ICT Security Analyst
- Location: Caerphilly
- Salary: £30,000/yr - £45,000/yr
ICT Security Analyst
We are looking for an Infrastructure Security Analyst to join our Security team. The role will have the opportunity to join a growing team that has responsibility for IT security across Link which has multiple offices across Europe. This will play a vital role in supporting a fast paced IT improvement agenda and will be involved in the delivery of IT projects, in a security planning, business impact and threat risk analysis capacity, providing systems security assurance across the IT Infrastructure of the Link Group Businesses.
We are looking for someone that is a great team player because our success is built on working together effectively. We are also looking for someone that loves to challenge the status quo and can see improvement in everything they do as identifying better ways of working is crucial to how efficiently we work. And because we are operating in a fast moving environment, someone that is hard working and adaptable to work in a fast moving, transitional, infrastructure-centric environment is also crucial to our success.
This is an exciting time to join the team!
- Performing regular emerging threat analysis and reporting the outcomes to the ICT Security Manager
- Monitor the computer networks/systems for security issues using various tools and methodologies, developing company-wide best practices for both physical and digital information and IT security and assist in the communication and promotion of these practices throughout the business
- Perform Business Impact and Threat risk analysis throughout all stages of new projects and perform security testing/assurance on completing projects
- Assist with the creation, implementation and enforcement of Corporate IT Security Policies and Procedures
- Perform regular security testing, vulnerability analysis and manage detected vulnerabilities through to resolution to maintain a high-security standard across all business areas
- Participate in the update, maintenance and testing of Disaster Recovery and Business Continuity processes
- Research of new security technologies/enhancements and make recommendations to the ICT Security Manager
- Determine the relevant legislative and legal requirements applicable to the business and industry with regards to information security and ensure compliance from a technology perspective
- Produce reporting and dashboards illustrating our current security posture, current security activities and highlighting gaps in IT security
- Travel to the various business sites occasionally (including European sites) will be necessary to perform security audits and testing
- Contribute to the management and maintenance of the ISO27001, PCI-DSS and other relevant certifications.
- Participate with the audit and RFP processes, including contact and meetings with clients or their appointed auditors, and a very high level of articulation and personal presentation will be required.
Work Experience and Qualifications
- High level of written English including grammar, punctuation and spelling is critical
- Experience in balancing projects, regular testing and monitoring duties, prioritise tasks and manage expectations in a clear and concise manner
- Maintenance and development of Information security processes, best practices and procedures, often under pressure or of a critical nature
- Ideally degree (or equivalent) educated in an IT or Information Security related discipline
- Minimum 3 years’ proven experience in an Information Security or IT Security related field
- Minimum of 3 years’ proven experience with computer network penetration testing scoping activities and vulnerability analysis techniques
- A strong understanding and experience of Security frameworks such as ISO027001, PCI-DSS, NIST
- 5 years’ experience in a multi-site, multi-networked environment of more than 200 PCs is required
- Strong understanding of firewalls, proxies, SIEM, antivirus, IDPS concepts, Access Control, least privilege methodologies
- Understanding of patch management and the ability to deploy patches in a timely manner while understanding business impact
- Experience of Project Delivery security input, including impact analysis, covering at least 2 significant IT Projects is required.
- Professional qualifications, directly related to Information Security or IT Security would be an advantage (CISM, CISSP, CEH, OSCP, ISO27001, CompTIA Security+)
Salary and Benefits
- Salary will be dependent on experience
- 40 hours per week, but dependent on business needs it may vary
- 24 days holiday + Bank Holidays (32 days)
- Discretionary Annual Bonus
- Reward and Recognition schemes
- Refer a friend scheme
- Company pension & life assurance (4 x annual salary)
- Onsite parking, free tea and coffee, friendly warm atmosphere with modern facilities
Other Role Details
- This role is based in Caerphilly – some travel to UK and European offices may be required