Salary: £15,000 pa.
Closing Date: 13 Jan 2017.
Eduserv, an IT services provider, is offering a full-time 1 year paid internship as Technical Information Security Analyst.
As a Technical Information Security Analyst you will help develop and ensure the effectiveness of our capability to protect Eduserv’s Information assets from cyber threats. You will also identify vulnerabilities to both Eduserv and our customers’ systems using the available intelligence and to validate exposure through vulnerability scans and authorised penetration testing. Through the collection, process and handling of security event information, you will support the administration, maintenance and refinement of our security incident and event management measures.
- Develop Eduserv’s protective monitoring capability by identifying and implementing appropriate tools, systems, controls and processes.
- Progress the effective collection monitoring, handling, review of relevant security events.
- Support the administration and maintenance in a change controlled environment of:
- Rule sets and configuration relating to firewalls and other perimeter security
- Intrusion Detection and security vulnerability monitoring systems
- Respond to service calls and requests providing technical support, fault resolution and escalation as necessary.
- Identify, investigate, fix and resolve security incidents and problems in conjunction with the appropriate authorities where necessary.
- Conduct and facilitate penetration tests and liaise with external bodies, suppliers and customers in regard to scoping, scheduling and remediation.
- Review test reports and identify vulnerabilities/trends, recommending additional measures where necessary.
- Author and maintain documentation on Eduserv’s information security controls.
- Maintain current knowledge of vulnerabilities, conduct controlled penetration tests and ensure appropriate measures are put in place.
- In consultation with colleagues across the business, define and implement security controls in line with appropriate standards, including ISO27001/2, HMG Security Policy Framework and PCI-DSS.
- Maintain and extend Eduserv’s security infrastructure and devices to ensure the security of Eduserv’s Information assets.
- Assist in the operation of Eduserv’s Information Security Management System.
- Undertake monitoring and auditing of Eduserv’s information assets and security controls
- Design, test and apply appropriate security changes maintaining necessary documentation and version control
The successful candidate will have a positive attitude, be highly organised and efficient, with excellent communication skills and loads of initiative! You will provide superior customer service with all levels in a team environment. You will also have experience with security incident & event management systems and common security vulnerability software, and be adept in security incident response, management and forensics. You’ll have familiarity with current cyber threats and measures to combat them and an analytical, proactive approach to trouble shooting, problem solving and resolution.
See the job description here.
Eduserv is unique. We provide the public and not-for-profit sector with industry-leading technology advice, engineering and support. However, we do this to enable and empower our clients to deliver enhanced public services and services for the public good. We are able to deliver the highest level of advice and support because of the calibre of our team.
Part of the attraction of working at Eduserv is the complexity and industry-leading quality of our work. Another is our not-for-profit status. This means we are able to offer truly agnostic advice so our clients will always get what suits them best.
Another key part of being at Eduserv is our commitment to enabling and promoting public sector and not-for-for profit values. We do this through empowering our clients to deliver less-costly public services and services for the public good.
We will always go the extra mile to finish the job properly because that is what is best for our clients, for the society they serve, and for us.
Please note: Direct applications only please. Applications from agencies not on our PSL will not be considered.