IT Security Operations Analyst

The role of an IT Security Operations Analyst entails providing critical protection to a company's computer systems, networks, software, and data from potential threats such as cyber-attacks, breaches, and unauthorized access, through management of all inbound alerting from the various monitoring systems.

The role involves assessing security risks and developing effective measures to prevent data theft, unauthorised data access, and loss of sensitive information.

IT Security Operations Analysts collaborate with other departments within the Managed Services Division, to ensure that security protocols and policies are implemented and followed correctly. They stay up to date with emerging technologies and best practices to identify possible security breaches and vulnerabilities.

Alongside the critical monitoring tasks, the IT Security Operations Analysts are responsible for performing regular security audits, identifying security gaps, and developing and implementing strategies to fortify these areas.

The role will ensure that appropriate levels of training materials and documentation related to IT Security and improvements are documented and shared with the other members of the Managed Services Division.

The role includes a function as technical escalation from the IT Service desk, where their knowledge/experience has been exhausted. You will be required to liaise/engaged with Third Party Suppliers to assist with change/development/resolution of support issues, ensuring that communication with the Service Desk Manager is timely, informative and in a language that is able to be shared with the end user.

From time to time, you may be required to attend our customer sites to perform certain discovery activities to assist with problem resolution. There will be an element of routine out of hours cover required to cover urgent IT issues, for which you will be reimbursed at overtime rates or TOIL.

**ROLE DESCRIPTION**:

- To implement and manage a process of network and systems monitors (alerts) for vulnerabilities and work to eliminate them before they can be exploited. These will be recorded and managed within the PSA Helpdesk ticketing system.
- To continually review, develop and implement policies and procedures to protect sensitive data from cyber-attacks, viruses, and other threats, to include automation of processes and notification.
- To monitor and maintain Group and, where appropriate (based on purchased services) customer backups. To test back up/data recovery at specified intervals.
- To establish and manage user access controls, ensuring that only authorised personnel can access sensitive information, and that access can be reported on.
- To conduct regular security audits and risk assessments and make recommendations for improvements, to include regular customer health checks and status reports on a regular or ad hoc basis.
- To be responsible for managing the timely delivery of planned IT Security project work (patching/upgrades/reboots etc), as agreed with internal and external stakeholders within the Managed Services Division. This may involve some work out of hours or at weekends, to avoid impacting on BAU. This includes delivering documentation and assisting with handover into support.
- To ensure that the Group and where relevant, each customer, has an up-to-date IT Security manual, detailing systems used, and policies/checks implemented, with frequency detailed.
- To stay up to date on the latest security technologies and best practices and implement them as appropriate. This will require close engagement with vendors.
- To provide ongoing training and education to staff/customers to promote a culture of security awareness and vigilance.
- To participate in change activity & approval, as per the Group Change process.
- To be involved in discussion and provision of documentation relating to BCDR.
- To ensure that Group BCDR tests are carried out regularly
- To ensure that the Global4 Group adheres to all externally set policies and guidelines to ensure security accreditation, for example ISO27001, is strictly maintained.
- In the event of a security breach, the IT Security Operations Analyst is responsible for investigating and mitigating the damage, as well as providing written root cause analysis and recommendations for mitigation.
- In the event of a breach, the IT Security Operations analyst is responsible for ensuring the notification policies are adhered to, for example, notification to ICO in the event of a data breach.
- Any other reasonable management requests in line with the needs of the business.

**Requirements for the role**:

- Professional, presentable, approachable and courteous.
- Excellent telephone manner.
- Attention to detail and ability to listen and learn.
- Tenacious and willing to go the extra mile.
- Ability to develop technical and service delivery skills in line with the services offered by the business.

KNOWLEDGE, SKILLS AND EXPERIENCE REQUIREMENTS

**Knowled