Job Listing

JOB DESCRIPTION

Job Purpose

To ensure OUR CLIENT Group systems and services operate in a secure, stable and efficient manner compliant with OUR CLIENT's policies and procedures. Manage, implement and support security processes to provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and ensure these are resolved based on risk.

Dimensions

• Provide OUR CLIENT with an effective, efficient and measurable Security Analysis and Operations service to maximise our security resilience and maturity.

Principal Accountabilities

• Policy - Contribute to maintenance of the Security Strategy and Policy documentation. Review IT and Functional Security Policies and Processes for completeness and robustness.

• Security Platform and Protection - Develop, configure and operate necessary security systems (security applications, processes, procedures, dashboards, delinquent registers etc.) to maximise OUR CLIENTsecurity and resilience, providing efficient and actionable alerting. Liaise with Security suppliers to compare the fit of offerings to requirements.

• Security Vulnerability Assessment - Contribute to the improvement of existing and the development of new techniques and approaches to improve security, including identification, detection and protection. Maintain trend reporting of protection coverage and effectiveness.

• Security Intelligence - Identify threat vectors, geographic specific risks, and maintain threat risk assessment documentation. Analyse and report on actionable threat intelligence, making an informed decision to escalate.

• Security Operation - Ensure that ALL security incidents/risks within the extended OUR CLIENTenvironment (networks, systems and services both internal and external) are identified, investigated and progressed. Oversee the timetable of periodic security routines such as external penetration testing, certificate renewals.

• Incident Response - Provide Incident Response support and direct operational resources to address incidents prioritising remediation efforts based on risk.

• 24/7 Incident Response-  Be available to provide reactive support to critical security incidents outside standard business hours. Perform Silver or Bronze Command duties in simulated (or actual) security breaches.

• Advisory and approval services – Provide an advisory service to IT and Business Functions requiring support. Embed processes to ensure Security due diligence and sign off higher risk supplier and/or system changes including representing Security priorities on the Change Control Board.

• Training - Manage the communication programme including production and delivery of effective training to reduce the Insider threat and increase Security awareness.

• Compliance - Plan and execute tests across IT and other Business Functions to assess Security compliance, advising on control strengthening and monitoring progress of corrective actions. Assist Business readiness preparations for ISO27001 certification and other Regulatory requirements.

• Security Records and Documentation - Maintain security records and documentation both for existing systems, processes and procedures as well as consistent incident tracking and reporting. Draft documentation to assist Prospects and Customers assurance over AVEVA's Security.

• Reporting – Input to management reporting.

• Development – Working towards CISM or equivalent. Build and maintain both internal and external networks of security professionals to share knowledge and keep abreast of emerging Security trends.

Important Working Relationships

·  Form, build and maintain collaborative working relationships with all IT team members to coordinate and inform on security-related matters.

·  Form, build and maintain relationships with internal Project Managers/Stakeholders. Escalate security-related events accordingly.

·  Strong Integration with IT Operations / Information Systems to ensure ALL security incidents are managed with minimal risk.

Knowledge, Skills & Experience Required

The individual can demonstrate:

• Strong IT background including exposure to SIEM solutions and a demonstrable knowledge of security threats and their management.
• Knowledge of other security infection vectors, indicators of infection and techniques for mitigation (protection, isolation and resolution)
• Familiarity of working with increased IT privileges on critical infrastructure (Security/Network/Domain Administrator etc)
• Strong interpersonal skills with an analytical mindset and an attention to detail.
• Ability to multi-task, effectively analyse risks, prioritise and manage time.
• Awareness of forensic computing requirements

Technical Skills required: 

• Knowledge of network security devices, including firewalls, vulnerability scanning, mail filtering, anti-virus, data leakage prevention, and host and network intrusion detection/prevention systems.
• Knowledge of network/security applications, network analysis; understanding of common network and application protocols, for example, TCP/IP, UDP, HTTP/HTTPS, FTP, ICMP and SMTP.
• Experience with the following technologies would be advantageous:
• SIEM Technologies
• Firewalls
• IDS/IPS
• O365 Security
• Relevant additional security certifications (e.g. GSEC, GCIA, GCIH, CEH, Security+)

Desirable:

·  Experience in identifying and interpreting network traffic or host anomalies and relating them to attack vectors (e.g. Insider Threat, Phishing, DDoS)

·  Knowledge of various security methodologies and processes, and technical security solutions (firewall and intrusion detection systems)