Job description
Purpose of the role:
Day to day, the role will involve working as part of a team, monitoring, and analysing security alarms, triaging incidents, communicating with staff, and helping with information governance tasks, including client audits and evidence gathering. It's a fast-paced environment, and you will need to be able to think on your feet and manage multiple priorities.
You'll be working as part of a close-knit team which provides the first line of cyber-defence and information governance compliance for PSL.
The main scope of the role is to support the functions of the IT Governance and Security Team with various tasks and internal team projects, for example, this role will cover the broad aspects of the principles of information security governance, risk, and technical control management.
As you develop your skills you will be able assist and ensure we continue to meet compliance with regulations and privacy laws.
Department:
IT Security/IT Ops
Deliverables:
- Assisting in coordinating and executing IT Security projects.
- Assisting in developing and publishing Information Security policies, procedures, standards, and guidelines based on knowledge of best practices and compliance requirements.
- Assist with maintaining security related document management, version, and document control.
- Assisting on conducting company-wide data classification assessments and security audits and manage remediation action plans.
- Support the team with providing first line support handling for security event notifications and incident response processes including reporting, response, and escalation to management where appropriate
- Support the team to monitor alarm consoles; provide analysis of logs and network traffic and identifying trends in malicious activity.
- Generate security metrics, dashboards and reporting for management review resulting from data analytics across multiple security toolsets.
- Assist with vulnerability assessments.
- Supporting the team with vendor risk management including maintaining third party questionnaires and collating responses.
- Work closely with the staff across the business to gather information on working practices to help improve security posture and processes.
- Support the team with the education, awareness, and communications programme for PSL staff.
- Assist with technical tasks and analysis as needed.
- Monitor threat and vulnerability news services for any relevant information that may impact PSL and Clients infrastructure. Update security event investigation notes and maintain case data in the Information Security Management System.
Critical Competencies:
- An understanding of security & networking technologies.
- Analytical and problem-solving skills.
- Strong data analytics skills to perform 1st level analysis and interpretation of information from Security systems; incident identification/analysis, escalation procedures.
- Ability to communicate with impact and engage both inside and outside of PSL.
- Well-developed written and verbal communication skills.
- A self-starter who is results-driven with high levels of self-motivation, mobility, energy, and initiative.
- Good prioritisation skills and the ability to meet targets.
- Highly professional ‘CAN DO' attitude that engenders confidence, respect, and support.
- Ability to work effectively on their own initiative and prioritise their workload.
Experience required:
- Experience of the full project lifecycle.
- Experience of Project methodologies (AGILE etc).
- Strong written and verbal communication skills.
- Strong time management and organisational skills.
- Personal flexibility to meet business goals and needs.
- Experience of ITIL would be of benefit.
- Experience of ISO27001, ISO27002, ISO27005, SOC2 standards.
- Experience and knowledge of auditing best practices.
- Experience of Governance, Risk Management and Compliance.
- Good awareness and understanding of Security best practices.
- Knowledge or Windows and Linux environments.
- Knowledge of open-source security tools.
- Awareness of Privilege Access Management.
Reward:
We offer all new staff, on successful completion of probation, free healthcare, and death in service benefit. The company will contribute up to £350 per annum towards wellbeing activities and offer a discretionary bonus scheme. Holidays at this level are a minimum of 25 days plus 8 Bank holidays. The company will match employee contributions into the approved pension scheme to a maximum of 5% of salary after twelve months service.
Job Types: Full-time, Permanent
Salary: £30,000.00 per year
Benefits:
- Casual dress
- Company events
- Company pension
- Cycle to work scheme
- Discounted or free food
- Flexitime
- Free parking
- Life insurance
- On-site parking
- Private medical insurance
- Sick pay
- Wellness programme
- Work from home
Schedule:
- Flexitime
- Monday to Friday
- Overtime
Supplemental pay types:
- Bonus scheme
- Performance bonus
Ability to commute/relocate:
- Solihull: reliably commute or plan to relocate before starting work (required)
Experience:
- Information Security: 1 year (required)
Work Location: One location