Senior Security Analyst

KEY RESPONSIBILITIES

The Senior Technical Security Analyst:

• Support the ongoing operation of the ISO 27001-aligned Information Security Management System (ISMS), including evidence collection, control implementation, and audit readiness.

• Work with DevOps and cloud teams to implement and monitor security controls across AWS infrastructure and services (e.g., EC2, IAM, S3, RDS).

• Manage and operationalise vulnerability management using tools like Tenable, AWS Inspector, and Snyk: schedule scans, triage findings, and track remediation efforts.

• Administer and ensure compliance of endpoints using Jamf (macOS) and Microsoft Intune (Windows).

• Monitor alerts and findings from AWS-native tools (e.g., GuardDuty, Security Hub) and assist in coordinating incident response activities.

• Produce and maintain management reports and dashboards detailing:

• Vulnerability status and trends

• ISMS control effectiveness

• Endpoint security compliance

• Audit readiness and risk treatment status

• Support maintenance of ISMS documentation, including SoA, risk assessments, corrective actions, and control mapping.

• Participate in internal and external audits by preparing evidence and delivering technical walkthroughs.

• Support policy implementation, training activities, and DevOps-aligned security processes.

• Prepare the organisation for also achieving SOC 2 certification

• Specify and implement security and compliance protocols for Alchemy SaaS products

• Begin to identify and work with tooling and partners to initiate the creation of a hybrid external/internal SOC.

• Contribute to incident response testing and post-incident reviews when applicable.

• Sets a positive example throughout the organization for quality and responsibility

• Prepares all necessary project documentation and processes to enable ongoing support of Alchemy’s software products

The above list is not exhaustive, and you may be asked to undertake reasonable additional duties/ projects by Management.

SELECTION CRITERIA

Your Behaviors:

• Detail-oriented and thorough, especially in documenting controls , reporting and audit evidence.

• Collaborative and approachable—able to work cross-functionally with engineering, DevOps, and IT.

• Proactive and self-driven, with a strong sense of ownership over technical security operations.

• Clear communicator—able to explain security concepts to both technical and non-technical stakeholders.

• Analytical mindset—adept at identifying patterns, prioritising risks, and suggesting practical mitigation strategies.

• Organised and efficient, with the ability to manage multiple workstreams and deadlines in a compliance-focused environment.

• Confident – You embrace having open and candid discussions with individuals at all levels both internally and with the Client

• Decisive – you have a keen sense of prioritization and make intelligent decisions independently

• Motivated – You are a self-starter with the ability to work independently under light supervision

• Reliable - You’re the person stakeholders and peers always want to work with

• Compassionate - You understand that people are at the core of success

• Data driven – Information is your friend; you love to use facts and evidence to help ensure success for the team and our customers

Qualifications, Knowledge, Skills and Experience

ESSENTIAL:

• Bachelor’s degree in Information Security, Computer Science, or a related field or significant alternative relevant technical security industry experience.

• 5+ years of hands-on experience in technical security roles in a SaaS coontext, with a focus on ISO 27001, SOC, AWS, and vulnerability management.

• At least 2 years team lead experience in a 24x7 global SOC

• Experience with AWS security tools and services in a production SaaS environment.

• Experience with Tenable and/or similar tools for vulnerability management.

• Familiarity with Jamf and Intune for endpoint compliance and hardening.

• Good understanding of network security fundamentals, including cloud networking, segmentation, firewalls, and VPNs.

• Ability to generate and present clear and actionable security and compliance reports to stakeholders.

• Experience with DevOps tools, infrastructure-as-code, and CI/CD pipelines.

DESIRABLE:

• CISSP

• PECB ISO 27001 Lead Implementer or Auditor certification.

• AWS Certified Security – Specialty or equivalent AWS certification.

• Awareness of GDPR, NIST and related standards.