Risk Analyst

New
  • Location
    London, Greater London
  • Salary
    £ 41000 - £ 53000 / Year
  • Category
    IT - IT Security
  • Job type
    Contractor
  • Industry
    IT and Telecoms
  • External Reference
    JN-052021-182930


Position Description


Role: Product Vulnerability Analyst


Duration: 12 months


Location: London


Salary: £43,000 - £53,000



Position Description


In this role, the candidate will be responsible for supporting a small team in identifying threats and vulnerabilities to the brand's products and users before they become significant issues. We help discover and mitigate threats to our products that, if undetected, could harm products, users, and the brand. We're focused on proactively identifying and surfacing abusive tactics, content, processes, and product features that contribute to system vulnerabilities, poor user experiences, and/or risk for the company.



This requires thinking creatively to develop and conduct tests focusing on user safety, simulating abuse attacks, mapping real user experiences, analysing and identifying root-causes, and communicating findings in a concise but detailed way. This also requires more advanced technical skills, an analytic and curious mind, excellent and professional communication skills, and a positive attitude to every task.



In this role, a candidate will:



  • Act as the intermediary between the brand's Security Research community and internal Engineering Product teams.

  • Assess and reproduce incoming vulnerability reports with regards to impact and probability of each proposed attack scenario against our abuse's threat model

  • Translate vulnerabilities into realistic and understandable risk, while providing remediation advice.

  • Communicate clearly and efficiently with VRP researchers as well as internal Eng Product teams.



Mandatory:



  • Bachelor's degree in Computer Science, Computer Security or Engineering, or equivalent practical experience.

  • Working experience: communicating vulnerabilities and threats to technical and non-technical customers, threat modeling and/or in application-level vulnerability and/or penetration testing and exposing vulnerabilities in software products.

  • Excellent communication skills and ability to respond with empathy to both technical vulnerabilities as well as non-issues, Experience in risk management and ability to prioritise in dynamic work environment Programming experience in Python, C/C++, Java, or Go.

  • Ability to speak and write English fluently and idiomatically, any other language is a plus



Desired:


It would be great to have someone with a Certified Ethical Hacker (CEH) or similar industry certification. Additionally, having someone with a demonstrated expertise with malware analysis or cloud would be useful.


Adecco acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. The Adecco Group UK & Ireland is an Equal Opportunities Employer.


By applying for this role your details will be submitted to Adecco. Our Candidate Privacy Information Statement explaining how we will use your information is available on our website.

To speak to a recruitment expert please contact Lauren Roberts