data integrity and compliance Collaborate with cross-functional teams to drive security best practices in cloud architecture What We’re Looking For: 5+ years' minimum experience in cloud security architecture and implementation, with a strong focus on Microsoft Azure Expertise in Azure security frameworks, IAM policies, and network security configurations Experience working within regulated industries (finance, public sector, or critical infrastructure) is a plus Preferred: AZ-500 certification and hands-on experience in securing large-scale cloud environments Join a high-performing security team at the forefront of cloud transformation! Apply now.
- Company Name
- Rhymetec
- Job Title
- Senior Cyber Security Analyst
- Job Description
- Title: Senior Cyber Security Analyst Location: UK Remote About Rhymetec Rhymetec was founded in New York City in 2015 and has grown steadily in the areas of compliance, cyber security, and data privacy. Our mission is to ensure our clients are compliant faster so they can focus on their core business and less on the complexities of building effective and compliant infosec programs. Job Responsibilities The Senior Cyber Security Analyst is the ideal complementary role to assist our Security Program Managers. This role will work closely with the SPMs to ensure comprehensive coverage of all compliance and security program management needs while maintaining clear separation of duties and responsibilities. Assist in the design and implementation of comprehensive compliance programs aligned with multiple frameworks. Configure and manage compliance platforms for the client. Serve as secondary liaison between Rhymetec clients and Security Program Managers during project execution. Join weekly meetings with high priority and highly sensitive clients. Serve as secondary liaison between clients and auditors during compliance assessments. Conduct training sessions on compliance requirements and security best practices with CSAs. Complete security questionnaires on behalf of clients. Conduct Incident Response Tabletop exercises with clients. Conduct Business Continuity and Disaster recovery tabletop exercises with clients. Collaborate in building and managing comprehensive risk management programs for Rhymetec clients. Qualifications Bachelor’s Degree from an accredited university in a Technology or Cybersecurity field OR 5+ years of direct experience in listed areas. 4+ years of work experience working with technology, cybersecurity, and regulatory compliance. Experience in customer service and ability to develop professional relationships with customers. Preferred experience in translating and implementing SOC 2, ISO 27001, HIPAA, GDPR, CCPA and other compliance frameworks. Strong logical security skills, with experience in cloud security. Understanding of cloud environments (AWS, GCP, Azure) and integrating security controls through DevOps and Infrastructure as a Service (IaaS) techniques. Preferred Certification(s): Cloud+, CySA+, CISSP, CSSP, CISM, CRISC. Benefits Rhymetec offers a robust employee benefits package, including: Comprehensive, company-funded private medical insurance for employees. Enhanced dental and vision benefits. Generous annual leave package. A competitive workplace pension. Company-paid life assurance. Wellbeing Support: An annual subscription to TalkSpace, our online counselling and therapy service. Applicants must have the legal right to work in the UK and be willing to undergo a background check in accordance with the Company. Rhymetec is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment regardless of race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetic, disability, age, or veteran status.
- Company Name
- ZOE
- Job Title
- Lead IT Security Engineer
- Job Description
- We Are Redefining How People Approach Their Health ZOE is the science and nutrition company leading a movement to transform the health of millions. We exist because the food we eat is making us sick. Most of what we are taught about food is wrong. ZOE runs the world’s largest nutrition science study to find scientifically proven solutions. Our randomized controlled trial of ZOE proves that if you eat the right food for your body, you can feel healthier in weeks and be on track for more healthy years. ZOE can change the way you eat, feel, and live. We host world-leading scientists on our podcast and bring proven science to your plate with Daily30+, our 30+ plant supplement. Over 100,000 people rely on ZOE Membership, our personalized nutrition program, to make smarter food choices. ZOE Membership turns complex science into clear step-by-step actions, helping you improve your health with every meal. ZOE means life — and you can change your life with food. Visit our career page and become a ZOEntist About The Team The IT function at ZOE is currently led by our Head of IT, supported by an IT Support Engineer. Together, they ensure the smooth operation of our internal systems and infrastructure. As we scale, security is a top priority, and this role will be instrumental in shaping and implementing our IT security strategy, working closely with teams across ZOE to build a robust security framework. You will partner with the Head of IT for strategic guidance but serve as the hands-on lead for security initiatives. About The Role We are looking for a Lead IT Security Engineer to own and operationalise our security roadmap, ensuring the protection of our SaaS-based environment, devices, and data. This is a business-critical role and the first dedicated IT security position at ZOE, giving you the opportunity to shape our policies and practices from the ground up. You will collaborate closely with our Engineering, Legal, and IT teams to mitigate key risks (e.g., endpoint security, BYOD, privileged access) and embed a culture of security across the organisation. What You’ll Do… Shape and implement a comprehensive IT security roadmap that aligns with ZOE’s business goals, covering everything from endpoint security and identity/access management to DLP (Data Loss Prevention) and