ED&F Man Commodities

About the Company

ED&F Man Commodities is one of the world’s leading providers of soft commodities and logistics including sugar, coffee, molasses, animal feeds and fish oil.

Established in 1783, ED&F Man today is an employee-owned agricultural commodities merchant with 2,800 people in 42 countries and annual revenue in excess of $8bn. Each year we source, store, trade, ship and distribute 11m bags of coffee, 10m tonnes of sugar and 6m tonnes of animal feed. We work closely with over 300 customers and 600 suppliers.

Sustainability

As an agricultural commodity trader, we are dependent upon nature and the land. To us, sustainability is much more than just a programme. It is integral to who we are and how we do business. It is inherent in our culture and values, ingrained in our commercial strategy and daily operations, and championed in every part of our organisation across the globe.

www.edfman.com

Our Business Units:

Coffee (Volcafe) www.volcafe.com

Volcafe is one of the worlds largest coffee merchants, trading since 1851 and specialising in worldwide green coffee procurement.

Liquid Products (MLP)

ED&F Man Liquid Products (MLP) trades a diverse range of products, sourcing, shipping, storing and distributing molasses, molasses blends, liquid feeds, beet pulp pellets and fish oils.

Sugar

ED&F Man Sugar are a world-class international merchant of sugar and value-add sugar products including organic sugars, sweeteners and blends, liquified sugar and alcohol products.

Mission: Building a strong, sustainable and responsible business that delivers positive impact for all our stakeholders, our people, communities and the planet underpins our approach to business. Our values and culture are based on the commitment that everyone at ED&F Man Commodities makes to behave ethically and conduct business responsibly.

Our five core values define who we are and guide our behaviour:
Respect, Integrity, Meritocracy, Client Focus, Entrepreneurship.

Listed Jobs

Company Name

ED&F Man Commodities

Job Title

Cyber Security Analyst

Job Description

**Job Title** Cyber Security Analyst **Role Summary** The Cyber Security Analyst serves as the primary escalation point for an outsourced Security Operations Centre (SOC). This role triages and investigates security alerts, supports major incident response, maintains and optimises endpoint, email, identity, and vulnerability management platforms, and continuously improves the organization’s security posture through tool evaluation and policy updates. **Expectations** - Minimum 5 years in a Cyber Security Analyst or equivalent role with proven incident‑response experience. - Proficiency in EDR (CrowdStrike Falcon preferred), SIEM (Rapid7 or equivalent), email security/DLP, identity management, and vulnerability tools. - Strong networking fundamentals and cloud security knowledge (Azure/AWS). - Ability to develop SOC playbooks, run proofs‑of‑concept, and liaise with senior stakeholders. - Scripting capability in Python and/or AutoIT. - Excellent communication, collaboration, and composure under incident pressure. **Key Responsibilities** - Act as escalation point for SOC; receive, triage, and investigate alerts. - Conduct thorough investigations to generate actionable insights for incident resolution. - Participate in major incidents: containment, eradication, recovery, and post‑incident review. - Document incident timelines and contribute to lessons‑learned reports. - Maintain and update security policies in line with vendor best practices and Change Advisory Board protocols. - Monitor agent health, audit version compliance, remediate non‑compliant clients. - Attend vendor meetings, review support cases, and incorporate best‑practice guidance. - Design and refine SOC playbooks and response actions; evaluate new security technologies through controlled proof‑of‑conception trials. - Manage block and safe listings; troubleshoot false positives and tune detection rules. - Perform email investigations for phishing/BEC incidents; produce monthly vulnerability reports and prioritise remediation. - Collaborate with infrastructure and application teams to test patches and reduce vulnerability counts. - Substituting security products as business requirements change while ensuring policy continuity. **Required Skills** *Technical* - EDR management (crowdstrike, policy, sensor deployment). - SIEM operation (Rapid7, similar). - Email security (Varonis, proof‑of‑concept evaluation). - Identity security (Entra ID Conditional Access, PIM). - PAM tools (BeyondTrust, Okta, Osirium). - Vulnerability management (Qualys, Rapid7). - Networking fundamentals (TCP/IP, DNS, firewalls, SSL/TLS). - Cloud security (Azure/AWS). - Scripting: Python, AutoIT. *Professional* - Incident response and major incident handling. - SOC playbook design and vendor‑comparison methodology. - Stakeholder communication, reporting, and recommendation. - Team collaboration and support‑desk liaison. - Calming under pressure; resilience during incidents. **Required Education & Certifications** - Formal degrees are not mandatory; hands‑on experience and delivery record valued. - Desired certifications: CompTIA Security+, Network+, CySA+, PenTest+, CASP+, CEH, CISSP, and vendor‑specific credentials such as CrowdStrike, Qualys, Palo Alto, etc.

Houston, United states

On site

Mid level

24-12-2025