Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead Depop's info security program, conduct risk assessments, and respond to incidents.
- Company: Join a vibrant team at Depop, a leading platform for buying and selling unique items.
- Benefits: Enjoy flexible working, mental health support, and generous leave policies.
- Why this job: Make a real impact in cybersecurity while growing your skills in a supportive environment.
- Qualifications: Knowledge of CyberSecurity Frameworks and experience in risk assessment and policy development required.
- Other info: Participate in an on-call rotation and enjoy a dog-friendly office culture.
The predicted salary is between 36000 - 60000 £ per year.
As part of the Information Security team, this role will be responsible for leading and supporting Depop's information security program, conducting risk assessments, developing and implementing security policies, and responding to security incidents.
Responsibilities:
- Support the Head of Information Security in defining and delivering upon a broad, company-wide security roadmap, including training, physical/cyber/information security, compliance, policies, etc.
- Monitor logging and alerting tooling for security issues.
- Investigate security breaches and other cybersecurity incidents.
- Install security measures and operate software to protect systems and information infrastructure.
- Document security incidents and breaches and assess the damage they cause.
- Work with the Engineering teams to respond to tests and uncover vulnerabilities.
- Work with teams to fix detected vulnerabilities to maintain a high-security standard.
- Develop and maintain company-wide best practices, policies and processes for Information Security.
- Research security enhancements and make recommendations to management.
- Stay up-to-date on information technology trends and security standards.
- Ensure compliance with relevant regulations and standards, such as PCI DSS, HIPAA, and SOX.
- Knowledge of risk assessment tools, technologies and methods.
- Knowledge of disaster recovery, computer forensic tools, technologies and methods.
- Contribute to the security incident response process and play an active role in it.
- The role involves participation in an on-call rotation, during which the analyst will be responsible for monitoring and responding to security alerts and potential incidents.
Qualifications:
- Knowledge of CyberSecurity Frameworks (NIST, CIS, ISO27001).
- Experience with detection and remediation of security vulnerabilities.
- Knowledge of risk assessment tools, technologies and methods.
- Experience planning, researching and developing security policies, standards and procedures.
- Experience in privacy and cyber governance, risk and compliance frameworks and controls.
- Proven ability to identify and assess complex risks and understand the mechanisms (people, process, technology) available to manage those risks.
Non-technical:
- Exemplary communication skills, especially in dealing with multiple stakeholders.
- Able to take a risk-based approach and effectively prioritise many competing demands.
Desirable:
- People management and mentoring experience; we want you to help shape and develop our Information Security Awareness.
- Understand compliance, legal and ethical obligations organisations should have with respect to logical and physical security, personally identifiable information and data protection.
Additional information:
- Health + Mental Wellbeing: PMI and cash plan healthcare access with Bupa, subsidised counselling and coaching with Self Space.
- Cycle to Work scheme with options from Evans or the Green Commute Initiative.
- Employee Assistance Programme (EAP) for 24/7 confidential support.
- Mental Health First Aiders across the business for support and signposting.
- Work/Life Balance: 25 days annual leave with option to carry over up to 5 days, 1 company-wide day off per quarter.
- Impact hours: Up to 2 days additional paid leave per year for volunteering.
- Fully paid 4 week sabbatical after completion of 5 years of consecutive service with Depop, to give you a chance to recharge or do something you love.
- Flexible Working: MyMode hybrid-working model with Flex, Office Based, and Remote options *role dependant.
- All offices are dog-friendly.
- Ability to work abroad for 4 weeks per year in UK tax treaty countries.
- Family Life: 18 weeks of paid parental leave for full-time regular employees, IVF leave, shared parental leave, and paid emergency parent/carer leave.
- Learn + Grow: Budgets for conferences, learning subscriptions, and more, mentorship and programmes to upskill employees.
- Your Future: Life Insurance (financial compensation of 3x your salary), pension matching up to 6% of qualifying earnings.
- Depop Extras: Employees enjoy free shipping on their Depop sales within the UK. Special milestones are celebrated with gifts and rewards!
Senior Infosec Analyst FTC employer: Depop
Contact Detail:
Depop Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Infosec Analyst FTC
✨Tip Number 1
Familiarise yourself with the specific cybersecurity frameworks mentioned in the job description, such as NIST, CIS, and ISO27001. Being able to discuss these frameworks in detail during your interview will demonstrate your expertise and alignment with our security programme.
✨Tip Number 2
Showcase your experience with risk assessment tools and methodologies. Prepare examples of how you've successfully identified and mitigated risks in previous roles, as this will highlight your ability to contribute effectively to our information security team.
✨Tip Number 3
Emphasise your communication skills, especially when discussing how you've worked with multiple stakeholders in past projects. We value collaboration, so being able to articulate your approach to engaging with different teams will set you apart.
✨Tip Number 4
Stay updated on the latest trends in information security and compliance regulations. Being knowledgeable about current events and advancements in the field will not only help you in interviews but also show your commitment to continuous learning and improvement.
We think you need these skills to ace Senior Infosec Analyst FTC
Some tips for your application 🫡
Understand the Role: Carefully read the job description for the Senior Infosec Analyst position. Make sure you understand the responsibilities and qualifications required, as this will help you tailor your application effectively.
Highlight Relevant Experience: In your CV and cover letter, emphasise your experience with cybersecurity frameworks, risk assessment tools, and incident response. Use specific examples to demonstrate how your skills align with the requirements of the role.
Showcase Communication Skills: Since exemplary communication skills are essential for this role, include instances where you've successfully communicated complex information to various stakeholders. This could be in the form of presentations, reports, or team collaborations.
Tailor Your Application: Customise your CV and cover letter to reflect the specific needs of Depop's Information Security team. Mention your understanding of compliance regulations like PCI DSS and HIPAA, and how you can contribute to their security roadmap.
How to prepare for a job interview at Depop
✨Understand the Security Landscape
Familiarise yourself with current cybersecurity trends and frameworks like NIST, CIS, and ISO27001. Being able to discuss these frameworks and how they apply to the role will show your depth of knowledge and commitment to information security.
✨Prepare for Scenario-Based Questions
Expect questions that ask you to respond to hypothetical security incidents or breaches. Prepare by thinking through your approach to risk assessment, incident response, and vulnerability management, as this will demonstrate your practical experience and problem-solving skills.
✨Showcase Your Communication Skills
As the role involves dealing with multiple stakeholders, be ready to highlight your communication abilities. Share examples of how you've effectively communicated complex security concepts to non-technical audiences, which is crucial for fostering a security-aware culture.
✨Demonstrate Your Leadership Potential
If you have experience in mentoring or leading teams, be sure to mention it. Discuss how you can contribute to shaping the Information Security Awareness programme and how you would support the Head of Information Security in delivering the security roadmap.
