Quorum Cyber Security Limited

As an Information Security Analyst, you serve as a digital guardian for the organisation, protecting critical information assets and systems from cyber threats. You are part of the Governance, Risk & Compliance team, and report to the Compliance & Information Security Manager. Our team works alongside other parts of the business to carry out audits, compliance continual improvements, investigations and risk assessments. Your role is critical in maintaining security measures that safeguard sensitive data, ensure business continuity, and maintain stakeholder trust. You act as both a strategic advisor and hands-on practitioner, translating complex security concepts into actionable business solutions while staying ahead of an ever-evolving threat landscape. What I Do Is: Maintain and support the internal audit schedule and requirements for all QC required frameworks using the GRC platform and planning tool to ensure security controls are in place and operating effectively Assist in the external audit process and support any development or implementation of remediation required Participate in the review, update and validation of our Policies, Procedures and Documentation, ensuring accuracy with current policy and changes in frameworks and regulatory requirements Be a trusted point of contact for reported issues, incidents or concerns and document them according to due process (NCL) Maintain the data incident reporting log, ensuring each incident is fully investigated and taking the necessary actions when required Maintain the TPRM process and Vendor Assurance records in the GRC platform with appropriate risk assessments to highlight any potential risk areas to the business using technical acumen and knowledge relevant to the vendor Support the review of our internal vulnerability management lifecycle by monitoring the tools and ensuring KPI's are reported and met Be a trusted advisor to Compliance's customers, answering questions that come through the Compliance mailbox and other sources about our current frameworks and certifications as well as best practice, participate in projects as and when required Provide Security Awareness Training in line with programs and tooling Keep up to date with knowledge of new technologies and their governance as well as legislative changes relevant to data protection in our geographic locations

Role Purpose: Deliver and support Cloud Security managed services and internal platform security. Implement and maintain security controls, governance, and compliance across cloud and on-premises environments. Contribute to secure operations, risk management, and incident response while ensuring alignment with business and regulatory requirements. What I Do Is: Support the implementation of innovative and operationally effective Cloud Security services. Ensure services are delivered in accordance with established service levels. Execute operational procedures and escalate complex incidents to senior team members as required. Implement and support internal cloud and on-premise systems and infrastructure with appropriate security controls. Implement, support, and test Disaster Recovery plans and associated processes. Establish security baseline standards using NIST, ISO, CIS, and support compliance programs (SOC 2, ISO 27001, PCI DSS). Create and maintain custom Cloud policies for governance, regulatory compliance, and security. Support vulnerability management and remediation to maintain compliance and best practices. Collaborate with stakeholders on projects, backlog items, and service requests, ensuring secure system development lifecycle practices. Contribute to IT Security-related policies, standards, guidelines, and procedures. Participate in IT Security Incident Response testing and annual risk assessments.

