Logo for Dotdigital

Information Security Analyst

Role overview

Qualifications

  • Experience in a Security Analyst, Information Security, Cyber Security, Systems Administration, Infrastructure, Cloud Operations, or DevOps role with demonstrable security responsibilities
  • Experience working within a security or compliance framework such as ISO 27001
  • Understanding of security operations and incident response processes
  • Knowledge of identity and access management principles

Responsibilities

  • Monitor and investigate security alerts and events across security tooling, cloud environments, business systems, and applications
  • Support incident response activities including detection, analysis, containment, eradication, recovery, and lessons learned
  • Develop and improve security monitoring, alerting, playbooks, and operational procedures
  • Assist with threat hunting and proactive identification of security risks and suspicious activity

About the company

Dotdigital logo

Dotdigital

Marketing & Advertising

Dotdigital is a customer engagement platform that helps digital marketers and developers deliver communications across the customer journey. We harness the power of customer data, powering engagement, conversion, and loyalty for brands as they grow and scale. Customers love our easy-to-use platform that connects first party data across the systems, surfacing powerful insights and automating predictive cross-channel messages. Dotdigital's 350+ employees serve mid-market and enterprise companies around the world and across industries. We aspire to inspire responsible marketing and are committed to sustainability, privacy & security. Dotdigital is proud to be the world's first carbon neutral, ISO14001, ISO 27701 & ISO27001 certified marketing automation platform.

Company details

Company typeSME
IndustryMarketing & Advertising
Company size201 - 500

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

About Us

The Company: Dotdigital is a thriving global community of passionate, dedicated professionals, committed to the collective success of the organization and its clients. Our core principles of innovation, teamwork, and client-focused solutions drive us to approach challenges with a growth mindset and take ownership of our work. At Dotdigital, collaboration and curiosity pave the way for meaningful connections and learning opportunities with diverse peers. Our work environment encourages knowledge sharing, fosters exploration, and cherishes creative ideas that guide us towards our shared vision of empowering businesses through marketing automation and engagement.

The Product: Dotdigital is an all-in-one customer experience and data platform (CXDP) that empowers marketing teams to exceed customer expectations with highly personalized cross-channel journeys. With Dotdigital, marketers can seamlessly unify, enrich, and segment customer data. Breaking down data siloes, Dotdigital streamlines decision-making and paves the way for marketing creativity that delivers customer engagement at scale. With powerful AI capabilities, Dotdigital makes it easy to automate deeply personalized experiences across web, email, SMS, WhatsApp, chat, push, social, ads, and more.

About the Role

Dotdigital is seeking an experienced and motivated Security Analyst to join our Information Security & Privacy team.

This is a hands-on role focused on helping protect Dotdigital's people, products, platforms, and data. Working across the business, you will support the development, implementation and operation of security controls designed to prevent, detect, and respond to security threats while helping teams deliver secure and reliable services to our customers.

Reporting to the Information Security & Privacy Director, you will work closely with Engineering, Product, Privacy, and Customer-facing teams. You will play an important role in maintaining our security posture across cloud environments, business systems, and customer-facing applications.

Responsibilities

Security Operations

  • Monitor and investigate security alerts and events across security tooling, cloud environments, business systems, and applications.

  • Support incident response activities including detection, analysis, containment, eradication, recovery, and lessons learned.

  • Develop and improve security monitoring, alerting, playbooks, and operational procedures.

  • Assist with threat hunting and proactive identification of security risks and suspicious activity.

  • Maintain awareness of emerging cyber threats, vulnerabilities, and attack techniques relevant to SaaS businesses.

Vulnerability Management

  • Own day-to-day vulnerability management activities across infrastructure, cloud platforms, applications, and endpoints.

  • Work with technology teams to prioritise and coordinate remediation activities.

  • Track vulnerabilities through to resolution and provide reporting on remediation performance.

  • Support penetration testing activities and coordinate remediation of findings.

Cloud & Identity Security

  • Support the security of cloud environments and SaaS platforms through implementation and monitoring of security controls.

  • Assist with identity and access management initiatives, including privileged access management, role-based access control, and identity governance.

  • Review cloud security recommendations and assist with remediation activities.

  • Support security assessments of new technologies, platforms, and services.

