Security Analyst

Join us on our mission to make a better world of work. 

Culture Amp revolutionizes how over 25 million employees across 6,000 companies create a better world of work. As the global platform leader for employee experience, Culture Amp empowers companies of all sizes and industries to transform employee engagement, develop high performing teams, and retain talent via cutting-edge research, powerful technology, and the largest employee dataset in the world. The most innovative companies across the globe, such as Salesforce, Unilever, PwC, KIND, SoulCycle, Celonis and BigCommerce depend on Culture Amp every day.

Culture Amp is backed by 10 years of innovation, leading capital venture funds, and offices in the U.S, U.K, Germany and Australia. Culture Amp is recognized as one of the world’s top private cloud companies by Forbes and one of the most innovative workplace companies by Fast Company.

Learn more about how Culture Amp can help you create a better world of work at cultureamp.com.

What is the opportunity for you?

Culture Amp is looking for a Security Analyst to join a growing security operations function and participate in event and incident management, and vulnerability management activities. You will have knowledge of investigating cybersecurity events using SIEM, EDR, and traffic analysis tools, and will have an understanding of cybersecurity threats.

The Security Analyst will play a major role in Culture Amp’s security operations capability and will be responsible for detecting and quickly responding to a range of cybersecurity threats guided by senior security analysts. As a security analyst you will be mentored by experienced security operations practitioners.  This role is a great opportunity to contribute to the security of the Culture Amp platform while gaining more experience in security practices and some of the latest technologies. 

Your role in the Camp

• Monitor and analyse cybersecurity events, trends, and threats 
• Investigate cybersecurity incidents and undertake response activities using defined response plans and playbooks
• Support major incident response activities 
• Perform vulnerability analysis and provide guidance on remediation activities
• Participate in incident response drills and exercises
• Provide input into the development and continuous improvement of Culture Amp’s security technologies and processes
• Identify and implement opportunities for automation to improve detection and response capabilities
• Respond to queries from employees, and help champion security within the organisation
• Provide regular metrics and reporting on threats, vulnerabilities, and improvement(s)

What you’ll bring to Culture Amp

• Knowledge of, and some exposure to investigating security incidents and events using SIEM (Splunk preferred)
• Knowledge of, and some exposure to EDR technologies (CrowdStrike preferred)
• Knowledge of vulnerability assessment and management tools and techniques
• Technical knowledge of operating systems, networking, and cloud platforms 
• An understanding of common security operations including NIST, ISO27001, Mitre ATT&CK, and/or Cyber Kill chain
• Some exposure to or preparedness to learn to manage data loss prevention (DLP) and/or CASB technologies
• A positive attitude and a passion for security
• Demonstrable micro learning or ongoing self development in security
• Industry recognised security qualifications highly advantageous

Thank you for taking the time to read this advert. If you decide to apply, as part of your application, we will ask you to complete voluntary diversity questions (excluding Germany). Please watch this video from our amazing DEI Leader, Aubrey Blanche to share more on why we collect the data and how we will use it.