Senior Security Analyst(m/w/x)

Description

As a Senior Security Analyst, you will play a crucial role in safeguarding the platform by identifying vulnerabilities, educating employees on security practices, and developing innovative solutions. Your day-to-day responsibilities will involve collaborating with teams, monitoring security incidents, and enhancing defense strategies.

Requirements

• •Degree in Computer Science, similar technical field, or equivalent practical experience
• •Broader certification coverage, including CISSP, CISM, GIAC (GCIH, GCIA, GCFA), CCSP, or equivalent advanced credentials
• •7+ years of experience in cybersecurity, with at least 3 years in hands-on incident response, detection, or vulnerability management roles
• •Proven experience with SIEM, WAF, IAM, SOAR, EDR, and vulnerability management tools
• •Cloud security specialization, ideally with certifications such as AWS Security Specialty
• •Demonstrated expertise in incident response, including investigation, containment, and coordination across cross-functional teams
• •Embraces an AI-first mindset, leveraging AI and LLM tools to drive efficiency and innovation
• •Strong crisis management and communication skills, able to remain composed under pressure
• •Good understanding of implementation requirements for ISO27001 and/or SOC2
• •Strong practical automation and scripting capabilities using Python, PowerShell, or Bash
• •Experience designing and implementing production services, APIs, or security-specific libraries
• •Familiarity with cloud solutions, including AWS and GCP, and prior experience with tools like Cloudflare, ELK stack, and Burpsuite Professional
• •Strong strategic thinking, planning, and organisational skills
• •Fluency in English with excellent verbal and written communication abilities
• •Start-up mentality, committed to excelling with energy, ownership, and endurance
• •Passion for technology, curiosity, and motivation by the evolution of cybersecurity
• •Background in network administration, DevSecOps, or software development, with experience in senior roles
• •Combination of technical depth with strategic perspective

Tasks

• •Collaborate with Product Design and Software Engineering on security features
• •Identify vulnerabilities and develop scalable security solutions
• •Conduct vulnerability scans and penetration testing
• •Educate Gelato employees on security best practices
• •Monitor and respond to security incidents
• •Analyze potential threats regularly
• •Document and measure security risks
• •Communicate risks to senior leadership
• •Influence remediation plans
• •Participate in on-call rotation for security incidents
• •Develop and maintain security monitoring systems
• •Identify suspicious activity and potential threats
• •Manage the vulnerability management lifecycle
• •Contribute to security architecture reviews
• •Design and deploy security controls
• •Introduce automation to streamline security activities
• •Support governance and compliance activities
• •Prepare for audits and collect evidence
• •Design secure AWS cloud architectures
• •Integrate AI technologies into security workflows

Tools & Technologies