Post Details Last Updated: 18/07/2017 Faculty/Administrative/Service IT Services Department Job Title IT Security Analyst Job Family Professional Services Job Level 5 Responsible to IT Security Manager (I&O) Responsible for (Staff) n/a Job Purpose Statement This is an IT Security analyst role requiring a deep understanding of operational IT, IT security operations and security tools. A broad understanding of information security frameworks, standards and policies is also required to help deliver the IT Security strategy and “security-by-design”

The purpose of this role is to provide governance and assurance to the wider IT department by assisting the IT security manager in delivering and auditing against the policy framework. This will involve a range of activities including consultative engagements, project-work, pro-active security testing and reactive evaluation of threat information, monitoring and reporting.

This role will require the documentation of IT security policies and procedures to ensure that the University maintains an appropriate response to the potential financial and reputation costs caused by Cyber-Security breaches.

Key Responsibilities This document is not designed to be a list of all tasks undertaken but an outline record of the main responsibilities (5 to 8 maximum) 1. To develop and implement technical responses to evolving Information and Cyber security threats, both internal and external. 2. To advise on the relevance, use and adherence to applicable IT and information security standards and frameworks. 3. To analyse and respond to changes in Information security threat model, risk posture or performance. 4. To develop the necessary toolsets to automate security event information management (SEIM) and to analyse and filter the threat information to prioritise operational response 5. To document technical policies and best-practice and guide tactical and routine operational procedures and processes. 6. To liaise with University staff (inside and outside of IT), receive feedback and advise on IT and information security and risk-management approaches. 7. To prepare and communicate evidence, plans and reports to apprise senior management of the evolving IT security position. N.B. The above list is not exhaustive. All staff are expected to:  Positively support equality of opportunity and equity of treatment to colleagues and students in accordance with the University of Surrey Equal Opportunities Policy.  Work to achieve the aims of our Environmental Policy and promote awareness to colleagues and students.  Follow University/departmental policies and working practices in ensuring that no breaches of information security result from their actions.  Ensure they are aware of and abide by all relevant University Regulations and Policies relevant to the role.  Undertake such other duties within the scope of the post as may be requested by your Manager.  Work supportively with colleagues, operating in a collegiate manner at all times. Help maintain a safe working environment by:  Attending training in Health and Safety requirements as necessary, both on appointment and as changes in duties and techniques demand.  Following local codes of safe working practices and the University of Surrey Health and Safety Policy. Elements of the Role This section outlines some of the key elements of the role, which allow this role to be evaluated within the University’s structure. It provides an overview of what is expected from the post holder in the day-to-day operation of the role. Planning and Organising  The role is responsible for implementing the University’s IT security strategy, to support best-practices which underpin the efficient administration of University operations. The post-holder acts as a team member of the IT Security team providing governance and process monitoring and compliance.  The post-holder will maintain expert knowledge on IT Security developments including emerging threat vectors and trends and will contribute their knowledge through membership of IT teams working on projects to extend or develop new or existing IT security methodology.  The post holder is responsible for managing their own workloads, making sure that they have sufficient time to undertake research activities to keep abreast of IT industry changes as well as completing assignments and resolving long-term or particularly complex problems.

Problem Solving and Decision making  This role requires a professional and proactive approach to the delivery of IT security throughout the university and will be expected to promote the benefits of IT Security to the wider University audience. The post-holder will provide advice and guidance within their specialist area of expertise to IT colleagues and other University staff on efficient and effective approaches.  The post-holder will work quickly to identify options without guidance from senior management and will think laterally about the provision of solutions. This will involve interpreting and assessing stakeholder needs, identifying options, sharing and gathering feedback from management and colleagues and testing innovative approaches where these are not obvious.  The post-holder will work within established boundaries but will be expected to use their initiative in the interpretation and use of novel approaches in achieving the required results, taking action but also recognizing the further implications of those actions. The post-holder is expected to refer exceptionally complex or unprecedented issues to their line manager for advice or guidance.

Continuous Improvement  The post-holder is responsible for implementing improvements across IT security practice and process in order to continually update IT security prevention, detection and response capabilities.  The post-holder must keep abreast of developments in IT and information security best-practise and utilise relevant improvements in their work.  The post-holder must actively research emerging cyber-security threats and revise relevant security measures to minimise their impact.

