Senior Cyber Security Specialist (Permanent)
Location United Kingdom
Sub Location London
Job type Business Services
Department/Practice group IT
Position Type Permanent
In conjunction with the firm's chosen IT security partner, to operate the firm's IT security environment. Also to manage privileged system accounts.
• Provides technical expertise to enable the correct application of operational procedures. Contributes to the planning and implementation of maintenance and installation work. Implements agreed changes and maintenance routines. Identifies operational problems and contributes to their resolution, checking that they are managed in accordance with agreed standards and procedures. Provides reports and proposals for improvement to specialists, users and managers. Takes key technical decisions regarding area of expertise within the scope of the role.
• Initiates and monitors actions to investigate and resolve problems in systems and services. Assists with the implementation of agreed remedies and preventative measures.
• Maintains knowledge of specific technical specialisms, provides detailed advice regarding their application and executes specialised tasks. The specialism can be any area of information or communication technology, technique, method, product or application
• Assesses, analyses, develops, documents and implements changes based on requests for change.
• Ensures that incidents and requests are handled according to agreed procedures. Ensures that documentation of the supported components is available and in an appropriate form for those providing support. Creates and maintains support documentation.
• Maintains the network support process and checks that all requests for support are dealt with according to agreed procedures. Uses network management software and tools to investigate and diagnose network problems, collect performance statistics and creat
• Investigates identified security breaches in accordance with established procedures and recommends any required actions. Assists users in defining their access rights and privileges, and administers logical access controls and security systems. Maintains security records and documentation.
• Supports security risk and vulnerability assessments for defined business applications or IT installations in defined areas, and provides advice and guidance on the application and operation of elementary physical, procedural and technical security controls (e.g. the key controls defined in ISO27001). Investigates suspected attacks and manages security incidents.
• Collects performance data and investigates problems. Monitors and reports on supplier performance, customer satisfaction, and market intelligence. Resolves or escalates problems. Implements supplier service improvement actions and programmes. Monitors performance.
• Sources and collects contract performance data (such as pricing and supply chain costs), and monitors performance against KPIs. Identifies and reports under-performance and develops opportunities for improvement. Monitors compliance with Terms and Conditions and take appropriate steps to address non-compliance. Pro-actively manages risk and reward mechanisms in the contract. Monitors progress against business objectives specified in the business case. Identifies where change is required, and plans for variations. In consultation with team members, suppliers and customers, ensures that change management protocols are implemented.
• Responsibility for owning ISO processes relating to patch management, anti-virus, network controls, access controls, information security incident management and firewalls. Ownership includes regular process reviews / improvements and compliance checks to ensure colleagues are following the guidance and where necessary escalate issues (process or compliance) to the relevant line manager.
ISO Processes owned
• Network controls
• Access controls
• Information security incident management
Essential Technical Skills
• Strong networking knowledge – TCP/IP, DHCP, DNS, WINS
• A good knowledge and hands on experience of current Windows server operating environments, Active Directory and Group Policy
• Exposure to and working knowledge of - CiscoWorks, Junos, Packet Sniffer, Checkpoint Firewall, PIX, ASA, CBAC, NBAR, QOS, Call Manager, MPLS, routing protocols, Layer 3 Switches, Cisco IP Phones, VLANS.
• Support knowledge of Checkpoint firewall solutions
• Knowledge of network security devices and associated protocols.
• Knowledge of McAfee and Microsoft antivirus products.
Desirable Technical Skills
• Knowledge of load balancing technologies.
• ITIL Service Management Foundation certification (or equivalent) • MCSA, MCSE, MCP • CISSP