Cyber Security Analyst
Gatwick Airport - Where something new happens every 60 seconds!
Cyber Security Analyst
Salary: £Competitive, circa 15% performance related Bonus and Excellent Benefits
Gatwick Airport Limited (GAL) is the most efficient single runway airport in the world. It serves more than 46 million passengers to 228 destinations in 74 countries a year on a short and long-haul point-to-point basis. Gatwick is a major economic driver for the UK contributing £5.3 billion to national GDP, generating 85,000 jobs nationally, with around 24,000 jobs on the airport campus alone. Gatwick is a high growth business regularly achieving double digit year on year revenue growth.
To become the most efficient single runway in the world Gatwick has had to set a number of world firsts in terms of process, people and technology excellence in a highly complex and fast moving environment. GAL has won numerous awards in its history, including over ten major awards in 2017 alone. These awards include airport of the year; best airport; favourite airport for short-haul flights and marketing campaign of the year by a retailer.
The Gatwick IT function is widely considered by industry leaders and trade press as being in the top 5 most innovative airports in the world (behind Singapore, Schiphol and Dubai). The IT function has recently won several digital innovation awards including best in-house digital team of the year; best use of mobile technology; best corporate app; business IT innovation of the year and most innovative use of digital technology.
This role is of critical importance to Gatwick; as the successful candidate will work together with the Information Security & Compliance Manager and immediate team to ensure that Cyber Security controls are maintained and incorporated into the life cycle of all projects and reviewed throughout their duration.
Supporting the in-house Cyber Security function you will have the drive and enthusiasm to work in a complex fast moving environment, responsible for the following:
- Contributes to the day-to-day operation of the vulnerability management service using state of the art scanning tools (Qualys) and providing input into process improvements.
- Operating and overseeing Cyber Security controls such as: (Qualys, Skyhigh, Mimecast, SCCM Endpoint Protection and other controls.)
- The role holder will contribute to the continuous improvement to Cyber Security processes and procedures
- Responsible for monitoring new vulnerabilities that could have the potential to negatively impact Airport services and systems
- Ensure that the production and development of patching compliance reports for Windows Servers, PCs and applications
- Supporting and conducting Cyber Security investigations into a variety of security incidents
- The role holder with liaise and coordinate with on-site and off-site support partners and internal and external stakeholders
- The role holder with participate in Access control audits for normal and privileged users
- Contributes to the planning and coordination of internal and external Pen Tests and the content within the IT Risk Register
- The role holder will Attend and provide Cyber security input into the Change Control Board (CAB) and participate in Cyber Security Awareness training both CBT & faceto-face
Qualifications and experience
- Previous experience of working within IT Support Teams
- Strong Windows technology skills - Active Directory groups and permissions, GPO's Windows Server 2008, 2012 and Windows 7
- The ability to research solutions to technical problems
- Proven ability to deliver IT solutions to business customers
- Knowledge or experience of SCCM 2012
- Splunk Cloud for log collection and analysis
- AD Auditing tools e.g. AD Manager
- Anti-Virus tools
- Email filtering technologies e.g. Mimecast
- Web filtering technologies e.g. BrightCloud
- Security Incident and Event management tools
- Tufin Firewall rule analysis software
- A proven ability to learn and master IT technologies used in Commercial Organisations
- Prior knowledge of Airport passenger processing systems would be a distinct advantage. (E.g. successful completion of the Gatwick Airport graduate training programme)
- Excellent verbal and written communication skills
- The ability to work at pace, self-starter who can work with the minimum of supervision.
- A strong desire and ability to learn new technologies: (Formal training will be provided)
- An energetic, proactive and delivery focused IT professional with a strong desire to become a Cyber Security professional and obtain a recognised certification (CISSP etc.)