CyberSec Assurance Analyst
Home Based - United Kingdom
Applications have closed
Elsevier
Elsevier is a global information analytics company that helps institutions and professionals progress science, advance healthcare and improve performanceCyberSec Assurance Analyst
Would you enjoy creating and implementing secure solutions to ensure the safety of our platforms?
Do you enjoy responding to real-time threats?
About our Team
The Security Assurance team is dedicated to safeguarding Elsevier's customer-facing products, supporting infrastructure, and enterprise technology stack from security threats. We achieve this by proactively integrating security best practices throughout the entire engineering and development lifecycle.
Its functions encompass a range of activities such as conducting design and implementation assessments, performing application security reviews, penetration testing, researching security issues, developing security tools and automation, and engaging in offensive security tactics.
About the Role
The core responsibility entails safeguarding the Elsevier brand through proactive security application testing, validating security controls, and simulating tactics employed by malicious actors seeking to compromise or breach security measures deployed across our entire technology infrastructure
Responsibilities
- Performing comprehensive security testing on web, API and cloud-based applications using both manual and automated techniques (static and dynamic code analysis, system configuration testing).
- Identifying, analysing, and documenting vulnerabilities and exploit risks. Recommending mitigation strategies and support testing to validate effectiveness.
- Developing and gathering intelligence to identify threats and product risk across offerings.
- Evaluating, tuning, and monitoring security telemetry to detect misuse, fraud, and attacks.
- Analyzing security incidents and attack patterns.
- Understanding and contributing to metrics demonstrating the efficacy of security controls.
- Recommending improvements to tools, applications, and processes for enhanced security posture.
Requirements
- Demonstrate Penetration testing skills. Experience with mobile application and/or AI/LLM security and testing a plus.
- Demonstrate knowledge in vulnerability discovery/remediation, exploit identification/validation, application security testing technologies/techniques, security defect/remediation testing, security hardening practices across platforms.
- Possess familiarity with industry standards and frameworks such as NIST, ISO, and OWASP.
- Possess an understanding of cloud, networking, web architecture, content delivery platforms, filesystem operation, patching, and security.
- Knowledge if identifying emerging threats, leverage open-source and proprietary security testing tools, and utilize investigative techniques for online/eCommerce, banking/credit card fraud detection a strong plus.
- Demonstrate exceptional communication skills, both written and verbal, coupled with strong customer service abilities.
Work in a way that works for you
We promote a healthy work/life balance across the organisation. We offer an appealing working prospect for our people. With numerous wellbeing initiatives, shared parental leave, study assistance and sabbaticals, we will help you meet your immediate responsibilities and your long-term goals.
- Working remotely from home or in our office in a hybrid style
- Working flexible hours - flexing the times you work in the day
Working for you
We know that your wellbeing and happiness are key to a long and successful career. These are some of the benefits we are delighted to offer:
- Generous holiday allowance with the option to buy additional days
- Health screening, eye care vouchers and private medical benefits
- Wellbeing programs
- Life assurance
- Access to a competitive contributory pension scheme
- Save As You Earn share option scheme
- Travel Season ticket loan
- Electric Vehicle Scheme
- Optional Dental Insurance
- Maternity, paternity and shared parental leave
- Employee Assistance Programme
- Access to emergency care for both the elderly and children
- RECARES days, giving you time to support the charities and causes that matter to you
- Access to employee resource groups with dedicated time to volunteer
- Access to extensive learning and development resources
- Access to employee discounts scheme via Perks at Work
About the Business
A global leader in information and analytics, we help researchers and healthcare professionals advance science and improve health outcomes for the benefit of society. Building on our publishing heritage, we combine quality information and vast data sets with analytics to support visionary science and research, health education and interactive learning, as well as exceptional healthcare and clinical practice. At Elsevier, your work contributes to the world’s grand challenges and a more sustainable future. We harness innovative technologies to support science and healthcare to partner for a better world.
-----------------------------------------------------------------------
Elsevier is an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form: https://forms.office.com/r/eVgFxjLmAK , or please contact 1-855-833-5120.
Please read our Candidate Privacy Policy.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics APIs Application security Automation Banking Cloud Code analysis E-commerce Ecommerce Exploit LLMs Monitoring NIST Offensive security OWASP Pentesting Privacy Vulnerabilities
Perks/benefits: Career development Flex hours Health care Insurance Medical leave Parental leave Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs