Senior Analyst - IT Security
Senior Analyst - IT Security
Full time, 37 hours per week.
£28,500 - £40,000
Essex County Council is undergoing one of the largest transformation programmes of its kind in the UK, and technology is recognised as being critical to this innovative and radical transformation. IT Services is at the forefront of delivering the technological change in support of ECC's ambitions, and the Digital Foundation Programme (DFP) is implementing O365, Win10, MS Dynamics, and collaboration tools; DFP will also support ECC in reaccreditation against ISO27001. IT Services "business as usual (BAU)" supports circa. 10,000 end user devices, 400 sites, over 100 major IT enabled projects, and over 400 line of business applications. ECC is also one of the only local authorities in the county to have achieve a "high assurance" rating from the Information Commissioners Office.
The postholder's work focuses on IT Security, and will include support for BAU and project work. The postholder will have specialist technical skills in one or several of the following areas: data and voice networks, servers, data centres, problem management, database administration, application support and development, web development, Microsoft environment. The postholder is expected to have a broad general understanding of most areas of IT Service. This role is likely to be carried out within a fast paced environment where an excellent level of customer service is expected at all times.
The purpose of this job is to help ensure the safe and secure delivery of ICT services to internal and external customers. The role will be based within IT Services and will work with teams across The Council to help to maintain ECC's compliance with relevant legislation and promote IT security as an enabler to achieve business outcomes.
Operating largely within established frameworks and processes (including ITIL), the Senior Analyst will ensure that requests passed to them are resolved effectively and customers are kept fully informed of their progress using the appropriate communication channels.
- Understand the needs of your customers and deliver the best possible outcomes through exemplar behaviour in accordance with ECC's Values and Core Organisational Behaviours.
- Work flexibly and collaboratively across structural boundaries in support of key outcomes.
- To contribute to development of organisational capability by taking ownership of your own training and development, including identifying and taking part in training and development activity and responding to feedback on performance.
- Thinking creatively, challenging the norms, and constructively challenging those around them (including those more senior) to ensure continuous improvement and commercial astuteness, and inspire the same in colleagues.
- Take responsibility for identifying and actioning areas of risk including Health and Safety and Business Continuity.
- Work as part of project or process teams as required under the new operating model, ensuring excellent cross functional output.
- Use specialist skill, knowledge and experience to help preserves the confidentiality, integrity and availability of information by applying risk management processes, and give confidence to stakeholders that risks are adequately managed.
- Provide expert ICT security advice and guidance to Information Services and relevant ECC stakeholders as required.
- Ensure compliance with all relevant external and internal regulation, including Public Services Network Code of Connection and Payment Card Industry Data Security Standard.
- Monitor the performance of third parties to ensure compliance with ECC's Information Security Policies..
- Work collaboratively with partners to ensure the best overall outcome for the people of Essex, whilst protecting ECC's interests.
- Keep customers informed on progress and, when required, meet with customers and provide support, advice or training face to face.
- Ensure appropriate data on security performance is collected and made available within IS for management reporting.
- Perform any other duties as may be reasonably required, in line with the grade of the post held.
Knowledge, Skills and Experience
- CISSP (Certified Information Systems Security Professional) or equivalent by experience.
- Educated to degree level in a relevant subject area, or equivalent by experience.
- Evidence of continuing professional development.
- Experience of implementing ICT security controls in a public services environment, including working with third party suppliers.
- Experience and understanding of a range of ICT including system administration.
- Experience of commissioning penetration testing and vulnerability scanning, plus managing the remediation of vulnerabilities.
- Ideally have experience working within an ISO27001 based security environment.
- Good problem management skills with relevant experience.
- Good verbal and written communication skills, experience of communicating effectively with a wide range of people, proven ability to deal effectively with customers.
- Highly self-motivated, able to maintain focus in a busy environment, plus exemplary team working skills.
Working for Essex welcome applications from all suitably qualified people regardless of gender, race, disability, age or sexual orientation.
Working for Essex is a trading name of Capita Resourcing Ltd. Services offered are those of an Employment Agency and Employment Business. Applicants will be required to register with us.