What will I be doing:
As part of the Security Risk team, the Security Risk Analyst will carry out an essential role in ensuring the confidentiality, integrity, and availability of Darktrace information and systems. You will collaborate with departments across Darktrace to ensure that robust security standards and controls are maintained across the third-party supplier landscape, capturing and mitigating security risks. The responsibilities of this role include supporting Security Risk management to sustain business operations through new vendor, applications, and integration assessments. Conducting research to identify and implement security measures to protect systems and information infrastructure and evaluating requests for new and existing software, systems, and applications, ensuring sufficient security controls are in place. You will also be:
* Supporting the information security risk management process by identifying, evaluating, treating, and monitoring threats to data confidentiality, integrity, and availability.
* Providing a level of support to the business on information security-related queries, including engagement with department Leads and Darktrace users, to ensure secure operations throughout the business.
* Providing suitable resiliency and redundancy for other Security teams with department workflows (i.e., Security Compliance).
* Supporting the management and completion of customer security assessments and queries in a professional and timely manner, through the Helpdesk system.
This is a hybrid role working 2 days a week from our Cambridge Headquarters.
What experience do I need:
You will demonstrate a passion for technology and a curiosity for all things security and be up to date with the wider information security landscape and recent changes to the industry as well as be familiar with core computing principles, networking, secure protocols, and cloud technologies. You should have a general awareness of privacy regulations and standards, the fundamentals of GDPR and protection of personally identifiable information, alongside regulations like DORA. Being familiar with industry-recognised security standards and certifications (ISO 27001 series, Cyber Essentials, SOC2, etc.) and understanding the impact of security policy, processes, and procedures on a complex organisation. You will also:
* Be capable of communicating, verbally and in writing, to all types of stakeholders, across technical levels.
* Have the ability to assimilate large volumes of written technical documentation, recording key concepts and producing reports.
* Exhibit excellent time management skills and the ability to prioritise.
* Show adaptability and a willingness to learn.
* Knowledge of the IT and Security vendor landscape is desirable but not essential.
* Knowledge of software development principles, application security, and vulnerability management is desirable but not essential.
Benefits we offer:
* 23 days’ holiday + all public holidays, rising to 25 days after 2 years of service.
* Additional day off for your birthday.
* Private medical insurance which covers you, your cohabiting partner, and children.
* Life insurance of 4 times your base salary.
* Salary sacrifice pension scheme.
* Enhanced family leave.
* Confidential Employee Assistance Program.
* Cycle to work scheme.
#LI-Hybrid
#J-18808-Ljbffr