Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Jobs
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[SJ-JOB] Jr. Security Analyst, Peterborough

from [iain] Network Security [Permanent Link]
Subject: [SJ-JOB] Jr. Security Analyst, Peterborough
Date: 9 Feb 2007 21:57:59 -0000 
---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------


JOB DESCRIPTION
---------------------------------------------------
Position:       Jr. Security Analyst
Location:       Peterborough, , United Kingdom
Type:           Permanent P/T

Closing Date:   2007-03-12


Technical Assurance Analyst (187)

Reference No.   SF-187
Company Insurance Group
Location        Peterborough
Salary  &pound;30,000 - &pound;35,000
Start Date      ASAP
Reports to      Information Security Manager
The Role
To assess, detect and make recommendations for issues affecting the security, 
integrity and availability of the production environment.
Remediation policy non compliance issues, and of accidental or deliberate 
security breaches affecting the critical IT infrastructure. 
To ensure that technical security controls are implemented and maintained in a 
consistent, cohesive and appropriate manner in order to reduce risks to key 
business activities.
Scope of the role
Implement and manage a schedule of security and recovery testing against 
production environment
Review Event Logs or event reports from key systems to identity security 
breaches and then prioritise, communicate and remedy as appropriate. 
Conduct compliance and risk assessments in order to highlight risks to core 
business activity, acting as primary technical security and recovery contact 
for the business and IT projects and changes.
Assess planned changes to the production environment for security and 
availability impact and impact on existing recovery plans.
Ensure security and recovery risks are added to the IT risk log and that action 
is taken to resolve the issue.
Administration of a high level password vault. Ensuing use of system management 
accounts are managed and audited.
To gather, interpret and present reports on the status of security and system 
resiliency 
Investigate breaches of security, owning all technical investigations into 
breaches of company policy
Complete technical assurance testing against critical infrastructure. 
Own the resolution of security and availability issues with the production 
environment.
Perform root cause analysis on security and availability incidents producing 
harm charts per incident and monthly/yearly summary reports.
Produce recovery plans in associations with technical teams, attending and 
assessing tests and documenting results.
Key Result Area
Communication & Influence
To liaise with colleagues, and both external business partners and suppliers. 
Act as the communications conduit between the Information Security and the rest 
of the IT across the group.
Provide the driving force behind various security tasks, communicating the 
requirement clearly and encouraging staff to ensure they meet deadlines set in 
accordance to corporate standards and guidelines
Schedule Management
Maintain a schedule or regular testing and security reviews against technical 
infrastructure
Organisation
Organise meetings and ensure that all relevant documentation is available prior 
to the meetings taking place
Organise regular IT security update / refresher forum with key IT management 
staff to outline programme and discuss new or outstanding issues
People
Build up an excellent relationship across key points of contact for all IT 
areas within the group.
Make the management team aware of any people issue relational to the management 
and mitigation of Security risks.
Business impact
Help plan the production and completion of security reviews and risk 
assessments to assist IT and business units to identify their security issues 
and requirements.
Understands and takes account of impact across Group IT & Business Units of 
Information Security initiatives.
Delivering service improvements
Recommends and implements modifications to working practices, processes and 
procedures that will more closely align practice to the security requirements 
of the group standards/regulatory & contractual obligations.
Leadership & Teamwork
Provides motivation and encourage to technical teams on security matters to 
ensure tasks are completed on time and consistently.
Continuous improvement
Keeps abreast of developments within the business, within IT and within the 
Information Security arena in order to identify changing requirements and new 
opportunities. Communicates ideas and proposals with the Information Security 
Manager and takes ownership of these when ideas are presented to IT management.
Seeks to continuously improve the work of Information Security and security 
controls operated by the team.
Financial & budgetary
Working with the team on projects and accountable for assisting project 
managers  identify risk vs. benefit cost analysis within those projects.
Identifies potential solutions in line with security requirements, accurately 
identifies risks/benefits & costs and prepares business case for justification
Skills & Experience
Attainment of basic Information Security Training or a demonstrated willingness 
to consider achieving a recognised qualification/certification such as CISSP, 
CCNA
Understanding of the work undertaken by business units within the Budget Group 
or demonstrable experience within the UK General Insurance sector to include 
direct call centre and broker or intermediary operations. 
Broad knowledge of general and security technology and standards, including 
BS7799, web server security, firewalls, networks, PKI and TCP/IP.
Strong analytical & communication skills to be able to comprehend and clearly 
communicate in business terms information rating to security risks.
Good understanding of project management processes and procedures




JOB REQUIREMENTS
---------------------------------------------------



CONTACT
---------------------------------------------------
Candidates must be eligable to work in the UK when applying

Information Security Solutions
Iain Sutherland

iain@InformationSecuritySolutions.com



---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.

http://www.securityfocus.com/jobs
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [SJ-JOB] Jr. Security Analyst, Peterborough, iain <=
Previous by Date:  [SJ-JOB] Information Assurance Analyst, Falls Church, gary
Next by Date:  [SJ-JOB] Security System Administrator, London, iain
Previous by Thread:  [SJ-JOB] Information Assurance Analyst, Falls Church, gary
Next by Thread:  [SJ-JOB] Security System Administrator, London, iain
Indexes:  [Date] [Thread] [Top] [All Lists]