Warning
Mae'r hysbyseb swydd hon wedi dod i ben ac mae'r ceisiadau wedi cau.
IT Security Analyst
| Dyddiad hysbysebu: | 27 Mawrth 2024 |
|---|---|
| Cyflog: | Heb ei nodi |
| Gwybodaeth ychwanegol am y cyflog: | 55000 - 60000 |
| Oriau: | Llawn Amser |
| Dyddiad cau: | 26 Ebrill 2024 |
| Lleoliad: | Bolton, BL3 2NT |
| Cwmni: | Quantuma Advisory Limited |
| Math o swydd: | Parhaol |
| Cyfeirnod swydd: | 537 |
Crynodeb
Job Advert
K3 Capital Group, part of the Sun Capital Group of businesses, is looking to expand its IT offering and would like to hire an
experienced IT Security Manager.
We are seeking a skilled and experienced IT Security Analyst to join our dedicated team and play a pivotal role in safeguarding
our organisation's information assets. As an IT Security Analyst, you will play a vital role in safeguarding K3 Capital Group’s
digital assets and ensuring the integrity, confidentiality and availability of our information systems. You will be responsible
for analysing, monitoring and responding to security incidents, implementing security measures and advising on best practices to
mitigate risks and threats. As well as taking the lead in managing any IT Security incidents if and when they occur. You will
work closely with the in-house IT team, 3rd party providers and cross functional teams to ensure compliance with industry
standards and regulations while proactively identifying and mitigating potential security threats.
Key responsibilities include:
1. Security Monitoring and Incident Response:
* Monitor security events and alerts from various sources, including SIEM (Security Information and Event Management) / SOC
(Security Operation Centre) systems, intrusion detection/prevention systems and log files.
* Investigate and respond to security incidents, including conducting root cause analysis, containment and remediation.
* Coordinate with cross-functional teams to ensure timely resolution of security incidents.
2. Vulnerability Management:
* Conduct regular vulnerability assessments and penetration tests to identify weaknesses in systems, applications and
infrastructure.
* Prioritise and remediate vulnerabilities based on risk assessment and impact analysis.
* Responsible for the continuous management of vulnerabilities across group platforms
* Implement and maintain vulnerability management tools and processes.
3. Security Controls Implementation:
* Oversee the design, deployment and management of security controls, such as firewalls, antivirus software, encryption,
access controls, intrusion detection systems and identity management solutions.
* Review and update security policies, standards, and procedures to ensure compliance with regulatory requirements and
industry best practices.
4. Threat Intelligence and Research:
* Stay abreast of the latest cybersecurity threats, vulnerabilities and attack techniques.
* Analyse threat intelligence feeds and security advisories to proactively identify potential risks to the organization.
* Collaborate with internal teams and external partners to share threat intelligence and enhance the organisation’s security
posture.
5. Security Awareness and Training:
* Develop and deliver security awareness training programs to educate employees about cybersecurity risks and best practices.
* Conduct phishing simulations and other exercises to assess the effectiveness of security awareness initiatives.
6. Policy Development and Compliance
* Assist with establishing and enforcing IT security policies and procedures.
* Conduct regular audits of IT Policy and procedure adherence alongside technical configuration of key assets.
* Ensure compliance with relevant laws, regulations and industry standards.
7. Vendor Management:
* Evaluate and manage relationships with third-party security vendors.
* Ensure that external partners adhere to security standard and protocols.
* Assist business leaders with technology due diligence and risk assessment.
The IT Security Analyst will report into the Head of IT Service and Operations
Qualifications & Experience:
* Bachelor's degree in Computer Science, Information Technology, or a related field
* Certified Information Systems Security Professional (CISSP) (preferred) or equivalent certifications.
* Proven experience in IT security management, with a focus on developing and implementing security strategies.
* Strong knowledge of information security principles, standards and best practices.
