1. To investigate security incidents, assessing their impact, and applying the appropriate response. Presenting the findings at briefings.
2. To performance manage security controls on the digital estate to identify deficiencies, recording them, and taking the necessary actions to bring these risks under control.
3. To manage vulnerability scans to the digital estate as required by compliance regulations and as needed by the business.
4. To review Cyber Security implications of technical designs and implementations.
5. To support and develop the teams Cyber Security engineers.
6. To advise IDS team members on the use of best practices in Cyber Security, ISO27001, and NCSC guidance.
7. To be aware of the emergence of new cyber security threats and vulnerabilities.
8. To research, review, investigate new technologies to maintain and enhance the technical security of the Council’s network in line with business requirements, best practice and regulatory requirements.
9. To use analytic tools to determine emerging threat patterns and vulnerabilities.
10. To update policies, procedures and processes that support the cyber security framework.
11. To use the entire Microsoft suite of technologies to protect Council data (Defender, Sentinel, Azure)
12. To manage the relationship with the external SOC, ensuring playbooks are established regarding incidents and alerts.
13. To manage network security, regarding WAF, Application Gateways, Firewall rules etc…
14. Advise project managers about technical security risks concerning their projects. Perform risk assessments where required.
15. Engage with suppliers, advisers and regulators to review, upgrade and enhance the security of the Council’s network; ensuring compliance with mandatory codes of connection.
16. To support the council’s strategy and policy for technical disaster recovery and business continuity including planned maintenance shutdowns.
17. To participate in meetings with colleagues, customers and suppliers including team meetings and service review meetings.
18. Coordinate the response to major security incidents, breaches of security controls, investigating events, prioritizing, coordinating and reporting on impacts, ensuring evidence is secured to support further actions by the relevant authorities.
19. To maintain the Cyber Security risk register and produce regular reports on the status of key risks to council’s digital estate.
20. Improve the Cyber Security framework by incorporating new requirements from the business, regulators, technology, threats and vulnerabilities to ensure the direction of cyber security is kept relevant and continually improved to meet the needs of the council.
21. To ensure the council is achieving its legal and regulatory responsibilities to the Public Services Network (PSN), Payment Card Industry (PCI), General Data Protection Regulation (GDPR) and various audits. Documenting the actions and escalating where necessary.
22. To coordinate and manage cyber security awareness campaigns to the organisation.
23. Support the Head of Cyber Security in any aspects of their investigations, ensure evidence is secured to support further actions by the relevant authorities.
24. To be discreet and confidential in the undertaking of investigations involving access to highly sensitive, confidential material which may be damaging to the reputation of the council, citizens or employees.
25. Work with Cross-directorate teams to promote and implement high security standards for all council systems.
26. To undertake other duties commensurate to the grade of the post.
Pay rate: £400 per day umbrella
Three to six months contract with view to extend or make permanent