IT Security Operations Specialist
The IT Security Operations Specialist role is an opportunity for an experienced IT or IT Security professional to play an important part in ensuring a layer of information security oversight and governance is applied to all aspects of the Firm's activities.
The individual will be responsible for driving core IT security processes such as access, supplier and vulnerability management. A forensic attention to detail will be required to use our leading edge technology and services to monitor systems, identify anomalies and investigate incidents.
In addition, we are looking for someone who has an intuitive grasp of internet security and Cloud technologies, combined with an ability to adapt existing processes and controls and apply them in different contexts.
This role will report to the Information Security Officer.
Role and responsibilities
- Drive core IT Security processes, including Access Management, Supplier Management, Vulnerability Management and Data Loss Prevention as required
- Become expert in supporting IT Security tools and provide assurance to management with regard to these processes in the form of reporting
- Where required, work with business units to review their processes and identify Information security risks
- Help develop risk treatment recommendations and control regimes to ensure these are adequately mitigated, and follow up to ensure that these are implemented
- Provide the first level of contact and support between Information Security and the firm's Client Technology Department
- Proactively build an in-depth understanding of the applications and business processes used across all areas of the firm
- Identify and risk-assess application and process changes that may affect our information security posture
- Manage and operate our best-of-breed monitoring solutions (Cloud application security broker and outsourced security monitoring service) to build a profile of "normal" usage and pro-actively identify potential issues
- Take ownership for investigation and remediation of any issues/incidents identified
- Work with business units, IT and the firm's training function to build information security awareness material relating to leading practice usage of Cloud services
- Respond to or escalate security related queries from users and clients as required
- Proactively keep abreast of security-relevant information in the legal technology space
Skills, experience and characteristics required
- Bachelor’s Degree in Computer Science, Computer Engineering, IT or a related technical field
- 3+ years of experience in Application Support and/or IT Security Operations
- A recognised IT/Information / Cyber Security qualification is desired but not essential
- Strong IT Security Operations experience in a corporate environment
- Strong problem solving skills with good attention to detail. Strong organisational skills to handle multiple tasks within the constraints of timelines and budgets
- Deep understanding of Cloud computing and experience in working with key Cloud security technologies such as multi-factor authentication, ADFS, and SAML
- Strong communication skills are essential, together with a professional approach
- Background in working with Cloud services such as O365/Azure/AWS security