Cybersecurity Analyst (Visa Sponsorship Available)

By stepping into Costello Medical’s first Cybersecurity Analyst role, you will be responsible for conducting security incident detection, monitoring and response, as well as supporting with the delivery of key IT security projects for our Technical Operations team.

Salary: £35,000 to £40,000 per annum, depending on your qualifications and previous experience.

Benefits: Discretionary profit share bonuses, hybrid working options that allow you to work from home up to 50% of your time after passing probation, generous holiday allowance, flexible working hours, employer pension contributions, comprehensive travel insurance, private medical insurance, critical illness cover, income protection, full funding for external training, interest-free travel loan scheme, discounted gym memberships, and more.

Role Type: Full-time, permanent.

Start date: We are currently recruiting for start dates in 2024, including November and December. However, we can also consider applications from those seeking a deferred start date in early 2025. You will be asked to state your availability on your application form.

Location: This role is available in our Global Headquarters in Cambridge.

As Costello Medical continues to experience rapid growth, our vibrant and innovative Technical Operations (TechOps) team is seeking the company’s first dedicated Cybersecurity Analyst. This brand-new and pivotal role offers a talented individual the chance to shape the future of our cybersecurity efforts and lay the foundation for an in-house Security Operations Centre (SOC). In this role, you will serve as the primary cybersecurity expert, triaging and responding to security incidents while contributing to the development and maintenance of innovative security processes and strategies. You will work both independently and collaboratively with the wider TechOps team, consulting on IT projects, providing strategic advice, and validating security elements to safeguard our IT infrastructure. You will be responsible for promoting effective cyber hygiene across the company by conducting phishing simulations and using your knowledge of the evolving threat landscape to guide cybersecurity training initiatives. Additionally, you will have ample opportunities to enhance Costello Medical’s security by proposing and delivering security projects of your own.

Key responsibilities will include:

• Incident detection and response using EDR/XDR and SIEM technologies, including Microsoft Defender and Sentinel.
• Contributing to the development and maintenance of security procedures, including vulnerability scanning, remediation, and crafting playbooks for responding to alerts.
• Conducting phishing simulations, reporting results, and carrying out remediation activities.
• Developing and delivering training on IT security and data management to a variety of audiences.
• Proactively consulting on a variety of IT projects, providing strategic advice and validating security elements to ensure effective risk management and mitigation.
• Representing the TechOps team by explaining IT security processes, announcing changes, soliciting feedback, and maintaining strong relationships with other teams.
• Championing risk management and effective data management practices across the global business.
• Collaborating with other teams, such as our in-house Legal team, to ensure compliance with the latest security standards and helping the company achieve certifications such as CyberEssentials+ and ISO27001.

As you gain experience and confidence within the role, you will have the opportunity to lead incident response efforts, implement process improvements, and spearhead the development of new security strategies. You will become the go-to person for IT security and risk mitigation, establishing yourself as Costello Medical’s designated cybersecurity expert.

We are seeking a highly motivated and proactive individual eager to contribute innovative ideas and deliver lasting improvements. As the first Cybersecurity Analyst at Costello Medical, you will have the unique opportunity to shape your own career and the broader development of our in-house cybersecurity team, developing procedures, setting up tooling, and guiding the service over time. This role is therefore ideal for someone ambitious and ready to take on significant responsibility, channelling their interest in building a strong security posture for the company across various technical and non-technical domains. You will have the chance to work closely with IT management at the company to rapidly gain experience and make a substantial impact, gaining professional recognition and advancing your career.

Essential requirements for the role are:

• A degree-level or higher qualification in Cybersecurity or a related discipline (minimum 2.1 or equivalent).
• A minimum of 2 years’ professional experience in IT security roles, or similar.
• Excellent knowledge of IT systems, infrastructure and security controls, enabling the development of data management solutions, policies and processes that can be seamlessly adopted by the company.
• A “can do” attitude, a strong customer focus at all times, and a willingness to be an advocate for IT security throughout the business.
• Exceptional organisational skills, a strong awareness of all facets of a task or longer-term project, and the ability to adapt to changing deadlines.
• The ability to plan and prioritise your own time and communicate this to others.
• Excellent written and verbal communication skills.
• Strong interpersonal skills and the ability to influence senior stakeholders to make important decisions that drive security improvements across the company.

Desired requirements for the role are:

• Experience proposing and/or delivering innovative IT projects independently.
• Experience in managing highly sensitive and confidential data, including commercially confidential, intellectual property, and special category personal data.
• Knowledge of data privacy regulations, such as the EU General Data Protection Regulation and the Data Protection Act 2018.

At Costello Medical, our recruitment approach focuses on developing talent from within through on-the-job training and tailored peer support. Our Cybersecurity Analyst role is no exception, and we welcome applications from those looking to advance their career within a successful and growing global company.

What We Offer:

• A starting salary of £35,000 to £40,000 per annum, depending on your qualifications and previous experience.
• A discretionary profit share bonus paid twice per year.
• 25 days’ annual leave plus bank and public holidays.
• The chance to work from home for up to half of your working time after passing probation.
• Flexible benefits scheme offering additional holiday, cash payments and pension contributions.
• 4% employer pension contributions.
• Private Medical Insurance which offers comprehensive cover on a “medical history disregard” basis.
• Paid study leave and funding for external qualifications.
• Cycle to Work scheme and an interest-free travel loan scheme.
• Critical Illness Cover, Income Protection and Life Assurance.
• Access to an Employee Assistance Programme.
• Discounted gym memberships.
• Comprehensive travel insurance.
• Flexible working hours.
• Regular company-funded social activities.

Our recruitment process includes a telephone interview with a member of the Talent Acquisition team, followed by an assessment for you to complete in your own time. If successful, you will be invited to a final interview with senior members of our TechOps team. Our standard recruitment process typically lasts around 2 to 3 weeks, however this can be adapted if necessary. As an equal opportunity employer, we are committed to fostering a diverse and inclusive workforce and, throughout the recruitment process, there are a number of reasonable adjustments we can provide.

You are required to submit your CV and a cover letter via our online application form. In your cover letter, you must explain why you think you would be suited to the role and why you would like to join Costello Medical, with examples to support both. Your CV should clearly state the dates of all qualifications and grades achieved where applicable.

Due to the Skilled Worker visa regulations, you will only be eligible for visa sponsorship if you meet the following criteria: You are classified as a New Entrant - this means you are under the age of 26, currently studying in the UK or a recent graduate in the UK.