Security Analyst

3 months - with extensions

London - hybrid

400 per day inside IR35 - Umbrella only

The Role As a Cyber Security Analyst in the Cyber Operations workstream, you will report to the Operational Cyber Security Architect and support BAU cyber activities across the organisation. You will play a key role in helping the department detect, respond to, and manage cyber threats, vulnerabilities, and operational risks. You will work closely with technical teams, service owners, and delivery partners to ensure robust security controls are in place and actively monitored. The role is hands-on and well-suited to someone who is proactive, curious, and eager to go beyond the call of duty to protect the clients digital estate.

Responsibilities include but are not limited to:

• Coordinating and supporting cyber requests, using predefined playbooks and processes
• Supporting vulnerability identification, triage, and remediation, including follow-up with relevant technical teams.
• Monitoring and analysing alerts and logs from LogRhythm, CyberArk, Semperis and other security tools, but experience with other cyber tools would also suffice.
• Participating in the change management process to ensure proposed changes are reviewed for security risk.
• Contributing to penetration testing planning, coordination and tracking of remediation.
• Maintaining risk logs and status dashboards for security findings and control effectiveness.
• Supporting reviews of cloud and on-premises systems to validate secure configurations.
• Conducting general risk assessments of new applications or tools being used within the organisation.
• Experience in co-ordination of the requirements to meet ISO27001 & the Cyber Essentials+ certification.
• Administrative requirements of PAM tool. (CyberArk)

Experience

• Experience administrating PAM solutions, such as CyberArk - MANDATORY
• Working understanding of security operations, threat detection, and incident response.
• Experience using SIEM and security tooling for triage and log analysis.
• Experience tracking and managing vulnerabilities using industry frameworks.
• Familiarity with enterprise systems including Microsoft 365 and Azure AD.
• Experience working in a digital service or infrastructure team undergoing change.
• Experience engaging across teams to investigate issues and improve controls.

Technical

• Hands-on experience with tools such as LogRhythm, Semperis.
• Experience administrating PAM solutions, such as CyberArk.
• Understanding of NCSC cyber security principles and good practice.
• Familiarity with change and configuration management from a cyber perspective.
• Working knowledge of ISO 27001 or NIST standards.
• Relevant certifications (e.g., Security+, CySA+, CISMP) are desirable.

If you are interested, please apply at first instance!