information security analyst Croxley Green, England
Job description
Our Client a leading provider of lease Vehicles to individuals and Companies is seeking a key person to join their already vibrant existing team.
The successful candidate will be working within our clients leading IT Operations team, taking the lead on IT security working across the business to ensure our clients IT security is the best it can be.
The main components of the role are to work with:
IT Operations ensuring all their IT systems are secure and remain so and implement IT security solutions to maintain their cyber security, this includes networking, upgrading/patching systems and using specific IT security systems like SIEM and PAM.
You will be commercially aware and remain focused on keeping our clients systems up to date with the latest security be Commercial to respond to IT security questionnaires from customers, this will requiring responding to documents and occasional customer meetings.
Providing all our clients departments with cyber security education.
You will also be responsible for responding to alerts from security systems and working with 3rd party security vendors.
You will be covering both their Windows and Linux estates (inc. Mac). Work with CISO and others in IT Operations on the following:
Develop information security processes
Analyse, design and implement efficient IT security systems, including networking
Ensure their hardware is maintained within vendor warranties and be responsible for applying patches, inc. firmware patches
Upgrade and patch (inc. firmware updates) Tusker’s systems to enable maintain IT security
Upgrade and patch systems and application to maintain IT security
Ensure server and client hardening for both internally and externally facing systems
Install, tune and upgrade antivirus software
Install, tune and upgrade firewalls
Install, tune and manage 3rd party SIEM software/service
Install, tune and manage our clients 3rd party PAM software/service
Be point of contact for external IT security partners, e.g. Defense.com and NCC
Respond to security alerts raised by IT security systems, including incident response
Work with the Disaster Recovery team to ensure IT security is part of the BCP / ITDR plans, any simulations and any recovery activities
Respond to IT security related questionnaires
Work with Office Manager on the physical security of the office, e.g. door access control and CCTV
Work with compliance on IT related parts of ISO27001
Scope, arrange and support security testing, including penetration testing
Ensure any identified security findings are resolved as per best practices
Analyse proposed IT infrastructure changes, software development changes or business process changes from an IT security standpoint to Job Description ensure IT security risks are not introduced and ensure additional security
testing, such as an additional pen test, is undertaken when required.
Create and maintain IT security documentation
Use industry sources to stay current with known IT security issues
Provide IT security education for the business, e.g. rollout
Mimecast cyber security training and perform regular simulated phishing
attacks
Test and evaluate new technology
Gather feedback from end users to continue to improve systems
In Return this role has a package of benefits which reflect the important nature of such a post and will be shared with you as part of the process
