Role Overview
We are looking for a Cyber Security Analyst to join our global security team. This role will suit a technically capable individual with experience in security operations who is looking to broaden their exposure across security monitoring, engineering, and incident response within a dynamic environment.
The role provides hands-on involvement in triaging and investigating security alerts, acting as an escalation point for the outsourced Security Operations Centre (SOC), supporting major incident response activities. The successful candidate will work closely with infrastructure and network teams to manage and optimise endpoint, email, identity, and vulnerability management platforms, while contributing to continuous improvement of the organisation’s security posture.
This role offers the opportunity to evaluate and transition between security tools, maintain policy continuity and develop a broad, practical skillset across enterprise cyber security functions.
Business Overview
Established in 1783, ED&F Man is an employee-owned agricultural commodities merchant with 2,800 people in 43 countries and annual revenue in excess of $8bn. We trade sugar, coffee, molasses, animal feed and fish oils. Corporate responsibility is ingrained in our culture. We are passionate about sustainable production, take care to limit the environmental impact of our operations and actively support the communities in which we work.
Key Accountabilities
- Act as the escalation point for the outsourced SOC, receiving and triaging alerts that require deeper investigation.
- Conduct thorough investigations to produce high-quality, actionable insights for incident resolution.
- Participate actively in major security incidents, contributing to containment, eradication and recovery efforts
- Document incident timelines and contribute to post-incident reviews and lessons learned.
- Respond to detections, triage alerts and update SOC tickets with investigation findings
- Maintain and update policies in line with vendor best practice and internal Change Advisory Board protocols.
- Monitor agent health, audit version compliance and remediate orphaned or non-compliant clients.
- Attend monthly vendor meetings to review support cases and incorporate best practice guidance.
- Design and refine SOC playbooks and response actions, evaluating new security technologies through structured proof-of-concept trials and creating scoring matrices to compare vendors.
- Manage block and safe listings to maintain email hygiene, troubleshooting false positives and tune detection rules.
- Perform email investigations as required in response to phishing or BEC attempts, producing monthly vulnerability reports and prioritising remediation efforts based on risk.
- Work with infrastructure and application teams to test patches and drive vulnerability counts down.
- Attend monthly TAM meetings to review support cases and best practices.
- Maintain agility to substitute security products as business requirements evolve, ensuring policy continuity throughout transitions.
Skills and Experience
- 5+ years’ experience in a Cyber Security Analyst or similar role, with strong incident response and major incident handling expertise.
- Hands-on experience with EDR (alert triage, policy management, sensor deployment), preferably CrowdStrike Falcon.
- Experience developing SOC playbooks, response actions, and running proof-of-concept evaluations and vendor comparisons.
- Confident, proactive communicator able to engage senior stakeholders, clearly explain complex security issues, and recommend actions.
- Collaborative and approachable, building trust with technical peers and supporting service desk and front-line teams.
- Calm, effective, and resilient under pressure, particularly during security incidents in a front-facing role.
- Formal qualifications not essential; proven hands-on experience and delivery record valued.
Technical Capabilities:
- Experience with SIEM platforms (e.g. Rapid7), Email Security and Data Security/DLP solutions (e.g. Varonis).
- Strong knowledge of Entra ID security features including Conditional Access and PIM, plus familiarity with PAM tools including BeyondTrust, Osirium and Okta.
- Solid networking fundamentals (TCP/IP, DNS, firewalls, proxies, SSL/TLS) and vulnerability management experience (Qualys/Rapid7 preferred).
- Cloud security experience across Azure and/or AWS.
- Scripting skills in Python and/or AutoIT for automation and tooling.
- Desirable certifications include CompTIA Security+, Network+, CySA+, PenTest+, CASP+, CEH, CISSP, and relevant vendor certifications (e.g., CrowdStrike, Qualys, Palo Alto).
We recognise that talent comes in many forms, and we value potential just as much as experience. If this role excites you but you don’t meet every requirement, we still encourage you to apply.
Our Offer
We provide a fast-paced, stimulating and truly global environment, which will stretch your abilities and channel your talents. We also offer competitive salary and benefits combined with outstanding career development opportunities in one of the global leaders in soft commodity trading.
Our Values
Respect, Integrity, Meritocracy, Client Focus, Entrepreneurship
Our values define who we are. They are the fundamental beliefs that determine our actions and guide our behaviour. They influence the way we communicate and collaborate, and define the way we engage with our clients, partners, and communities. Our values are underpinned by a set of essential behaviours, which form part of our performance management approach. Delivering on our objectives is very much about ‘what’ we do, but these essential behaviours also provide a guide and measure for ‘how’ we do things. Our performance essentials are Take Initiative, Self‐Management, Deliver Results and Collaboration.
Our Commitment
We are committed to creating and sustaining an inclusive and diverse work environment where all employees are treated with dignity and respect. We are committed to promoting equal opportunities in employment and are focussed on actively building and developing diverse teams. All qualified applicants will receive equal treatment without regard to race, colour, sex, gender, age, religion or belief, ethnic or national origin, marital or civil partner status, physical or mental disability, military or veteran status, sexual orientation, gender reassignment (identity, gender expression), genetic information or any characteristic protected by local law.
