We are looking for an experienced Information Security Analyst to own and drive our vulnerability management processes. This role requires hands-on experience of QualysGuard vulnerability management or a willingness to be trained on QualysGuard. Working very closely with our IT Operations team, you will be responsible for creating appropriate processes for scanning, analysis and driving remedial actions.
Whilst the profile looks for specific qualifications and experience, we value the can-do spirit, motivation, determination and the mental attitude to get the job done “right first time, every time” above all others! Working as part of team but showing good leadership qualities when required are attributes we rate highly.
Key Accountabilities
- Provides hands-on technical consulting services to network infrastructure teams, ensuring system security standards are met.
- Provides technical assistance with the initial set-up and secure deployment of systems that support information security including virus detection systems, firewall content filtering systems, web site blocking systems, intrusion detection/prevention systems, and software license management systems.
- Offers technical information security consulting services to personnel who are responsible for one or more information security systems; these people include Network Administrators, Systems Administrators, and Database Administrators.
- Evaluates information system bug reports, security exploit reports, and other information security notices issued by information system vendors, Government agencies, professional associations, and other organisations and, as needed, makes recommendations to internal management and technical staff to take precautionary steps.
- Runs or works with others that periodically run vulnerability identification software packages and related tools, to immediately highlight errors in systems configuration, the need for the update of software with fixes and patches, and other security related changes.
- Runs, or works with others that periodically run, fixed password guessing software, unauthorised wireless network access point detection software, unprotected dial-up modem identification software, and similar tools, and then informs those responsible about the need to change their systems to improve security.
- Collects, maintains, and documents a collection of software that is able to trace the source of, and otherwise investigate, attacks on Ofgem’s systems.
- Interprets information security policies, standards, and other requirements, as they relate to a specific internal information system and assists with the implementation of these and other information security requirements.
- Serves as an active member of the Computer Emergency Response Team (CERT) and participates in security incident response efforts by, among other things, having an in-depth knowledge of common security exploits, vulnerabilities and countermeasures.
Specific Minimum Qualifications and Expertise
Technical abilities
- Operational security experience.
- CISSP, CISM or similar industry-recognised information security certificate.
- Ability to gain security clearance to SC level.
- Demonstrable background of working in an IT infrastructure support and security role.
- Experience of conducting risk assessments and ad-hoc security assessments.
- Network Security design experience.
- Microsoft application security and hardening expertise.
- Ability to use professional judgement and internal/external expertise to give actionable security advice.
- Experience or familiarity with security vulnerability management tools, remediation planning and implementations.
- Advanced TCP/IP skills with understanding of subnets, routing and DNS.
- Ability to understand output from technical security reviews.
- Good documentation and communication skills.
Soft skills
- Data Protection and Privacy Laws: 1998 Data Protection Act, EU Directive, European Privacy Laws.
- Use of MS Office, especially Word, PowerPoint and Excel.
- Report preparation.
- Presentations to senior staff.
- Meeting organiser/driver.
Desirable Qualifications and Expertise
Technical abilities
- Windows Server and Active Directory experience.
- Experience of virtualisation deployments (client and server side) and related security issues.
- Exposure to, and experience of, applying HMG technical security policy standards.
- Experience of Firewall architecture and management and perimeter security.
- Experience drafting and contributing to IT Security policies.
Soft skills
- Ability to work unsupervised.
- Proven leadership skills.
- Proven experience of security consultancy.
- Vendor management experience.
Purpose
- Own the governance of all vulnerability management activities, including planning, use of security tools, production of reports, and working with the Infrastructure team to take corrective steps.
- Responsibility for ‘Pen Test’ remedial actions.
- To maintain and support business critical applications, within a mixed physical and virtual environment.
- Conduct regular compliance checks against all network attached devices, identify security vulnerabilities and propose solutions.
- Conform to Ofgem’s ITIL practices.
- Provide project support.
- Contribute to Ofgem IT security policies and procedures.
Key Outputs and Deliverables
- Produce metrics and management and technical reports.
- Assist 2nd and 3rd Line support to track and remediate issues in accordance with SLA’s.
- Provide expert advice to other members of the IT Department.
- Ensure security of the Ofgem network.
- Produce high quality system documentation.
- Lead and provide support to IT projects.
Key Stakeholder Relationships
- Reports to InfoSec Risk and Security Manager, through ITSO.
- Works closely with Infrastructure, and other security teams.
- Provides expert advice to other members of the IT Department.
- Working under direction of the Head of Infrastructure to ensure SLA’s and project deadlines are met.
- Liaise with the Service Desk team to identify and resolve issues.
- Liaise with third party suppliers.