Application Security

  • Partner with engineering teams to support secure software development practices.

  • Assist with the identification, triage, and remediation of application security vulnerabilities.

  • Support security testing activities including SAST, DAST, dependency scanning, and secrets detection.

  • Contribute to threat modelling and secure design discussions where appropriate.

Governance, Risk & Compliance

  • Support the continued operation and improvement of the Information Security Management System (ISMS).

  • Assist with security audits, compliance activities, evidence collection, and control reviews.

  • Contribute to the development and maintenance of security policies, standards, procedures, and guidance.

  • Support risk assessments and assist with tracking risk treatment activities.

  • Help maintain compliance with frameworks and standards including ISO 27001 and applicable data protection requirements.

Customer & Vendor Assurance

  • Respond to customer and prospect security questionnaires and due diligence requests.

  • Support customer trust and assurance initiatives.

  • Conduct security reviews of suppliers, partners, and third-party services.

  • Maintain positive relationships with vendors and service providers.

Reporting & Awareness

  • Produce security metrics, dashboards, and management reporting.

  • Support security awareness and education initiatives across the business.

  • Promote a positive security culture and help teams understand and manage risk effectively.

About You

You will have:

  • Experience in a Security Analyst, Information Security, Cyber Security, Systems Administration, Infrastructure, Cloud Operations, or DevOps role with demonstrable security responsibilities.

  • Experience working within a security or compliance framework such as ISO 27001.

  • Understanding of security operations and incident response processes.

  • Experience with vulnerability management, remediation tracking, and security risk reduction.

  • Knowledge of identity and access management principles.

  • Understanding of cloud security concepts and security controls within major cloud providers.

  • Hands-on experience of an array of core security technologies.

  • Understanding of common application security risks and OWASP principles.

  • Strong communication skills with the ability to engage technical and non-technical stakeholders.

  • Ability to manage multiple priorities and work independently in a fast-paced environment.

  • A pragmatic and business-focused approach to security.

Desirable:

  • Experience supporting secure software development practices.

  • Experience conducting supplier security reviews and risk assessments.

  • Familiarity with automation or scripting using PowerShell, Python, or similar technologies.

  • Understanding of data protection and privacy requirements.

  • Experience working within a SaaS, technology, or cloud-first organisation.

  • Security certifications such as:

    • Security+

    • SC-200

    • SC-300

    • AZ-500

    • SSCP

    • GSEC

Interview Process

  • 15min Screening Call with Team Talent

  • 30min call with hiring manager

  • 60min call with hiring team

Some of Our Global Benefits

  • Commission & bonus opportunities

  • Annual leave that increases with service + option to buy more

  • Additional paid wellbeing days + annual wellbeing reward

  • Christmas office shutdown (extra time off)

  • Enhanced parental leave & family support policies

  • Employee recognition & reward schemes

  • Referral bonuses & long-service rewards

Authenticity in Our Hiring Process

At Dotdigital, we believe in genuine conversations and authentic expertise. While AI can be a valuable and legitimate tool in many contexts, we ask candidates not to use AI-generated content or live AI assistance at any stage of our recruitment process, including applications, assessments, and interviews.

We appreciate your cooperation in helping us keep our hiring process fair, transparent, and focused on real human insight.

DEI commitment

As an equal opportunities employer we are committed to equality in all its practices with regard to race, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, or sexual orientation. If you have any additional requirements or adjustments to assist an application then please don't hesitate to contact us and advise us how we can best support you.

Legal statement

No agencies/recruiters please. We are only accepting applications directly from the applicants. If you are a recruiter, please refrain from reaching out to our staff about this position. Anything contrary will be treated as unsolicited approach under the applicable data protection law.

Apply once. Then go straight to the hiring manager.

After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

MR

Marcus Rivera

Chief Revenue Officer

m.rivera@company.com
linkedin.com/in/marcusrivera
Unlocked after you apply
·

Information Security Analyst Related jobs

Other jobs at Dotdigital

Premium

Reach out to the hiring manager directly.

Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

  • Full match report with fit score and gaps
  • Career diagnostics on how recruiters read you
  • Curated company matches and warm intros
  • 48h early access to new roles

Cancel anytime.