Security Analyst

About BOXT

Since our launch in 2017, our simple process has helped hundreds of thousands of people improve their home in a way that suits them. Whether we're installing heating, air conditioning, EV charging, solar panels or heat pumps, our ethos remains the same: we use technology to make buying, installing and maintaining products an efficient, stress-free, seamless experience for our users.

Every year millions of people come to our site to get a fixed price. We've installed over 150,000 products so far, while establishing a network of more than 10,000 professionally accredited installers.

The revolutionary platform is market-leading. And we've got the supporters to shout about it. We're backed by Brookfield and work in partnership with some of the world's most famous household names.

The next phase for BOXT will be building out the platform internationally and moving to a SaaS model which will open up the technology for our key partners.

The role

We are seeking an experienced proactive Security Analyst to join our security team, reporting to the Cyber Security Manager. It's an exciting time for the business and this is a hands-on role that will give the candidate the opportunity to learn a wide variety of security skills as well as improving the security culture of the business.

The successful candidate will be responsible for access reviews, internal auditing, monitoring, analysing and responding to security events and incidents, implementing security measures, and ensuring alignment with organisational and compliance requirements. Good working knowledge of security standards is required e.g. SOC 2, ISO27001 as well as technical security knowledge particularly with AWS.

Responsibilities

• Lead the development and implementation of security policies and procedures in compliance with group standards.
• Monitor systems for security events or intrusions using security tools.
• Investigate security incidents, document findings, and recommend mitigation steps.
• Analyse results and work on remediations from vulnerability assessments and penetration testing on systems and applications.
• Ensure compliance with relevant laws, regulations, and frameworks (e.g., SoX, SOC 2, GDPR, ISO 27001, NIST).
• Undertake security architectural reviews and be the go-to person for the businesses security needs.
• Looking after the risk register and carrying out third party security reviews.
• Collaborate with IT and engineering teams to ensure secure infrastructure and application design.
• Implement security metrics and reports.
• Stay current on the latest security trends, threats, and technology solutions.
• You will be collaborating with the business to evolve our security controls, designing security processes to create a great security culture at BOXT.

• Prior experience in a security analyst role.
• Strong knowledge of security concepts such as risk assessment, mitigation, and incident response.
• Familiarity with firewalls, IDS/IPS, anti-virus software, authentication systems, and log management tools.
• Cloud security experience ideally in AWS security center and Google Workspace.
• Experience with security frameworks and standards (e.g., SoX, SOC 2, NIST, CIS, ISO 27001).
• Proficiency in scripting or programming languages (e.g., Python, PowerShell) is a plus.
• Relevant certifications such as CompTIA Security+, CISSP, CISA,, CEH, or equivalent are preferred.
• Great communicator with a collaborative mindset.
• Experience within an agile, tech environment is desirable.

• 30 days annual leave + bank holidays
• Private Medical Cover with Aviva *
• 4x salary Death in Service cover with Zurich *
• Paid 6 months maternity pay after a year of service
• Paid paternity pay after a year of service
• £1000 annual training budget *
• Salary sacrifice pension matched up to 6% *
• Flexible working times and location
• Company MacBook Pro & accessories
• Team lunches, team events