As a Cyber Security Analyst and Information Asset Assurance Consultant, you will report to the Operations Security Manager (OSM) and be responsible for safeguarding our organization's digital assets and ensuring the security of information systems. You will assess and mitigate risks, implement security measures, and ensure compliance with industry standards and regulations under the direction of the OSM. You will conduct Nessus Vulnerability Scanning for ICT Networks estate wide.
Risk Assessment and Management
* Conduct comprehensive risk assessments to identify vulnerabilities in information systems.
* Develop and implement risk mitigation strategies and action plans.
* Run Vulnerability Scanning of ICT Networks.
* Undertake Compliance and Validation testing, compile statistical reports when required.
* Assist in Independent IT health check activities.
* Produce and manage Remediation Action Plans for Continuous assurance to the Operations Security Manager.
Security Operations
* Monitor network traffic for unusual activity and potential threats using Network Monitoring tools and SPLUNK, Manage Engine, and TANIUM.
* Analyse and respond to security incidents and breaches, this will include MODCert Alerting and Reporting utilising internal activity tracking tools (ie: Vigilant, Warning Advise & Reporting Point WARP).
* Maintain and update security systems, firewalls, and intrusion detection systems.
* Manage and audit any security holdings to include Portable HDD, Media, using defined MoD processes.
Compliance and Assurance
* Ensure compliance with relevant industry standards (e.g., ISO 27001, NIST) and regulatory requirements.
* Conduct regular audits and assessments of information systems to ensure compliance.
* Develop and maintain information security policies and procedures.
Incident Response
* Assist Operations Security Manager with all incident response efforts during security breaches or attacks.
* Investigate and document security incidents and breaches.
* Coordinate with internal and external stakeholders to mitigate the impact of security incidents.
Consultation and Training
* Provide expert advice on information asset assurance and cyber security to internal teams and clients. Work with the delivery partners to provide continuous assurance to the customer and feed into the Risk Working Group / Security Working Group.
* Assist OSM in conduct training sessions and workshops to educate staff on security best practices.
Documentation and Reporting
* Prepare detailed reports on risk assessments, security incidents, and compliance audits. Assist the OSM in the continuous assurance of Network Security assurance artifacts such as Policy Procedures RMADS, SyOP's.
* Maintain accurate and up-to-date documentation of security measures and protocols in place across the estate.
Qualifications
* Relevant certifications such as CISSP, CISM, CISMP, CISA, CEH, COMP TIA Security Plus, Tenable Nessus or equivalent.
* Experience in cyber security, information asset assurance, or related roles.
* Knowledge of MoD Defence Assurance JSP 440, JSP 604 preferred.
* Proven experience with risk assessment, incident response, and security operations.
* Understanding of cloud security, application security, and data protection.
* Knowledge of MoD Secure by Design Methodology is preferred but not essential for this role can be locally trained.
Skills
* Proficient understanding of information security principles, practices, and technologies.
* Proficiency in security tools and technologies (e.g., SIEM, firewalls, IDS/IPS).
* Excellent analytical and problem-solving skills.
* Strong communication and interpersonal skills.
* Ability to work independently and as part of a team.
We are recognised as a responsible and inclusive employer: Not only are we a certified Disability Confident Leader, a Times Top 50 employer for Gender Equality, a Top 75 employer for Social Mobility, accredited with the Living Wage Foundation and a signatory for the Race at Work Charter, but we are also committed to the United Nations standards for LGBTI+ and a Stonewall Top 100 Employer.
We are people centric: Our work environments enable you to Be Completely You. Our active people-led Inclusive Community networks are representative of all aspects of diversity and are instrumental in enabling and supporting our innovative approach to inclusion. Please note: It's still worth applying even if you do not meet all the requirements above. We are passionate about investing in you and your career and if you have the transferable skills/ background in IT Support this could be the next opportunity for you. #LifeAtFujitsu
Your Choices
* Flexible benefits such as increased holidays, travel, dental, critical illness and more.
* Perks at work - employee discounts, Employee assistance programme / virtual GP
* Role dependent benefits: Private medical.
#J-18808-Ljbffr