Information Security Technical Specialists

LARGE INDEPENDENT IT SERVICES BUSINESS

Birmingham

c£35 - £50k (experience / qualifications dependent) + package

General

This job sits within the Security Operations Centre (SOC) in the Security Services sector and reports to the Security Operations Manager. Two positions are available.

The security of information is critical to the ongoing success and reputation of the company’s Secure Data Centre Services business as a Managed Security Service Provider (MSSP).

Information Security Technical Specialists work across internal and customer environments, performing ad hoc, project based and daily duties across various security platforms, technologies and services.

Liaison both internally and externally to ensure policy and processes are being adhered to in order to meet company and customer compliance requirements is fundamental.

Ex military candidates are actively encouraged to apply for this role – particularly any that have QRadar skills, gained on SaluteMyJob’s free training courses or elsewhere.

Main Duties of the Job:

  • Act as technical Subject Matter Expert (SME) for the SOC, primarily focused on Security Information & Event Management (SIEM) monitoring and Security testing.

  • Ensure that Penetration & Vulnerability scanning is performed in line with best practice and company policy.

  • Resolve and / or report findings so that risks can be managed and resolution achieved.

  • Perform technical consultancy:

    • in support of offence triage to ensure offences are either escalated or correctly closed.

    • assist in preparation of reports that document actual or potential damage, including quantitative / qualitative risk analysis, articulating compliance risk in language that can be understood by non-technical staff.

    • in developing SIEM platform processes and procedures, including the development of ‘Playbooks’ to ensure best practice is implemented whenever possible.

  • Provide end to end engagement on a wide range of technical projects as security SME

  • Advise, guide and recommend on incident containment measures, providing technical support and assisting digital forensic investigations with data capture and analysis.

  • Collaborate with IT technical teams to deliver Information Security improvements across the business.

  • Champion awareness of the developing Information Technology and Security risk landscape.

  • Provide the required analytic data to assist with preparation of reports that document offences and the extent of the damage that has or may occur, to include applying quantitative and qualitative risk analysis articulating risks in technical and non-technical terminology, so that it can be interpreted by the company, its customers and both IT and business individuals.

  • Assist with assuring compliance functional requirements for each on boarding project and ensure that they are fulfilled prior to going into service

  • Have an active awareness of developing Information Technology and security risk landscape across the Security Analysts and the wider business

  • Understand the implications of standards and regulations such as GDPR, ISO27001, NIST, PCI, SOX, HTECH to inform decision making

  • Assist in identifying information and security risk areas with regard to current technology, recommending appropriate risk controls.

  • Continually review security offences that require technical support and ensure resolution is appropriately planned, carried out, checked and reviewed to identify lessons.

Skills, Knowledge and Experience (if you can cover 70% of this you should apply)

Essential

  • Possess excellent communication, presentational, briefing, problem solving, analytical and prioritisation skills.

  • Ability to drive policy / process development and improvement.

  • Possess excellent understanding of networking and operational environment concepts.

  • Strong working security knowledge / experience gained working with standard accreditation frameworks

  • Demonstrable comprehension of Information Security including malware, emerging threats, attacks and vulnerability management

  • SME in multiple areas across Windows, Unix, firewalls, intrusion detection, SIEM, threat detection analysis or information risk management

  • Able to identify technical compliance deviations and manage them to resolution

  • Own personal workload, ensuring work is delivered on time and exceeds management expectations

  • Self starter and proactive in driving forward security across the business

  • Experience of ITIL v4.

  • A minimum of 2 years experience in a SOC or similar military environment.

  • SC Security Clearance or willing to undergo the process of SC clearance.

Desirable

  • Hold a recognized Information Security qualification (eg CISSP, CISM, CEH and / or SANS GIAC, GCIA, GCIH) or demonstrate strong capabilities in Information Security compliance

  • Hold Network or Security Platform certification(s) (e.g. S+, N+, CCNA, CCNP)

  • Working knowledge of service management tools Assyst / Service Now

  • Experienced in a MSSP or multi-tenanted service.

Please apply with CV in Word and short covering letter explaining your fit to the role and earliest availability.