Luware continues to grow! Since our foundation in 2010, we have been getting the most out of the Microsoft technology stack and continuously improving it. Our unique solutions transform Microsoft Teams into a customer service hub that gives meaning to every customer interaction. As the leading software-as-a-service company in our market segment, agile, hybrid working is a matter of course for us.
For our top modern, newly designed office in London- City, we are looking for as soon as possible, for an ambitious person to actively support our dynamic Security team with a lot of positive energy.
The Senior Security Analyst will be responsible for providing policy and technical leadership both for our growing Security Operations team and our wider business units spanning multiple countries. The team you join will be responsible for assessing threats to, and mitigating risks for our organisation’s IT infrastructure, which includes our SaaS products and platforms.
You will play a critical role in safeguarding both our company’s and our customers’ information held on our hosted platform. You will form an active role in evolving and shaping our security policies / procedures as well as ensuring their compliance across the wider business.
Your Responsibilities
* Provide technical leadership to other departments with respect to the operational security of IT systems and hosted SaaS platforms
* Develop company-wide best practices for IT security
* Actively work with our CISO and wider engineering teams to develop, implement and operate industry leading security standards, policies and procedures · Maintain a deep understanding of current and emerging security technologies, trends, standards and best practices
* Provide technical advice and insight on emerging security trends/technologies and potential impacts to the business
* Contribute innovative ideas for the continual improvement of services
* Conduct security audits, making policy recommendations where necessary, to ensure compliance with:
* SOC2 Type II controls and points of focus
* ISO 27001 certification and processes
* Security access controls
* Work with external partners to ensure technical compliance with relevant regulations and standards
* Identify and assess security risks and vulnerabilities to the company’s products
* Plan, scope and review penetration testing reports, new software patch releases and vulnerability scan reports, to develop remediation plans with our operational support teams to mitigate issues based on residual risk and severity of issue addressed
* Define and tune platform capabilities, monitor, investigate and evaluate security incidents, logs, and alerts
* Respond to, lead the investigation of and document root cause analyses into security incidents
* Actively contribute to disaster recovery planning, refining incident response processes, evaluating compliance with company policy, and identifying improvement opportunities
* Take a proactive approach to developing, maintaining and extending our platform security standards, requirements, guidelines and documentation
* Take an active role in internal security forums to provide technical advice and expertise on all aspects of compliance, security and regulatory requirements
* Where required, work with our customers to specify and design technical controls to meet their local requirements
Your Skills
* At least 3 years’ experience working in an Information and Cyber Security Analyst role, with exposure to cloud and Windows technologies
* Experience using SIEM and/or central logging solutions (MS Sentinel a plus)
* Qualifications in the field of Computer Science, or equivalent industry experience
* Recognised certifications such as CISSP, CISM, AZ-500, including knowledge of industry best-practice, guidelines and certification standards such as CIS, NIST, ISO 27001 and SOC 2
* Server infrastructure support/management experience, ideally Windows and Linux
* Good awareness of cloud and server technologies, such as Docker, Kubernetes, SQL etc. Azure, Microsoft 365, and Microsoft Teams Certifications are a plus
* Excellent analytical and problem-solving skills with a keen eye for detail
* Excellent prioritisation skills with the ability to work under pressure to meet strict deadlines
* Good interpersonal and communication skills (verbal and written) with the ability to communicate complex technical concepts to a broad audience, both technical and non-technical, across all levels of seniority
* Structured approach with an ability to lead and set the standards for technical documentation
* Ability to coach and develop colleagues in their technical careers
* Ability to consult a wide range of resources, remaining up to date with the latest cyber threats and how they could affect our organisation
Our Offer
* Challenging, interesting work in a varied field with a high level of personal responsibility
* A dynamic, motivating working environment that leaves room for the realisation of your ideas and promotes your personal development
* Regular team events and the opportunity to work in one of the Luware offices for up to one month as part of our exchange programme
You can expect an extremely collegial, international environment and a fresh, dynamic, open corporate culture, let the Luware spirit convince you!
Do you feel already addressed? Then send us your spontaneous application for a first screening @jobs@luware.com
We are very looking forward to getting to know you!
We will only consider candidates who apply directly to us for this position. We do not process unsolicited applications or enquiries from recruitment agencies. Thank you for your understanding.