Senior Security Analyst in London

About Gelato

Gelato has created the world’s largest global network for on-demand production of custom products – from t-shirts and mugs to books and wall art. We empower a new generation of ecommerce entrepreneurs to share their creativity worldwide while embracing local, sustainable production. By producing locally and perfectly matching supply with demand, we eliminate waste and reduce carbon emissions. At Gelato, we don’t own production facilities – we build the software that connects them. With over 140 production partners in 32 countries, our network can deliver custom products to five billion people in just 72 hours. It’s smarter, faster, and greener.

With GelatoConnect, our SaaS platform, we’re driving innovation in print production. GelatoConnect simplifies operations for print producers by automating procurement, workflows, and logistics into one seamless system. By boosting efficiency and cutting costs, it helps businesses scale to meet market demands. With GelatoConnect, we’re reshaping the print industry to be more efficient, sustainable, and profitable.

The position

As Gelato continues its global expansion, we are seeking a dedicated Senior Security Analyst to champion the protection of our platform and, most importantly, our customers' data. You will play a pivotal role in making the Gelato ecosystem safer for millions of users worldwide. We are looking for a talented individual who combines a passion for identifying vulnerabilities with the ability to craft scalable, user-friendly solutions. At Gelato, our security team operates as enablers, not blockers. Our goal is to empower engineers to build secure-by-design services without slowing down innovation. Reporting directly to the Head of Information Security, you will collaborate closely with Product Managers and Technical Engineers to weave security into the fabric of our products.

What you’ll be doing

• Partner with Product Design and Software Engineering teams to integrate security features into roadmaps and ensure the timely delivery of secure products.
• Design and implement secure-by-default architectures within the AWS cloud environment.
• Champion a security-conscious culture by educating the wider Gelato team on security best practices and principles.
• Monitor and respond to security incidents, including the proactive and regular analysis of potential threats.
• Identify, document, and measure security risks, effectively communicating these findings to senior leadership to influence remediation strategies.
• Participate in an on-call rotation to provide timely responses and escalations for security incidents outside of business hours, ensuring 24/7 protection.
• Engineer, tune, and maintain security monitoring and detection systems (IAM, SIEM, SOAR, WAF, EDR) to surface suspicious activity and anomalies.
• Drive the full vulnerability management lifecycle, including identification, prioritization, remediation tracking, and verification of closure.
• Facilitate governance and compliance activities, including audit preparation, evidence collection, and control testing against frameworks like ISO 27001, SOC 2, NIST CSF, and CIS Controls.
• Integrate AI and LLM technologies into daily security workflows to automate repetitive analysis, enhance threat detection, and support rapid incident response.
• Introduce automation and orchestration to streamline detection, response, and compliance activities through scripting in Python, PowerShell, or Bash.

Who you are

• You hold a degree in Computer Science or a similar technical field; a Master’s degree is considered a plus.
• You possess 7+ years of experience in cybersecurity, with at least 3 years dedicated to hands-on incident response, detection, or vulnerability management roles.
• You have proven expertise with SIEM, WAF, IAM, SOAR, EDR, and vulnerability management tools.
• You bring a specialization in cloud security, ideally backed by certifications such as the AWS Certified Security - Specialty.
• You have demonstrated mastery in incident response, including the investigation, containment, and coordination of events across cross-functional teams.
• You display strong crisis management and communication skills, maintaining composure under pressure while communicating clearly with technical and non-technical stakeholders.
• You have a solid understanding of the implementation requirements for ISO 27001 and/or SOC 2 frameworks.
• You demonstrate strong practical automation and scripting capabilities using Python, PowerShell, or Bash to enhance detection and response efficiency.
• You have experience designing and implementing production services, APIs, or security-specific libraries.
• You are familiar with cloud solutions (AWS and GCP) and have prior experience with tools like Cloudflare, the ELK stack, and Burp Suite Professional.
• You are fluent in English with excellent verbal and written communication abilities (this is a mandatory requirement).
• It is highly desirable that you hold broader certifications, such as CISSP, CISM, GIAC (GCIH, GCIA, GCFA), CCSP, or equivalent advanced credentials.

What it’s like to work at Gelato

We are a customer-obsessed team with the ambition to change the world by connecting technology to the printing industry and making it much more sustainable. Everyone who joins our team must feel genuinely intrigued and motivated by our mission. We expect a lot. We are a driven team with big goals, so we seek individuals who are genuinely passionate about their work and possess an entrepreneurial spirit. Our culture is unique and we live by our values, so it’s worth learning more about our culture and how we work before presenting your application.

At Gelato, we pride ourselves on our global presence with 14 offices worldwide, fostering a dynamic and diverse work environment. Rooted in a culture that values collaboration, creativity, and camaraderie, we actively cultivate a company culture that thrives on shared experiences. We encourage team members to embrace this culture by working from our inspiring office spaces at least three days a week, allowing for meaningful connections and collective growth.

Lastly, we ask that you please upload your CV in English, regardless of which country you are applying from.