IT Security Analyst

Defend and strengthen our cloud and infrastructure security by driving incident response, detection, and operational resilience. We're looking for an IT Security Analyst to join our team and help protect Envision Pharma Group's digital assets through proactive monitoring, incident response, and operational security excellence. In this role, you will work closely with internal IT teams and external security partners to detect, investigate, and respond to security events while strengthening the organization's overall security posture. This is an excellent opportunity for an experienced IT professional who enjoys solving complex problems, improving security operations, and collaborating across teams to reduce risk in a fast-moving, global technology environment.

How will you make an impact at Envision Pharma Group?

• Provide day‑to‑day operational ownership of Envision's security platforms, collaborating closely with external SOC providers and internal IT teams.
• Lead and manage security incidents through the full lifecycle, including investigation, containment, remediation, and post‑incident review.
• Execute and continuously improve vulnerability management processes, coordinating remediation with infrastructure, application, and operations teams.
• Design, implement, and maintain technical security controls across cloud and on‑premises environments.
• Monitor, analyze, and tune security telemetry (SIEM, EDR, identity, network, and cloud signals) to improve detection quality and response time.
• Support compliance and audit activities (ISO 27001, SOC 2, customer security reviews) through evidence generation and control validation.
• Develop and maintain security operations metrics, KPIs, and KRIs to communicate risk posture and operational effectiveness.
• Create and maintain security runbooks, procedures, and operational documentation.
• Participate in incident response exercises, tabletop simulations, and continuous readiness activities.
• Provide guidance and mentorship to operational IT teams on secure practices and incident handling.

Skills & expertise

• Typically 5+ years of progressive experience in security operations, IT operations, or systems administration, with a focus on hands‑on Microsoft Security stack experience (Defender, Sentinel, Purview).
• Strong operational security experience, including incident response, vulnerability management, and alert monitoring, with the ability to lead incidents end‑to‑end.
• Experience with cloud security in Microsoft Azure and AWS, including onboarding, monitoring, and implementing controls within a SOC environment.
• Proven experience in project‑based security work, including the selection, onboarding, configuration, and rollout of new security tools and capabilities.
• Comfortable working alongside managed SOC teams, IT teams, and business stakeholders to expedite incidents, improve workflows, and strengthen security posture.
• Solid understanding of enterprise IT environments, including networking, identity systems, endpoints, and cloud infrastructure.
• Hands‑on experience with security tooling, such as SIEM, EDR/XDR, vulnerability scanners, identity security tools, and cloud security controls, including tuning and telemetry correlation.
• Knowledge of security frameworks and compliance standards (ISO 27001, SOC 2, NIST) and applying them in operational security contexts.
• Holds at least one recognized cybersecurity certification (e.g., Security+, Microsoft Security, AWS Security); CISSP is a plus.
• Ability to analyze complex technical data, correlate signals across systems, and make sound risk‑based decisions under pressure.
• Strong verbal and written English communication skills.