Cyber Security Business Analyst at Damia Group LTD, London, 3 Months, £500-£530 per day

Business Analyst - Cyber Security - £500 - £530 per day DOE - Outside IR35 London/Hybrid

My client is a boutique consultancy and they are looking for a Cyber Security Business Analyst with extensive Cyber Security knowledge to join a business-critical programme

Key Responsibilities

• Requirements Gathering & Analysis - Engage with stakeholders across IT, security, and business units to understand security needs, pain points, and operational constraints related to endpoint protection.
• Endpoint Security Strategy Support - Contribute to the development and enhancement of endpoint security policies, standards, and roadmaps.
• Solution Evaluation & Design - Assess endpoint security tools (EDR, XDR, MDM, vulnerability management, application control) and translate business requirements into functional and technical specifications.
• Process Mapping & Optimisation - Document current-state and future-state processes for endpoint security operations, including incident response workflows, patching cycles, and device compliance.
• Data Analysis & Reporting - Analyse endpoint security metrics, threat trends, and compliance data to provide insights and recommendations to leadership.
• Project Delivery - Support project managers and engineering teams in delivering endpoint security initiatives, ensuring requirements are met and risks are identified early.
• Risk & Compliance Alignment - Ensure endpoint security controls meet internal policies, industry standards, and regulatory requirements (eg, ISO 27001, NIST, CIS benchmarks).
• Stakeholder Communication - Act as a bridge between technical teams and non-technical stakeholders, ensuring clarity, alignment, and informed decision-making.
• Continuous Improvement - Identify gaps in endpoint security posture and propose enhancements to tools, processes, and governance.

Required Skills & Experience

• Strong understanding of endpoint security technologies such as EDR/XDR platforms (eg, Microsoft Defender, CrowdStrike, SentinelOne), MDM/UEM solutions, and endpoint hardening practices.
• Experience working in cybersecurity, IT risk, or security operations, ideally in a business analyst or similar hybrid role.
• Ability to translate complex technical concepts into clear business language.
• Experience with requirements gathering, process mapping, and documentation (eg, user stories, functional specs, workflows).
• Familiarity with security frameworks (NIST CSF, ISO 27001, CIS Controls).
• Strong analytical skills with the ability to interpret security data and identify trends.
• Excellent communication and stakeholder management abilities.
• Experience working in agile or hybrid delivery environments.

Preferred Qualifications

• Certifications such as CompTIA Security+, CySA+, CEH, CISSP, or CBAP.
• Experience with cloud-based endpoint security in environments like Microsoft 365, Azure, or AWS.
• Background in supporting incident response, vulnerability management, or device compliance programmes.

Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website.

Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job.

Should the role require the successful candidate to undergo and be eligible for UK Security Vetting. Clearance sponsorship will be provided where required. Due to the nature of the work, candidates should meet the relevant residency requirements. If applicable, Reserved Post nationality restrictions will be confirmed by the client. Damia is committed to inclusive recruitment and welcomes applicants from all backgrounds.

Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.