JOB DESCRIPTION REPORTS TO: Cyber Security Specialist / Protective Monitoring Lead RESPONSIBLE TO: IT Security Officer / Compliance Manager Key Purpose of Role The postholder is an ICT security analyst with responsibility for the security of the ICT infrastructure, systems and services; working within the ICT Assurance team, to ensure integrity, confidentiality and availability of ICT systems throughout the Education Authority (EA). The postholder will also assist the Cyber Security Specialists and the Protective Monitoring Lead in the evaluation of cyber security risk and implementation of security controls to support EA business requirements. The Security Analyst will provide risk analysis and cyber security support as part of the EA ICT Assurance team in relation to the following areas: - Servers and Systems Architecture; - Data Centre Architecture; - Line of business systems; - Application Hosting; - Compliance Management systems; - Protective monitoring systems including SIEM and SOAR; - Perimeter systems including Firewalls; - Endpoint security systems; - Cloud Native Security technologies; - Remote Access systems; - Vulnerability management systems; - Penetration testing tools and systems; - Internet and email security gateway systems; - Zero Trust Network Access technologies; - Identity Security systems; - Security Service Edge technologies; - Microsoft 365; and - Any other cyber security systems or technologies Main Duties and Responsibilities Technical and Systems Security Analysis 1. Assist with the security risk assessment, configuration analysis, and risk mitigation of ICT systems and related services and processes in the Education Authority. 2. Be responsible for regular review of system event logs and security alerts for ICT systems in the Education Authority. 3. Provide technical security support and advice in all areas relating to Education Authority ICT systems, hardware and software, undertaking visits to business services where necessary. 4. Investigate and research technical security solutions to ongoing technical problems, formulating technical security procedures where required, and contribute to the broader development and improvement of the organisation’s ICT security posture. 5. Evaluate hardware and software security including cloud based technologies (and be aware of the current market) to assist in the provision of a secure ICT service to the Education Authority. 6. Assist with the development and maintenance of the ICT Assurance unit’s risk assessment processes. Involves monitoring risk levels, assisting in the co-ordination of problem solving and risk mitigation issues, security incident investigation, escalation, and reporting, to ensure a high level of security support is provided to all Education Authority users. 7. Assist with the provision of security specifications and technical information to all units on all technical security matters relating to infrastructure, desktop, networking and applications requirements for Education Authority systems and services. 8. Liaise with ICT suppliers of systems and services in conducting supplier assurance activities and the evaluation of supplier security control frameworks. 9. Liaise with External Service Providers in respect of supplier assurance and risk assessments. 10. As required engage with projects to evaluate the security design, development processes, and security configuration of ICT systems/assignments using corporate security policies and standards to inform design decisions. Operational 11. Undertake a variety of Operational activities in support of Education Authority ICT Assurance business processes and the security of EA systems as necessary. 12. Regularly perform operational security activities including undertaking regular reviews of security logs. 13. Assist where required the investigation of indicators of compromise including working with external cyber security partners 14. Service requests from EA services for security advice and support. Training 15. Assist Education Authority personnel with the secure operation of a variety of hardware and related software. 16. To participate in the planning, design and delivery of a programme of cyber and information security training and the production of related documentation. 17. Provide advice to Education Authority personnel on securing information systems used in the Education Authority, including ensuring their compliance with the Authority’s information security policies and standards . 18. Formulate procedure documents to guide Education Authority personnel in the secure use of ICT hardware and software. Advisory and Resource Management 19. Assist in the risk assessment of the Education Authority’s ICT resources (hardware and software), in relation to physical, technical and procedural security controls. 20. Assist with the resourcing of EA ICT related projects and programmes, providing security design and evaluation services. 21. Assist in the maintenance of an up-to-date electronic inventory of Education Authority ICT resources. 22. Provide regular reports as required by the line manager. Research and Development 23. Participate in the research and development work of the ICT Assurance Service, including specification of systems, security controls and third party services. 24. Engage in an active programme of research and development to ensure that information security challenges that Education Authority Units may encounter are resolved in the optimal risk managed way. 25. Engage in information assurance work requested by Education Authority units and agreed with the line manager. 26. Assist with the maintenance and enhancement of the Education Authority’s ICT systems and information security management systems. 27. Keep fully conversant with various developments in ICT, particularly in relation to application systems, the Internet and software products which may impact on the work of the Unit. This job description will be subject to review in light of changing circumstances and is not intended to be rigid and inflexible but should be regarded as providing guidelines within which the individual works. Other duties of a similar nature and appropriate to the grade may be assigned from time to time. In accordance with Section 75 of the Northern Ireland Act (1998), the post-holder is expected to promote good relations, equality of opportunity and pay due regard for equality legislation at all times. To view the summary of terms and conditions for this post, click here.