
Monzo · Cardiff
🚀 We’re on a mission to make money work for everyone. We’re waving goodbye to the complicated and confusing ways of traditional banking. After starting as a ...
🚀 We’re on a mission to make money work for everyone.
We’re waving goodbye to the complicated and confusing ways of traditional banking.
After starting as a prepaid card, our product offering has grown a lot in the last 10 years in the UK. As well as personal and
business bank accounts, we offer joint accounts, accounts for 16-17 year olds, a free kids account and credit cards in the UK,
with more exciting things to come beyond. Our UK customers can also save, invest and combine their pensions with us.
With our hot coral cards and get-paid-early feature, combined with financial education on social media and our award winning
customer service, we have a long history of creating magical moments for our customers!
We’re not about selling products - we want to solve problems and change lives through Monzo ❤️
📍 Cardiff/London/UK Remote | 0.5 FTE Part time 💰£40,000 - £50,000 (full-time equivalent) + Incentive Awards tied to your
performance + Benefits ✨
Our People Centred Security Squad ⭐
This is a very exciting opportunity to join our People Centred Security Squad. We’re focused on building security processes that
allow the bank to move at pace, while protecting our customers. We’re never afraid to do things differently.
🔑 You’ll play a key role by...
communicate emerging threats.
🤩 We’d love to hear from you if…
as Google Workspace, Slack, and Notion.
Not ticking every box? That’s totally okay! Studies show that women and people of colour might hesitate to apply unless they meet
every single requirement. At Monzo, we’re dedicated to creating a diverse and welcoming team. If you’re passionate about this role
and keen to learn and grow with us, we encourage you to apply— even if you don’t have everything that's listed just yet. Drop us
your application, we’d love to hear from you!
🙌 What’s in it for you
💰 0.5 FTE Part time £40,000 - £50,000 (full-time equivalent) + Incentive Awards tied to your performance
📍This role can be based in our London or Cardiff office, but we're open to distributed working within the UK (with ad hoc
meetings in London)
⏰ We offer flexible working hours and trust you to work enough hours to do your job well, and at times that suit you and your
team.
📚 £1,000 learning budget each year to use on books, training courses and conferences.
🏡 We will set you up to work from home; all employees are given Macbooks and for fully remote workers we will provide extra
support for your work-from-home setup.
➕ Plus lots more! Read our full list of benefits.
🌈 The application journey has 3 key steps
This process should take around 2-3 weeks - your schedule is really important to us, so we promise to be as flexible as possible!
We have some guidelines on using Artificial Intelligence (AI) to ace an application and interview at Monzo. You can read them
here.
We’ll only close this role once we have enough applications for the next stage. Please submit your application as soon as possible
to make sure you don’t miss out.
Equal opportunities for everyone
Diversity and inclusion are a priority for us and we’re making sure we have lots of support for all of our people to grow at
Monzo. At Monzo, we’re embracing diversity by fostering an inclusive environment for all people to do the best work of their lives
with us. This is integral to our mission of making money work for everyone. You can read more in our blog, 2026 Diversity and
Inclusion Report and 2025 Gender Pay Gap Report.
We’re an equal opportunity employer. All applicants will be considered for employment without attention to age, ethnicity,
religion, sex, sexual orientation, gender identity, family or parental status, national origin, or veteran, neurodiversity or
disability status.
