Cyber Risk Analyst

We are a small, young, cyber security consultancy that welcomes challenge and values different perspectives. We’re not afraid to do things differently and our clients appreciate us for that.

We typically work with senior clients — like CIOs, CTOs, CISOs, plus CEOs and NEDs — over longer periods to deliver real and measurable outcomes, rather than one-off deliverables.

We work collaboratively and securely in the open with our clients using tools to automate tasks, track progress and responsibility, and share our findings. This is how we like to work.

We work on interesting engagements where security meets ‘the business’ to better understand, communicate and manage cyber risk. That may involve helping to identify the sources of risk to an organisation, how frequently they face different types of risk events, and quantifying the consequences of these to their operations. It may be producing a light-touch Cyber Scorecard or taking a deeper dive assessment into their security posture. We also help boards and leadership teams explore risk scenarios through cyber exercises (or ‘war games’).

We believe in making the world a better place and do that through two specific programmes. Through Cydea x Good Causes you can expect to spend time supporting good causes on a pro-bono basis or helping them with grants to purchase security solutions. You’ll also be expected to contribute to open-source projects through cydea.tools that provides any organisation with free tools to improve their security posture.

We’re a remote-first business so you’ll spend less time commuting and more time doing things that matter (client work, or perhaps doing the school run). That doesn’t mean you’ll be alone: we use collaboration tools to keep in touch day-to-day and have monthly Team Days in different locations to get together, celebrate successes and plan for the future. Often our clients drop by to share what they’re up to and the problems they’re facing.

We want you to succeed and will invest in your development through formal courses, online learning, career mentorship, on-the-job training and regular feedback. We budget for everyone to go on a training course every year and expect you to share what you’re learning. Every week we talk about what we’ve achieved, learned and reflect on a problem we’ll need to solve soon.

This is a UK-based, primarily work from home role, with some travel required to meetings and clients.

Who we are looking for

We are looking for someone to join our team as a cyber risk analyst. They’ll have an inquisitive mind and want to improve the world around them. This will come across on a day to day basis as they work to understand our clients’ business and help them to make better decisions that improves their cyber security posture. They will have the ability to communicate clearly and concisely in both written and verbal form, and will have the confidence to question and challenge the status quo.

We don’t expect them to have cyber certifications or previous consulting experience, instead we do expect them to demonstrate an aptitude for listening and communicating, problem solving (and awareness of when to ask for help!) and a willingness to learn on the job.

Does this sound like you? Ok, then read on!

About the role

You’ll be working at the intersection of cyber security and ‘the business’ to assess security postures and conduct cyber risk assessments. You’ll be working with Cydea teammates, and interacting with client security and IT teams. You’ll help to organise, facilitate and write up interviews and workshops, plus collating and analysing data for review by others in the team, as well as writing up our findings & recommendations.

You’ll mostly be working as part of a team, under the direction of other Cydea teammates to complete individual tasks using our internally developed methods and processes, industry practices and open-source tools. From time to time we may ask you to help prepare or deliver presentations to senior business leaders and board members.

Over time you will develop consulting ‘soft skills’ where you are more comfortable scoping out tasks and breaking down challenges into small, more manageable parts, documenting any assumptions or estimates that you make along the way. You’ll get more involved in managing day-to-day projects and tasks, and keeping clients up to date on progress. 

Some projects will require travel to client sites. That may be for the odd meeting or workshop, or it may be for multiple days over a few weeks. Most of our clients and meeting locations are in the South East.

Outside of the ‘billable’ client work you’ll also be contributing to our internal tools and processes and open-source projects. You’ll be expected to raise awareness of our services and (reverse) mentor colleagues. 

Through our Cydea x Good Causes charitable programme you’ll spend five days every year on pro-bono engagements helping not-for-profit organisations to protect their incredible work.

Package and benefits

We think that we offer a competitive package, so we’re not afraid to tell you about it upfront.

The salary for this role is £31,000. We also like to look after our people and offer the great benefits listed on our careers page. 

Working at Cydea

We are a small, young, cyber security consultancy that welcomes challenge and values different perspectives. We're not afraid to do things differently and our clients appreciate us for that. We have a passion for developing talent and would love for you to have a long, successful and rewarding career with us.

We believe in making the world a better place and do that through two specific programmes. Through Cydea x Good Causes you can expect to spend time supporting good causes on a pro-bono basis or helping them with grants to purchase security solutions. You'll also be expected to contribute to open-source projects through cydea.tools that provides any organisation with free tools to improve their security posture.

We're a remote-first and flexible business so you'll spend less time commuting and more time doing things that matter (client work, or perhaps doing the school run). That doesn't mean you'll be alone: we use collaboration tools to keep in touch day-to-day and have monthly Team Days in different locations to get together, celebrate successes and plan for the future. Often our clients drop by to share what they're up to and the problems they're facing.

We want you to succeed and your line manager will support and guide you in your assignments, and your career more generally. You will be supervised, but not micromanaged. We will invest in your development through formal courses, online learning, career mentorship, on-the-job training and regular feedback. We budget for everyone to go on a training course every year and expect you to share what you're learning. Every week we talk about what we've achieved, learned and reflect on a problem we'll need to solve soon.

You can find out more about what it's like to work at Cydea on our website: https://cydea.com/careers/

Does that sound good? Apply below!