Quorum Cyber Edinburgh, United Kingdom Software Engineering Warning! Vacancy not published Company Description At Quorum Cyber, we're on a mission to help good people win. Founded in Edinburgh in 2016, we're one of the fastest growing cyber security companies in the UK and North America, serving over 400 customers on four continents. We protect organisations against the rising threat of cyber-attacks, enabling them to thrive in an increasingly unpredictable and inhospitable digital landscape. As a Microsoft-only security house, a Microsoft Solutions Partner for Security, a member of the Microsoft Intelligent Security Association (MISA), and winner of the Microsoft Security MSSP of the Year 2025 award, we offer a unified security ecosystem comprised of innovative services, all delivered through our customer platform, Clarity. In September 2024, Quorum Cyber acquired Canada-based, Microsoft Solutions Partner for Security, Difenda. This was closely followed in December 2024 by the acquisition of US-based, Kivu Consulting, a global cyber security firm with world-leading incident response capabilities. Position Depending on your skillset, you will be placed in a relevant workstream where you can contribute effectively and continue to grow Contribute to the development of full-stack features that support both customer-facing and internal applications Collaborate with a cross-functional delivery team to build secure, scalable, and maintainable software Work closely with product and design teams to understand requirements and ensure technical feasibility Contribute to estimating effort and complexity to support effective planning and prioritisation Follow platform-wide standards and practices defined by platform and architecture teams Engage in technical discussions and contribute ideas to improve engineering practices and tooling Write clean, maintainable, and well-documented code that aligns with team standards Help maintain and improve legacy systems while contributing to the development of new services and features Support the team in delivering high-quality software through testing, documentation, and collaboration Collaborate with the Lead Software Engineer and senior team members to support delivery and grow your technical leadership skills Requirements Good working knowledge of HTML and CSS, including responsive design and accessibility best practices An eye for design detail and a commitment to delivering polished, user-friendly interfaces, you will work collaboratively with designers to build deliver front end components that are reusable and scalable Backend development experience using Node.js, TypeScript, and frameworks like NestJS or Express Understanding of RESTful APIs, authentication, and secure coding practices Familiarity with cloud platforms (preferably Microsoft Azure) and CI/CD pipelines A commitment to writing clean, maintainable, and well-tested code Willingness to participate in code reviews and learn from feedback Ability to work effectively in a collaborative, agile team environment Strong communication skills and a proactive approach to problem-solving A developing T-shaped skillset - broad full-stack capabilities with growing depth in either frontend or backend engineering Interest in using AI and automation to improve solutions, with awareness of ethical and practical considerations A mindset of continuous learning and a desire to grow technically Curiosity about the cybersecurity domain and a desire to understand the business and contribute to secure, innovative solutions Bonus Points: Experience working in cybersecurity or regulated environments Familiarity with Infrastructure as Code (e.g., Terraform) Exposure to observability, monitoring, or logging practices Contributions to internal tooling or developer experience initiatives Experience mentoring junior developers or supporting team knowledge sharing. I Know I Have Done A Great Job If: Features are delivered on time, with high quality and minimal rework The codebase remains clean, consistent, and easy to maintain Platform standards are followed and reinforced through your work You contribute positively to team discussions and delivery momentum You grow your technical skills and confidence through collaboration and feedback Stakeholders trust your reliability and appreciate your contributions to the team's success Other information You will get an excellent salary, with world class benefits. As leading-edge technology company you will have access to the latest technology, and an environment that will encourage and nurture your curiosity. We are passionate about your development, and you will be empowered to advance your skills and expertise.

Partner closely with the Lead QA to define and execute a forward-thinking automation strategy aligned with the company's quality vision Take full ownership of the automation roadmap, driving the shift from manual-heavy QA to scalable, integrated automation Embed automation into the CI/CD pipeline using GitHub Actions, ensuring fast, reliable feedback loops Ensure automated tests follow secure coding practices and do not expose sensitive data or system configurations during test execution or CI/CD pipelines. Work hands-on with our cybersecurity systems, understanding architecture, integration points, and opportunities for automation Collaborate with SREs, Staff Engineers, and the Lead QA within the platform team to ensure automation supports platform reliability and scalability Work directly with cross-functional delivery teams-including full-stack developers, product managers, and designers-to embed quality and automation into the development lifecycle Maintain and evolve our Playwright test framework, ensuring it's robust, scalable, and developer-friendly Empower developers to contribute to Playwright tests, especially for feature-level and regression coverage, fostering a culture of shared quality ownership Mentor and train manual QA engineers, helping them transition into automation roles with realistic, measurable goals Continuously assess and improve test coverage, reliability, and performance across the stack

Develop a deep understanding of the business context and the systems that make up the platform, and use that insight to build and evolve secure, scalable, and resilient services. Work closely with fellow team members - including SREs, QA leads, and automation engineers - to ensure platform reliability and maturity. Work closely with delivery leads across delivery teams to define and embed technical standards, architectural direction, and best practices. Support delivery teams by removing friction, enabling flow, and providing architectural clarity. Enhance developer experience through better tooling, CI/CD pipelines, and streamlined processes. Modernise and stabilise legacy systems that are critical to the business. Lead initiatives around authentication, observability, monitoring, and infrastructure as code (Terraform). Drive standardisation across backend services and APIs to improve consistency and maintainability. Produce high-quality technical documentation and provide formal mentoring to engineers across teams. Explore and integrate AI-driven tools and capabilities to enhance platform efficiency, developer experience, and operational insight - from intelligent observability to automated documentation and beyond. Collaborate with internal stakeholders across the wider organisation (e.g., Operations, Compliance, Service Delivery, IT) to ensure platform alignment with business needs. Occasionally consult with customers to provide technical insight or support when platform-related queries arise. Overall we are looking for someone hands-on and grounded in real-world engineering challenges - we're not looking for an ivory tower architect.

