Security Analyst x 2

Security Analyst x 2 - £500-£600 per day - Inside IR35 - Primarily Remote - 3 months initial contract.

My client, one of the UKs largest producers of zero carbon energy, is looking for two experienced Security Analysts to join them to join their Cyber Defence team, responsible for identifying, investigating, and mitigating cyber threats.

The ideal candidate will have experience with Microsoft Sentinel, firewall security (Palo Alto & Fortinet), threat hunting, and incident response. A solid understanding of Microsoft Defender, KQL queries, and AWS Guard Duty is also required. SC-cleared candidates will be given preference due to the nature of the work.

Key Responsibilities

Security Monitoring & Incident Response

• Monitor, analyse, and investigate security events using Microsoft Sentinel.
• Respond to alerts from external SOC teams, ensuring swift resolution of security incidents.
• Conduct threat analysis using Microsoft Defender, KQL queries, IDS alerts, and network traffic logs.
• Perform incident triage and escalation, ensuring timely response to high-severity threats.
• Investigate phishing emails, malware incidents, and suspicious activity.

Firewall Security & Network Defence

• Analyse firewall logs and network traffic to detect and mitigate threats.
• Utilise Palo Alto Panorama, Prisma, and Fortinet security tools for threat investigation.
• Implement firewall rule changes to strengthen network security.
• Investigate Indicators of Compromise (IOCs) and apply threat intelligence to firewall security.

Cloud & Endpoint Security

• Monitor AWS Guard Duty for security threats, escalating incidents as necessary.
• Conduct threat-hunting activities across Microsoft 365 and cloud environments.
• Develop and fine-tune security detections, playbooks, and automation workflows in Sentinel.
• Collaboration & Continuous Improvement
• Work closely with IT and security teams to enhance cyber defence strategies.
• Mentor and support junior analysts and cyber apprentices.
• Assist in the delivery of SOC security projects and incident response improvements.
• Promote cybersecurity best practices across the organisation.

Essential Skills & Experience

• Microsoft Sentinel for security monitoring, investigation, and response.
• Firewall security expertise with Palo Alto and Fortinet (monitoring, analysis, rule management).
• Incident Response & Threat Hunting experience.
• Strong proficiency in Microsoft Defender and KQL queries.
• Familiarity with AWS Guard Duty and cloud security best practices.
• Hands-on experience investigating phishing, malware, and network security events.
• Experience using ServiceNow for incident management.

Desirable Skills

• SC clearance (preferred) or willingness to obtain.
• Experience with Data Loss Prevention (DLP) tools and eDiscovery scans.
• Familiarity with Microsoft Purview and threat intelligence platforms.