Security Analyst

We are hiring for a Security Analyst to support the delivery of our Vulnerability Detection & Remediation service. You will play a key role in protecting our customers from emerging security threats. This includes analysing and correlating data from multiple security tools to identify, assess, and mitigate risks before they can be exploited. In the event of an active exploit, you will be central to the response effort, supporting containment, investigation, and remediation activities.

In addition, you will provide clear and ongoing reporting on our customers’ current risk exposure, ensuring they have visibility of their security posture. You will also be responsible for maintaining accurate, up-to-date incident response documentation, helping to ensure our customers are prepared to respond effectively to security incidents.

Day-to-day responsibilities include:

• Facilitating vulnerability scans across client environments to identify potential security weaknesses
• Installing, configuring, and maintaining Threat Management and security monitoring software
• Providing expert advice on remediation activities, including planning and implementing patches to address vulnerabilities identified by consultants
• Peer-reviewing change requests to ensure proposed changes do not introduce security regressions or new risks
• Performing quality assurance on new solutions and changes, validating them against established security baselines and best practices
• Ongoing identification and tracking of patches released by our partners (e.g., Microsoft)
• Assist engineering teams during the investigation of security events and incidents, and contribute to the creation of clear, accurate security incident reports
• Conducting data-cleansing activities, ensuring deprecated or obsolete assets are identified, investigated, and removed from security reporting where appropriate

You will have strong relationship-building and communication skills, a willingness to continually develop through ongoing learning, and a high level of attention to detail. We’re looking for a candidate who can demonstrate:

• Hands-on experience with detection and vulnerability tools such as Qualys, Huntress, and ManageEngine.
• Proficient in Windows and Linux operating systems, with the ability to troubleshoot and secure both environments.
• Skilled in EDR platforms, including CrowdStrike, SentinelOne, and Microsoft Defender.
• Ability to interpret event logs and system audit data to identify and respond to security incidents.
• Solid understanding of the NIST CVSS scoring system for vulnerability assessment.
• Experienced in report generation and effectively presenting findings to clients and stakeholders.
• Expertise in OS hardening practices, including SELinux configuration and implementing Windows guidance per NCSC standards.
• Awareness of compliance frameworks such as Cyber Essentials Plus and ISO 27001/27002.
• Holds industry-recognized certifications such as SC-900, SC-200, and CompTIA Sec.

At LIMA, we help organisations achieve their ambitions through insight-led technology strategy and managed services that enhance resilience, drive performance, and support sustainable growth. But we know that our success is powered by our people. We’re proud to be a Great Place to Work for the second year running, and our team is consistently cited as the best thing about working here. We recognise and reward the hard work of our people, with competitive salaries, professional development opportunities and well-being support and a great benefits package.