This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Security Analyst based in United Kingdom.
This role sits at the intersection of cybersecurity operations and global security research, where you will evaluate and manage incoming vulnerability reports from a large and active ethical hacker community. You will act as a trusted bridge between security researchers and client security teams, ensuring that findings are accurate, actionable, and properly prioritized. The position combines hands-on technical security analysis with incident response, communication, and community engagement. You will assess vulnerabilities, support remediation efforts, and help organizations strengthen their security posture. Working in a fast-paced, high-volume environment, you will continuously refine your offensive and defensive security skills. The role also involves mentoring junior analysts and contributing to the improvement of internal processes and workflows. It is ideal for someone who enjoys technical depth, structured problem-solving, and meaningful real-world security impact.
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Security Analyst based in United Kingdom.
This role sits at the intersection of cybersecurity operations and global security research, where you will evaluate and manage incoming vulnerability reports from a large and active ethical hacker community. You will act as a trusted bridge between security researchers and client security teams, ensuring that findings are accurate, actionable, and properly prioritized. The position combines hands-on technical security analysis with incident response, communication, and community engagement. You will assess vulnerabilities, support remediation efforts, and help organizations strengthen their security posture. Working in a fast-paced, high-volume environment, you will continuously refine your offensive and defensive security skills. The role also involves mentoring junior analysts and contributing to the improvement of internal processes and workflows. It is ideal for someone who enjoys technical depth, structured problem-solving, and meaningful real-world security impact.
Accountabilities:
- Review, validate, and assess incoming vulnerability reports to ensure they are unique, actionable, and relevant for clients
- Perform technical analysis, proof-of-concept validation, and severity assessment of reported security issues
- Calculate and apply CVSS scoring to evaluate impact and prioritization of vulnerabilities
- Act as a key point of contact for escalation handling, incident triage, and researcher mediation
- Provide remediation guidance and clear technical feedback to customers and internal stakeholders
- Conduct security testing and validation across web, mobile, systems, and network environments
- Stay up to date with emerging threats, malware trends, and evolving attack techniques
- Mentor and support junior team members while contributing to knowledge sharing within the team
- Collaborate closely with customer success teams to ensure value is derived from security findings
- Proactively identify risks, prioritize workload, and ensure timely resolution of critical issues
- At least 2 years of experience in penetration testing, security testing, or vulnerability assessment roles
- Strong understanding of ethical hacking principles and familiarity with bug bounty ecosystems
- Solid knowledge of the OWASP Top 10 and common web application vulnerabilities
- Hands-on experience with Mac, Windows, and Linux environments
- Ability to independently research, troubleshoot, and solve complex technical problems
- Strong analytical mindset with excellent attention to detail and risk assessment skills
- Experience working in high-pressure or incident-driven environments with strong prioritization abilities
- Familiarity with CVSS scoring and vulnerability severity assessment
- Strong interpersonal and communication skills, with the ability to explain technical issues clearly
- Fluent in English; Dutch is a strong plus
- Nice to have: certifications such as CEH, OSCP, OSWE, or equivalent, and/or an active bug bounty profile
- Flexibility to work in a 24/7 operational support environment when required
- Competitive salary package
- Hybrid working model with flexibility across Europe
- 2-month work-from-anywhere policy
- Initial home office setup budget and access to high-quality equipment
- Annual learning and training budget to support continuous development
- Strong career growth path within cybersecurity and security operations
- Social events, team activities, and international collaboration opportunities
- Referral bonus program
- Exposure to a global ethical hacking community and real-world security challenges
- Opportunity to work in a fast-growing cybersecurity environment with strong industry recognition.