Security Analyst

Security Analyst

Application Deadline: 14 May 2025

Department: Security

Employment Type: Full Time

Location: Sofia/Plovdiv

Compensation: лв.50,000 - лв.55,000 / year

Description

Reward Gateway | Edenred is a leading digital platform for services and payments for people at work, connecting 52 million users and 2 million partner merchants in 45 countries via close to 1 million corporate clients.
Due to an internal promotion, an opportunity has become available for a Security Analyst to join our team in Bulgaria.
Our InfoSec team is responsible for reducing security risks, protecting our user community, and maintaining trust in our products and services. Working with the Head of Cyber Security, you will investigate and identify root cause analysis on security incidents, ensuring adequate response plans and procedures, and maintaining and improving the IT security posture within the group.

What you’ll do:

• Responding to day-to-day incidents and events, performing root cause analysis, and creating incident reports
• Managing the lifecycle of vulnerabilities discovered in our Vulnerability Management Programme - from detection using tools such as Tenable, Snyk, OWASP ZAP, and penetration tests, to remediation by our Engineering team.
• Assist in the daily execution of identifying, developing, implementing, and maintaining processes to reduce business and information risks.
• Provide second/third-line support and analysis during and after a security incident
• Support security processes and procedures to ensure that security controls are managed and maintained
• Review and manage alerts within the Security Information Event Management
• Monitor and report on threats of all varieties (phishing, malware, MS vulnerabilities, etc.)
• Monitor reports to ensure that all devices have up-to-date OS, third-party patches, and antivirus; facilitate or perform needed updates
• Participate in red team exercises to discover vulnerabilities, working with external parties where required.
• Ensure we maintain technical standards in accordance with ISO27001, PCI-DSS and applicable legislation, e.g., Data Protection Act, Computer Misuse Act, etc.
• Assist in the security awareness and culture of the organization
• Assist in fraud investigations

Your knowledge, experience and skills:

• A minimum of 2 years' experience in a similar role
• Sound knowledge of security principles, frameworks, and technologies such as firewalls, SIEM, and vulnerability scanners
• Working experience with AWS and/or Google Cloud Security
• Experience investigating security incidents
• Experience working in a Red Team, Security Operations Team, or with Pen Testers to find and remediate security vulnerabilities
• Understanding of Industry Standard Information Security frameworks, such as ISO27001 and PCI-DSS
• Understanding of securing Windows, iOS, and Linux-based systems
• Sound English communication (verbal and written) skills
• Ability to make sound and logical judgments

Our interview process:

• Online interview with the Senior Talent Partner
• Interview with the Head of Cyber Security
• Final interview with the Head of Cyber Security and Director of Information Security

Be comfortable. Be you.At Reward Gateway, we want all of our employees to feel comfortable bringing their passion, creativity, and individuality to work. We value all cultures, backgrounds, and experiences, as we truly believe that diversity drives innovation. Express yourself, join our community, and help us Make the World a Better Place to Work.