Operational Security Analyst

TNT Global IT
14 Oct 2016
29 Oct 2016
Contract Type
An exciting opportunity has arisen within Service Operations for an Operational Security Analyst Main Roles and Responsibilities · Collects and collates evidence as part of formally conducted and planned reviews of information and communications technology applications. · Examines records as part of specified testing strategies for evidence of conformance with management directives, or the identification of abnormal occurrences. · Compares records with expectations arising from the standards governing the work. · Conducts security control reviews in well defined areas. Assesses security of information and infrastructure components. Investigates and assesses risks of network attacks and recommends remedial action. · Conducts business risk and vulnerability assessments and business impact analysis for well defined business applications or IT installations. · Reviews compliance with information security policies and standards. Assesses configurations and security procedures for adherence to legal and regulatory requirements. · Reviews network usage. Assesses the implications of any unacceptable usage and breaches of privileges or corporate policy. Recommends appropriate action. · Provides advice and guidance on the application and operation of elementary security controls (e.g. the key controls defined in ISO 27002) and communicates information assurance issues effectively to users of systems and networks. · Supervises and/or administers the operation of appropriate security controls (such as physical or logical access controls), as a production service to business system users. · Investigates suspected attacks and manages security incidents. · Acts as routine contact point between organisation and supplier. · Collects, reviews and reports on supplier service and contract performance data. Resolves problems, or escalates them to more experienced colleagues. · Undertake vulnerability management activities in co-operation with Service Providers. Main Skills and Experiences Required · Acquiring a proper understanding of a problem or situation by breaking it down systematically into its component parts and identifying the relationships between these parts, selecting the appropriate method/tool to resolve the problem and reflecting on the result, such that learning is identified and absorbed. · Acquiring understanding of the metrics associated with a problem or situation, their significance and relationship, and being able to manipulate these as necessary to identify solutions. · Identifying gaps in the available information required to understand a problem or situation and devising means of remedying such gaps. · Understanding the needs of the internal or external customer and keeping them in mind when taking actions or making decisions. · Being proactive, taking action and anticipating opportunities. · Applying quality standards to all tasks undertaken and ensuring that nothing is overlooked. · Communicating effectively by word of mouth. · Establishing relationships and maintaining contacts with people from a variety of backgrounds. · Effective and sensitive communicator in different societies and cultures. · A strong background in IT covering traditional platform infrastructure (UNIX, Windows, Active Directory, LAN/WAN/VOICE, Firewalls, Web servers and services). · Knowledge and awareness of cloud service offerings and capabilities. · Strong technical understanding of threat and vulnerability scanning solutions and processes. · Familiar with secure software development/ web application security concepts and the OWASP Top Ten Project · Understanding of the concepts of secure network architecture and design. · Hands-on experience with a range of security technologies: SIEM, network firewalls, VPN, IPS, secure web gateways, secure e-mail gateways, anti-malware, encryption, end point solutions. · Knowledge of technology aspects of IT security and IS frameworks - ISO/IEC 2700X, PCI DSS · Ability to engage in discussions at an architectural level e.g. familiar with the use of architectural frameworks such as TOGAF to roadmap development of capabilities. · Aware of the application of automated systems to the support of specific business functions or processes. Examples: enterprise resource planning, sales forecasting. · Familiar with tools and techniques (manual or automated) that can be used to document an understanding of the structure, relationships and use of information within an organisation. · Familiar with the collection, analysis and application of historical and synthetic measurements in the estimation of IT activities. Examples: Development metrics (function point analysis, lines of code), Service metrics (capacity, throughput, response times), Life Cycle metrics (% successful projects/products per phase). · Familiar with standards and frameworks associated with IT practice nationally and internationally. Examples: BSI BS 25777 (ICT continuity), ISO 9001 (Quality management systems), ISO20000 (Service Management), About TNT TNT Express, a FedEx company, is one of the world’s largest express delivery companies. On a daily basis, TNT Express delivers close to one million consignments ranging from documents and parcels to palletised freight. The company offers road and air delivery services in Europe, the Middle East and Africa, Asia-Pacific and the Americas. TNT Express made €6.9 billion in revenue in 2015. Our people make TNT a great company, whether they are delivering goods, working in a sorting centre, or flying one of our aircraft. We are a global team of empowered people united by a desire to deliver an exceptional customer experience. We have an extremely diverse customer base, and, in order to achieve the highest levels of customer satisfaction, we encourage rich diversity within our workforce. Working at TNT means being a part of a service-oriented, global operation. It is a unique environment that thrives on process excellence and a 'can do' mentality. We are passionate about everything we do, and we care equally about our people, our customers and the world. This job was originally posted as www.cwjobs.co.uk/job/66899972

More jobs like this