If you have a preferred name, please use it to apply. We don't need full or birth names at application stage 😊
About Proton Join Proton and build a better internet where privacy is the default Proton was founded in 2014 by scientists from CERN on a simple truth: privacy is a fundamental human right. Since then, we’ve built the world’s largest encrypted email service (Proton Mail) and expanded into Proton VPN, Proton Drive, Proton Pass, and Proton Calendar—tools used by millions globally to protect their freedom, fight censorship, and keep their data safe. In some situations, Proton has literally helped save lives! We are profitable, independent (no VC control), and selectively hire from the top ~1% of applicants. Our 700+ team members across 50+ countries come from leading organizations and elite academic backgrounds. We move fast, keep hierarchy light, and prioritize impact over optics. If you want to do meaningful work with exceptionally high-caliber people, this is it. Join us and do work you can truly be proud of. Check our open-source projects here! Role Overview The Security Analyst will be at the frontline of protecting Proton’s global infrastructure. This role combines analytical threat investigation with practical security engineering, taking a role in running, tuning, and evolving our detection capabilities. You will bridge the gap between day-to-day security monitoring and proactive threat defense. Sitting within our security team, you will not only respond to alerts and manage incidents but actively design the rules, playbooks, and systems that catch attackers before they succeed. We value deep logical reasoning, data-driven intuition, and strong cross-functional communication. What you will do: Threat Detection & SIEM Engineering * Maintain, optimize, and enhance our core security monitoring toolkit (SIEM, sensors, etc.). * Design, build, and continuously refine meaningful alerts, transforming raw infrastructure events into high-fidelity detections. * Proactively identify malicious activities or blind spots within our network and infrastructure that our current toolsets might not cover. Incident Response & Monitoring * Monitor, triage, and deeply investigate security alerts covering all of Proton’s corporate infrastructure. * Own the containment and mitigation of potential security incidents, orchestrating quick and effective response actions. * Develop, document, and test rigorous incident response plans and actionable playbooks to streamline future workflows. Risk Mitigation & System Security * Analyze complex logs, endpoints, and network traffic to isolate anomalies, extract patterns, and identify emerging risks. * Collaborate with engineering teams to deploy and maintain secure architectures, applying server and system security best practices (e.g., OS hardening, strict access controls). * Contribute to continuous posture improvement by feeding operational findings back into security tooling and roadmaps. Governance * Support, advise, and guide the wider company on all security-related matters and emerging risks. * Participate in business process documentation, operational metric reporting, and the strategic automation of security tasks. * Promote a culture of strong IT security awareness and responsible user behavior across our distributed teams. Job requirements * Good logical reasoning, structure, and problem-solving skills. The ability to correlate diverse data sources, extract hidden patterns from massive volumes of data, and think like an attacker. * Solid understanding of system and network security best practices, including network ACLs, authentication mechanisms, and endpoint defense configurations. * Strong working knowledge of Linux-based operating systems, their architectural security components, system calls, and mechanisms like SELinux. * Familiarity with modern malware techniques, attacker tactics (TTPs), and how to translate this threat intelligence directly into actionable SIEM rulesets. * Sound understanding of networking protocols, web technologies, and detection mechanics (eg. EDR, IDS/IPS). * Intermediate-to-advanced proficiency in Python (or similar languages) for scripting, parsing, and automation tasks. * Excellent written and spoken English, paired with strong communication and organizational skills to collaborate smoothly across different teams. * A deep belief in digital privacy. Preferred qualifications * Proven experience (ideally 3-4 years) in a cybersecurity or operations context. * Hands-on experience working with Elastic stack, Vector, or other tools used in large-scale log analysis. * Experience utilizing data analysis tools (such as Jupyter, Pandas) to hunt for anomalies. * Practical knowledge of securing and analyzing containerized workloads (Docker, Kubernetes) and Cloud infrastructure environments. * Experience in leveraging and integrating Threat Intelligence into security workflows. * An industry-recognized security certification is considered a strong asset. Success in This Role * The SIEM environment is highly tuned, resulting in a demonstrable reduction in false positives and a significant increase in high-value, actionable alerts. * Security incidents are quickly contained, thoroughly investigated, and translated into resilient long-term containment strategies and playbooks. * Threat detection coverage expands smoothly to secure new infrastructure, products, and cloud microservices. What We Offer * Work that Matters: millions of people