Role Summary Responsibilities : By stepping into Costello Medical’s first Cyber Security Analyst role, you will be responsible for conducting security incident detection, monitoring and response, as well as supporting with the delivery of key IT security projects for our Technical Operations team Salary : £35,000 to £40,000 per annum, depending on your qualifications and previous experience Benefits : Discretionary profit share bonuses paid twice per year, hybrid and flexible working options, generous holiday allowance, private medical insurance, critical illness cover, income protection, full funding for external training and more Role Type : Full-time, permanent Start date : We are currently recruiting for start dates throughout 2025, including April and May, and you will be asked to state your availability on your application form Application Deadlines : Whilst there are no set application deadlines, we strongly recommend applying as early as possible. The role will close when a suitable candidate is found Location : This role is available in our Global Headquarters in Cambridge About the Role As Costello Medical continues to experience rapid growth, our vibrant and innovative Technical Operations (TechOps) team is seeking the company’s first dedicated Cyber Security Analyst. This brand-new and pivotal role offers a talented individual the chance to shape the future of our cyber security efforts and lay the foundation for an in-house Security Operations Centre (SOC). In this role, you will serve as the primary cyber security expert, triaging and responding to security incidents while contributing to the development and maintenance of innovative security processes and strategies. You will work both independently and collaboratively with the wider TechOps team, consulting on IT projects, providing strategic advice, and validating security elements to safeguard our IT infrastructure. You will be responsible for promoting effective cyber hygiene across the company by conducting phishing simulations and using your knowledge of the evolving threat landscape to guide cyber security training initiatives. Additionally, you will have ample opportunities to enhance Costello Medical’s security by proposing and delivering security projects of your own. Key responsibilities will include: Incident detection and response using EDR/XDR and SIEM technologies, including Microsoft Defender and Sentinel Contributing to the development and maintenance of security procedures, including vulnerability scanning, remediation, and crafting playbooks for responding to alerts Conducting phishing simulations, reporting results, and carrying out remediation activities Developing and delivering training on IT security and data management to a variety of audiences Proactively consulting on a variety of IT projects, providing strategic advice and validating security elements to ensure effective risk management and mitigation Representing the TechOps team by explaining IT security processes, announcing changes, soliciting feedback, and maintaining strong relationships with other teams Championing risk management and effective data management practices across the global business Collaborating with other teams, such as Legal, to ensure compliance with the latest security standards and helping the company achieve certifications such as CyberEssentials and ISO27001 As you gain experience and confidence within the role, you will have the opportunity to lead incident response efforts, implement process improvements, and spearhead the development of new security strategies. You will become the go-to person for IT security and risk mitigation, establishing yourself as Costello Medical’s designated cyber security expert. Hybrid Working Policy: We believe that having face-to-face time in the office holds many benefits and is central to ensuring that the community we have created, where people have a workplace they belong to and feel part of, is never lost. At the same time, we recognise that homeworking can improve work life balance, reduce commuting times and costs, and provide the opportunity to juggle personal commitments. Therefore, we offer flexible working arrangements that allow our colleagues who have passed probation to work from home up to half their time, measured across a 2-week rolling period. During your probationary period (normally the first 6 months of the role), you will be able to work from home 1 day per week. Career Profile We offer many opportunities for personal and professional development at Costello Medical. Please click below to read first-hand accounts from our colleagues about their time with the company: https://www.costellomedical.com/careers/working-at-costello-medical/ Requirements About You We are seeking a highly motivated and proactive individual eager to contribute innovative ideas and deliver lasting improvements. As the first Cyber Security Analyst at Costello Medical, you will have the unique opportunity to shape your own career and the broader development of our in-house cyber security team, developing procedures, setting up tooling, and guiding the service over time. This role is therefore ideal for someone ambitious and ready to take on significant responsibility, channelling their interest in building a strong security posture for the company across various technical and non-technical domains. You will have the chance to work closely with IT management at the company to rapidly gain experience and make a substantial impact, gaining professional recognition and advancing your career. Essential requirements for the role are: A degree-level or higher qualification in Cyber Security or a related discipline (minimum 2.1 or equivalent). Related disciplines include but are not limited to; Information Technology, Computer Science, Risk Management, Law and Technology, or similar A minimum of 2 years’ professional experience in IT security roles, or similar Excellent knowledge of IT systems, infrastructure and security controls, enabling the development of data management solutions, policies and processes that can be seamlessly adopted by the company A “can do” attitude, a strong customer focus at all times, and a willingness to be an advocate for IT security throughout the business Exceptional organisational skills, a strong awareness of all facets of a task or longer-term project, and the ability to adapt to changing deadlines The ability to plan and prioritise your own time and communicate this to others Excellent written and verbal communication skills. This includes attention to detail, a confident and professional tone, and the ability to explain technical concepts in a digestible way to a variety of audiences Strong interpersonal skills and the ability to influence senior stakeholders to make important decisions that drive security improvements across the company Desired requirements for the role are: Experience proposing or delivering innovative IT projects independently Experience in managing highly sensitive and confidential data, including commercially confidential, intellectual property, and special-category personal data Knowledge of data privacy regulations, such as the EU General Data Protection Regulation and the Data