* Experience of obtaining Cyber Essentials\CE+
* Proactive attitude, self-starter, able to identify new risks, threats and opportunities
* Excellent communication and interpersonal skills, with the ability to convey complex security concepts to non-technical
stakeholders.
* Strong team collaboration skills.
* Experience with security tools and technologies, including firewalls, antivirus software, SIEM, EDR and intrusion detection
systems.
* Strong technical background, including networking, Operating Systems, M365, Active Directory
K3 Capital Group, part of the Sun Capital Group of businesses, is looking to expand its IT offering and would like to hire an
experienced IT Security Manager.
We are seeking a skilled and experienced IT Security Analyst to join our dedicated team and play a pivotal role in safeguarding
our organisation's information assets. As an IT Security Analyst, you will play a vital role in safeguarding K3 Capital Group’s
digital assets and ensuring the integrity, confidentiality and availability of our information systems. You will be responsible
for analysing, monitoring and responding to security incidents, implementing security measures and advising on best practices to
mitigate risks and threats. As well as taking the lead in managing any IT Security incidents if and when they occur. You will
work closely with the in-house IT team, 3rd party providers and cross functional teams to ensure compliance with industry
standards and regulations while proactively identifying and mitigating potential security threats.
Key responsibilities include:
1. Security Monitoring and Incident Response:
* Monitor security events and alerts from various sources, including SIEM (Security Information and Event Management) / SOC
(Security Operation Centre) systems, intrusion detection/prevention systems and log files.
* Investigate and respond to security incidents, including conducting root cause analysis, containment and remediation.
* Coordinate with cross-functional teams to ensure timely resolution of security incidents.
2. Vulnerability Management:
* Conduct regular vulnerability assessments and penetration tests to identify weaknesses in systems, applications and
infrastructure.
* Prioritise and remediate vulnerabilities based on risk assessment and impact analysis.
* Responsible for the continuous management of vulnerabilities across group platforms
* Implement and maintain vulnerability management tools and processes.
3. Security Controls Implementation:
* Oversee the design, deployment and management of security controls, such as firewalls, antivirus software, encryption,
access controls, intrusion detection systems and identity management solutions.
* Review and update security policies, standards, and procedures to ensure compliance with regulatory requirements and
industry best practices.
4. Threat Intelligence and Research:
* Stay abreast of the latest cybersecurity threats, vulnerabilities and attack techniques.
* Analyse threat intelligence feeds and security advisories to proactively identify potential risks to the organization.
* Collaborate with internal teams and external partners to share threat intelligence and enhance the organisation’s security
posture.
5. Security Awareness and Training:
* Develop and deliver security awareness training programs to educate employees about cybersecurity risks and best practices.
* Conduct phishing simulations and other exercises to assess the effectiveness of security awareness initiatives.
6. Policy Development and Compliance
* Assist with establishing and enforcing IT security policies and procedures.
* Conduct regular audits of IT Policy and procedure adherence alongside technical configuration of key assets.
* Ensure compliance with relevant laws, regulations and industry standards.
7. Vendor Management:
* Evaluate and manage relationships with third-party security vendors.
* Ensure that external partners adhere to security standard and protocols.
* Assist business leaders with technology due diligence and risk assessment.
The IT Security Analyst will report into the Head of IT Service and Operations
Qualifications & Experience:
* Bachelor's degree in Computer Science, Information Technology, or a related field
* Certified Information Systems Security Professional (CISSP) (preferred) or equivalent certifications.
* Proven experience in IT security management, with a focus on developing and implementing security strategies.
* Strong knowledge of information security principles, standards and best practices.
* Experience of obtaining Cyber Essentials\CE+
* Proactive attitude, self-starter, able to identify new risks, threats and opportunities
* Excellent communication and interpersonal skills, with the ability to convey complex security concepts to non-technical
stakeholders.
* Strong team collaboration skills.
* Experience with security tools and technologies, including firewalls, antivirus software, SIEM, EDR and intrusion detection
systems.
* Strong technical background, including networking, Operating Systems, M365, Active Directory