Security Risk Analyst

Founded by mathematicians and cyber defense experts in 2013, Darktrace is a global leader in cyber security AI, delivering complete AI-powered solutions in its mission to free the world of cyber disruption. We protect more than 9,000 customers from the world’s most complex threats, including ransomware, cloud, and SaaS attacks.

Our roots lie deep in innovation. The Darktrace AI Research Centre based in our Cambridge, UK headquarters, has conducted research establishing new thresholds in cyber security, with technology innovations backed by over 130 patents and pending applications.

For more information on our cutting-edge technology, visit darktrace.com.

What will I be doing:

As part of the Security Risk team, the Security Risk Analyst will carry out an essential role in ensuring the confidentiality, integrity and availability of Darktrace information and systems. You will collaborate with departments across Darktrace to ensure that robust security standards and controls are maintained across the third-party supplier landscape, capturing and mitigating security risks. The responsibilities of the this role includes supporting Security Risk management to sustain business operations, through new vendor, applications and integration assessments. Conducting research to identify and implement security measures to protect systems and information infrastructure and evaluating requests for new and existing software, systems and applications, ensuring sufficient security controls are in place. You will also be:

• Supporting the information security risk management process by identifying, evaluating, treating and monitoring threats to data confidentiality, integrity and availability.
• Providing a level of support to the business on information security-related queries, including engagement with department Leads and Darktrace users, to ensure secure operations throughout the business.
• Providing suitable resiliency and redundancy for other Security teams with department workflows (i.e., Security Compliance).
• Supporting the management and completion of customer security assessments and queries in a professional and timely manner, through the Helpdesk system.

This is a hybrid role working 2 days a week from our Cambridge Headquarters.

What experience do I need:

You will demonstrate a passion for technology and a curiosity for all things Security and be up to date with the wider information security landscape and recent changes to the industry as well as be familiar with core computing principles, networking, secure protocols and cloud technologies. You should have a general awareness of privacy regulations and standards, the fundamentals of GDPR and protection of personally identifiable information, alongside regulations like DORA. Being familiar with industry-recognised security standards and certifications (ISO 27001 series, Cyber Essentials, SOC2, etc.) and understand the impact of security policy, processes and procedures on a complex organisation. You will also:

• Be capable of communicating, verbally and in writing, to all types of stakeholders, across technical levels
• Ability to assimilate large volumes of written technical documentation, recording key concepts and producing reports
• Excellent time management skills and ability to prioritise
• Adaptability, willingness to learn
• Knowledge of the IT and Security vendor landscape is desirable but not essential
• Knowledge of software development principles, application security and vulnerability management is desirable but not essential

Benefits we offer:

• 23 days’ holiday + all public holidays, rising to 25 days after 2 years of service,
• Additional day off for your birthday,
• Private medical insurance which covers you, your cohabiting partner and children,
• Life insurance of 4 times your base salary,
• Salary sacrifice pension scheme,
• Enhanced family leave,
• Confidential Employee Assistance Program,
• Cycle to work scheme.

#LI-Hybrid