Cyber Security Analyst

Application deadline date has been passed for this Job.
This job has been Expired

Cyber Security Analyst

  • Post Date:22nd February 2024
  • Views 596
0 Applications
Job Description

Department: Information Technology
Reporting to: Head of IT
Grade: 4
Salary: £59,896 per annum + 5% Overtime Allowance
Base: Gravesend, Kent
Closing Date: 3rd March 2024

Apply for this role

Who we are:

The Port of London Authority is the statutory harbour authority for the tidal Thames and responsible for 95 miles of the River Thames from the Estuary to Teddington Lock in West London. We work to keep river users safe, protect and enhance the environment and promote the use of the river for trade and travel.

The IT department consists of two major functions – corporate systems and navigation systems.

The corporate systems team consists of engineers, business analysts, project managers, software developers and office roles who provide productivity services to the whole business providing a broad range of systems and services across multiple sites.

The navigation systems team consists of engineers and supporting office roles who provide services to operational team, providing and maintaining systems and hardware for a broad range of services including RADAR, vessel identification and tracking, radio communications, and tidal and weather information across a large multi-site microwave network.

The role:

As a key member of the IT management team, this role will lead on developing, implementing, and auditing governance inside and outside of the department to achieve compliance with standards. Additionally, the role will have the engineering expertise to support cyber-related project work and to ensure all IT projects meet the required cyber-related standards.

What we are looking for:

The successful candidate will have:

Qualifications and Education Requirements:

  • Degree in an IT, computer science, cyber security or related discipline.
  • Demonstrable project management experience or qualification.
  • 2+ years’ hands on experience in a comparable role.
  • Formal industry recognised Cyber Security qualification – ISC2 CISSP, ISC2 CISM or certified ethical hacker
  • Full driving licence.

Essential criteria:

  • Demonstrable knowledge of cyber-attack analysis, able to correlate multiple event sources to provide a complete analysis of an intrusion, and to effective threat hunt (eg MITRE, kill chain)
  • Demonstrable experience with best practice Incident Response principles (eg NCSC/NIST)
  • Demonstrable knowledge of Threat Intelligence reporting and modelling
  • Knowledge of accepted cyber security principles, industry best practice and information risk concepts
  • Experience managing SIEM & EDR tools
  • Technically proficient with in depth knowledge and thorough understanding of server-infrastructure, networking infrastructure, and cyber security infrastructure.
  • Demonstrate required skills and experience to quickly understand specialist systems.
  • Achieve and maintain security clearance as required by the PLA and third-party sites (BPSS and CTC required).
  • Skills and ability to be the ‘go to expert’ within the team for all team members.
  • Dynamic and self-motivated with excellent problem-solving capabilities and time management skills.
  • Committed to self-development and continuing professional development to maintain, refresh and update relevant skills.
  • Critical thinker with the ability to challenge appropriately and contribute to continual improvement.
  • Able to develop effective working relationships and promote and encourage team working and efficient use of time and resources.
  • Able to influence and negotiate at an individual, team and team to team level, with excellent customer-service skills.
  • Able to demonstrate a high degree of flexibility including out-of-hours working.

Role and Responsibilities:

  • Leads on compliance with cyber essentials and the NIS directive.
  • Develops and owns cyber security processes and procedures to ensure that security controls are managed and maintained both in region and globally
  • Develops and maintains comprehensive cyber risk assessments, identifying vulnerabilities and potential threats.
  • Contributes to the creation and maintenance of policy, standards, procedures and documentation for cyber security that maintain and achieve relevant industry security certifications.
  • Develops plans to enforce security requirements and address identified risks.
  • Researches and assesses new threats and security alerts and recommends remedial actions.
  • Assists and supports in the development of working practices and standards across the team.
  • Provides expert guidance on best practice for risk management and mitigation.
  • Stays abreast of industry regulations and compliance requirements related to cyber security.
  • Ensures that all identified cyber security breaches are promptly and thoroughly investigated and that any system changes required to maintain security are implemented.
  • Plays an active part in managing, responding to and resolving security incidents.
  • Ensures that security records are accurate and complete and that requests for support are dealt with according to set standards and procedures.
  • Develops and delivers cyber security training programs.
  • Works with key suppliers, partners and vendors to drive maximum value and security benefit from security services and solutions.
  • Assists in the budget setting process to ensure cyber-related expenditure is forecast and managed.
  • Installs, monitors, maintains and administers cyber-related systems.
  • Assists in the delivery of cyber-related infrastructure projects.
  • Collaborates with engineers across the department to develop and implement cyber security improvements.
  • Develops cyber-related maintenance and replacement plans for our systems and associated infrastructure including patch management.
  • Leads on the cyber aspects of architecture and design of systems.
  • Project manages replacement projects or provides a significant contribution as a key member of a project team.
  • Creates, updates and maintains technical documentation, change control, approval and asset records.
  • Undertakes training and development to maintain specialism and act as a specialist in cyber.
  • Contributes to the development and progression of colleagues within the whole team.
  • Works in accordance with agreed service levels, department processes, policies and procedures.
  • Deputises for the Corporate Infrastructure Manager.

In return, we offer a competitive benefits package:

  • Access to training with both internal and external courses provided
  • 28 days annual leave + Bank Holidays
  • Private Medical Insurance
  • Generous pension
  • Onsite parking with electric charging
  • Access to Occupational Health, Mindfulness, Counselling and Physiotherapy
  • Cycle to Work Scheme
  • Access to MyGymDiscounts

Our recruitment process may include both Virtual and Face to Face interviews as well as ability and psychometric testing.

The PLA are not registered with the UK Home Office and do not sponsor candidates who require a visa or work permit to work in the UK, therefore an offer of employment cannot be made unless you currently hold the rights to live and work in the UK.