Cyber Security Analyst
Manchester, England, United Kingdom
Boohoo Group
Shop boohoo's range of women's and men's clothing for the latest fashion pieces you need to be adding-to-basket, with 100s of new styles landing every day!About Us
Having started in 2006 with just three team members, we've evolved into a multi-brand, ecommerce giant with offices worldwide and a passionate team of over 4,000. In the past year alone, we've achieved remarkable milestones including automating our Sheffield distribution centre, launching our US warehouse, and initiating our tech re-platforming.
In Tech, we’re proud to support every function. We’re a digital-first company that is totally cloud native. We embrace change and future-proof the business, delivering critical customer-facing and internal stakeholder-facing systems. Everything from colleague tech to frontend websites and apps, buying and merchandising tooling, and all that’s in-between, we take care of it. Our ideas support and drive the Group’s agenda.
The Role
As a Cyber Security Analyst at boohoo group, you will play a crucial role in safeguarding our systems, infrastructure, and data against potential cyber threats. You will join a leading online fashion retailer and have an opportunity to work in a dynamic and fast-paced environment where your skills and expertise will make a difference.
In this role, your goal is to minimise cyber-attacks and their impact on Boohoo. You will be evaluated based on metrics such as reduced attacks, shorter response times, and compliance. Your efforts lead to a secure Tech environment with minimal disruptions and a strong defence against cyber threats. This ensures the protection of Boohoo's data, assets, and reputation, which ultimately contributes to the success of the company.
Your Team
At Boohoo, our team is committed to safeguarding the integrity, confidentiality, and availability of our systems and data. We take pride in implementing robust security measures to protect against cyber threats, ensuring secure customer transactions and maintaining trust in our brand. With a diverse and pragmatic approach to problem-solving, we align with Boohoo's family and values to achieve success.
Over the last 12 months, our team has made significant progress in reducing email attacks and preventing data breaches. By implementing an AI-based approach to email security and protection, we have achieved outstanding results. We have also centralised security solutions across our 13 brands, which has improved our organisation's security posture.
As we move forward, our team has a clear roadmap for the future, and we are excited to continue making a difference. We welcome anyone who shares our passion for information security and values to join us on this inspiring journey.
Responsibilities
- Respond promptly to security incidents, conduct thorough investigations, and implement corrective measures.
- Responsible for monitoring our technology stack, VMDR, XDR, CSPM, MSFT Security.
- Manage security tools and software, ensuring they are up to date and effectively protecting the organisations assets.
- Conduct regular system and network security assessments to identify vulnerabilities and mitigate them.
- Penetration testing analysis and remediation activities.
- Monitor security access and access control to prevent unauthorised access, data breaches, and cyber-attacks.
- Create technical documentation to assist colleagues in root cause analysis.
- Create and improve incident playbooks and runbooks.
- Stay up to date with the threat landscape.
Requirements
- Proven experience in a cybersecurity role, preferably in a large organization.
- Strong knowledge of cybersecurity principles, best practices, and technologies.
- CompTIA SEC +, CySA, Network+, ISC CC.
- Experience or demonstrable knowledge in log analysis and PCAP analysis.
- A solid understanding in the approach threat actors take to attacking a network, phishing, port scanning, web application attacks, DDoS, lateral movement.
- Demonstrable knowledge in network fundamentals, for example, OSI Stack, TCP/IP, DNS, HTTP(S), SMTP.
- Experience with security monitoring, incident response, and vulnerability management.
- Knowledge of network protocols, architecture, and security controls.
- Understanding of malware analysis, intrusion detection/prevention systems, and endpoint security solutions.
- Ability to analyze and interpret security logs and data.
- Excellent problem-solving and analytical skills.
- Strong communication and interpersonal skills.
- Ability to work effectively in a fast-paced, dynamic environment.
- Experience with cloud security and DevSecOps practices is a plus.
Benefits
We offer them some amazing benefits:
- 25 days holiday
- Free on-site gym with daily classes (due to current restrictions, live PT sessions)
- Discretionary Bonus Scheme
- Company shares schemes - including a ' Save As You Earn' scheme
- Up to 40% staff discount (including PLT, Boohoo, Boohoo MAN, Nasty Gal, Coast, Warehouse, Misspap)
- Social events (including pay day drinks, Employee Appreciation Day etc.)
- Salary sacrifice pension scheme with employer contribution
- Flexible working hours
- Cycle to work scheme
- Childcare support through the Government
- Health cash plan
- Personal development opportunities to learn and grow at work
#LI-GS1 #LI-ONSITE
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Cloud Compliance CompTIA CSPM DDoS DevSecOps DNS E-commerce Ecommerce Endpoint security Incident response Intrusion detection Log analysis Malware Monitoring Network security PCAP Pentesting Security assessment SMTP TCP/IP Vulnerabilities Vulnerability management XDR
Perks/benefits: Fitness / gym Flex hours Health care Salary bonus Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs