Ict Cyber Secruity Support Officer
Posted on Jun 11, 2019 by CV-Library
Working Hours: Monday - Friday, 37 Hours
Pay Rate: £20.00 P/H PAYE
Based within the ICT service’s Service Delivery team, and under supervision of the IT Information Governance and Compliance Officer, the role provides Administrative, Investigative and Scripting/Programming skills and experience associated with security incident investigation and reporting, system logs management, client device (endpoint) remediation using SCCM/Intune/scripting, breach follow ups, verifying supplier conformance to security guidelines, meeting minutes and following up assigned actions.
Duties and Responsibilities:
* Monitor logs and reports from multiple sources such as syslog (Solarwinds), SCCM/SCOM, SNMP (PRTG), Event Logs, Nessus, email gateway etc. and design actionable alerts based on patterns or matches associated with risks. Follow up anomalies.
* Clear out legacy AD configuration including redundant accounts.
* Monitor firewalls to aid removal of legacy/unused firewall rules, lock down of permissive rules, audit and micro-segmentation.
* Perform upgrades of systems, if necessary liaising with suppliers or internal teams.
* Compile Monthly Security Incident Report including follow ups with customer and Service Desk where there is insufficient details in the call or the security incident procedure has not been followed.
* Follow up on breaches with the business or third parties (e.g. suppliers).
* Check client estate issues (from Nessus reports) and assist implementation of SCCM/WSUS updates or bespoke scripts in complex cases.
* Monitor and investigate AD account misuse.
* Convert operational security issues into problem tickets for ICT staff, help investigate and follow up actions/progress (Security Information Group meetings).
* Handle/Close off basic support calls in BAU.
* Attend and arrange security meetings as needed and compile technical minutes: following up on actions/requests for information.
* Monitor project security requirements, follow up with project team, submitter and suppliers.
* Maintain compliance e.g. check line of business apps are following basic guidelines on RBAC, ACLs and auditing.
* Process tender responses against Supplier Security Checklist
* Maintain and investigate supplier compliance with security policies.
* Assist in aligning processes and procedures to ISO27000 standards.
* Continuous Improvement. Review of processes, policies, procedures.
Skills and Experience:
* Good verbal and written communications skills with attention to detail.
* You will work with a range of IT colleagues, both technical and non-technical, as well as business analysts and business users. You will be able to communicate effectively with all of them, modifying your approach to suit e.g. explaining technology to non-technical people and explaining business processes to technical experts.
* You will have a good understanding of the importance of non-functional and technical requirements and be able to capture these in relation to security, resilience, capacity management, operational support impact etc.
* Ability to take accurate minutes of technical discussions
* Understanding of Windows infrastructure and ApplicationActive Directory
* Understanding of Endpoint infrastructure
* Windows 10
* Secure Boot
* Basic Network Knowledge
* WiFi principals
* Captive Portals
* Wired and wireless 802.1x
* Knowledge and experience of appropriate programming environment(s) and application to SCCM remedial tasks and endpoint devices
* Visual Basic
* Ability to identify potential risks and propose mitigation's.
For this job role you will need 2 Years written references ( Gaps Verified) , UK eligibility to work
£20 - £21 Hourly
£10.5 - £11.1 Hourly
£10.5 - £11.1 Hourly
£35k - £40k Annual