Quorum Cyber Edinburgh, United Kingdom ICT and Information Systems Hybrid Warning! Vacancy not published Company Description At Quorum Cyber, we're on a mission to help good people win.Founded in Edinburgh in 2016, we're one of the fastest growing cyber security companies in the UK and North America, serving over 400 customers on four continents. We protect organisations against the rising threat of cyber-attacks, enabling them to thrive in an increasingly unpredictable and inhospitable digital landscape. As a Microsoft-only security house, a Microsoft Solutions Partner for Security, a member of the Microsoft Intelligent Security Association (MISA), and winner of the Microsoft Security MSSP of the Year 2025 award, we offer a unified security ecosystem comprised of innovative services, all delivered through our customer platform, Clarity. In September 2024, Quorum Cyber acquired Canada-based, Microsoft Solutions Partner for Security, Difenda. This was closely followed in December 2024 by the acquisition of US-based, Kivu Consulting, a global cyber security firm with world-leading incident response capabilities. Position Technical Support & Incident Management Provide first-line technical support via phone, email, and ticketing systems for hardware, software, and network issues Triage and prioritise incoming support requests based on business impact and urgency Diagnose and resolve technical problems or escalate complex issues to appropriate specialist teams Maintain detailed incident records and ensure timely communication with end users System Administration & Maintenance Perform routine maintenance tasks on servers, workstations, and network infrastructure Manage user accounts, permissions, and access rights across various systems and applications Deploy and configure new hardware and software according to company standards Monitor system performance and proactively identify potential issues before they impact operations Security & Compliance Ensure all support activities comply with cybersecurity best practices and industry standards Assist with security incident response when required, following established protocols Maintain strict confidentiality of sensitive client and company information Support compliance audits and security assessments as needed Documentation & Process Improvement Create and maintain technical documentation, knowledge base articles, and user guides Contribute to the development and refinement of IT policies and procedures Participate in continuous improvement initiatives to enhance service delivery Provide feedback on recurring issues to help prevent future incidents Requirements Technical Skills Strong knowledge of Windows and Mac operating systems, including troubleshooting and administration Proficiency with Microsoft Office 365, Active Directory, and cloud-based services Understanding of network fundamentals including TCP/IP, DNS, DHCP, and VPN technologies Experience with ticketing systems (Jira Service Management, or similar) Familiarity with cybersecurity tools and concepts including firewalls, antivirus, and endpoint protection Basic scripting knowledge (PowerShell, Python, or Bash) for automation tasks Soft Skills Excellent communication skills with ability to explain technical concepts to non-technical users Strong problem-solving abilities and logical troubleshooting approach Customer service orientation with patience and empathy when dealing with frustrated users Ability to work effectively under pressure and manage multiple priorities simultaneously Detail-oriented with strong organisational skills and ability to maintain accurate records Industry Knowledge Understanding of ITIL framework and IT service management best practices Knowledge of cybersecurity principles and common threats Awareness of data protection regulations (GDPR, ISO 27001) and compliance requirements Familiarity with business continuity and disaster recovery concepts Desirable Qualifications Industry certifications such as CompTIA A+, Network+, Security+, or Microsoft certifications Experience in a cybersecurity or professional services environment ITIL Foundation certification or willingness to obtain I Know I Have Done A Great Job If: I consistently achieve first-call resolution rates above 75% for incidents within my scope Customer satisfaction scores remain above 4.5/5 for all support interactions I meet or exceed agreed SLA targets for response and resolution times End users provide positive feedback about the quality and professionalism of support received I maintain accurate and comprehensive ticket documentation that enables seamless handovers I successfully escalate complex issues with complete context, enabling faster resolution by specialist teams My knowledge sharing activities help improve the overall capability of the service desk team I stay current with emerging technologies and security threats relevant to our business I complete required training and certifications within agreed timeframes Other information You will get an excellent salary, with world class benefits. As leading-edge technology company you will have access to the latest technology, and an environment that will encourage and nurture your curiosity. We are passionate about your development, and you will be empowered to advance your skills and expertise.

Deliver high-quality, full-stack functionality that supports both customer-facing and internal applications. Work as part of a cross-functional delivery team, contributing to the design, development, and deployment of secure, scalable software. Collaborate with product and design to gather requirements, clarify scope, and ensure technical feasibility. Contribute to realistic timeline estimates and help the team plan and prioritise effectively. Adopt and apply platform-wide standards and practices defined by the platform and architecture teams. Participate in technical discussions and contribute to the evolution of engineering practices, tooling, and architecture. Take ownership of code quality within the team - reviewing pull requests, mentoring peers, and ensuring best practices are followed. Work with and improve legacy systems, ensuring they remain stable, maintainable, and aligned with evolving business needs, while contributing to the development of new features and services. Write clear, maintainable, and well-documented code that aligns with team and organisational standards. Provide out-of-hours support, when necessary, particularly when working on critical systems that require high availability.