Senior Security Analyst
at Gunvor
Posted 12 days ago
No clicks
- Compensation
- Not specified
- City
- Houston
- Country
- United States
Currency: Not specified
The Senior Security Analyst is a key cybersecurity leader supporting Gunvor's trading and global assets. The role ensures operational cyber resilience, protects trading activities, and contributes to the secure rollout of the group's multi-cloud strategy (Azure, AWS). Based in Houston, the role provides advanced threat detection, incident response, cloud security engineering and advisory support to IT and business stakeholders, partnering with Trading, IT and Corporate Functions.
Job Title:
Senior Security AnalystContract Type:
Time Type:
Job Description:
The Senior Security Analyst is a key cybersecurity leader supporting the Group’s trading and global assets.
The role ensures operational cyber resilience, protects business-critical trading activities, and contributes to the secure rollout of the Group’s multi-cloud strategy (e.g. Azure, AWS).
Operating at the center of a fast-moving high-risk environment, the Senior Security Analyst provides advanced threat detection, incident response, leadership, cloud security engineering and advisory support to both IT and business stakeholders. The position is based in Houston, to provide proximity, reactivity, and embedded partnership with Trading, IT, and Corporate Functions.
Main Responsibilities
The main responsibilities of the Senior Security Analyst are:
Security Operations, Threat Detection & Incident Response
Lead analysis and response activities for complex cybersecurity events, ensuring minimal impact to trading operations.
Investigate incidents across cloud, on‑prem, network, endpoint, and identity layers.
Drive containment, eradication, forensic analysis, recovery, and post‑incident improvement actions.
Continuously refine detection engineering (custom SIEM rules, UEBA, automation playbooks).
Cloud Security & Multi-Cloud Architecture
Design and enforce security controls for Azure & AWS environments, ensuring unified governance across heterogeneous platforms.
Implement identity‑centric security (Zero Trust, Conditional Access, IAM/PAM, role‑based access).
Support secure deployment of cloud‑native workloads, infrastructure‑as‑code, and DevSecOps practices.
Ensure compliance with industry best‑practice frameworks
Project Security & Advisory
Act as the security representative in strategic IT and business projects, from design through delivery.
Perform architecture reviews, conduct threat modelling, and define risk‑based compensating controls.
Vulnerability & Exposure Management
Own the end‑to‑end vulnerability lifecycle: discovery, prioritization, risk assessment, remediation coordination, and reporting.
Evaluate emerging threats (CVE analysis, threat intel correlation, exploit likelihood scoring) and drive prioritized mitigation.
Security Monitoring & Analytics
Manage SIEM, EDR, NDR/IDS, cloud monitoring tools, and security analytics platforms.
Correlate multi‑source data to identify anomalies, insider risks, and advanced persistent threats.
Governance, Risk & Compliance
Contribute to internal and external audits, ensuring adherence to regulatory and corporate security standards.
Apply industry standards and best practices (e.g. NIS, CIS) when necessary.
Participate to the ISO 27k initiative toward the Group compliance objective.
Develop and maintain security policies, standards and operating procedures.
Produce metrics and dashboards to inform executives of risk posture and emerging trends.
Security Awareness & Culture
Champion cybersecurity culture within Trading and Corporate Functions.
Support targeted training, phishing simulations, and best-practice awareness initiatives.
Mentoring & Leadership
Mentor junior analysts and coordinate with global counterparts across Geneva, Amsterdam, Singapore, and US.
Build strong relationships with Front Office, IT Operations, Risk, Compliance, and third‑party security partners.
Profile
Education
Certifications :
CISSP (required)
AZ-500 (required)
CISM (- preferred)
CEH, OSCP, AWS Security Specialist (-advantageous)
OSCP (nice to have)
Experience
+8 years in cybersecurity, with at least 5 years in a senior analyst position or senior consultant role.
Demonstrated experience securing cloud-heavy, high-availability, mission critical environments (preferably trading or financial markets).
Proven track record in incident response, cloud security, and security engineering.
Skills
Technical Skills (by order of priority):
Cloud Security (Azure, AWS, cloud-native security tooling)
Threat Detection & Incident Response
Endpoint Detection & Response
SIEM (Kibana, Sentinel)
Vulnerability Assessment & Management
Network & Endpoint Security
Scripting & Automation
Security Frameworks & Compliance
Digital Forensics & Malware Analysis
Behavioral Competencies
High adaptability and resilience in a fast-paced environment
Strong analytical, problem solving and communication skills
Proactive leadership and autonomy
Ability to influence cross-functional stakeholders and drive change
Detail-oriented, structured, and risk-aware mindset
If you think the open position you see is right for you, we encourage you to apply!
Our people make all the difference in our success.
Location: Houston