Accountability  The post holder acts as an IT Security point of contact within the Department and must be able to professionally communicate to a wide audience including senior management, business leads, service customers and end users. The post holder is expected to assist in producing reports for the IT Security Manager to track progress and performance trends.  Through the course of their work, the post-holder may have access to systems containing data of a sensitive or confidential nature and therefore it is essential that they ensure that all data is held securely at all times. Dimensions of the role  The post holder may be required to respond to cyber security incidents, communicate with senior management and liaise with suppliers and contacts to provide IT Security governance and assurance and flexibility might be required.

Supplementary Information

Person Specification This section describes the sum total of knowledge, experience & competence required by the post holder that is necessary for standard acceptable performance in carrying out this role.

Qualifications and Professional Memberships

Technical Competencies (Experience and Knowledge) This section contains the level of Essential/ Level competency required to carry out the role (please refer to the Competency Framework for clarification where Desirable 1-3 needed and the Job Matching Guidance).

An in-depth knowledge and understanding of information security frameworks, data E 3 security standards (DPA / GDPR) and best-practice Knowledge and skills relating to developing, implementing and supporting IT security E 3 development programmes, initiatives and projects A good in-depth knowledge of current and future IT Security trends and the ability to E 3 recognise and articulate where these may benefit the local team and wider University community. Ability to identify, respond and report on IT Security issues; interpret business requirement E 2 implications on IT Security Certified Information Systems Security Professional (CISSP) or similar recognised IT D n/a security qualification or certification Experience of the University sector and an understanding of current needs and future trends D n/a

Special Requirements: Essential/ Desirable

Core Competencies This section contains the level of competency required to carry out this role. (Please refer to the Level competency framework for clarification where needed). n/a (not applicable) should be placed, where the competency is not a 1-3 requirement of the grade.

Communication 3 Adaptability / Flexibility 2 Customer/Client service and support 2 Planning and Organising 3 Continuous Improvement 3 Problem Solving and Decision Making Skills 3 Managing and Developing Performance 2 Creative and Analytical Thinking 2 Influencing, Persuasion and Negotiation Skills 3 Strategic Thinking & Leadership 3

This Job Purpose reflects the core activities of the post. As the Department/Faculty and the post holder develop, there will inevitably be some changes to the duties for which the post is responsible, and possibly to the emphasis of the post itself. The University expects that the post holder will recognise this and will adopt a flexible approach to work. This could include undertaking relevant training where necessary.

Should significant changes to the Job Purpose become necessary, the post holder will be consulted and the changes reflected in a revised Job Purpose. Organisational/Departmental Information & Key Relationships Background Information

The University of Surrey is committed to being a leading national and international university. Our high quality teaching, learning, research and enterprise are delivered within a professional and collegiate academic community based in three Faculties; the Faculty of Arts and Social Sciences (FASS), the Faculty of Engineering and Physical Sciences (FEPS) and the Faculty of Health and Medical Sciences (FHMS). The University is supported by Professional Services functions of which IT Services (ITS) is one.

ITS aspires to be a professional partner with the University to develop strategy and constantly improve the student, academic and research experience, and drive effectiveness and efficiency through the use of technology. The Senior IT Security Analyst is an essential contributor to this aspiration and its associated high quality performance and delivery.

The Vision for ITS at the University of Surrey is:

“To champion IT as a trusted partner and expert adviser, to enable the University to keep fulfilling its aim to make wonderful things happen here.

To develop a seamless, supportive, flexible and capable team of IT professionals, welcomed into a close partnership with Faculties, staff and students.

To create and foster an effective, productive and stimulating environment which harnesses IT to enhance the working lives and experience of all members of the University.” Department Structure Chart

Relationships IT Services offers a wide range of administrative and academic computing and information technology services for all staff and students at the University. Internal The post will form part of the Security team alongside other IT and information security roles.

The post holder will work closely with staff across the IT department and have significant interactions with all levels of staff in Faculties and other departments including members of the academic and student body, providing their technical skills and advice to ensure optimum service provision.

As some systems and services are used across the University, the post-holder must have the interpersonal skills to communicate effectively with a wide range of users and translate their specific and detailed needs into deliverable solutions or services.

External The post holder will also be expected to review requirements, and manage the activities of external suppliers and third parties to ensure that outputs meet necessary quality requirements.

In addition to developing internal relationships, the post-holder will liaise with peers in and outside of the HE sector to share experiences and discuss best practice.