Security Analyst- Ivanti Neurons
We are currently recruiting for a Security Analyst with Ivanti Neurons experience to join one of our Insurance clients on a 6-month contract.
Inside IR35
Hybrid
Responsibilities:
1. Support the day-to-day vulnerability and patch management operations using Ivanti Neurons, including discovery, risk assessment, prioritisation, deployment coordination, validation and reporting.
2. Maintain accurate asset and vulnerability coverage by monitoring agent health, scan cadence and data quality; work with endpoint and infrastructure teams to resolve gaps.
3. Perform risk-based vulnerability triage and analysis using factors such as CVSS, exploitability, asset criticality, exposure and compensating controls.
4. Coordinate routine and emergency patch cycles, including change planning, maintenance windows, pre deployment checks, rollback planning and post deployment verification.
5. Work with service and application owners to drive remediation of unpatchable vulnerabilities through configuration changes, mitigations, or documented risk acceptance.
6. Assess cloud security risks across the Azure estate using native and third party security tools.
7. Develop, maintain and evidence standards, procedures and secondary security controls to ensure policy and regulatory compliance.
8. Support audit and compliance activities by producing vulnerability and patch evidence, metrics and control narratives.
9. Identify and implement automation and continuous improvement opportunities across vulnerability and patch management workflows.
10. Collaborate with Incident Response, Threat Intelligence and Corporate Security teams to respond to actively exploited vulnerabilities and emerging threat trends.
Experience
11. Strong working knowledge of Ivanti Neurons, cloud security controls and industry best practices.
12. Hands-on experience with the Microsoft security ecosystem, including Microsoft Defender for Cloud, Microsoft Sentinel, Azure Update Manager and core Azure services.
13. Demonstrated expertise in vulnerability management, risk assessment, mitigation strategies, and patch management within cloud-based environments.
14. Professional security certification, such as CompTIA Security+, SSCP, CISSP, or vendor-specific patch/vulnerability qualifications.
15. Working knowledge of the insurance or financial services industry and its risk and regulatory landscape.
16. Experience with third-party security tools, such as Wiz, Puppet and Nexpose.
17. Proficiency in scripting and automation, including Python, PowerShell, or similar languages.
18. Previous experience in a Security Operations role within a large or complex enterprise environment.
19. Strong understanding of cybersecurity standards and frameworks, including ISO 27001, NIST 800 53, CIS Controls, OWASP, and SOC1/2.
Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy.