Information Security Operations Analyst
Transkrypt
Information Security Operations Analyst
Role Profile Job Description Ref no: Job Title Information Security Operations Analyst Directorate or Region COO Department/Country Global Information Services Location of post Warsaw, Poland Pay Band Grade F Reports to Head of Information Security Operations Duration of job Indefinite Purpose of job: This role reports to the Head of Information Security Operations (HISO) supporting him and other members of the Information Security Operations (ISO) Team in delivery of professional technical information security services, consultancy, and assurance and risk advice across the global organisation. The role holder is responsible for carrying out requested research, and providing analytical and operational capacity in support of development, optimisation, sustainment and effective delivery of an agreed range of information security operations functions and processes. Additionally, the role holder supports the Information Security Operations Manager in the process of measuring performance and maturity of technical information security processes and procedures embedded with the organisation (including delivery partners and suppliers). Other responsibilities include performing external horizon scanning, gathering and collating cybersecurity intelligence for internal team consumption, carrying out initial cybersecurity solutions and options research (in support of architectural and technical development discussions), and handling procurement and operational logistics on behalf of the team. Context and environment: The purpose of Global Information Services (GIS) in the British Council is to partner with the business in order to make effective use of information in all its forms across the organisation. GIS has accountability for enabling the full life-cycle of information for the whole of the business. This role is located within the Information Governance and Risk Management (IGRM) team. Formally reports to the Head of Information Security Operations (HISO) and is matrix-managed by the Information Security Operations Manager (ISOM) in terms of assignment of tasks and management of associated workload. This role is located within the GIS Information Governance and Risk Management (IGRM) team and reports to Head of Information Security Operations. IGRM take the lead on information security and governance policies and procedures globally for the British Council. IGRM are a 2nd Line of Defence (2LoD) function responsible for information risk management oversight as well as related education and training for both information professionals and all staff globally. They lead on the global implementation of required frameworks and standards and for compliance in this area. 1 of 5 Accountabilities, responsibilities and main duties: Supporting HISO and other members of the ISO Team in delivery of professional technical information security services, consultancy, and assurance and risk advice across the global organisation by: • • • • Providing analytical and operational capacity and carrying out requested research including: root-cause and trend analyses for information security events and incidents; dependency and impact analyses for technical and procedural changes; cause-and-effect and impact projections in support of risk assessment activities; identifying viable technical and procedural options/solutions for agreed problem statements; and carrying out compliance assessments for technical and service commissioning initiatives. Gathering agreed indicators, metrics and dashboards from the respective 1st Line of Defence parties including GIS Operational Risk Committee, verifying them for integrity and accuracy, and processing and preparing them for further consumption (e.g., dashboards). Providing logistical support to the process of management of security incidents and/or digital and forensics investigations, including: Labelling, cataloguing and securely handling evidence material; Organising necessary meetings, collating minutes and tracking actions; and Supporting the process of ordering necessary professional services, equipment and goods. Horizon scanning external cyber theatre for changes in the threat and vulnerability posture, gathering and collating cybersecurity intelligence for internal team consumption. 2 of 5 • Contributing to the process of promotion and enforcement of technical security standards and supporting documentation. • Contributing to the ISO Team effort of building and strengthening its brand and credibility amongst business and technical stakeholders. • Handling general procurement, operational and travel logistics on behalf of the ISO Team. • Deputising for ISO Team members as appropriate and agreed. • Interacting effectively and proactively at all levels throughout the organisation and link messaging to corporate and departmental strategies. Key relationships: Internal • • • • • • • • GIS IGRM including: o Head of Information Governance and Privacy and their team, o Head of Information Risk Management and Assurance and their team, o Communications and Engagement Manager and their team. GIS Strategy, Design & Development and Service Delivery teams. SBU, Regional and Country Directors. The corporate Risk Management Team. British Council Head of Security and physical security team members. Internal and External Communications teams. Digital including Heads of Digital network. Project Teams and SROs. External • • • • External suppliers. Information Security specialist organisations, bodies and communities. Wider professional network and membership bodies. UK cybersecurity regulatory bodies and agencies. Other important features or requirements of the job: • • • Some unsocial hours and weekend work may be required. Occasional local, regional or global travel may be required. Demonstrable personal integrity and appropriate levels of confidentiality are essential for this role. Please specify any passport/visa and/or nationality requirement. Must have the right to work in the EEA. Please indicate if any security or legal checks are required for this role. The successful candidate will be required to obtain (if not already cleared) and maintain SC clearance - or HMG equivalent for non-UK nationals - for the duration of their tenure in the post. 3 of 5 Person Specification Essential Working together (more demanding) Being Accountable (more demanding) Creating shared purpose (more demanding) Making it happen (more demanding) Shaping the future (essential) Connecting with others (more demanding) Behaviours • • • • • • Skills and Knowledge SFIA Skills: • • • • • Assessment stage Interview Interview Information security SCTY – Level 4 Security administration SCAD – Level 4 Business risk management BURM - Level 3 Emerging technology monitoring EMRG – Level 4 Information analysis INAN – Level 4 Strong written and oral English is a prerequisite for this role. Experience Essential: • Professional service delivery and information security or cybersecurity experience in a challenging corporate or academic setting. • A good understanding of information security principles and practices, the threat landscape and generally accepted good security practice and standards, including ISO27000 family and PCI-DSS. • An understanding of web applications security concepts. • Experience in performing research and analyses using quantifiable and qualifiable methods and calibrated estimates. Short listing and Interview Desirable: Qualifications • Experience of building relationships with key internal and external stakeholders. • Experience of providing advice on information security – helping non-specialists understand the threats and vulnerabilities – and the options for treating the associated risk – including the technical and organisational controls necessary. • Experience of participating in IT or technology investigations and / or forensic activities including first responder activities. Essential: • Information security qualification (e.g., CRISC, CISSP, CSX) or equivalent experience. Desirable: • Higher level ITILv3 qualification or equivalent experience. 4 of 5 Shortlisting Submitted by Konrad Malinowski Date 5 of 5 October 2016