Job Description
The purpose of this role is to support ICT security operations by
ensuring appropriate information and security controls are established and maintained in accordance with policies. You will ensure the correct systems, protocols and policies are in place to protect against current and emerging threats.
Broadly this role will be responsible for:
- Reviewing the current environments (Office 365 and Azure) and making recommendations to improve security.
- Choosing and implementing an IT security framework (ISO27001, NIST, CCM) that suits their infrastructure.
- Improving the reporting on the environment using Splunk or similar SIEM.
- Preparing weekly Security reports.
- Ensuring the adoption of a number of new policies and procedures recently released by a related department.
- Mentoring and supporting a more Junior team member.
- Attending monthly SLT meetings as part of the leadership team.
ESSENTIAL Requirements:
- Microsoft Azure Security Certification (AZ-500) Mandatory
- Microsoft 365 Security Administration Certification (MS-500) Mandatory
- Firewall certified (Sophos ideal) Mandatory
- SEIM certified Mandatory
- Experience in ICT Security Frameworks (ISO, ISM, PSPF) Mandatory
1. Cyber Security Framework
Establish and maintain:
- A governance framework (standard policies and procedures) which provides a best practice organisational capability to effectively identify and respond to incidents.
- An ICT Security Incident Response Plan which details the processes for mitigating potential risks and providing a best practice response.
• Continually research the external environment to identify security enhancement opportunities.
• Continually keep abreast of emerging trends in ICT related threats.
• Design and deliver security training and education services to end users
Cyber Security monitoring and administration.
• Continually review and enhance the effectiveness of operations within the ICT security function.
• Monitor the cloud-based environment for security issues including Azure and Office 365.
• Complete regular IT Security self-assessment against applicable security framework.
• Review new systems for compliance with cyber security policies.
• Investigate, respond to, resolve, and report on security incidents / issues.
• Ensure end points are configured with modern security software and updated regularly.
2. Reporting
• Prepare reports for key stakeholders (including the Senior Executive Team) which provide visibility and assurance regarding ICT security issues, risks and enhancement opportunities.
3. ICT Support
• Lead and participate in Corporate projects as and when opportunities arise
• Provide ICT support for a small team
• Ensure the necessary ICT training and education services are provided to end users
• Provide service support to employees
• Ensure efficient operations within the ICT function
• Manage and support other business connectivity devices such as iPhones and iPads
• Ensure all policies, procedures, guidelines, manuals and system documentation relating to core systems are reviewed and updated periodically
This is a high profile run within an organisation who are committed to improving their security processes and controls. You will enjoy a work/life balanced environment, 2 days a week wfh and the opportunity to increase your knowledge and skills.
If this sounds like you, send your CV in the first instance to the link provided.