Cyber Security Analyst in London

As a Cyber Security Analyst within OFX, you will lead change within our global security landscape. Based in London, you will operate with a high degree of autonomy and initiative, as you will be the primary security point of contact for your time zone. You will play a key role in protecting and strengthening the organisation’s global technology environment. This position sits within a distributed security team headquartered in Australia and requires an individual who is highly independent, proactive, and comfortable operating across time zones.

You will work hands-on across cloud infrastructure, identity systems, endpoint protection, detection platforms, and security monitoring capabilities to ensure strong operational security across the organisation. This role is suited to a technically capable cyber security analyst with prior hands-on experience, who enjoys solving complex security problems, investigating incidents, and working closely with engineering teams to embed security into everyday operations. You will partner with DevOps, Platform Engineering, Fraud, and Infrastructure teams to integrate security into platforms, pipelines, and operational processes thereby enabling a mature DevSecOps and cloud-native security posture.

What you will be doing:

• You will work to onboard new services, investigate problems and ensure OFX is operationally a centre of excellence for security.
• Ability to investigate on potential cyber issues, attention to details.
• Make sure we are making inroads against world leading security benchmarks across all platforms.
• Create security benchmarks that work for us.
• Be a supportive team member, upskilling the cross-functional team to showcase good practice delivery, turning strategy into action.
• Excellent communication skills, collaboratively working across technical and business teams.
• Inquisitive and growth mindset, with the ability to identify opportunities for improvement, suggest new ways of working, and spearhead their adoption.
• Independently and collaboratively solve problems, drive a team culture and contribute towards best-in-class security practices.
• Open to new ideas, adaptive and quickly learn.

Key Responsibilities:

• Cloud & Infrastructure Security: Secure multi-cloud environments (AWS/GCP) using least privilege principles and Cloud Native Application Protection (CNAPP).
• Operational Excellence: Manage a world-class suite of security tools including EDR/XDR, SASE, Identity and Access Management (IAM), and AI-driven email threat defence.
• Compliance & Risk: Utilize compliance automation platforms to maintain industry standards like ISO 27001, NIST, and DMARC/email authentication.
• Incident Response: Lead the analysis of security incidents, identifying root causes and driving remedial actions independently.
• Vulnerability & Third-Party Risk: Oversee vulnerability management and monitor third-party risk posture through automated scoring platforms.
• Metrics & Reporting: Build and maintain security monitors and dashboards to provide visibility to the global team. Investigate and respond to security alerts and incidents across cloud platforms, identity systems, endpoints, email systems, and network infrastructure. Secure AI usage and use AI for security.
• Primary security point of contact for the region for incident management. Work collaboratively and flexibly with the global security team.

Qualifications:

• Background of analyst experience in cyber domains.
• A solid understanding and hands-on experience in cloud security primarily in AWS.
• Analytical mindset of problem identification and solving.
• Ability to deep dive to identify the core root cause of issues.
• Adaptive mindset to work on different security systems and setup.
• Document policies, procedures, guidelines and their application.
• Proactively address any blockers to the team & help security and Tech teams in development of requirements.
• Extensive knowledge of several key security practices in access control, application security, network security, cloud security and protection of endpoints.
• Maintain knowledge of the latest cloud security threats and overall threat environment.
• Learn on the job and keep an open eye on the industry and external environment.

Benefits:

• Health insurance.
• Primary and secondary gender neutral carer parental leave (16 weeks).
• Birthday leave.
• Hybrid work model with flexibility.
• Inclusive, diverse and non-hierarchal culture.

At OFX, we are committed to fostering a diverse, inclusive and accessible workplace where we value, respect, and encourage our people to be their authentic selves. With an employee base as diverse as the clients we serve, we know that fostering an inclusive workplace is fundamental to our continued success.