Join Avertro, a venture-backed cybersecurity startup building a platform that empowers security leaders to manage cyber risk with confidence.
As a Cybersecurity Analyst, you are a hands-on technical contributor sitting at the intersection of our product domain and our internal security operations. This is a dual-focus execution role: you will support the team in maintaining Avertro’s internal security posture while acting as a technical expert for the logic within our platform.
✨ The Opportunity
What makes this one of the most unique opportunities in the security world is your direct proximity to the product; you won’t just be securing our environment, you will be a key contributor to the Product Management process, helping shape the very tools that other security leaders use globally. You thrive on getting into the details - whether that’s mapping complex frameworks, writing scripts to automate security tasks, or conducting internal risk assessments. This role requires high technical curiosity and the ability to master the use of our own platform.
🧩 What You’ll Do
Internal Security Operations: Execute the day-to-day activities of Avertro’s internal security roadmap. This includes hands-on management of identity and access, monitoring endpoint security, and auditing cloud configurations to ensure our systems remain resilient.
GRC Execution & Audit Support: Support the team in the execution of internal audits and risk assessments. You will be responsible for using the Avertro platform to manage our own security posture.
Product Management Support: Act as a critical technical operator working with the Product Management team. You will directly assist with core product management activities, including defining technical feature requirements, validating roadmap priorities, and performing gap analyses to ensure our platform solves the most pressing problems for security leaders. Your insights and efforts will be a primary driver in the development of a world-class cybersecurity product.
Framework & Content Mapping: Act as a technical specialist for our platform’s content. You will use the platform to map technical security controls to business-level risks and global frameworks (e.g. NIST CSF, ISO 27001, SOC 2, CPS 230), ensuring our library is technically accurate and actionable.
Application Security (AppSec): Support the Engineering team by performing threat modelling and security design reviews for new features. You will identify vulnerabilities based on OWASP Top 10 standards and suggest practical remediation steps.
Security Automation & Scripting: Write and maintain scripts (Python, Bash, etc.) to automate repetitive security tasks and data collection. You will build the connectors and automations that make our security operations efficient.
AI-Enhanced Workflows: Proactively use AI tools and agents to accelerate research, risk mapping, and report generation. You are expected to use AI as a force multiplier to increase your individual output and accuracy.
Customer Technical Advisory: Provide technical support to the Customer Success team by conducting deep-dive gap analyses for customers and helping them map their technical controls within the Avertro platform.
Vulnerability Research: Monitor the threat landscape for emerging vulnerabilities and regulatory changes. You will translate these findings into technical requirements for our product or internal security alerts.
🔍 What We’re Looking For
Experience: 2–3 years of hands-on experience in an individual contributor role within Cybersecurity (SecOps, AppSec, GRC, or Consulting).
Technical Foundations & Coding: You have a solid grasp of computing fundamentals (OS, Networking, APIs). You are proficient in at least one scripting language (Python, Bash, etc.) and are comfortable reading and writing basic code to solve problems.
AppSec Knowledge: You understand web application security and the OWASP Top 10. You can explain the technical "how" behind a vulnerability and how to fix it in a cloud-native environment.
Engineering Empathy: You understand how software is built (Git, CI/CD, SDLC). You can talk to developers in their language and understand the trade-offs between security and velocity.
AI Proficiency: You are an early adopter of AI tools (LLMs, research agents) and know how to use them to automate your own workflow while maintaining data security and accuracy.
Framework Literacy: You understand common frameworks (NIST, ISO) and, more importantly, how they translate into actual technical controls.
Proactive Mindset: You love "doing." You are self-sufficient, highly organized, and don't need a manager to tell you how to prioritize your daily tasks.
Startup Grit: You value progress over perfection. You are happy to roll up your sleeves to do the manual work when needed while building the automation to ensure you don't have to do it twice.
💥 Why You’ll Love Working With Us
High-Trust Culture: We don't micromanage. You own your tasks and we trust you to deliver outcomes.
Direct Impact: Your work directly influences both our internal safety and the quality of the product our customers use every day.
Growth Orientation: You’ll work closely with our security leaders, providing a massive opportunity to learn how to build a world-class security function from the ground up.
Competitive Package: Competitive salary, equity options, and a flexible hybrid working environment.
Our Vibe: We get sh*t done, call it like it is, stay laser-focused on problems worth solving, and work with good humans only.
✨ Interested?
If you are a technical problem-solver who wants to be at the heart of a fast-growing cyber startup, we’d love to hear from you.
Please note:
We do not support visa sponsorship.
Ensure your CV does not exceed 2 pages.
Only shortlisted candidates will be contacted.
No agencies, please.
