Not currently receiving applications. For agency users and internal applicant, please login, or register.
Job Title
IT Security Analyst
Position
Full Time - Permanent
Role
Business Services
Location
London
Practice Area/Department
IT
Description
Before you meet us, get to know us
RPC is a modern, progressive and commercially-oriented City legal
services business. From our offices in the UK, Hong Kong and Singapore
we provide advice to both UK and international clients.
What we do
Our legal practice spans a wide range of industry sectors and is
broadly split into two discrete areas: insurance and corporates.
Working on both contentious and non-contentious matters, our clients
range from large multinationals to growth UK corporate firms and other
professional practices, and include many household names.
Why we're different
We have a confident, accessible and enterprising approach that sets
performance, service and value at the top of the agenda. Our goal is
to do the usual things unusually well, make the complex simple and
help our internal and external clients build better, stronger businesses.
Business Services at RPC
Working at RPC means being part of a
collaborative and creative environment, which is flexible,
transparent and friendly. We value our business services teams and
recognise that individual contributions at all levels are essential
to the success of RPC as a whole.
RPC's business services teams include:
Brand Marketing & Sales
Client Services
Executive Office
Facilities
Finance
Legal Project Management
Information Technology
People & Talent Development
Risk & Compliance
Secretarial Support
Role Overview
This position will manage, provide technical support, implement,
maintain and troubleshoot all security products used by the firm. The
candidate must have significant hands on experience with security
technologies and solutions. Perform daily oversight and gain assurance
that security controls are operating effectively, investigate security
events and incidents, undertake security assessments and function as a
security subject matter expert. The role holder will also work with
relevant teams around the firm to ensure that appropriate operational
security controls are understood, agreed and implemented.
Reports to
Head of Information Security
Key responsibilities
Provide support the overall technical IT security needs to the
firm, as a security subject matter expert.
Manage intrusion detection/protection systems, firewalls, web
filtering solutions, web application firewalls, host intrusion
protection, antivirus, anti-malware and zero-day threat protection services.
Have a full and complete understanding of the security
technologies used to protect the services delivered to the firm,
including maintaining the operational capability and documentation
of all services.
Undertake all technical aspects of the role, including providing
security designs and configuration and product recommendations when required.
Proactive member of the wider global IT team providing services to
all offices within an International Firm.
Maintain the most appropriate security designs to support the
firm, conduct reviews regularly considering established best
practices and emergin technologies.
Keep abreast of the cyber security threats and review threat
intelligence information
Conduct internal and vulnerability scans
Oversee the monitoring and of IDS/IPS, and other security
prevention and detection controls
Manage privilege account management systems.
Manage security and investigate all security events to resolution.
Conduct technical security audits and perform risk assessment.
Conduct firewall, network and systems configuration audits and
networking security penetration testing.
Perform vulnerability scans on networks, servers, systems and applications.
Oversee the IT department security patching process.
Contribute to weekly security reports including keeping track of
information security metrics.
Interact with technical teams to deliver secure, stable and
scalable solutions.
Work with consultants and third parties in relation to the
security of the services they provide.
Conduct malware analysis and research for new exploits and
techniques to counter act.
Work with stakeholders to define systems requirements for the
security of new technology implementations.
Undertake a change advisory role including reviewing new change
requests and attending the weekly CAB meetings.
Manage the firm's security incident manage processes and maintain
playbooks required for incident response and recovery
Feed into Major Incident Management and Problem Management processes.
Keep up to date on the latest security technologies and solutions
and conduct research into their potential application in the firm.
Work within the RPC project methodology for all projects.
Comply with, support and assist in the development of firm
security systems, policy and procedures.
Maintain awareness of the cyber security threat landscape in the
sector and more widely
Key Capabilities
University degree in Computer Science or Information System or
significant work experience.
At least two years' experience in an IT security position,
preferably in a professional partnership.
Certifications in CompTIA Security+, CEH or GIAC GSEC preferred
Security Accreditation experience such as; ISO27001 Cyber Essentials+
Proven experience in IT Security operations within a large IT department.
Ability to research and design security blueprints for technologies
Experienced in designing secure configurations / hardening guides
for technologies and hands on experience implementing them.
Extensive networking, Check Point firewalls and Windows server security
Must be skilled in root cause analysis and provide possible solutions
Excellent documentation skills and capable of creating security
architecture diagrams
Strong analytical and problem solving skills, the ability to
systematically break down complex issues and tasks into manageable pieces
Understands the application of clients' business goals and place
security has in achieving them
Ability to present ideas in business-friendly and user-friendly language
Operational hand on experience of the following technologies
Firewalls
Windows server and client security
Windows Active Directory and group policy
IDS & IPS
End Point Protection
E-mail protection
Vulnerability management
Web Application Firewall
Windows Server 2012, 2016
Microsoft SQL Server 2012, 2014
Web Filtering technologies
Network Technologies
Azure Cloud Security Services
Website security
Attributes
Demonstrates a 'can do' attitude under pressure while keeping a
clear understanding of user impact
Highly self-motivated and directed with excellent interpersonal skills
Keen attention to detail
Strong communication and interpersonal skills
Passionate about security
Demonstrates excellent communication skills, able to present key
points of an argument persuasively.
Ability to work in a fast paced and dynamic environment.
Ability to develop and present ideas and reasoned arguments
clearly and concisely.
Flexible - happy to work outside normal working hours when required.
Curious
Displays an adaptable and flexible working style, remaining calm
under pressure, adjusting comfortably to changing conditions and priorities