Cyber Security Analyst
Cyber Security Analyst
Hradec Králové, 50006, Czech Republic
With the increasing threat from virus infections, intrusion and cybercrime this role will provide expertise and ownership in developing CyberSecurity strategies, standards and policies to protect Quadient’s IT solutions and services from potential hackers and other technological security breaches.
The role will also lead with implementing, operating and managing CyberSecurity tools and processes, and will also be key in planning and executing procedures and activities in relation to CyberSecurity incidents and ensuring effective resolution of such incidents. In doing so the role will define and promote CyberSecurity excellence across the Quadient IT function.
The role reports to the Group ICT Team Lead and will be based in Hradec Kralove, Czech Republic. Given the need to align CyberSecurity services with Quadient’s Information Security strategy and policy, it is expected that this role will work closely with Quadient’s Information Security Manager.
The essential requirements for this role include:
- At least 3 years’ experience of working in a related role (e.g. security operations or analyst) in a team with relevant security responsibilities.
- Experience in implementing or managing security controls (technologies, services, processes) to meet the requirements of company policies or regulation.
- Experience in the design, implementation and operation of security tools (e.g. client/server, firewall, IDS / IPS, Web and Email Filtering, Vulnerability Scanning etc.) and security processes (e.g. Incident, Release, Change, Vulnerability etc.) in a multinational environment.
- Experience of working with industry recognised security related frameworks (e.g. NIST, COBIT, ISO27001 etc.) to inform strategy and roadmaps.
- Experience of operating within a cloud-centric IT architecture.
- Has performed or supported security audits or assessments across different business locations, creating an action plan to manage areas of follow up.
- Logical troubleshooting skills to successfully breakdown and resolve complex issues.
- Excellent communication skills, both written and verbal in the English language.
- Ability to negotiate and manage working relationships with suppliers of security technologies and services to deliver successful business outcomes.
- A self-starter who will take ownership and drive initiatives to completion.
- Ability to multi-task, work under pressure and to tight deadlines.
- Strong interpersonal skills, able to forge effective working relationships across various internal and supplier teams.
The key responsibilities for this role are to:
- Define CyberSecurity Standards that are aligned with Information Security Policies, to provide a minimum expected standard of security across internal and third-party IT services.
- Provide advice and guidance to internal IT teams on how to become compliant with CyberSecurity Standards.
- Perform regular security assessments and audits to review the implementation of CyberSecurity Standards and to assess the overall level of security protection (e.g. penetration testing). Where weaknesses or loopholes exist, ensure that remediation plans are in place and monitor progress to an acceptable conclusion.
- Define a CyberSecurity Technology Strategy, that is aligned to the IT Strategy and supports Information Security Policy and CyberSecurity Standards. Work with the Information Security Manager on a Technology Roadmap and to secure funding.
- Implement and operate approved CyberSecurity technologies and services, ensuring that such technologies and services are performing effectively as evidenced by regular reporting.
- Represent CyberSecurity operational performance as well as the delivery status of roadmap or strategic improvements into Quadient’s Security Board.
- Ensure effective CyberSecurity event management by proactively monitoring event notifications and where risks are identified, ensure actions are taken to mitigate. Perform a regular audit of event notification and logging mechanisms, to ensure appropriate event management.
- Manage the CyberSecurity incident response process to ensure that issues are detected and resolved quickly and effectively, mitigating the impact to Quadient as much as possible.
- Perform proactive analysis of security threats, updating the CyberSecurity Standards as required and working closely with the Information Security Manager to inform employees and suppliers of actions to mitigate risks.
- Manage the delivery of CyberSecurity related projects, either as a workstream within a larger project or as a standalone implementation.
- Provide a security advisory role to the Quadient IT organisation e.g. providing guidance to teams when implementing new technologies or business applications.
- Proactively identify, recommend and act upon opportunities for continuous security improvement.
- Work with the Group ICT Team Lead and wider ICT Team as required to support the on-going effectiveness of the ICT organisation.