Senior Information Security Analyst – Cloud & Endpoint Security Full Time

Senior Information Security Analyst – Cloud & Endpoint SecurityRole Overview We are seeking a highly experienced Senior Information Security Analyst to join our established Information Security function within a regulated financial services environment. This role will play a critical part in protecting the confidentiality, integrity, and availability of our cloud and endpoint platforms, with particular accountability for Endpoint Detection and Response (EDR) capabilities and cloud-based security controls.The successful candidate will demonstrate strong expertise in Microsoft Defender security tooling, cloud security architecture, and security operations, along with the ability to operate effectively within a risk-managed and compliance-driven organisation. This position requires sound technical judgement, disciplined execution, and the ability to work collaboratively across technology and business teams.Key ResponsibilitiesCloud & Endpoint Security ControlsDesign, implement, and maintain security controls across cloud environments (eg Azure, AWS, GCP) in alignment with organisational risk appetite and regulatory expectationsOwn and enhance Endpoint Detection & Response (EDR) capabilities, with a strong focus on Microsoft Defender for Endpoint, Defender for Cloud, and the wider Microsoft security ecosystem Ensure endpoint security controls are consistently applied across server, Workstation, and cloud-hosted assetsOversee configuration, tuning, and health of EDR policies to balance detection efficacy with operational stabilityImplement and manage cloud-native security services including identity and access management, encryption, logging, and monitoring Threat Detection, Incident Response & Security OperationsMonitor and analyse security telemetry from SIEM, EDR, and cloud security tooling, identifying malicious or anomalous behaviourLead the investigation, containment, and remediation of security incidents, including endpoint- and cloud-based threatsAct as a senior escalation point for complex incidents involving Defender alerts, advanced threats, or persistent attackersContribute to incident response planning, playbooks, and tabletop exercises in line with regulatory and operational resilience requirementsAssurance, Risk & ComplianceConduct regular security assessments of cloud and endpoint environments, including control effectiveness reviews and threat modellingSupport internal and external audits by providing evidence, technical subject matter expertise, and remediation guidanceMaintain awareness of evolving regulatory, legal, and cyber risk requirements relevant to financial servicesEnsure security controls align with industry standards and internal policiesCollaboration & Stakeholder EngagementWork closely with infrastructure, cloud engineering, and end-user computing teams to embed security by designProvide clear, concise security advice to both technical and non-technical stakeholders, including risk and control impactsContribute to targeted security awareness initiatives, particularly around endpoint security and user riskStrategic Security DevelopmentSupport the ongoing development of the organisation’s security strategy, with a focus on cloud and endpoint protectionEvaluate emerging EDR, cloud security, and threat detection technologies, making evidence-based recommendationsDrive continuous improvement in detection capability, response maturity, and operational resilienceSkills, Experience & QualificationsDegree in Computer Science, Information Security, or a related discipline (or equivalent professional experience) 5+ years’ experience in information security, including demonstrable experience in cloud and endpoint security Strong hands-on expertise with Microsoft Defender for Endpoint, and ideally Defender for Cloud and Microsoft SentinelExperience securing environments within Azure (AWS/GCP experience beneficial)In-depth understanding of: Endpoint protection and EDR conceptsIdentity and access managementData protection and encryptionNetwork and application securityIncident response and threat analysis Experience using vulnerability management and security assessment techniquesStrong analytical and problem-solving skills, with a calm and methodical approach to incidentsExcellent written and verbal communication skills, with confidence operating in a regulated environmentDesirable Certifications CISSP, CCSP Microsoft Security certifications (eg SC-200, SC-300, SC-400) AWS or Azure Security certifications We invite individuals from underrepresented groups to apply for any of our roles and are committed to supporting accessibility needs.