Job Description

This is a role with a high level of autonomy, analyzing and managing a significant number of high risk and sensitive enquiries and incidents, utilizing complex tooling. Managing frequent interactions with senior stakeholders from the CIO to extended leadership teams and customers ranging from University staff, academics to students and 3rd party suppliers. This role is pivotal in securing our network and infrastructure and will drive improvements in the way we identify & manage threats to our information security.

As Information Security Incident Officer you will work as part of a small but agile team responsible for supporting the Head of Information Security in the management, development, implementation and reporting in the following areas:

• Proactively contribute in developing Digital Strategy Office, Information Security capability, standards, methods, processes that will improve performance and efficiency of the function.
• Manage a response team and act as a point of contact for Security Incidents. Ensuring specific information is communicated to senior stakeholders in a timely manner.
• Manage the Incident Response Plan and develop scenario-specific runbooks. Support the Head of Information Security in the coordination of responses to major incidents
• Manage security incidents and requests having a perceived security impact
• Perform security sweeps and investigations including forensics work.
• Liaise with business and IT teams to understand business needs, processes, and dependencies in order to be able to better respond and assist in restoring the business capability in the case of an incident.
• Drive improvements to business practices that result in incidents and requests that are challenging from a security perspective and assist in driving improvements to root causes.
• Manage and document exceptions to policy and assist in developing escalation and approval processes. Maintain a registry of exceptions and continuously track them.
• Manage security related operations such as Patch Monitoring and Vulnerability Scanning as well as playing a role in maintaining various registers.
• Act as a point of contact in audits and liaising with external auditors providing information and documentation as required.

Required Knowledge, Skills, and Abilities