Security Analyst (Network & Endpoint)

Contract Role – Security Analyst (Network & Endpoint) – England/Remote – 4+ Months Initial

We are looking for a highly capable and technically skilled Security Analyst (Network & Endpoint) to join our cybersecurity team. This role focuses on network and endpoint security operations, threat intelligence, and incident response within a Security Operations Centre (SOC) environment. The successful candidate will have hands-on experience with leading security platforms and demonstrate the ability to operate at a team lead level.

Role Overview:

• Job Title: Security Analyst (Network & Endpoint)
• Location: England/Remote
• Contract Type: Contract
• Duration: Contract till 31st Mar 26
• Sector: Healthcare.

Key Responsibilities:

Network Detection & Response:

• Administer and optimise Darktrace for network threat detection, model tuning, and behavioural analysis.
• Investigate anomalies and escalate incidents based on network telemetry.

Endpoint Protection:

• Deploy and manage CrowdStrike Falcon agents across enterprise endpoints.
• Maintain and update detection rules, ensuring alignment with threat intelligence.

Security Operations Centre (SOC):

• Act as a Level 2 SOC Analyst and Incident Handler.
• Triage, investigate, and respond to security alerts and incidents.
• Collaborate with other SOC team members to ensure timely resolution and documentation.

Threat Intelligence & Insider Threat Monitoring:

• Monitor threat feeds and manage Indicators of Compromise (IOCs).
• Conduct insider threat analysis and support investigations.

Cloud & Identity Security:

• Use Microsoft Sentinel for incident investigation, alert correlation, and dashboard monitoring.
• Manage identity governance and conditional access policies via Microsoft Entra ID.
• Monitor Entra ID logs and integrate with Sentinel for rule-based alerting.

Additional Technologies:

• Experience with Zscaler for secure web gateway and DLP.
• Exposure to Google SecOps is advantageous.
• Team Leadership:
• Operate at a team lead level, supporting junior analysts and coordinating operational tasks.
• Provide technical guidance and contribute to process improvement initiatives.

Preferred Certifications:

Essential:

• CompTIA Security+
• Microsoft Certified: Security Operations Analyst Associate (SC-200)
• CrowdStrike Certified Falcon Administrator (CCFA)
• Darktrace Analyst Certification (if available)

Desirable:

• GIAC Certified Intrusion Analyst (GCIA)
• EC-Council Certified Threat Intelligence Analyst (CTIA)
• Microsoft Certified: Identity and Access Administrator Associate (SC-300)
• CISSP or equivalent foundational certification

Please feel free to contact myself – Daisy Nguyen at Gibbs Consulting for a confidential chat to know more details about the role.

Please also note: Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted.