Senior Cyber Security Analyst

at  IPRS Group

IPRS Group is one of the UK’s leading providers of private healthcare services to a diverse range of clients.
Founded in 1995, the IPRS Group is comprised of 4 unique organisations each operating in a different sector, all driven with the same goal, providing quality services to improve the lives of the people who access our services.
The IPRS Group is an award-winning employer, being named Best Employer in the Healthcare and Pharmaceuticals industry for our region along with being made a Platinum Employer 2023. Our Head Office is based just outside of Ipswich, but we operate throughout the UK with the majority of our roles supported by remote working.
We are currently recruiting for a Senior Cyber Security Analyst with minimum of two years Cyber Security experience and minimum 5 years IT experience to join our team based from our office in Little Blakenham, Ipswich. Although based from our head office, there will be occasions when you will be required to travel to other sites, for which a full driving licence and your own vehicle with ‘Business Use’ insurance, is essential.

QUALIFICATIONS AND TRAINING:

CISPP certified or equivalent (E)
Evidence of continuing professional development (E)
GNVQ/NVQ Level 2 qualification or equivalent or
6 GCSE/O level passes Grade 9-4 (A*-C) or equivalent, including English and Math
Recognized ICT qualifications (D):
CompTIA A+
CompTIA Security+
MCSE: Server Infrastructure
MCSE: Desktop Infrastructure
MCSA: Windows 7/8/10
Full UK Driving License (E)
Ability to pass DBS Checks (E)
Hold a CISSP qualification / or be willing to study and gain the CISSP qualification within 12 months in role.

EXPERIENCE AND KNOWLEDGE:

A minimum of 5 years IT experience (E)
A minimum of 2 years Cyber Security experience (E)
Minimum three-years post qualifying experience (E)
Experience of identifying, analysing and assessment information security threats and vulnerabilities (E)
Awareness of information security forums (D)
Experience with Connect Wise Automate (E)
Experience with Microsoft Intune (E)
Experience with Microsoft Defender | ESET Antivirus (E)
Experience with Microsoft Azure Platform (E)
Experience with Multiple Firewall Vendors (E)
Experience with Security Incident and Event Management (SIEM) (E)
Experience with vulnerability scanning tools such as Nessus / Tennable.IO (E)
Experience with Cyber Security, risk management, ISO 27001 and Cyber Essentials Plus
Experience of using various Microsoft programs (E)
Experience of using IT technologies:
Clients; Windows 7/8/10, Desktop, Laptop, Mobile Phones and tablets (E)
Servers: Windows Server, Linux Distributions, Azure Cloud (E)
Domain: Active Directory, Group Policies and File Servers (E)
Security/Networks: Anti-Virus, Backups, Firewalls, Routers, VPN, Telephony (3CX) (D)
Experience using IT Solutions:
Using and Supporting Microsoft Office (E)
Supporting computer networks (E)
Installing PCs/Upgrading software (E)
Supporting custom applications (D)
Data download and transfer (E)
Network and system monitoring (E)
Routine system administration (E)
Experience with using a Ticketing Management Solution

SKILLS AND ABILITIES:

Ability to communicate effectively with internal and external customers verbally and in writing (E);
Ability to time manage to meet agreed deadlines in a demanding environment (E);
Ability to build good relationships (E);
To be professional and have a competent manner (E);
Clear and concise written and spoken communication skills, in particular a friendly telephone manner (E);
Attention to detail and the ability to record information accurately (E);
Ability to prioritise and meet relevant Key Performance Indicators in a demanding environment (E);
Understand change management processes and their importance (D)
Understand and follow procedures where set (E)
Ability to work on own initiative in a proactive manner (E);
Team worker who is flexible and has a positive attitude to learning and self-development.
Well-organised and able to take responsibility for assigned tasks
The applicant will need to be able to demonstrate an excellent level of technical knowledge and be able to apply the knowledge in a structured approach to solve IT issues

MAIN PURPOSE OF THE ROLE:

The duties of the Senior Cyber Security Analyst include being a reference point for all IT / Information Security and Cyber Security related queries within IPRS, ensuring all information is captured into a defined task / event / incident, together with desired outcomes. This also includes managing the Security Operations Centre Queue, delivery exceptional service when dealing with requests. The Cyber Security Analyst will deal with majority of tasks / events and incidents with support from the IT Manager, Group Information Security Officer and any relevant third parties. Additional duties include supporting other IT Team members resolving issues remotely or onsite.

MAIN JOB DUTIES:

Produce a Cyber Security Recommendations proposal to the business (Interim report – within 8 weeks of starting the role).
Line Manage of 1 Cyber Security Analyst.
Provide technical support to the IT Support Team and Development Team.
Provide onsite and remote support in relation to IT / Information Security and Cyber Security tasks, events incidents across all businesses, enabled by a ticketing system, within set SLA times and business priority.
Completing allocated tasks and project work to a high standard.

MAIN AREA OF RESPONSIBILITIES:

ConnectWise Automate, Intune, Defender, ESET, Azure, Firewalls, SIEM, Nessus / Tennable.IO
Cyber Security, risk management, ISO 27001 and Cyber Essentials Plus
Organise annual penetration tests.
Documenting security breaches and assessing their damage.
Track and identify threats and vulnerabilities to our information security across our networks and systems.
Developing and implementing a comprehensive plan to secure the computing networks and systems.
Monitoring network usage to ensure compliance with security policies.
Keeping up to date with developments in IT security standards and threats.
Collaborating with management and the IT Manager to improve security.
Educating colleagues about security software and best practices for information security.
Develop information security solutions.
Create, review and update information security policies.
Ensure our IT infrastructure is secure.

AD-HOC JOB DUTIES:

Updating knowledge base and SOPs
Travelling to remote sites to support the IT Team or onsite users
Attend information security conferences/forums.

GENERAL/ADDITIONAL DUTIES:

To comply with the Corporate Data Protection Policy which covers all aspects of IPRS’ business in both electronic data and manual filing system;
Employees must be aware of the responsibilities placed on them under the Health and Safety at Work Act (1974) and ensure that agreed safety procedures are carried out to maintain a safe environment for employee, patients and visitors;
To ensure that professional behaviour, appearance and attitude are maintained, and the organisation’s policies and procedures are adhered to.