IT Security Analyst

Biggin Hill
Engineering & Technical
About The Role
The IT Department is currently looking for a Security Analyst. Reporting to the IT Systems Manager, this role will have responsibility for:
  • Installing security measures and operating software to protect systems, infrastructure and data
  • Ensuring that IT security is implemented, maintained and tested, for perimeter and back office systems
  • Investigating and documenting security breaches and incidents, participating as part of an incident management team
  • Working with the Security Team to perform tests and uncover network and system vulnerabilities
  • Fixing detected vulnerabilities to maintain a highly secure IT infrastructure
  • Developing company-wide best practices for IT security
  • Staying current on IT security trends, security advances and security standards
  • Designing and implementing penetration testing and vulnerability scanning
  • Researching security enhancements and making recommendations to management
  • Providing the leadership and management of the patch management and upgrade procedures
  • Designing and running annual business continuity testing in collaboration with the organisation
  • Liaising with internal teams and vendors to specifying and procure security and compliance hardware/software
  • Implementing and commissioning additional security and compliance technologies
  • Sharing knowledge and experience with team members in a manner that enhances the overall performance and knowledge of the team
  • Monitoring internal and external policy compliance, report and make recommendations as necessary
  • Working with different departments within the organisation to reduce risk, design technical controls and policies
  • Leading and executing the growth and maturity of cyber security with an agenda of continual improvement
  • Ensuring business practices and policies are followed from a security and compliance perspective
  • Being aware of current best practice, cyber security advances and contributing to the IT elements of the company
  • Devising and establishing IT Security policies and systems to support the implementation of strategies set by management
  • Contributing to the road-map of an enterprise-wide security strategy
  • Ensuring cyber security awareness throughout the organisation
  • Having a good knowledge of all regulations and frameworks affecting the company, such as PCI, GDPR, SOX etc.
  • Acting as an ambassador and advocate for all Information Security matters
About You
Essential Criteria:
  • HNC, HND in an IT related discipline or relevant training and experience
  • At least 5 years’ IT experience, with at least 2 years’ experience in Information Security or related field
  • Experience with computer network and system penetration testing and techniques.
  • Practical experience and knowledge of firewalls, proxies, SIEM, antivirus, and IDPS concepts
  • Ability to identify and mitigate network and system vulnerabilities
  • Compliance, regulatory requirements and standards such as IS0 27001, GDPR, PCI, SOX etc.
  • Current technological advances and their appropriate applicability to organisational needs
  • Network/Infrastructure security
  • Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact
  • Ability to cope under pressure, particularly in real-time scenarios
Desirable Criteria:
  • Degree in an IT related discipline 
  • EC council CCISO
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST.
  • Structured methodologies
  • Policy writing