£20.00 - £21.00 per hour
3 months ago
Our client is seeking a ICT Cyber Security Support Officer on an initial 1 years contract with the possibility of an extension.
37 Hours per week
Monday - Friday
Based within the ICT service's Service Delivery team, and under supervision of the IT Information Governance and Compliance Officer, the role provides Administrative, Investigative and Scripting/Programming skills and experience associated with security incident investigation and reporting, system logs management, client device (endpoint) remediation using SCCM/Intune/scripting, breach follow ups, verifying supplier conformance to security guidelines, meeting minutes and following up assigned actions.
Duties and Responsibilities:
- Monitor logs and reports from multiple sources such as syslog (Solarwinds), SCCM/SCOM, SNMP (PRTG), Event Logs, Nessus, email gateway etc. and design actionable alerts based on patterns or matches associated with risks. Follow up anomalies.
- Clear out legacy AD configuration including redundant accounts.
- Monitor firewalls to aid removal of legacy/unused firewall rules, lock down of permissive rules, audit and micro-segmentation.
- Perform upgrades of systems, if necessary liaising with suppliers or internal teams.
- Compile Monthly Security Incident Report including follow ups with customer and Service Desk where there is insufficient details in the call or the security incident procedure has not been followed.
- Follow up on breaches with the business or third parties (e.g. suppliers).
- Check client estate issues (from Nessus reports) and assist implementation of SCCM/WSUS updates or bespoke scripts in complex cases.
- Monitor and investigate AD account misuse.
- Convert operational security issues into problem tickets for ICT staff, help investigate and follow up actions/progress (Security Information Group meetings).
- Handle/Close off basic support calls in BAU.
- Attend and arrange security meetings as needed and compile technical minutes: following up on actions/requests for information.
- Monitor project security requirements, follow up with project team, submitters and suppliers.
- Maintain compliance e.g. check line of business apps are following basic guidelines on RBAC, ACLs and auditing.
- Process tender responses against Supplier Security Checklist
- Maintain and investigate supplier compliance with security policies.
- Assist in aligning processes and procedures to ISO27000 standards.
- Continuous Improvement. Review of processes, policies, procedures.
Skills and Experience:
- Good verbal and written communications skills with attention to detail.
- You will work with a range of IT colleagues, both technical and non-technical, as well as business analysts and business users. You will be able to communicate effectively with all of them, modifying your approach to suit e.g. explaining technology to non-technical people and explaining business processes to technical experts.
- You will have a good understanding of the importance of non-functional and technical requirements and be able to capture these in relation to security, resilience, capacity management, operational support impact etc.
- Ability to take accurate minutes of technical discussions
- Understanding of Windows infrastructure and Application
- Active Directory
- Understanding of Endpoint infrastructure
- Windows 10
- Secure Boot
- Basic Network Knowledge
- WiFi principals
- Captive Portals
- Wired and wireless 802.1x
- Knowledge and experience of appropriate programming environment(s) and application to SCCM remedial tasks and endpoint devices
- Visual Basic
- Ability to identify potential risks and propose mitigations.
For this role you will need the following:
2 years written referencing (All gaps verified)
Eligible to work in the UK
Disclaimer: By applying for this role, you give consent for your information to be forwarded to our Client(s) and information of which may be retained within our databases