Protection Act 2018 At Costello Medical, our recruitment approach focuses on developing talent from within through on-the-job training and tailored peer support. Our SOC Analyst role is no exception, and we welcome applications from those looking to advance their career within a successful and growing global company. Benefits Why Choose a Career in IT Security Operations with Costello Medical? Costello Medical is a rapidly growing global healthcare agency specialising in medical communications, market access and health economic and outcomes research. Our vision is to be a leading global partner consistently striving for meaningful and outstanding contributions that improve people’s health and lives. We strongly recognise the importance of IT talent and believe we offer a unique platform for you to build a long-lasting career with us. A chance to collaborate with others. In a highly innovative and growing company, our colleagues are always looking for the best ways to support our clients and each other. Whether safeguarding a new internal process, consulting on an IT project, or providing risk management training, you will be the face of IT security operations and risk management globally Develop new cutting-edge skills. We are continuously improving our systems; over the last few years, we have stripped out much of our existing infrastructure and implemented innovative cloud-based solutions with advanced security controls. As a SOC Analyst, you will gain valuable experience with cutting edge technologies, and will have the opportunity to implement new technologies of your own Users who respect and value you. Our colleagues deeply care about the integrity of Costello Medical and passionately uphold its data security requirements, making it easy for you to build positive, trusting and respectful relationships with them. Your support and guidance will be truly valued, making you an integral part of the company A truly varied role. As a SOC Analyst, you will be closely involved in various activities including IT security projects, risk assessment, training, and technical writing. As the company grows, our needs are often changing, and new opportunities will continually arise Have your say and shape your own career. Given we outsource a lot of our day-to-day IT support, our TechOps team is relatively small, yet plays a vital role for the company. Your voice matters; you will have a significant influence on team decisions, and will be encouraged to take your career in a direction that challenges you to meet your own goals We are invested in our culture. We are committed to our company values, promoting a fun, friendly and innovative workplace. As a result, we have been listed in The Top 100 Companies to Work For list for six consecutive years, and achieved B Corp certification in 2022. These values are embraced by the entire company, including the TechOps team Contribute towards something meaningful. At Costello Medical, we are committed to improving health globally, and our clients include leading pharmaceutical and medical technology companies, patient and public health bodies, as well as charitable organisations. You can learn more about what we do here: https://www.costellomedical.com/what-we-do/. By maintaining our security infrastructure, you are enabling us to confidently serve our clients, directly contributing towards improving global health. You will also be supporting a company that believes in corporate social responsibility, giving back to the local community through funded volunteering and pro bono days What We Offer Alongside our award-winning company culture, where every team member is celebrated, respected, and has their voice heard, we are proud to offer a comprehensive benefits package that includes: A starting salary of £35,000 to £40,000 per annum, depending on your qualifications and previous experience, as well as a discretionary profit share bonus paid twice per year. Please note that we have established salary bands that ensures a fair and consistent approach for all applicants, eliminating the need for individual negotiations 25 days’ annual leave plus bank and public holidays, as well as a holiday buy and sell scheme Flexible working hours and the chance to work from home for up to half of your working time after passing probation Flexible benefits scheme offering cash payments, additional pension contributions and more Private Medical Insurance which offers comprehensive cover on a “medical history disregard” basis Paid study leave and funding for external qualifications Critical Illness Cover, Income Protection and Life Assurance Paid and unpaid sabbaticals based on length of service Please click here to learn about our full reward package and the other benefits of working for Costello Medical: https://www.costellomedical.com/careers/benefits-package-in-the-uk/ The Application Process You are required to submit your CV and a cover letter via our online application form. In your cover letter, you must explain why you think you would be suited to the role and why you would like to join Costello Medical, with examples to support both. Your CV should clearly state the dates of all qualifications and grades achieved, where applicable. Then, our recruitment process includes a telephone interview with a member of the Talent Acquisition team, followed by a written assessment for you to complete in your own time. If successful, you will be invited to a final interview with senior members of our TechOps team. Please note that the successful candidate may be required to undergo security/background checks, and any employment offer will be conditional on the results of these. Our standard recruitment process typically lasts around 2 to 3 weeks, however this can be adapted if necessary. As an equal opportunity employer, we are committed to fostering a diverse and inclusive workforce and, throughout the recruitment process, there are a number of reasonable adjustments we can provide. Please click here to learn more. Please note that, whilst we embrace AI to innovate and improve processes, your role may involve confidential data that cannot be uploaded to AI. Therefore, it is important for us to assess your own skills and abilities, so we recommend that you do not rely solely on this technology to generate any application materials. Visa Sponsorship Due to the Skilled Worker visa regulations, you will only be eligible for visa sponsorship if you meet the following criteria: You are classified as a New Entrant - this means you are under the age of 26, currently studying in the UK or a recent graduate in the UK. Please click the following link to read more about the New Entrant criteria: https://www.gov.uk/government/publications/skilled-worker-visa-caseworker-guidance/skilled-worker-caseworker-guidance-accessiblebookmark63 You will be asked to provide details of your right to work in the UK within your application, which will be used to help assess your eligibility for visa sponsorship. Please click the following link to read more about the criteria on the UK government website: https://www.gov.uk/skilled-worker-visa/when-you-can-be-paid-less. Please contact recruitmentcostellomedical.com should you have any questions.