Online since 1999 | 12,468 IT Jobs Live NOW

Operational IT Security Manager - £43434 - £50,296 - Norwich

Premium Job From Michael Page
Recruiter: Michael Page
Listed on: 27th October
Location: Norwich
Salary/Rate: £43,434 - £50,296
Type: Permanent
Start Date: ASAP

This job has now expired please search on the home page to find live IT Jobs.

Working closely and in collaboration with the Head of Information Security, the role holder is directly responsible for mitigating the University's operational IT Security risk.

The role-holder is responsible for the line-management of a team delivering operational IT security services for the institution and the role reports to the Assistant Director of IT Infrastructure Operations.

Client Details

UEA is a world leading research institution which is based on a campus that provides top quality academic, social and cultural facilities to over 17,000 students. UEA is one of six organisations that together forms the Norwich Research Park (NRP) Partnership; home to nearly 3,000 scientists working in several world ranked institutions and a world leading centre for environment, health and plant science research. At UEA we come together from different fields to learn, innovate, collaborate and help create a better future.

Description

Operational IT Security Manager - £43434 - £50,296 - Norwich

Main Responsibilities

Universal Security Log Management

The role-holder is responsible for sourcing appropriate log data from across the IT estate. Access to this data will include working with other operational teams as they will have the required expertise in data extraction. Detailed responsibilities include:

  • Manage the digestion of log data from source systems into central log management.
  • Manage the processing and correlation of system logs
  • Maintain roadmap for future processing of logs to maximise coverage and work with other operational teams to create a plan.

IT Security Monitoring and Alerting

The role-holder is responsible for the monitoring of security log data in order to discover suspicious activity:

  • Development of scripts and rules to highlight events needing investigation
  • Create alerts/incidents of suspicious activity for further investigation.
  • Collaborate in the maintenance and development of the University's IT security monitoring systems

Incident triage and management

The role-holder is responsible for leading the initial triage and initial investigation of suspicious activity:

  • Process alerts and perform triage, so that security incidents are appropriately identified.
  • Initial management of incident investigations and either bring these to a conclusion or hand over of the most serious incidents to the Information Security team.

Training & Awareness Delivery

The role-holder is responsible for maintaining and improving awareness of cyber-security:

  • Maintain training and awareness programme plan for delivery primarily to IT and by exception across the University.
  • Work with relevant parties for delivery of specific training.

Patch Management

The role-holder is responsible for monitoring and reporting on the overall patching status of IT systems across the IT estate

  • Overall responsibility for the patch management process
  • Working with IT Systems owners to ensure and maintain regular patching of all IT systems
  • Create summary reports for senior management, including the Director of IT and IT Leadership Team on the overall patch status

Vulnerability Management

The role-holder is responsible for mitigating the risks associated with system updates and patches across the IT estate:

  • Overall responsibility for the vulnerability management process and collaboration with other operational teams in the collection of vulnerability data.
  • Report vulnerabilities to operational teams and others, and work collaboratively to create a plan to address.
  • Create summary reports for senior management, including the Director of IT and IT Leadership Team.

Accreditation Management

The role-holder is responsible for maintaining the currency of accreditations:

  • Maintain relevant accreditations (for example, cyber essentials, PCI).
  • Create and manage on-going plans, in conjunction with other operational teams, to ensure current accreditations are maintained and new accreditations are achieved.

General

  • As a team manager, the role-holder is responsible for organising and planning activities for the team.
  • The role holder will manage a team of technical experts and as team manager will be responsible for recruitment, setting and monitoring objectives, assigning work and managing performance of individuals in the team.
  • Responsible for system design, selection and procurement of new specialist systems or services to support this area. This includes upgrades and maintenance of existing systems.
  • Building an effective network both within the organisation and across the HEI sector.
  • The role-holder will report to the Assistant Director of Infrastructure Operations
  • The role-holder will be expected to work independently on agreed targets, ensuring that deadlines are met.
  • The role-holder will be expected to make decisions within the assigned areas of responsibility; the role holder will have a significant contribution to decisions about the future strategy for Information Technology.

Profile

Operational IT Security Manager - £43434 - £50,296 - Norwich

  • Expert experience of LogRhythm, NXlog, Tenable and Snort, specifically the interaction of the products in an HEI environment.
  • Demonstrable experience of managing IT security monitoring systems.
  • Demonstrable experience of managing organisational compliance matters.
  • Demonstrable experience of managing information security matters (or related functions such as IT audit or risk management).
  • Previous experience of participation in strategy and policy implementation.
  • Previous experience of training course design and delivery.
  • Previous experience of procedure design and implementation.
  • Ability to assimilate/learn complex compliance regimes.
  • Ability to configure, implement and maintain an IT security monitoring system.
  • Expert knowledge of network protocols.
  • Expert knowledge of network and server operational systems and software.
  • Expert knowledge of software exploits and vulnerabilities.
  • Ability to identify, analyse and process information security incidents.
  • Ability to work in confidential areas and deal with sensitive information.
  • Strong presentation skills
  • Strong negotiation skills.
  • Flexible approach to work, including occasional out of hours work.

Job Offer

Operational IT Security Manager - £43434 - £50,296 - Norwich

Closing Date Sunday 17th October 2021