- Vulnerability Management, Accreditation management
- Splunk, Nessus, Sentinel (Azure)
About Our Client
UEA is a world leading research institution which is based on a campus that provides top quality academic, social and cultural facilities to over 17,000 students. UEA is one of six organisations that together forms the Norwich Research Park (NRP) Partnership; home to nearly 3,000 scientists working in several world ranked institutions and a world leading centre for environment, health and plant science research. At UEA we come together from different fields to learn, innovate, collaborate and help create a better future.
Operational Security Analyst - £34304 - £40,927 -Remote workingMain ResponsibilitiesEach member of the team will have primary responsibility for at least one of these areas, in addition to supporting other members of the team in the areas they are each responsible for. It is expected the role holder will be the technical expert in the area(s) where they have responsibility and they would be expected to develop a technical roadmap, procurement and develop the required hardware/software and design/develop the service.Universal Security Log ManagementEnsuring all appropriate log data is sourced from across the IT estate. Access to this data will include working with other operational teams as they will have the required expertise in data extraction. Detailed responsibilities include:
- Manage the digestion of log data from source systems into central log management.
- Manage the processing and correlation of system logs
- Maintain roadmap for future processing of logs to maximise coverage and work with other operational teams to create a plan.
IT Security Monitoring and AlertingOngoing monitoring of security log data in order to discover suspicious activity:
- Development of scripts and rules to highlight events needing investigation
- Create alerts/incidents of suspicious activity for further investigation.
- Collaborate in the maintenance and development of the University's IT security monitoring systems (with the Information Security and Architect teams).
Incident triage and managementLeading the initial triage and initial investigation of suspicious activity:
- Process alerts and perform triage, so that security incidents are appropriately identified.
- Initial management of incident investigations and either bring these to a conclusion or hand over of the most serious incidents to the Information Security team.
Training & Awareness DeliveryMaintain and improving awareness of cyber-security:
- Maintain training and awareness programme plan for delivery primarily to IT and by exception across the University.
- Work with relevant parties for delivery of specific training.
Patch ManagementMonitoring and reporting on the overall patching status of IT systems across the IT estate
- Overall responsibility for the patch management process
- Working with IT Systems owners to ensure and maintain regular patching of all IT systems
- Create summary reports for senior management, including the Director of IT and IT Leadership Team on the overall patch status
Vulnerability ManagementMitigating the risks associated with system updates and patches across the IT estate:
- Overall responsibility for the vulnerability management process and collaboration with other operational teams in the collection of vulnerability data.
- Report vulnerabilities to operational teams and others, and work collaboratively to create a plan to address.
- Create summary reports for senior management, including the Director of IT and IT Leadership Team.
- Responsible for system design, selection and procurement of new specialist systems or services to support this area. This includes upgrades and maintenance of existing systems
- Building an effective network within the IT teams
- The role holder will report to the Operational IT Security Manager who will set and monitor objectives. It is expected that there will be regular meetings to assign work and feedback on progress. The role holder will be expected to work independently on agreed targets, ensuring that deadlines are met.
- The role holder will be expected to make decisions within the assigned areas of responsibility; the role holder will have a significant contribution to decisions about the future strategy for Information Technology.
The Successful Applicant
Operational Security Analyst - £34304 - £40,927 -Remote workingFirst degree (or equivalent qualification) or equivalent experience.Membership of an appropriate professional organisation.Information security certification/qualification.
Previous experienceDemonstrable experience of managing IT security monitoring systemssuch as SIEM, enterprise log collection, vulnerability scanningDemonstrable experience of managing organisational compliance matters.Demonstrable experience of managing information security matters (or related functions such as IT audit or risk management).Previous experience of training course design and delivery.Previous experience of procedure design and implementation.
Technical/professional skillsAbility to assimilate/learn complex compliance regimes.Ability to configure, implement and maintain an IT security monitoring system.Expert knowledge of network protocols and network/server operating systemsExpert knowledge of software exploits and vulnerabilities.Ability to identify, analyse and process information security incidents.
Personal skills and attributesAbility to work in confidential areas and deal with sensitive information.Strong written and oral communications skills in English language.Strong presentation skillsStrong negotiation skills.Analytic and problem-solving skills.Ability to work independently and within a small team.Flexible approach to work, including occasional out of hours work.
What's on Offer
Operational Security Analyst - £34304 - £40,927 -Remote working
Norwich /remote working
Public Sector and government
***Applications for this role will close as of midnight on 28.11.21***
To find out more about working at UEA please click here'