Security Analyst- Ivanti Neurons
We are currently recruiting for a Security Analyst with Ivanti Neurons experience to join one of our Insurance clients on a 6-month contract.
Inside IR35
Hybrid- 2 days a week onsite in Reigate
Responsibilities:
* Support the day-to-day vulnerability and patch management operations using Ivanti Neurons, including discovery, risk assessment, prioritisation, deployment coordination, validation and reporting.
* Maintain accurate asset and vulnerability coverage by monitoring agent health, scan cadence and data quality; work with endpoint and infrastructure teams to resolve gaps.
* Perform risk-based vulnerability triage and analysis using factors such as CVSS, exploitability, asset criticality, exposure and compensating controls.
* Coordinate routine and emergency patch cycles, including change planning, maintenance windows, pre deployment checks, rollback planning and post deployment verification.
* Work with service and application owners to drive remediation of unpatchable vulnerabilities through configuration changes, mitigations, or documented risk acceptance.
* Assess cloud security risks across the Azure estate using native and third party security tools.
* Develop, maintain and evidence standards, procedures and secondary security controls to ensure policy and regulatory compliance.
* Support audit and compliance activities by producing vulnerability and patch evidence, metrics and control narratives.
* Identify and implement automation and continuous improvement opportunities across vulnerability and patch management workflows.
* Collaborate with Incident Response, Threat Intelligence and Corporate Security teams to respond to actively exploited vulnerabilities and emerging threat trends.
Experience
* Strong working knowledge of Ivanti Neurons, cloud security controls and industry best practices.
* Hands-on experience with the Microsoft security ecosystem, including Microsoft Defender for Cloud, Microsoft Sentinel, Azure Update Manager and core Azure services.
* Demonstrated expertise in vulnerability management, risk assessment, mitigation strategies, and patch management within cloud-based environments.
* Professional security certification, such as CompTIA Security+, SSCP, CISSP, or vendor-specific patch/vulnerability qualifications.
* Working knowledge of the insurance or financial services industry and its risk and regulatory landscape.
* Experience with third-party security tools, such as Wiz, Puppet and Nexpose.
* Proficiency in scripting and automation, including Python, PowerShell, or similar languages.
* Previous experience in a Security Operations role within a large or complex enterprise environment.
* Strong understanding of cybersecurity standards and frameworks, including ISO 27001, NIST 800 53, CIS Controls, OWASP, and SOC1/2.