Cyber Security Business Analyst

• Requirements Gathering & Analysis - Engage with stakeholders across IT, security, and business units to understand security needs, pain points, and operational constraints related to endpoint protection.
• Endpoint Security Strategy Support - Contribute to the development and enhancement of endpoint security policies, standards, and roadmaps.
• Solution Evaluation & Design - Assess endpoint security tools (EDR, XDR, MDM, vulnerability management, application control) and translate business requirements into functional and technical specifications.
• Process Mapping & Optimisation - Document current-state and future-state processes for endpoint security operations, including incident response workflows, patching cycles, and device compliance.
• Data Analysis & Reporting - Analyse endpoint security metrics, threat trends, and compliance data to provide insights and recommendations to leadership.
• Project Delivery - Support project managers and engineering teams in delivering endpoint security initiatives, ensuring requirements are met and risks are identified early.
• Risk & Compliance Alignment - Ensure endpoint security controls meet internal policies, industry standards, and regulatory requirements (eg, ISO 27001, NIST, CIS benchmarks).
• Stakeholder Communication - Act as a bridge between technical teams and non-technical stakeholders, ensuring clarity, alignment, and informed decision-making.
• Continuous Improvement - Identify gaps in endpoint security posture and propose enhancements to tools, processes, and governance.

• Strong understanding of endpoint security technologies such as EDR/XDR platforms (eg, Microsoft Defender, CrowdStrike, SentinelOne), MDM/UEM solutions, and endpoint hardening practices.
• Experience working in cybersecurity, IT risk, or security operations, ideally in a business analyst or similar hybrid role.
• Ability to translate complex technical concepts into clear business language.
• Experience with requirements gathering, process mapping, and documentation (eg, user stories, functional specs, workflows).
• Familiarity with security frameworks (NIST CSF, ISO 27001, CIS Controls).
• Strong analytical skills with the ability to interpret security data and identify trends.
• Excellent communication and stakeholder management abilities.
• Experience working in agile or hybrid delivery environments., * Certifications such as CompTIA Security+, CySA+, CEH, CISSP, or CBAP.
• Experience with cloud-based endpoint security in environments like Microsoft 365, Azure, or AWS.
• Background in supporting incident response, vulnerability management, or device compliance programmes.

London - £500 - £530 per day Contract Posted by: Damia Group LTD Posted: Tuesday, 28 April 2026 Business Analyst - Cyber Security - £500 - £530 per day DOE - Outside IR35 London/Hybrid My client is a boutique consultancy and they are looking for a Cyber Security Business Analyst with extensive Cyber Security knowledge to join a business-critical programme, Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.