Security Analyst
Remote (UK-based)
Competitive daily rate, Outside IR35
6 months with chance of extension
Why Apply?
This is a unique opportunity to contribute to a large-scale uplift of security posture across a global organisation operating at enterprise scale. Following a refresh of security policies aligned to NIST CSF v2.0, the company requires a strong Security Analyst to carry out a broad review of systems, infrastructure, and applications. This role will focus on identifying legacy security issues, performing gap analysis, and assessing how fit-for-purpose existing security controls are under the updated standards.
Key Responsibilities
* Perform end-to-end security control assessments across infrastructure, enterprise applications, SaaS platforms, and bespoke systems.
* Review current ("as-is") environments and conduct gap analyses against the organisation's new security control framework based on NIST CSF v2.0.
* Identify weaknesses or outdated practices and define clear, actionable remediation plans in partnership with other teams.
* Dig into legacy security issues and help shape the future state of security posture.
* Work across a wide stack including AWS, GitHub Enterprise, Slack, Zoom, Atlassian, and SaaS tools like Workday, Workiva, and EquatePlus.
* Partner with internal stakeholders to ensure compliance and drive down organisational risk.
What We're Looking For
* Proven experience in security auditing and assessment across a broad range of technologies.
* Strong working knowledge of cloud platforms, enterprise infrastructure, and SaaS environments.
* Ability to dig into security controls and evaluate them against formal security frameworks.
* Experience conducting risk assessments, performing gap analysis, and recommending mitigations.
* Confident working with technical and non-technical stakeholders to influence remediation strategies.
* Desirable exposure to tools such as Splunk, Crowdstrike, AWS, Kubernetes, or MITRE ATT&CK.