Cyber Security Analyst (m/f/x)

In Germany and Europe, YOGI TEA GmbH has been the leading supplier of Ayurvedic herbal and spice teas from controlled organic cultivation for over 50 years. Our philosophy is: "Feel Good, Do Good", because only those who feel good can give good things back. An important part of our corporate philosophy is our involvement in social projects around the world.

To strengthen our team, we are offering the following permanent full-time position (40 hours per week) at Hamburg HQ at the earliest possible date:

Cyber Security Analyst (m/f/x)

In your future role, you are responsible for supporting the confidentiality, integrity, and availability of Yogi’s information systems across European operations. This role provides hands-on security operations, regulatory compliance support, and incident response while aligning with globally defined cybersecurity standards and governance. The Cyber Security Analyst works closely with global security leadership, regional IT teams, and EU business stakeholders to ensure security requirements are effectively implemented and sustained.

• Monitor, analyze, and respond to security alerts, incidents, and suspicious activity across EU systems
• Administer and support endpoint, identity, and access security controls in alignment with global standards
• Perform routine access reviews, privilege audits, and system hardening activities
• Investigate reported security issues and coordinate resolution with internal teams and external partners.
• Support implementation and ongoing operation of ISO 27001 controls within EU operations
• Contribute to NIS2 compliance activities, including documentation, risk assessments, and control mapping
• Assist with GDPR-related security measures, audits, and regulatory inquiries
• Participate in security risk assessments, tabletop exercises, and incident response simulations
• Maintain security documentation, operational procedures, and technical records
• Contribute to global security improvement initiatives, tooling evaluations, and architecture enhancements

• Bachelor’s degree in information security, Computer Science, or related field, or equivalent vocational training
• Minimum of 3–5 years of experience in cyber security, systems administration, or infrastructure with a security focus
• Strong understanding of information security principles and risk management
• Familiarity with endpoint security, vulnerability management, and incident response processes
• Prior exposure to ISO 27001, NIS2, GDPR compliance experiences preferred
• Knowledge of Microsoft security ecosystem (Entra ID, Defender, Microsoft 365 security tools)
• Familiarity with endpoint protection, identity lifecycle management, and security monitoring tools
• Security certifications (ISO 27001, CISSP, CISM, Security+) are an advantage
• Structured, analytical, and risk-aware mindset
• Ability to work independently and manage competing priorities
• Strong organizational, documentation, and time management skills
• Excellence in German and fluency in business English, spoken and written
• Resume in English