Job responsibilities
SECTION 1- MAIN RESPONSIBILITIES
Security Management
To provide IT Security advice and support internally to the information Technology Team and to staff working throughout the ICFT.
To pro-actively participate in the planning and implementation of policies and procedures to ensure IT Security provisioning and maintenance that is consistent with the Trusts goals, industry best practice and regulatory requirements.
To administer and monitor the Trusts IT Security systems and services operational within the ICFT. To provide corrective plans and the implementation of those plans to ensure the ICFT remains complaint and secure, whilst adhering to ICFT policies relating to change and release management.
To further develop the organisations ICT Information Security Management Systems in line with the requirements of Information Security Standards.
Provide advice to the organisation on IT security, technical aspects of information governance and IT risk management. To contribute to the evaluation, development and implementation of upgrades to the IT Infrastructure of the ICFT.
Propose changes and improvements to IT security policies and procedures, implement changes under the direction of line manager.
Ensure that access control, disaster recovery, business continuity, incident response and risk management needs are appropriately addressed. Investigate suspected and actual breaches of IT security and undertake reporting/remedial action as required. Maintain a log of any incidents and remedial recommendations and actions.
Perform on going IT Security risk assessments and audits to ensure that IT Systems are adequately protected. Conduct business risk assessments for business applications and computer installations. Coordinate with the Technical Team, Networks, Service Delivery and Project teams to ensure all solutions utilise IT Security best practices to meet corporate objectives.
Work with vendors, outside consultants and other 3rd parties to improve IT security within the organisation. Establish and maintain a register of data and system owners. Maintain Risk, Issue and Change registers for IT systems and information security. Review and advise on IT Security patches and software updates according to best practices. Anticipate, mitigate, identify, troubleshoot, and resolve hardware and software problems on IT Security appliances and servers.
Identify threats to the confidentiality, integrity, availability, accountability and relevant compliance for information systems and provides authoritative advice and guidance on the application and operation of all types of security controls, including legislative or regulatory requirements such as data protection and software copyright law
Maintain currency with security and security enhancing technologies and brief colleagues as needed to enable measures to be implemented where and when necessary/desirable. Provide advice and act, where necessary, in response to Audit findings and recommendations in respect of information security
Advise on the Implementation of organisational Business Continuity Processes in relation to the security of information to reduce the disruption caused by disasters and security failures to an acceptable level through a combination of preventative and recovery controls.
Infrastructure Management To provide specialist maintenance, development and testing services for operational IT Infrastructure services for the ICOs and other external customers.
To develop, implement, test and maintain protocols and procedures to provide effective security and resilience of the ICOs Infrastructure services in line with relevant legislation, policies and procedures.
To support the development of procedures and protocols for the Tier 1, Tier 2 and Tier 3 teams to allow them to more effectively manage their tasks and duties.
Manage the deployment of software using physical media, remote server-based tools and applications. To support software installed on all end point devices, including desktop, iOS based devices and Android based devices across the ICO, the ICOs partners and other 3rd party locations. The list of equipment identified is not exhaustive and will change as the ICO requires.
Support the physical and logical connection of hardware to the network to enable connectivity to support the service needs.
To ensure that all security requirements are adhered to without exception, and that all standards and SOPs are followed.
To support senior and junior team members, partners and 3rd parties in locations such as data centres / communications cabinets with server and data centre end point equipment. The locations of which may be within the ICO, partner or 3rd party locations.
To provide specialist support, maintenance, security developments and monitoring of the LAN, WAN, Wi-Fi, VMware server infrastructure, Active Directory, HP servers and storage. These types of services identified are not exhaustive and will change as the ICO requires.
To analyse data produced by the systems and produce management performance and capacity reports detailing options and recommendations to improve service efficiency and present these to the IT Services management team.
To develop and effectively maintain procedures, guidance notes, schedules and contracts for the ICOs systems and users.
To monitor and maintain up-to-date information, systems records and provide regular Infrastructure statistical information.
To have responsibility for daily infrastructure support and maintenance tasks. To diagnose and resolve complex infrastructure problems for the ICO.
To support telephony and agile working schemes for the ICOs and their interoperability with partners and 3rd parties.
To research and maintain an up to date awareness of technologies and future technologies to enable participation and advise on the benefits of using such technologies as a change enabler in order to influence long-term developments.
Design, implement and support systems/infrastructure which meets security standards and are resilient in the event of disaster.
To develop, implement and support Communications/Telephony for the ICO including research around new technology solutions (e.g. agile, VOIP and interactive devices) as these become available.
To analyse and interpret users requests in order to create appropriate work plans and effectively carry them out.
Where appropriate reconfigure the existing hardware and software in line with the ICOs standards.
To develop and effectively record and maintain procedures, guidance notes, schedules and contracts for the ICO and its customer systems and users.
Work with team leaders to ensure that incidents and requests are assigned to the appropriate team.
To ensure that all security requirements are adhered to without exception, and that all standards, processes and SOPs are followed.
To support the IT Asset management lifecycle; including the installation and configuration of software on all ICO managed IT endpoints, tagging assets and the updating of the asset management database, and the safe and secure disposal of all ICO managed IT endpoints.
Keep the IT Service Management tool updated on the status and progress of incidents/requests logged, including faults found and actions taken to address issues.
Identify and notify all relevant team leads and IT Managers of any potential problems as soon as recognised, including any issues that may result in SLA breaches.
Ensure incidents are responded to and resolved in accordance with ICO agreed service level agreements to support excellent customer service and processes.
SECTION 2- KNOWLEDGE AND SKILLS
To analyse, interpret and support end user service logged activities in line with service specifications and security requirements.
Ability to liaise with ICO staff at management and operational levels on complex infrastructure. Providing explanations and reports of technical issues in non-technical language. Be able to communicate at all levels of the organisation including understanding speech and languages difficulties either on the telephone or face to face.
Ability to communicate with ICO employees and external organisations complex analytical information.
Ability to advise users on the functions and effective use of the ICOs infrastructure hardware and software.
To liaise with external contractors, suppliers and other organisations.
To provide training to users across the ICO, its partners and 3rd parties on endpoint hardware and software as required.
To provide Infrastructure hardware and software training and support to all the IT support staff in the IT Services Department, and the end user.
Excellent verbal and written communication.
Have working knowledge of ITILv3 Foundation or better.
Excellent understanding of MS Office Products.
To support endpoint hardware defined as any ICO supported equipment connected to the network. This includes for example desktops, laptops, tablets, IP Phones and printers, and this list is not exhaustive and will change as the ICO requires.
The physical deployment of hardware to end users / services within the ICO, the ICOs partners and other 3rd party locations as required.
To support telephony and agile working schemes for the ICOs and their interoperability with partners and 3rd parties.
Be aware of the MIP (Major Incident Process) procedures, ensuring that the MIP equipment is ready and fully operational.
Maximisation of existing ICO software resources utilising detailed knowledge of the software and an understanding of user requirements.
The physical and remote deployment of software using physical media, remote server-based tools and applications. To support software installed on all end point devices, including desktop, IOS, Android across the ICO, the ICOs partners and other 3rd party locations. The types of equipment identified is not exhaustive and will change as the ICO requires.
