Prism Digital
,
London, Greater London
Information Security Analyst, IT Security - Famous Institution
Overview
Job Description
Information Security Analyst, IT Security - Famous Arts Institution A world-renowned arts institution based in South Kensington is looking for an information security analyst / IT Security Your role will be as a very hands on IT Security specialist to maintain the internal and external security of the business at a large scale; 3,000 devices and 1,200 end users. You will be the sole IT Security Analyst in an IT department of 20 people, so you have a great opportunity to make a real mark and steer the direction of all things security related. This is more of a hands-on technical leaning security role rather than a compliance/governance security position. You will be responsible for the day-to-day actions that will ensure the established information security policies are adhered to by all staff and all systems. You will monitor all security and compliance systems regularly, acting where required or ensuring that others who are responsible for those systems are taking appropriate action. Key Responsibilities * Network activity monitoring (Darktrace, Azure) throughout the day, actioning and fully investigating high alerts whilst gathering details from the systems to provide evidence for investigation and reporting * Managing email security (Mimecast, Office 365) including but not limited to responding to and owning phishing/possibly phishing messages, monitoring alerts and adjusting rules within the Mimecast platform, and running regular phishing education campaigns * Owning the running and mitigation actions for both internal/external network scanning (Tenable Nessus Pro, external vendors) * Responsible for the day to day alerting and compliance reporting from the Endpoint management (Sophos) and ensuring actions are undertaken by the appropriate internal IT teams * Managing the day to day running, event management, scope and health of the SIEM (CALM - Cybanetix Advance Log Manager) * End to end responsibility for incident management from recording incidents in the security incident log, through investigation to reporting and completing remedial actions * Threat monitoring via security feeds from government agencies, vendors, NCSC etc. * Risk assessments across new system implementations as well as annual pre-emptive assessments of all existing systems. Working with the auditors as needed to ensure external risk assessments * Reporting (monthly detailed reports on current security issues/compliance levels), documentation (from system user guides through to firewall rules and accounts with elevated rights), user education (creation and management of phishing simulations etc.) Specifically: * Formal Information Security qualification (CISM, CISSP/CISA or equivalent) * Demonstrable experience in Information Security Management or IT Audit related role * Understanding of ISO27001, Cyber Essentials, business continuity and compliance and audit frameworks * Understanding of IT infrastructure, networking systems and information management systems Ideally you will have: * Familiar with the configuration and operation of Tenable Nessus Pro, Darktrace and Azure AD * Working within an ISO27001 or Cyber Essentials compliant environment * Strong understanding of GDPR and PCI-DSS * Excellent analytical and problem-solving skills * Experience establishing an ISMS and SIEM Such a great opportunity here and this is a real chance to 'own' the IT security function and work with a good group of people. Benefits: * 1-2 days work from home * 28 days holiday * 10% Co. Pension - no personal contrib needed * Season Ticket Loan * Cycle to Work Scheme * Some home working opportunities. * Heavily subsidised Staff Canteen * 36 Working Hour Week with a degree of flex APPLY ASAP for success! Information Security Analyst, IT Security - Famous Arts Institution