Cyber Analyst

at  The Open University UK

Cyber Analyst
Advert Reference Number: 280
Job Location: Milton Keynes, Remote/Hybrid
Department: Information Security
Salary: £37,099 to £44,263
Closing Date: 9th October 2024
Weekly Working Hours: 37
Contract Type: Permanent
Fixed Term Contract: End Date: Not Applicable
Welsh Language Standard: Not Applicable
:

ESSENTIAL REQUIREMENTS

As part of the application process, you will be expected to submit your CV and a Supporting Statement (maximum of 1000 words) that demonstrates how you meet the essential criteria listed above. Flexible working patterns will be considered.

It is anticipated that a hybrid working pattern can be adopted for this role, where the successful candidate can work from home and the office. However, as this role is contractually aligned to our Milton Keynes office it is expected that some attendance in the office will be required when necessary and in response to business needs.

• Early Close: We reserve the right to close adverts sooner than the closing date.

ABOUT THE ROLE

We believe that where you start in life, shouldn’t limit where you go.
The Open University is a unique institution created 50 years ago to open up education for all. We are open to anyone, anywhere, changing millions of lives across the world and always looking for new ways to help people succeed. Our pioneering use of innovative methods, such as our BBC partnership, means we reach more people than any other university.
We work across all four nations of the UK and we are the most popular choice for online, distance, flexible study.
Digital Services bring trusted design, data and technology know-how to the delivery of lifelong learning. Digital Services are responsible for the digital information, systems and technologies used by staff and students across The Open University. Covering all aspects of digital technology at the OU, from sourcing and maintaining systems, through to providing frontline IT support for staff and students.
As a technical member of the Information Security team, the Cyber Analyst will ensure that the confidentiality, availability and integrity of the Open University’s information and information systems is protected.
The university is furthering investment in the operational arm within Information Security and is looking to strengthen its team. The Cyber Analyst will be expected to work alongside our existing team, helping to configure, monitor, respond and escalate security events or incidents as per response plans. The Cyber Analyst will report into the Senior Cyber Analyst but will work closely with our third-party security partners. They will also be expected to closely co-ordinate with our Vulnerability Management, Architecture, Governance, Risk & Compliance and Training and Awareness colleagues.

KEY RESPONSIBILITIES

• Create, maintain, and triage alerts in response to security events.
• Support the Senior Cyber Analyst during severe cyber incidents, helping to co-ordinate with Incident Management and other third-party stakeholders.
• Document and refine response plans and playbooks to existing and new alerts.
• Create and maintain operational procedure documentation.
• Stay abreast with emerging threats and security trends.
• Record observations and apply analytical thinking to highlight weaknesses in response plans, playbooks, vulnerabilities, and trends.
• Support with threat hunts, vulnerability scanning, and penetration testing as required.
• Contribute and present to various stakeholders about emerging threats to upskill and raise awareness across business units.
• Work closely with Information Rights (Data Protection) and Information Technology (IT) colleagues to align breach and incident management into Cyber Incident Response Plans.
• Assist in the configuration of security systems and applications.
• Contribute to operational level exercises to assess response plans and embed Cyber Incident Response procedures into the organisation.
• Reduce cyber risk to tolerable levels as defined by the CISO by evidencing the completion of activities mapped to cyber risks.
• Develop and provide incident reports for varying audiences.
• Leverage automation technologies to alert and build responses to cyber events and incidents.
• Contribute to the automation and improvement of team processes and administration activities.
• Support with compliance programme activities as required (ISO27001, CyberEssentials).

It is anticipated that a hybrid working pattern can be adopted for this role, where the successful candidate can work from home and the office. However, as this role is contractually aligned to our Milton Keynes office it is expected that some attendance in the office will be required when necessary and in response to business needs.

• Early Close: We reserve the right to close adverts sooner than the closing date