Menu

IT Security Analyst

Posted: May 2022

Hours: 40

Location: Castle Donington

Salary: To Be Confirmed

Closing Date: 8th July 2022

Job Description:

Job Overview

As the IT Security Analyst for Mi Hub you will be monitoring and maintaining the security of the organisations infrastructure, data and systems and the policies and controls that govern the systems. The role includes tasks and activities such security monitoring, penetration testing, incident management, maintaining security policies, standards and controls, auditing and reviewing IT Security. As the IT Security Analyst working with the Mi Hub IT team you will also help to define service handover requirements into the live production environment as well as the IT Security training requirements for the operational support teams.

Job Purpose

You will act as the focal point for IT Security ensuring security issues and alerts are effectively tracked and managed through to resolution by the relevant support team or third party. As the IT Security Analyst you will also review new systems and solutions to ensure they meet Mi Hub security standards and are appropriately scanned and monitored before going live. Working with the Mi Hub IT team you will also be responsible for the vulnerability monitoring and security monitoring tools ensuring any issues are logged and remediated as well as producing monthly reports showing progress against agreed KPIs for security and compliance.

Key Duties and Responsibilities

Monitoring the IT security of systems

  • Monitoring and reviewing security alerts
  • Reviewing industry/vendor information alerts
  • responsible for the vulnerability monitoring and security monitoring tools

Managing IT security incidents

  • Ensure incidents are properly investigated
  • Any issues documented and remediated
  • Liaising and updating with Risk & Compliance team on information Security as required
  • Conduct IT Forensic investigations

vulnerability assessments and penetration tests

  • Managing and operating the Qualys vulnerability toolset
  • Organising penetration tests
  • Logging and tracking remediation of issues
  • Produce KPI reports for security and vulnerability management
  • Training and educating IT operational staff on security best practices and latest developments and vulnerabilities

Maintaining security policies, standards, and controls

  • Updating policies and standards
  • Reviewing and implementing controls to ensure security processes and policies are being followed
  • Advise project teams on security requirements for new systems and input into the Data Privacy Impact Assessment process

Audits and security reviews

  • Respond to customer IT Security elements of customer tender and cyber security questionnaires
  • Work with external auditors during formal audit process to go through our IT Security standards and controls

Knowledge, Skills and Experience Required

Essential

  • Proven and relevant working experience in an IT Security role
  • Demonstrate capabilities in evaluating IT Security and recommending improvements
  • Understand how to build and maintain positive client and peer relationships
  • Knowledge of IT Security Principles (ISO27001 InfoSec or other)
  • Experience using Microsoft Security & Compliance Center and other Security tools in 0365 for monitoring and investigations
  • IT Security Qualification
  • Security impact assessments in relation to GDPR requirements
  • Knowledge of IT Infrastructure and networking
  • Understanding of secure software development lifecycle
  • Vulnerability management tools such as Qualys
  • Organising and remediating penetration tests

Desired

  • Knowledge of IT Security standards/controls such as OWASP, CIS and NIS
  • Experience updating IT security policies considering relevant regulations and compliance requirements
  • ITIL process knowledge
  • Designing and implementing IT Security awareness plans for operational teams
  • Supplier Management and security auditing
  • Experience of designing and conducting IT Security Simulations and test exercises

Person Specification – Competencies

Process Competencies

Planning and delivery of work (L2)

  • Recognises and rewards good performance and addresses poor performance
  • Ensures delivery against plan and forecasts accurately
  • Uses project management techniques to deliver projects to plan and budget
  • Identifies information needs and ensures systems are in place to deliver
  • Ensures the relevant corporate risk management actions are taken

Decision making (L2)

  • Assesses the impact of decisions
  • Identifies causes rather than just symptoms to inform solutions
  • Uses trends and patterns in information for evidence based decisions
  • Confident in making decisions within policy guidelines
  • Assembles available knowledge to ensure evidence based decisions

Analysis & use of information (L2)

  • Identifies and uses various sources of evidence (and feedback) to support outputs
  • Uses evidence to evaluate policies, projects and programmes
  • Works confidently with data before making decisions: for example; interpret trends, issues and risks
  • Identifies links between events and information
  • Ensures systems are in place to address business needs

Change Competencies

Influencing (L2)

  • Encourages and provides constructive feedback to improve performance
  • Ensures alternative approaches to work are effective in meeting business and individual needs
  • Remains constructive when disagreeing or challenging
  • Employs appropriate techniques to support a diverse workplace
  • Challenged inappropriate behaviours

Managing Change (L2)

  • Supports individuals in their team through periods of change
  • Listens and responds to constructive feedback
  • Initiates new ways of doing things
  • Delivers change projects to successful outcomes
  • Recognises and deals with obstacle to change

Continual Improvement (L2)

  • Coaches and develops individuals
  • Manages own development and performance
  • Learns lessons from successes and failures
  • Freely shares knowledge and findings with others
  • Uses and tests new strategic tools and frameworks

People Competencies

Communicating with others (L2)

  • Engages with partners and stakeholders to understand needs and aspirations
  • Clarifies important messages using appropriate language
  • Considers structure and meaning when producing written communications
  • Delivers presentations which influence and have a positive impact on audiences

Working with Others (L2)

  • Proactive in providing and seeking support from expert colleagues
  • Engages effectively with partners/stakeholders to better understand their requirements and develop appropriate solutions/improvements
  • Raises difficult issues with partners/stakeholders with a view to positive resolution
  • Proactive in building a rapport with a diverse range of people

Customer Focus (L2)

  • Commits to meeting the expectations and requirements of internal and external customers
  • Has a clear understanding of how their role impacts on customer satisfaction
  • Coaches others to deliver in line with customer expectations
  • Establish and build effective working relationships with customers both internal and external

Life Working at Mi Hub:

· We have a large, open plan office based in Castle Donington with plenty of amenities around us.

· We have a flexible working and agile working policy allowing you the ability to tweak your working day.

· We take huge pride in our CSR policy and our impact on the environment with multiple initiatives to minimise the impact on our planet.

· We take holidays really seriously and offer 25 days holiday plus Bank Holidays to be able to have that time doing whatever you love outside of work.

· We also support you on a day to day basis with access to an Employee Assistance Programme covering mental health, well-being, financial and legal support.

· We have a vibrant and busy social calendar driven by our desire to raise funds for local and national charities, supporting a number each year

· We also look after your loved ones with a 3x death in service life insurance scheme should the worst happen in your employment with us.

· We love celebrating long service and are proud to have member of our team celebrate their milestone anniversaries with us.