Cyber Risk Analyst
Remote (United Kingdom)
Cydea
We believe that good cyber security: starts with a deep and thorough understanding of how your organisation works provides the strongest protection for the most important things responds and adapts to people's needs Rather than comparing your...We are a small, young, cyber security consultancy that welcomes challenge and values different perspectives. We’re not afraid to do things differently and our clients appreciate us for that.
We typically work with senior clients — like CIOs, CTOs, CISOs, plus CEOs and NEDs — over longer periods to deliver real and measurable outcomes, rather than one-off deliverables.
We work collaboratively and securely in the open with our clients using tools to automate tasks, track progress and responsibility, and share our findings. This is how we like to work.
We work on interesting engagements where security meets ‘the business’ to better understand, communicate and manage cyber risk. That may involve helping to identify the sources of risk to an organisation, how frequently they face different types of risk events, and quantifying the consequences of these to their operations. It may be producing a light-touch Cyber Scorecard or taking a deeper dive assessment into their security posture. We also help boards and leadership teams explore risk scenarios through cyber exercises (or ‘war games’).
We believe in making the world a better place and do that through two specific programmes. Through Cydea x Good Causes you can expect to spend time supporting good causes on a pro-bono basis or helping them with grants to purchase security solutions. You’ll also be expected to contribute to open-source projects through cydea.tools that provides any organisation with free tools to improve their security posture.
We’re a remote-first business so you’ll spend less time commuting and more time doing things that matter (client work, or perhaps doing the school run). That doesn’t mean you’ll be alone: we use collaboration tools to keep in touch day-to-day and have monthly Team Days in different locations to get together, celebrate successes and plan for the future. Often our clients drop by to share what they’re up to and the problems they’re facing.
We want you to succeed and will invest in your development through formal courses, online learning, career mentorship, on-the-job training and regular feedback. We budget for everyone to go on a training course every year and expect you to share what you’re learning. Every week we talk about what we’ve achieved, learned and reflect on a problem we’ll need to solve soon.
This is a UK-based, primarily work from home role, with some travel required to meetings and clients.
Who we are looking for
We are looking for someone to join our team as a cyber risk analyst. They’ll have an inquisitive mind and want to improve the world around them. This will come across on a day to day basis as they work to understand our clients’ business and help them to make better decisions that improves their cyber security posture. They will have the ability to communicate clearly and concisely in both written and verbal form, and will have the confidence to question and challenge the status quo.
We don’t expect them to have cyber certifications or previous consulting experience, instead we do expect them to demonstrate an aptitude for listening and communicating, problem solving (and awareness of when to ask for help!) and a willingness to learn on the job.
Does this sound like you? Ok, then read on!
About the role
You’ll be working at the intersection of cyber security and ‘the business’ to assess security postures and conduct cyber risk assessments. You’ll be working with Cydea teammates, and interacting with client security and IT teams. You’ll help to organise, facilitate and write up interviews and workshops, plus collating and analysing data for review by others in the team, as well as writing up our findings & recommendations.
You’ll mostly be working as part of a team, under the direction of other Cydea teammates to complete individual tasks using our internally developed methods and processes, industry practices and open-source tools. From time to time we may ask you to help prepare or deliver presentations to senior business leaders and board members.
Over time you will develop consulting ‘soft skills’ where you are more comfortable scoping out tasks and breaking down challenges into small, more manageable parts, documenting any assumptions or estimates that you make along the way. You’ll get more involved in managing day-to-day projects and tasks, and keeping clients up to date on progress.
Some projects will require travel to client sites. That may be for the odd meeting or workshop, or it may be for multiple days over a few weeks. Most of our clients and meeting locations are in the South East.
Outside of the ‘billable’ client work you’ll also be contributing to our internal tools and processes and open-source projects. You’ll be expected to raise awareness of our services and (reverse) mentor colleagues.
Through our Cydea x Good Causes charitable programme you’ll spend five days every year on pro-bono engagements helping not-for-profit organisations to protect their incredible work.
Package and benefits
We think that we offer a competitive package, so we’re not afraid to tell you about it upfront.
The salary for this role is £31,000. We also like to look after our people and offer the great benefits listed on our careers page.
Working at Cydea
We are a small, young, cyber security consultancy that welcomes challenge and values different perspectives. We're not afraid to do things differently and our clients appreciate us for that. We have a passion for developing talent and would love for you to have a long, successful and rewarding career with us.
We believe in making the world a better place and do that through two specific programmes. Through Cydea x Good Causes you can expect to spend time supporting good causes on a pro-bono basis or helping them with grants to purchase security solutions. You'll also be expected to contribute to open-source projects through cydea.tools that provides any organisation with free tools to improve their security posture.
We're a remote-first and flexible business so you'll spend less time commuting and more time doing things that matter (client work, or perhaps doing the school run). That doesn't mean you'll be alone: we use collaboration tools to keep in touch day-to-day and have monthly Team Days in different locations to get together, celebrate successes and plan for the future. Often our clients drop by to share what they're up to and the problems they're facing.
We want you to succeed and your line manager will support and guide you in your assignments, and your career more generally. You will be supervised, but not micromanaged. We will invest in your development through formal courses, online learning, career mentorship, on-the-job training and regular feedback. We budget for everyone to go on a training course every year and expect you to share what you're learning. Every week we talk about what we've achieved, learned and reflect on a problem we'll need to solve soon.
You can find out more about what it's like to work at Cydea on our website: https://cydea.com/careers/
Does that sound good? Apply below!
Tags: Nonprofit Risk assessment
Perks/benefits: Career development Competitive pay Flex hours Flex vacation Startup environment Team events Travel
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Cybersecurity Engineer jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Information Security Architect jobs
- Open Information System Security Officer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Analytics-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs