Lead Security Analyst

• Endpoint Security Leadership - Own the vision, roadmap, and continuous improvement of endpoint security controls, including EDR/XDR, device compliance, application control, and hardening standards.
• Threat Detection & Response Oversight - Lead the analysis, triage, and response to endpoint-related threats, ensuring rapid containment and high-quality investigations.
• Technical Expertise & Escalation - Serve as the senior escalation point for complex endpoint security incidents, providing deep technical analysis and guidance.
• Tooling & Architecture - Evaluate, select, and optimise endpoint security technologies; collaborate with engineering teams to ensure secure configuration and integration.
• Governance & Compliance - Ensure endpoint controls meet internal policies and external standards (ISO 27001, NIST, CIS); support audits and risk assessments.
• Process Ownership - Define and refine operational processes for endpoint monitoring, patching, vulnerability remediation, and device lifecycle security.
• Data-Driven Insights - Analyse endpoint telemetry, threat trends, and compliance metrics to inform leadership and drive strategic improvements.
• Stakeholder Engagement - Partner with IT, SOC, risk, and business units to ensure alignment, communicate risks, and influence decision-making.
• Team Development - Mentor junior analysts, provide technical coaching, and contribute to building a high-performing security operations culture.
• Incident Readiness - Lead tabletop exercises, playbook development, and continuous improvement of endpoint-related incident response capabilities.

• Deep expertise in endpoint security technologies (EDR/XDR platforms such as Microsoft Defender, CrowdStrike, SentinelOne; MDM/UEM; application control; endpoint hardening).
• Strong background in security operations, incident response, or threat detection, ideally in a senior or lead role.
• Proven ability to analyse complex threats and guide teams through investigations.
• Experience designing or improving endpoint security architectures and operational processes.
• Strong understanding of security frameworks (NIST CSF, MITRE ATT&CK, ISO 27001, CIS Controls).
• Ability to communicate clearly with both technical and non-technical stakeholders.
• Experience working in enterprise environments with diverse device fleets (Windows, macOS, mobile).
• Demonstrated leadership skills, including mentoring, decision-making, and cross-team collaboration.

Preferred Qualifications

• Certifications such as GCIA, GCED, GCIH, CySA+, CISSP, or vendor-specific endpoint security certifications.
• Experience with cloud-integrated endpoint security (Microsoft 365 Defender, Azure AD/Entra, Intune).
• Background in threat hunting, forensics, or vulnerability management.
• Experience leading security initiatives in regulated industries (finance, healthcare, government).

Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.