trust Proton with their privacy. We answer only to our users — not advertisers, not investors with conflicting agendas, not governments. The work you do here is real, and the impact is measurable. (read more about our impact here) * Stock Options: at Proton, we all have the opportunity to be owners of the company. From day one, you have a real stake in what we're building. When Proton wins, you win. * Technology: you'll get the right hardware and the right software you need to do your best work. * Learning & Development: we invest in your growth because sharp people make us better. Proton is one of the fastest ways to accelerate your career because you'll be thrown into real challenges, with real ownership, from day one. * Employee Benefits: your wellbeing isn't an afterthought. We offer strong health coverage, solid retirement options, generous leave, and wellness support so you can bring your best self to work every day * In-Person Collaboration: Amazing things happen when passionate, smart, and purposeful people get together in the same room. With offices across Geneva, Zürich, Barcelona, London and more, you'll spend most of your time collaborating face-to-face with people who genuinely care about what they're building * Food: Lunch and snacks are on us every day in our offices so you can focus on the work and not on what's for lunch. * Transport: getting to the office shouldn't cost you. We cover public transport, bike allowances, or parking, whichever works for you. * Flexible Working: you own your schedule. Set hours that work for you and your team — because outcomes matter more than when the clock says you started. Our Commitment to Diversity and Inclusion At Proton, we believe diversity drives innovation and strengthens our mission to provide privacy as a default for all. We are committed to fostering an inclusive environment where all individuals, regardless of race, ethnicity, gender, age, sexual orientation, physical ability, or socio-economic background, feel valued and empowered. We strive to create equal opportunities, promote open dialogue, and support continuous learning to ensure every voice is heard and respected. If you need any extra support or reasonable adjustments during the hiring process, please let your talent partner know. Candidate Privacy Notice When you apply for a position, refer a candidate, or are considered for a role at Proton Technologies AG (Proton, we, us, or our), your information is stored in Greenhouse, in accordance with their Service Privacy Policy. This information is used to evaluate your suitability for the posted position. We also retain this information for consideration for future roles that you may apply for or that we believe may align with your background and skills. If we no longer have a legitimate business need to process your information, we will either delete or anonymize it. Should you have any inquiries about how we use or manage your information, or if you wish to access, correct, or delete your data, please contact our privacy team at careers@proton.ch. Proton does not accept unsolicited resumes from any sources other than directly from candidates. We will not pay a fee for any placement resulting from an unsolicited offer, even if the candidate is subsequently hired by Proton. To learn more about our privacy policy, please visit our privacy policy page. Compensation range Paris: 38.000 - 62.000 gross annually* Other locations: Compensation will be discussed during the interview process *Final compensation will be determined based on the candidate's qualifications, skills, and previous experience #LI-Onsite
Vestiaire Collective is the leading global platform for desirable pre-loved fashion and a pioneer in transforming how people consume fashion. Our mission is simple: make circular fashion the norm, not the exception. Through technology, expertise, and a highly engaged global community, we enable millions of people to buy and sell fashion in a more sustainable way. Founded in Paris in 2009, Vestiaire Collective is now a globally scaled marketplace with offices in Paris, London, Berlin, New York, Singapore, and Ho Chi Minh City, and logistics hubs across Europe, Asia, and the US. Today, we are a team of around 600 people from over 50 nationalities, united by a shared ambition: to drive meaningful change in the fashion industry. Our values, Activism, Transparency, Dedication, Greatness, and Collective, shape how we build, collaborate, and grow every day. Please upload your CVs in English About the role : As a Senior Security Analyst at Vestiaire Collective, you will be part of our Security team. Your objective will be to provide a safe, secure, and trustworthy experience for our users, while safeguarding their privacy and personal data, as well as protecting our company assets and internal employees. Additionally, you will ensure compliance with regulatory requirements. This role is focused on security operations, risk, and assurance: you will be the person who keeps continuous watch over our security posture — monitoring and investigating alerts, driving vulnerabilities through to remediation, supporting incident response, and producing the evidence and metrics that demonstrate our security and compliance to auditors, regulators, and leadership. Reporting to the Head of Security, you will work alongside a talented team of security engineers and collaborate closely with engineering teams and other stakeholders such as legal, finance, and