logging/monitoring. Drive security programs around OS and application patch management, disk encryption, and local admin privilege management, ensuring corporate devices and contractor/BYOD setups meet compliance and security standards. Assess, mitigate, and manage security risks across our SaaS ecosystem (over 100 apps), corporate IT systems, and infrastructure. Lead projects such as domain registration migrations, centralised logging/SIEM setup, and endpoint protection rollouts. Develop and enforce security policies and frameworks, covering identity and access management, incident response, vendor security reviews, and data handling. Drive automation and adopt Infrastructure-as-Code (IaC) patterns to ensure security controls and configurations are repeatable, consistent, and easily deployed across our endpoints and cloud resources. Lead security compliance efforts in partnership with the Legal team, and provide technical guidance to the organisation on data privacy regulations (GDPR, DPA, CCPA etc.) Monitor, investigate, and respond to security incidents, performing root cause analysis, implementing proactive measures and taking lead on responding to IT security incidents. Cultivate a security-first culture by delivering ongoing training (e.g., phishing simulations, secure practices) and collaborating with teams on secure SaaS configuration. Evaluate, select, and deploy security tools and technologies (e.g., EDR, MDM solutions), balancing strong security posture with user experience. Own privileged access reviews and work with stakeholders to enforce least privilege across critical applications and data. Stay ahead of evolving security threats and trends, continuously improving our security capabilities and processes. What We’re Looking For… Extensive experience in corporate IT security, cybersecurity, or information security, ideally in a fast-paced, SaaS-based and cloud-based environment. Proven ability to design, implement, and own security strategies independently. Strong understanding of network security, and device management (Mac, Chromebook, or other). Awareness of cloud security practices (AWS, GCP, or Azure). Hands-on expertise in incident response, vulnerability management, endpoint protection (e.g., EDR), and security operations (logging, SIEM). Deep knowledge of security industry best practices and data privacy regulations (GDPR, DPA, CCPA). Experience embedding security culture: phishing training, running security awareness programs (KnowBe4 or similar), and guiding stakeholders on best practices. Ability to communicate security risks and concepts effectively to both technical and non-technical stakeholders, and work autonomously on big initiatives. A proactive, problem-solving mindset: comfortable tackling complex issues like domain migrations, privileged access reviews, and DLP rollout in a single role. Experience working in a remote, international team is a plus. The experience, skills, and attributes listed above reflect what we believe will contribute to success in this role. If you're passionate about ZOE and the opportunity, but don't meet 100% of the criteria, we still encourage you to apply. We are committed to supporting growth and are happy to offer upskilling opportunities where possible. Compensation Philosophy At ZOE, we are committed to offering competitive and equitable compensation that reflects the value of each role and aligns with regional labor market standards. Our approach to compensation goes beyond just base salary — we offer a comprehensive package that includes base pay and stock options, ensuring that every team member is rewarded for their contributions to the company’s growth and success. We believe that building a thriving team requires not only providing fair and competitive compensation but also fostering an environment where success is shared collectively. Our total compensation package is designed to support the well-being of our employees, recognise their individual contributions, and empower them to grow alongside ZOE. Benefits & Perks At ZOE we understand the significant role our benefits play in motivating, inspiring and safeguarding our employees' well-being. Our benefits strategy is thoughtfully designed to echo our mission and values, recognising the diverse needs arising from different life stages of our ZOEntists. Our approach to benefits takes an inclusive and flexible view of both personal and professional growth. From competitive health insurance and wellness packages to inclusive parental policies, building connection, and tailored professional development programs, we've got you covered. At ZOE, we continue to bu...
- Company Name
- Delaney & Bourton
- Job Title
- Contract Security Solutions Architect
- Job Description
- Role: Contract / Interim Security Solutions Architect (Outside Ir35) Location: Flexible, couple of times a month at Midlands HQ Length: Initial 6 months, likely 12-month engagement Role: Opportunity for an experienced IT Security Solutions Architect to join an iconic UK brand during a period of significant transformation. This role will be responsible for end-to-end Security Solution Architecture, from working with both InfoSec and business teams Key projects on current roadmap include, Internet Proxy Services replacement, privileged access management migration on-prem > cloud. Defender review, Secure Cloud DNS implementation Key skills / experience: Demonstrable experience building fit-for-purpose HLD’s that satisfy business requirements, this isn’t a technical security role. Working from RFP stage Experienced in recommending solutions through horizon scanning and working across to create detailed HLD/LLD around Security requirements Strong experience engaging with and managing stakeholders Role can be based largely remote, expectation on travel is mirrored with business need. Expected to travel to a Midlands HQ a couple of times per month. Commutable from most major city’s including but not limited to, Leeds, Nottingham, Sheffield, Birmingham, Coventry, Oxford, Derby, Solihull, Northampton, Peterborough and more