Security Analyst
Recruiter
Listed on
Location
Salary/Rate
Type
This job has now expired please search on the home page to find live IT Jobs.
My Central Glasgow based Government-owned client is looking for a dynamic Security Analyst to come on board ASAP. They are currently going through a transformation programme to help them achieve their mission to become a digital, customer focused centre of excellence. In order to achieve this, the programme is divided around four key areas: Core Systems Replacement, Digital Delivery, Business Improvements and Organisation Design and Efficiency.
The main purpose of this role is to run security incident processes, managing meetings and tracking activity in accordance to Incident Management Processes. The successful candidate will be required to monitor and maintain the security of the company's information systems. There will also be a level of development, maintenance and promotion of technical ICT security procedures in response to defined risk, threats and technological requirements. Representation at the ICT Security Group as a point of contact for IT security matters is hugely important, as well as the provision of timely advice across the business on security issues. You will also be expected to contribute to security management processes across ICT departments and well as coordinating the use of external suppliers to provide security support, consultancy and services for security. As this is a high volume, high risk client, you will also be expected to respond appropriately to security incidents, ensuring escalation and remediation activities and to monitor and assess the impact of vulnerabilities and work with ICT to coordinate appropriate remedial actions.
Key Accountabilities
* Manage Security Incidents and Critical incidents on behalf of the ITSO. Producing reports on activities and overseeing RCA and defining remedial activities
* To enforce and interpret technical policies and standards and promote compliance in line with Government security (i.e. HMG Security Policy Framework (SPF) and Infosec Standards), corporate policies and corporate or local procedures and legal and international security standards (i.e. ISO27001, COBIT),
* Maintain and monitor security tools in conjunction with the ICT technical teams including configuration of such tools.
* Assess technical security risks in terms of impact to systems and service confidentiality, integrity and availability, and report and escalate results of risk assessments.
* To run the Security Incident Process for any real or potential security breaches, providing information and leadership to ICT teams ensuring that appropriate remedial steps are taken.
* Produce, review and constantly evaluate effectiveness and efficiency of technical security controls, standards and procedures in line with security requirements, business needs, delivering enhancements where applicable.
* Assist in the provision of designs and technical solutions in support of corporate security policies and external standards.
* Active sponsor of continuous process improvement, in relation to security matters, within ICT.
* Provision of consultancy, advice and guidance to ICT technical teams involved in the design, development and delivery of the company products and services.
* Provide ICT security advice and consultancy on a day-to-day basis.
Essential Skills / Experience / Qualifications
* Practical experience in incident/Problem management
* A good ICT background in ICT infrastructure (UNIX, NT, Windows, LAN/WAN/VLAN, firewalls, web servers, IDS etc) and/or systems and application development (Oracle, Java, UNIX, Notes, web services etc).
* Knowledge of current security standards.
* A proven track record of analysis of requirements and implementing solutions to security requirements.
* Experience in developing of technical security documentation and review of ICT technical documentation.
* Knowledge of security monitoring tools.
Please apply directly or contact Farrah Ather on 0131 558 4808.