corporate IT. You will work daily with our security stack: Datadog (SIEM), SentinelOne (EDR), Upwind (CSPM), Cloudflare (WAF and Cloudflare One), and Grafana/Prometheus, on top of our AWS and GCP cloud environments. What you will do : Operate and continuously improve our security monitoring: triage and investigate alerts across our detection stack (Datadog SIEM, SentinelOne EDR, Cloudflare), tune detections to reduce noise, and escalate confirmed threats. Review and prioritize cloud security posture findings (Upwind CSPM) across our AWS and GCP environments, and drive misconfigurations through to resolution with the relevant teams. Own the vulnerability management lifecycle: consolidate findings from penetration tests, application security reviews, and our bug bounty program; validate and prioritize them; and drive remediation with engineering teams against defined SLAs. Triage incoming bug bounty submissions: reproduce and assess reported issues, determine severity, and coordinate fixes with the relevant code owners. Support incident response from detection to closure: first-line investigation, coordination during incidents, documentation, and post-incident follow-up actions. Support audit and assurance activities: prepare and maintain evidence for external audits, run periodic access reviews (joiners/movers/leavers, privileged access), and keep compliance documentation up to date. Contribute to security metrics and reporting: maintain and enrich the KPIs and dashboards (Grafana) we use to report our security posture to leadership. Assess third-party vendors and tools from a security and data-protection standpoint. Handle day-to-day security requests from across the company (reported phishing, the security inbox, employee questions) and deliver security awareness initiatives to promote a security-conscious culture. Who you are : Proven experience (3+ years) in a security analyst, SOC, or security operations role, preferably in a fast-paced startup/scaleup environment. Strong analytical and problem-solving abilities, rigorous documentation habits, and the ability to communicate clearly with both technical and non-technical stakeholders. Hands-on experience with SIEM and log analysis platforms (e.g., Datadog, Splunk, Elastic) for alert triage, threat detection, and investigation; familiarity with EDR tooling (e.g., SentinelOne, CrowdStrike) is a strong plus. Working familiarity with cloud environments (AWS and/or GCP) and cloud security fundamentals - enough to understand, prioritize, and follow up on CSPM and WAF findings. Solid understanding of vulnerability management and common application threats (e.g., OWASP Top 10) - enough to validate findings, assess real-world impact, and discuss remediation credibly with engineers. Understanding of compliance frameworks and regulations (e.g., ISO 27001, PCI DSS, SOC 2, GDPR, DSA), with the ability to translate requirements into practical controls, procedures, and audit evidence. Scripting or query skills (e.g., Python, SQL), for automating routine analysis and digging into data during investigations. Ability to adapt to a rapidly changing environment and manage multiple priorities. NICE TO HAVE: Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Relevant certifications (e.g., CompTIA Security+/CySA+, GIAC GCIH/GCIA, CISA, ISO 27001 Lead Auditor/Implementer) are a plus. Our Tech Stacks includes Datadog SIEM Upwind CSPM Cloudflare (WAF, One) SentinelOne AWS, GCP Grafana, Prometheus Snowflake Tableau
The role We are looking to hire a Cyber Security Analyst to join our IT team in London. This is a full-time office-based role out of our London office. Minimum expectation 3 days per week in office. Working at WGSN Together, we create tomorrowA career with WGSN is fast-paced, exciting and full of opportunities to grow and develop. We're a team of consumer and design trend forecasters, content creators, designers, data analysts, advisory consultants and much more, united by a common goal: to create tomorrow. WGSN's trusted consumer and design forecasts power outstanding product design, enabling our customers to create a better future. Our services cover consumer insights, beauty, consumer tech, fashion, interiors, lifestyle, food and drink forecasting, data analytics and expert advisory. If you are an expert in your field, we want to hear from you. Role overview As a Cyber Security Analyst at WGSN, you will play a vital role in supporting the Cyber Security Manager to maintain and enhance our overall security posture and tooling. Working closely with our global teams, you will monitor threats, identify vulnerabilities, execute investigations, and partner with the IT team to resolve day-to-day user requests. This role is an excellent opportunity for an experienced IT professional aiming to launch a successful career in Cyber Security. Key accountabilities Security Monitoring: Monitor various security tools across the business tool stack, respond to alerts, investigate, triage and resolve security issues Administer and Tune Security Tools: Take ownership of our SIEM, EDR and SEG solutions. Become proficient in fine tuning, managing and enhancing their efficacy Identity and Access Management: Support management of user access to systems. Ensure adherence to onboarding/offboarding procedures, manage MFA through Okta and Google Workspace Hardware Compliance: Familiarity with MDM solutions, particularly Intune and Jamf desirable. Cloud Security: Run automated