Cyber Security Analyst

Thanks for stopping by We're Doctor Care Anywhere:
a leading digital platform, with a clear vision to be the primary care provider of choice for digital healthcare – and that all starts with our brilliant team.

We are the UK's largest private provider of telehealth services. We work with insurers, healthcare providers and corporate customers to provide healthcare services to more than 2 million patients every year. From doctors and designers to software developers and marketers – we're proud of our people, who love working together to enhance patient experiences for the better. It's why every year, we help over 2 million people speak to a GP or ACP by video or phone, anywhere in the world.

Our story started back in 2013, and as we continue to grow, we're looking for the very best talent to help us achieve our ambitious goals. If you're highly motivated and would love to work with us as we continue to grow, then we would love to hear from you.

Your new role:
The Cyber Security Analyst will play a key role in protecting DCA's digital assets, patient data, and cloud infrastructure. Working within the Digital Security team, you'll monitor, analyse, and respond to security alerts across Microsoft Defender 365, Sentinel, Azure, and other core systems. You'll support vulnerability management, incident response, and continuous improvement of our ISO 27001:2022-aligned Information Security Management System (ISMS).

This is a hands-on role ideal for someone with 4–5 years' experience in a similar position, who thrives in a fast-paced, cloud-first environment and enjoys working collaboratively across technology and business teams. We don't just safeguard data - we safeguard the digital heartbeat of healthcare.

• Salary: £60,000 Depending on experience.
• Hybrid Working: Two days average attendance in London office.

Requirements
Monitoring & Detection

• Review and triage alerts from Microsoft Defender 365, Sentinel, and related security platforms.
• Conduct initial investigation, analysis, and escalation of potential incidents.
• Maintain dashboards, reports, and metrics on cyber activity and response times.

Incident Response & Threat Management

• Support the Head of Digital Security during security incidents and investigations.
• Perform root cause analysis and document findings in line with ACPO guidelines and internal CAR (Corrective Action Record) processes.
• Liaise with external partners (e.g., Microsoft, NCSC) during threat events.

Vulnerability & Risk Management

• Review vulnerability data from Defender for Endpoint, Rapid7 and Azure tools.
• Support remediation tracking through Jira workflows.
• Assist in planning and validating annual penetration tests and follow-up activities.

Policy, Compliance & Awareness

• Support ISO 27001:2022 control monitoring and evidence collection.
• Contribute to internal audits, awareness campaigns, and phishing simulations.
• Assist with Data Security Posture Management and Purview monitoring.

Continuous Improvement

• Proactively suggest improvements to automation, alerting, and response processes.
• Help refine KQL queries and Sentinel playbooks to improve detection capability.
• Support secure configuration reviews and cloud posture assessments.

Who You Are

• 4–5 years' experience in a Cyber Security Analyst or SOC Analyst role.
• Strong understanding of Microsoft security tools (Defender 365, Sentinel, Entra ID, Intune).
• Familiarity with Azure environments and cloud security concepts.
• Experience with incident response and vulnerability management processes.
• Understanding of ISO/IEC 27001:2022, NCSC guidance, and UK GDPR principles.
• Proficient in log analysis, KQL querying, and security reporting.
• Excellent analytical, documentation, and communication skills.
• Experience with scripting (PowerShell or Python) for automation.
• Familiarity with UK healthcare regulatory frameworks (CQC, GDPR, and DSPT).

Qualifications & Certifications
Required / Strongly Preferred:

• Microsoft Certified: Security Operations Analyst Associate (SC-200)
• CompTIA CySA+ (Cybersecurity Analyst)
• CompTIA Security+ (SY0-701) or (ISC)² SSCP (Systems Security Certified Practitioner)

Nice To Have

• Microsoft Certified: Azure Security Engineer Associate (AZ-500)
• GIAC Certified Incident Handler (GCIH) or GIAC GX-IH
• NCSC-Assured Incident Response or Security Operations Training
• CREST Practitioner Security Analyst (CPSA)

Benefits
We understand the importance of good health and happiness for our patients and our team is just the same. You should expect to be as supported and valued being a member of our team and have the freedom to make the most of your role and career with us When you're part of the team you will have access to:

‍
Doctor Care Anywhere subscription
: For you and 5 of your loved ones, Get ready to enjoy health consultations on the go

Company Bonus
: We love rewarding our team for their dedication and achievements.

25 Days Holiday + Bank Holidays
: You've earned it Enjoy time off to recharge, explore, and make incredible memories.

Birthday Day Off
: Go and celebrate however you like

‍ Buy' up to 5 days of additional annual leave (FTE)
as part of our focus on health and wellbeing

Charity Days
: Join us in giving back to the community We're all about making a difference together.

Enhanced Maternity and Paternity Pay
: We've got your back with extra support during this special time.

Bike2Work Scheme
: We love an eco-friendly commute

Cross-Team Collaboration Opportunities
: Join the fun in our autonomous work environment with plenty of chances to collaborate and shine.

Hybrid Working
: An agile and autonomous hybrid work environment.

Development Opportunities
: Get ready to grow, learn, and make strides in your career

Doctor Care Anywhere is committed to safeguarding and promoting the welfare of its patients and expects all Colleagues to share this commitment. This post is subject to satisfactory DBS and reference checks, and is exempt from the Rehabilitation of Offenders Act 1974.