We require a Cyber Security analyst that is experienced in responding to identified security events on managed IT solutions in order to successfully manage them to resolution. As a leading integrated service provider, our security incident processes are integrated into our ITIL Service delivery organisation for a number of clients, they trust us to know what matters to them, and we will protect it. You will bring knowledge of security systems that monitor and protect solutions from those who intend harm, and will be experienced in doing this for secure/sensitive environments especially government solutions. You will understand IT system security risk management and have an active role in ongoing risk and vulnerability management. The role will primarily be based in our Glasgow office. You will be responsible to both a service delivery manager from our service management centre, and to the Glasgow lead on IA and Cyber security, where you will have associate membership of their team. This will make you part of the cyber and Information security community of specialists, with access to a specialist training and development agenda that you will be following through your career with us. You will be required to work in both operational systems that are already live, and support projects that are developing new capability into our service management environment. The initial opportunity for operational support will be on a significant transportation service programme which places at least as much focus on availability as it does confidentiality and integrity.
SC cleared - Candidates should be willing to undergo SC and if already SC, then DV clearance.
- Experience of the objectives of security incident management in the context of ITIL
- Understanding of the ITIL processes for the managed systems to support ongoing security and compliance, e.g. engineering-led project updates, change and release management, major incident process, problem and known-error management, access management.
- Understanding of different threats and responses from network, insider, malware and appropriate responses
- Experience of Business Continuity and Disaster Recover planning and exercises
- Experience in Vulnerability management, e.g. tracking periodic patch updates across systems to ensure compliance
- Experience working in both operational delivery and project development contexts. Some limited exposure to proposal environments would be helpful too.
- Excellent understanding of Confidentiality, Integrity and Availability (CIA) and practical experience in applying this when managing security incidents and vulnerability issues.
- Awareness of specialist security alerting forums, and GovCert, to help manage known issues.
- Understanding of network and boundary protection technologies (firewalls, mail gateways, load balancers, anti virus)
- Experience of network monitoring systems especially in secure/sensitive systems
- Experience in reviewing security documentation sets (SyOPS, RMADs, Security Management Plans, etc.) to offer constructive improvement comments during revisions.
- Membership of professional security body and preparedness to commit to personal training to maintain certificated standards, such as CCP practitioner.
Communication and Soft Skills
- Excellent verbal and written communication skills and works well in a team environment
- Capable of developing and communicating a security incident response plan that focuses on the outcomes required and clarification of responsibilities of stakeholders and other parties
- A reasonable level of commercial awareness around KPIs SLAs and customer relations.