ElectraLink provides essential data and governance services to the UK energy market. We are seeking a hands‑on Cyber Security Analyst to join our internal IT and security team during a critical period of transformation. This role will support the business in improving cyber hygiene, managing vulnerabilities, and enhancing incident detection and response.
The successful candidate will work closely with the Information Security Manager, who leads on governance and organisation‑wide security strategy. You will play a key role in implementing security best practices and optimising the use of Microsoft security tooling. This is a hands‑on technical position that demands strong expertise in Microsoft 365 Defender, Microsoft Purview (including the Compliance Portal), combined with a proactive mindset and the ability to collaborate effectively across teams.
What you will do
- Take ownership of vulnerability and patch management, ensuring timely remediation of risks
- Investigate and respond to security incidents, including malware infections, phishing attempts, and unauthorised access
- Conduct vulnerability assessments and assist in patch management and remediation efforts
- Support the implementation and enforcement of security policies, standards, and procedures
- Collaborate with wider IT colleagues and business units to ensure secure system configurations and practices
- Assist in audits, risk assessments, and compliance initiatives (e.g., ISO 27001, GDPR, NIST)
- Act as an escalation point for security incidents and investigations
- Maximise the effectiveness of Microsoft security technologies (Defender, Intune, Purview)
- Promote cyber awareness and best practices across the organisation
- Collaborate with the Information Security Manager and Compliance Team to support governance, risk, and compliance initiatives
- Stay current with emerging threats, vulnerabilities, and cybersecurity trends
- Identify and implement improvements in security tooling, processes, and controls
Skills & Knowledge, you will need
- Deep proficiency in Microsoft security and compliance tools, specifically:
- Microsoft 365 Defender/Security Portal (endpoint and identity protection)
- Microsoft Purview (data governance and compliance, including Compliance Portal)
- Proven hands‑on experience remediating vulnerabilities and applying patches in a live environment
- Strong understanding of cybersecurity principles and threat landscapes
- Experience with endpoint, network, and identity security within Microsoft ecosystems.
- Strong troubleshooting and analytical skills
- Effective communication and collaboration across technical and non‑technical teams
- Relevant certifications (e.g., Security+, CySA+, SC‑200, SSCP) are beneficial
- Familiarity with Power Platform and Power BI is advantageous
- A minimum of three years of relevant experience in similar positions.
What’s in it for you:
Hybrid/ Flexible working including a 4 day week!
…