Job Description
The Cybersecurity team, within the IT department, is responsible for information and Cybersecurity. Responsibilities include information and cybersecurity risk management, and ensuring compliance to CAA, NIS and ISO27001 standards. The team also works closely with our majority shareholders, and partners, such as retailers, ground handlers, as well as suppliers, to ensure a joined-up approach to information and cyber security.
We are seeking a highly skilled and motivated IT Cyber Security Engineer, with a passion for protecting digital assets against cyber threats, to join our dynamic team. The successful candidate will have a strong technical background and a thorough understanding of IT systems, which is essential for effectively securing our infrastructure, systems, and networks. Expertise in information security, risk management and compliance is essential, as is a commitment to defending against cyber threats and integrating security across all layers of our IT environment to protect organisational data and technology.
This role focuses on detecting, investigating, and responding to cybersecurity threats and incidents, while also managing BAU security tasks, ongoing maintenance, supporting projects, and assisting with regulatory compliance to encourage continual enhancement of our IT security environment.
Key responsibilities and accountabilities:
* Endpoint monitoring and analysis.
* Malware analysis and forensics research.
* Understanding/ differentiation of intrusion attempts and false positives.
* Lead investigations into security breaches, incidents, or suspicious activities and provide incident reports to stakeholders.
* Enforce security policies, procedures, and guidelines for all IT systems and operations.
* Provide recommendations for improving security practices to meet evolving regulatory and organisational needs.
* Vulnerability identification & mitigation/remediation.
* Advise incident responders & other teams on cybersecurity threats.
* Triage security events and incidents and apply containment and mitigation/remediation strategies.
* Collaborate with other IT teams to ensure seamless security integration with infrastructure, applications, and services.
* Maintain comprehensive documentation related to security configurations, incident reports, audits, and compliance activities.
* Proactively monitor the performance of systems and make regular routine inspections of installed equipment, and take corrective avoidance actions to prevent wider problems.
* Function as the point of escalation for the Service Desk for security-related tickets.
* Analysis of weekly vulnerability scans and update relevant records.
* Incident readiness and handling as part of the Computer Security Incident Response team (CSIRT).
* Monitor and analyse security logs from various systems (including SIEM) and network devices to identify potential threats and vulnerabilities.
Knowledge, skills & experience required:
Essential
* Bachelor's degree in computer science, Information Technology, Cyber Security, or a related field.
* 5+ years of experience in cybersecurity, with a strong understanding of network protocols and security tools.
* A well-organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines to deliver the desired results.
* An ambition to constantly learn new skills and develop knowledge, with an understanding that study time outside of working hours may be required for career development.
* Credible knowledge/experience of Microsoft Windows operating systems, Active Directory, Exchange Server, Group policies, TCP/IP, DNS, DHCP and MS Azure/EntraID.
* Capable of effectively multi-tasking, prioritising work, and managing competing interests.
* Capable of analysing information technology logs and events sources preferred.
* Working knowledge of data storage systems, data backup and restoration methods.
* Understanding of cybersecurity tooling, its purpose and functionality (Anti-Malware, IDS/IPS, Web and Email Gateways, security analysis tools, web security tools, next generation firewalls/UTMs)
* A collaborator with excellent work ethic, communication skills and a professional who maintains customer-service based approach.
* Ability to work independently while managing support to a high standard.
* Strong problem-solving and analytical skills, with the ability to work under pressure.
* Contribute credibly to IT department's delivery of SLAs and other support targets.
* Ability to analyse vulnerabilities, threats, designs, architectures, procedures, and ability to produce reports and communicate security intelligence.
* Advanced knowledge of computer forensics; legal, government and jurisprudence as they relate to cybersecurity.
* Knowledge of Cloud computing, computer network defence, identity management, privileged access management, incident management and network security.
* Extensive experience within a NOC/SOC environment.
Desirable
* IT certifications such as CompTIA A+, Network+
* Cyber certifications such as CISM, CISA, CEH, or CompTIA Security+
* Understanding of regulatory frameworks and industry standards (e.g., NIS, NIST, ISO 27001, GDPR).
* Experience in scripting or programming languages including PowerShell for automating security tasks.
Person Specification:
* Communication. Structures and conveys information and ideas effectively. Communicates to ensure they are understood by others, that they understand others and share information with colleagues at all levels.
* Customer Focus. Understands what the customer needs and then works to exceed their expectations and meeting their individual needs.
* Achieving results. Knows what needs to be achieved by when. Anticipates obstacles. Motivates self and others to overcome barriers and achieve results.
* Personal Responsibility & Credibility. Take personal responsibility for making things happen and achieving results, working with their line manager. Displays commitment, accountability and conscientiousness.
* Planning & organising. Identifies a goal and puts in place a sequence of steps to ensure priorities are delivered on time.
* Team Focus. Develops effective working relationships inside and outside traditional boundaries to achieve organisational goals.
Connect2Employment is a trading style of Luton & Kent Commercial Services LLP - A joint venture between Luton Borough Council & Commercial Services Kent Ltd. Connect2Employment is an equal opportunities Employment Agency & Business. It positively encourages applications from all suitably qualified and eligible candidates.