Security Analyst

Job Title: Security Analyst - Group Shared Services
Location: Hybrid (2-3 days per week in Newport Pagnell)
Occasional travel to Ireland/US (1-2 times per year)
Salary: £50,000 base + benefits
Job Type: Full-Time

Company Overview:

Our client is a leading company with a group IT function. The organization has a regional structure for the US (East Coast), UK, and Ireland. As part of building out a shared services model, our client is seeking a proactive and technically skilled Security Analyst to enhance its security operations and drive the maturity of its incident response capabilities across the business.

Position Overview:

The Security Analyst will play a critical role in building out the group's shared services capabilities, specifically focusing on the incident response function. They will work closely with both the IT and operations teams, serving as the primary point of contact for security incidents, providing documentation, and driving the remediation process.

This is a highly collaborative role, requiring interaction with various stakeholders, including third parties, franchisee managers, and local operational heads. The ideal candidate will be self-motivated, with a strong technical background, the ability to communicate effectively, and a passion for driving security maturity across the organization.

Key Responsibilities:

• Incident Response:
  Act as the primary point of contact for security incidents, working across the stack to address vulnerabilities and incidents promptly and effectively.
• Security Gap Analysis:
  Identify gaps in current security processes, including incidents involving third parties and franchisee management. Develop and propose solutions to address these gaps, collaborating with all stakeholders to ensure proper remediation.
• Documentation & Communication:
  Maintain detailed, clear documentation on security incidents and remediation plans. The ability to concisely summarize incidents and provide actionable insights is key.
• Vulnerability Management:
  Oversee vulnerability management processes, including the use of tools like Tenable, Nessus, and Microsoft Defender, and manage any gaps or issues.
• Collaboration & Cross-Functional Engagement:
  Work across the group to understand the operational environment, including regions like the US, UK, and Ireland, and franchisee structures. Provide regular updates and work with internal and external teams to resolve issues and improve overall security posture.
• Build Out Security Maturity:
  Contribute to the ongoing development of the group's security program, including a standardized approach to incident management and response. Assist in maturing the security function and processes in line with industry best practices.
• Technical Expertise:
  Utilize knowledge of technologies such as Microsoft Defender, Sentinel, Azure 365, and vulnerability management tools to support security efforts and ensure they align with business objectives.

Required Skills & Qualifications:

• Proven experience in incident management and vulnerability management, with a strong technical background in Azure 365, Microsoft Defender, Sentinel, Tenable, and Nessus.
• Strong understanding of security tools and technologies, including SIEM systems, and experience in managing security incidents.
• Ability to identify gaps in security processes and propose solutions, both internally and via third-party resources.
• Experience with documentation and the ability to summarize technical issues concisely for a non-technical audience.
• Comfortable working in a fast-paced, evolving environment with limited supervision, showing a high degree of initiative and problem-solving skills.
• Excellent communication skills, with the ability to engage with various stakeholders, including security teams, business units, and third parties.
• Strong analytical skills with the ability to poke, prod, and identify security weaknesses.
• Experience working in a Microsoft-centric environment is preferred, with an understanding of cloud security and tools.
• Experience working in or managing security programs in distributed environments, such as with franchisee models, is a plus.

Why Join Us?

• Opportunity to grow in a dynamic and maturing security function within a global organization.
• Collaborative environment where you will work across a range of stakeholders and technology stacks.
• Exposure to diverse security challenges, including third-party and franchisee management.
• Competitive salary and benefits package.
• Hybrid work model offering a great work-life balance.