security audits of cloud environments including AWS and GCP. Communicate findings with DevOps team, and collaborate on continual security improvements Email Security and Phishing: Detect and respond to phishing emails, design and orchestrate periodical Phishing simulations and provide general phishing awareness Reporting and Audits: Assist in gathering data and generating reports on important security metrics. Identify areas of improvement and formulate action plans Client Questionnaires and Due Diligence: Completing client information security questionnaires and assisting with general security due diligence Policy Support: Assist in the annual review and update of our suite of security policies, including the Acceptable Use Policy and Data Security Policy Training: Help to write, design and deliver company-wide Cyber Security Awareness training and tests IT Support: Work onsite and assist the IT team with day-to-day user requests This list is not exhaustive and there may be other activities you are required to deliver. Skills, experience & qualifications required 1-2 Years Experience: In any information technology, support or security roles Certifications: Such as ISC2 CC, Security+, CySA+, CCNA, etc. are desirable Passion for Cyber Security: You will be a security champion and inhabit the secure mindset Knowledge of Key Security Principles: Either through your certifications or proclivity are desirable Cloud Awareness: General awareness of Cloud principles and associated security threats Desire to Learn: Cyber requires continuous self improvement and motivation to keep on top of constant changes and advancements in the industry. Pragmatic and Personable: Offering a strong, analytical mind, while also being an approachable and friendly face is key to fostering a strong security culture Writing and Communication: Be a confident and effective communicator, in order to convey vital technical information to non-technical stakeholders Hands On: In WGSN IT we all take a ‘hands on’ approach to onsite IT support in our London office from the CIO down to the Service Desk. Must be comfortable in a busy office environment. What we offer Our benefits and wellbeing package offers flexible benefits you can tailor to your own personal needs, including: 25 days of holiday per year - with an option to buy/ sell up to 5 days Pension, Life Assurance and Income Protection Flexible benefits platform with options including Private Medical, Dental Insurance & Critical Illness Employee assistance programme and cycle to work scheme Volunteering opportunities Great learning and development opportunities More about WGSN WGSN is the global authority on consumer trend forecasting. We help brands around the world create the right products at the right time for tomorrow’s consumer. Our values We Are Everywhere The future is everything, it happens everywhere. WGSN is the world-leading forecaster because we track and analyse consumer behaviours, product innovation, design and creativity, everywhere. We Are Future Focused We utilise our global resources and intelligence to research, source and analyse quantitative and qualitative data to produce our forecasts. Everything we do is focused on working with our customers to create a successful and positive tomorrow. We Are Rigorous We source, review and assess quantitative and qualitative data to produce robust, actionable forecasts. To provide credible insights and design solutions for our clients, it is essential that rigour runs through everything we do. Our culture An inclusive culture is one of our key priorities. We want our people to truly be themselves and thrive. We love having a diverse team of people who bring new ideas, different strengths and perspectives & reflect the global audience we work with. Inclusive workforce We are committed to supporting the environment and sustainability, including ensuring our pension plan defaults to sustainable options and striving to be net zero by 2030. Recognising great performance is a key part of our culture. Our Awards schemes recognise and reward the brilliant achievements of our people. We offer a flexible working environment with a wide range of flexible, hybrid and agile working arrangements. Conversations about flexible working have always been—and will continue to be—actively encouraged here, but we do not offer full remote working. We want to ensure everyone has the opportunity to perform their best when interviewing, so if you require any reasonable adjustments that would make you more comfortable during the process, please let us know so that we can do our best to support you. A Note for Applicants We use AI to help our team screen applications and identify candidates whose skills and experience match the role. This technology removes personal information to promote a fair and unbiased process. We believe this tool helps us find the best talent while maintaining transparency and fairness. A Note for Recruiters Thank you so much for your interest in working with us at WGSN! Our internal Talent Acquisition team takes care of all our recruitment efforts. When we need some extra help, we partner with agencies on our Preferred Supplier List (PSL) that truly understand our business, culture and ways of working together. Since we focus on these established partnerships, we’re unable to respond to unsolicited contacts or CVs from outside our PSL. But don’t worry! If we decide to explore new partnerships, we’ll be sure to reach out.