Security Analyst.

Who we are

Born in 2014, Yoti is a digital identity and biometric technology company that makes it safer for people to prove who they are. The Yoti app was designed with privacy at its core, giving people a secure way to prove their identity and share third-party credentials with organisations and other people.

Today, we have over twenty million app downloads around the world. We've expanded our offering to a suite of business solutions that span identity verification, age verification and estimation, e-signing, AI anti-spoofing technologies and we continue to think of innovative new offerings.

From day one, we've been working to fix an outdated identity system. This is not a journey we make on our own but with policy advisors, think tanks, researchers, academics, humanitarian bodies, our users and everyday people. We are committed to solving identity problems through grassroots research and social purpose initiatives.

Purpose of the Role: Reporting to the Head of Information Security, the Security Analyst will be a generalist and work across multiple security domains to support the company's overall security posture.

Role Dimensions: Sitting within the Information Security team, reporting to the Head of Information Security.

Primary responsibilities

• Perform initial triage and management of security vulnerability reports submitted through our bug bounty program.
• Assist with Access Control management, including processing access requests and conducting regular reviews to ensure appropriate privileges.
• Support Governance, Risk, and Compliance (GRC) activities, including coordinating with internal teams to gather necessary information for security questionnaires and compliance documentation.
• Conduct research and project work across various security domains, including the safe and responsible use of AI tools.
• Review and help manage findings from both technical and non-technical security audits.
• Assist the Security Operations team with ad-hoc tasks and security initiatives where possible, with a strong emphasis on continuous learning.
• Research emerging threats and keep abreast of security landscape
  
  

Knowledge, Skills, Qualifications and Experience

• Proven experience working with Linux environments.
• Proficiency in scripting (e.g., Shell, Python) for automation and task execution.
• Ability to research and safely utilise AI tools in a professional context.
• A basic understanding of security concepts and multiple security domains (e.g., network, identity, cloud, application).
• Excellent interpersonal and written communication skills.
• Strong time management and organisational abilities.
• Having worked in a SOC2 / ISO27001 certified environment
  
  

Advantageous Skills

• Familiarity with version control systems, particularly Git.
• Knowledge of privacy principles and regulations.
• Experience working with cloud environments (AWS, GCP) in some capacity.
• At least 2 years of commercial experience in a security or IT-aligned role.
  
  

Interview Process

• Stage 1 : Recruiter call with a Talent acquisition team member (30 minutes)
• Stage 2 : Call with Head of Information Security (60 minutes)
• Stage 3 : Technical Test (60 minutes)
• Stage 4 : Final call with Head of Information Security, Head of GRC & General Counsel (90 minutes)
  
  

What's in it for you

• Medical Insurance cover of INR 5 lakhs
• Life Insurance / Accidental cover
• Gratuity as per law
• PF as per law
• 18 days paid leave + 6 sick day leave (Yearly)
• 10 declared holidays (Yearly)
• 5 fully paid Selfie Days - for your own personal development, volunteering, charity events, etc
• Quarterly Team and company activities, Social clubs.
• Continuous learning opportunities (Annual Training budgets, conferences etc)
  
  

This is a great opportunity to join a company that is leading the way for innovative and responsible identity verification. We're looking for people who can adapt to a fast-paced environment, as well as champion our brand and what we stand for. We value a positive attitude and people who have a collaborative, creative and transparent approach to solving problems.

AI Usage during the recruitment process

Please read our AI Usage in Recruitment policy to know more about how Yoti uses AI in the recruitment process and our stance on how candidates can use AI during the interview process.

We believe in equal opportunities

It takes a diverse community of passionate, talented and committed people to build a simpler, more secure way of proving identity. We're an equal opportunity employer, so we welcome applications from people of all backgrounds, with different outlooks andexperiences.

We are proud to be a Disability Confident employer and we're committed to making our recruitment process as inclusive and accessible as possible.

If you have a disability or long-term condition and need any adjustments or support during the application or interview process, please let us know we'll do everything we can to support you and to enable you to bring your best self to our hiring process.

Pre-employment checks

If your application is successful please be aware that as part of our employment checks:

• We will check your Identity
• We will check Education
• We will check Employment
• We will Check your Credit
• We will check Database
  
  

Talent Pool

If we consider that you might be suitable for other roles in the future, we will keep your details so we can contact you about these other roles. If you do not want us to keep your details for this purpose, please e-mail [Confidential Information] or let us know at any stage of the recruitment process. For more information please read our Applicant Privacy Notice.