Job ID 274987
Cyber Security Officer
Location: North Tyneside
* Design, implement and support network security architecture including firewalls, web filtering, web application firewall, email security, two factor authentication and VPN technology for the company's Infrastructure provided to NTC.
* Design, implement and support relevant IPS/ IDS toolsets and polices to protect the NTC infrastructure and data.
* The preparation and presentation of security architecture design reports and technical implementation plans.
* Remote and onsite security audits/health checks, including preparation and presentation of reports.
* Advise and assist NTC in gaining and maintaining accreditation for relevant compliance frameworks, including but not limited to; PSN Code of Connection, PCI-DSS, ISO27001 and Cyber Essentials. This may involve advising the customer as the compliance requirements change and/or providing recommendations and follow-up actions following an official audit or systems health check.
* Technical understanding of network hardware and protection systems that provide in defence in depth, such as firewalls, DDOS and Intrusion prevention.
* Knowledge of security best practices for infrastructure, systems and development that covers service lifecycle, preferably ITIL.
* Assistance, as directed, in the maintenance of the NTC network infrastructure owned or managed by the company. This includes passive elements such as cabling and active elements such as switches, routers, firewalls etc.
* Research emerging threats and produce relevant safeguards to protect NTC data and systems.
* Manage the NTC vulnerability register ensuring industry practice polices are applied.
* Knowledge of Data Protection Policy, ISO2001 or COBIT or other recognised standards.
* Knowledge of supplier verification and credibility for information security.
* Provide a high quality, customer focussed service that is responsive to customer needs.
* Respond to requests for support to in a timely manner and according to agreed SLAs and procedures.
* Ensure users and other interested parties are kept informed of progress and that corrective action is taken to avoid delays.
* Responsibility for defining and implementing an IT Security Strategy.
* Provide practical guidance and support on industry standard security practices.
* Implement an IT security framework to govern and improve the overall security posture.
* Identify IT Security threats/vulnerabilities and implement appropriate mitigation controls.
* Communicate IT security threats to all relevant stakeholders and internal compliance bodies.
* Establish IT Security policies, knowledge database and procedures to protect the organisation.
* Review, challenge and monitor current and future IT controls