Security Analyst

Security Analyst

We are currently recruiting for a Security Analyst with Ivanti Neurons experience to join one of our Insurance clients on a 6-month contract.

Inside IR35

Hybrid

Responsibilities:

• Support the day-to-day vulnerability and patch management operations using Ivanti Neurons, including discovery, risk assessment, prioritisation, deployment coordination, validation and reporting.
• Maintain accurate asset and vulnerability coverage by monitoring agent health, scan cadence and data quality; work with endpoint and infrastructure teams to resolve gaps.
• Perform risk-based vulnerability triage and analysis using factors such as CVSS, exploitability, asset criticality, exposure and compensating controls.
• Coordinate routine and emergency patch cycles, including change planning, maintenance windows, pre deployment checks, rollback planning and post deployment verification.
• Work with service and application owners to drive remediation of unpatchable vulnerabilities through configuration changes, mitigations, or documented risk acceptance.
• Assess cloud security risks across the Azure estate using native and third party security tools.
• Develop, maintain and evidence standards, procedures and secondary security controls to ensure policy and regulatory compliance.
• Support audit and compliance activities by producing vulnerability and patch evidence, metrics and control narratives.
• Identify and implement automation and continuous improvement opportunities across vulnerability and patch management workflows.
• Collaborate with Incident Response, Threat Intelligence and Corporate Security teams to respond to actively exploited vulnerabilities and emerging threat trends.

Experience

• Strong working knowledge of Ivanti Neurons, cloud security controls and industry best practices.
• Hands-on experience with the Microsoft security ecosystem, including Microsoft Defender for Cloud, Microsoft Sentinel, Azure Update Manager and core Azure services.
• Demonstrated expertise in vulnerability management, risk assessment, mitigation strategies, and patch management within cloud-based environments.
• Professional security certification, such as CompTIA Security+, SSCP, CISSP, or vendor-specific patch/vulnerability qualifications.
• Working knowledge of the insurance or financial services industry and its risk and regulatory landscape.
• Experience with third-party security tools, such as Wiz, Puppet and Nexpose.
• Proficiency in scripting and automation, including Python, PowerShell, or similar languages.
• Previous experience in a Security Operations role within a large or complex enterprise environment.
• Strong understanding of cybersecurity standards and frameworks, including ISO 27001, NIST 800 53, CIS Controls, OWASP, and SOC1/2.

Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy.