< Back to jobs

Job Title IT Security Analyst
Position Full Time - Permanent
Role Business Services
Location London
Practice Area/Department IT
Description

Before you meet us, get to know us

RPC is a modern, progressive and commercially-oriented City legal services business. From our offices in the UK, Hong Kong and Singapore we provide advice to both UK and international clients.

What we do

Our legal practice spans a wide range of industry sectors and is broadly split into two discrete areas: insurance and corporates. Working on both contentious and non-contentious matters, our clients range from large multinationals to growth UK corporate firms and other professional practices, and include many household names.

Why we're different

We have a confident, accessible and enterprising approach that sets performance, service and value at the top of the agenda. Our goal is to do the usual things unusually well, make the complex simple and help our internal and external clients build better, stronger businesses.

Business Services at RPC

Working at RPC means being part of a collaborative and creative environment, which is flexible, transparent and friendly. We value our business services teams and recognise that individual contributions at all levels are essential to the success of RPC as a whole.

RPC's business services teams include:

  • Brand Marketing & Sales
  • Client Services
  • Executive Office
  • Facilities
  • Finance
  • Legal Project Management
  • Information Technology
  • People & Talent Development
  • Risk & Compliance
  • Secretarial Support

Role Overview

This position will manage, provide technical support, implement, maintain and troubleshoot all security products used by the firm. The candidate must have significant hands on experience with security technologies and solutions. Perform daily oversight and gain assurance that security controls are operating effectively, investigate security events and incidents, undertake security assessments and function as a security subject matter expert. The role holder will also work with relevant teams around the firm to ensure that appropriate operational security controls are understood, agreed and implemented.

Reports to

Head of Information Security

Key responsibilities

  • Provide support the overall technical IT security needs to the firm, as a security subject matter expert.
  • Manage intrusion detection/protection systems, firewalls, web filtering solutions, web application firewalls, host intrusion protection, antivirus, anti-malware and zero-day threat protection services.
  • Have a full and complete understanding of the security technologies used to protect the services delivered to the firm, including maintaining the operational capability and documentation of all services.
  • Undertake all technical aspects of the role, including providing security designs and configuration and product recommendations when required.
  • Proactive member of the wider global IT team providing services to all offices within an International Firm.
  • Maintain the most appropriate security designs to support the firm, conduct reviews regularly considering established best practices and emergin technologies.
  • Keep abreast of the cyber security threats and review threat intelligence information
  • Conduct internal and vulnerability scans
  • Oversee the monitoring and of IDS/IPS, and other security prevention and detection controls
  • Manage privilege account management systems.
  • Manage security and investigate all security events to resolution.
  • Conduct technical security audits and perform risk assessment.
  • Conduct firewall, network and systems configuration audits and networking security penetration testing.
  • Perform vulnerability scans on networks, servers, systems and applications.
  • Oversee the IT department security patching process.
  • Contribute to weekly security reports including keeping track of information security metrics.
  • Interact with technical teams to deliver secure, stable and scalable solutions.
  • Work with consultants and third parties in relation to the security of the services they provide.
  • Conduct malware analysis and research for new exploits and techniques to counter act.
  • Work with stakeholders to define systems requirements for the security of new technology implementations.
  • Undertake a change advisory role including reviewing new change requests and attending the weekly CAB meetings.
  • Manage the firm's security incident manage processes and maintain playbooks required for incident response and recovery
  • Feed into Major Incident Management and Problem Management processes.
  • Keep up to date on the latest security technologies and solutions and conduct research into their potential application in the firm.
  • Work within the RPC project methodology for all projects.
  • Comply with, support and assist in the development of firm security systems, policy and procedures.
  • Maintain awareness of the cyber security threat landscape in the sector and more widely

Key Capabilities

  • University degree in Computer Science or Information System or significant work experience.
  • At least two years' experience in an IT security position, preferably in a professional partnership.
  • Certifications in CompTIA Security+, CEH or GIAC GSEC preferred
  • Security Accreditation experience such as; ISO27001 Cyber Essentials+
  • Proven experience in IT Security operations within a large IT department.
  • Ability to research and design security blueprints for technologies
  • Experienced in designing secure configurations / hardening guides for technologies and hands on experience implementing them.
  • Extensive networking, Check Point firewalls and Windows server security
  • Must be skilled in root cause analysis and provide possible solutions
  • Excellent documentation skills and capable of creating security architecture diagrams
  • Strong analytical and problem solving skills, the ability to systematically break down complex issues and tasks into manageable pieces
  • Understands the application of clients' business goals and place security has in achieving them
  • Ability to present ideas in business-friendly and user-friendly language
  • Operational hand on experience of the following technologies
    • Firewalls
    • Windows server and client security
    • Windows Active Directory and group policy
    • IDS & IPS
    • End Point Protection
    • E-mail protection
    • Vulnerability management
    • Web Application Firewall
    • Windows Server 2012, 2016
    • Microsoft SQL Server 2012, 2014
    • Web Filtering technologies
    • Network Technologies
    • Azure Cloud Security Services
    • Website security

Attributes

  • Demonstrates a 'can do' attitude under pressure while keeping a clear understanding of user impact
  • Highly self-motivated and directed with excellent interpersonal skills
  • Keen attention to detail
  • Strong communication and interpersonal skills
  • Passionate about security
  • Demonstrates excellent communication skills, able to present key points of an argument persuasively.
  • Ability to work in a fast paced and dynamic environment.
  • Ability to develop and present ideas and reasoned arguments clearly and concisely.
  • Flexible - happy to work outside normal working hours when required.
  • Curious
  • Displays an adaptable and flexible working style, remaining calm under pressure, adjusting comfortably to changing conditions and priorities
Additional Documents
IT Security Analyst
Download