Newcastle University Hiring for Cyber Security Officer Job at Newcastle upon Tyne, England Full Time

We are a world class research-intensive university. We deliver teaching and learning of the highest quality. We play a leading role in economic, social and cultural development of the North East of England. Attracting and retaining high-calibre people is fundamental to our continued success.

Salary: Salary in the region of £38,000 per annum.

Closing Date: This opportunity will close when we identify a suitable candidate. We will contact you within 5 working days of your application to advise you of the shortlisting outcome.

The Role

Over the last 18 months, we have reimagined the way we deliver our University IT Services, building a world-class IT department responsive to the needs of our global community. We’re growing significantly and we’ve created new opportunities and made changes to how we work. Our people have been at the centre of this change, with a particular focus on development and opportunities to learn new skills.

We are investing significantly in an expanded team of cyber security professionals. This role will lead on protecting the University from cyber security threats to minimise the impact of such threats on the University’s activities.

The University is an exciting and dynamic place to work, dedicated to world-leading education and research. Benefits include excellent pension; flexible working options; 42 days holiday (including public holidays); discounted travel for the Metro and local bus services; and discounts for national retailers. You can find out more on our benefits web page .

We are committed to building and maintaining a fair and inclusive working environment and we would be happy to discuss arrangements for flexible and/or blended working.

Informal enquiries may be made to Jason Bain, Chief Information Security Officer at [email protected]

Key Accountabilities

Security Response and Investigation Manage University cyber security incidents from incident inception to resolution or mitigation, ensuring the impact to the University’s activities is insofar as possible minimised or eliminated. Act as a point of contact for effective reporting and tracking of cyber security incidents between the University and: Janet CSIRT; regulatory bodies; law enforcement agencies; and other relevant parties Monitor and respond to cyber security threats and alerting generated by cyber security and related tooling. Security Policy, Compliance and Risk Management Recommend changes to cyber security related risk registers; identify appropriate cyber security controls; and ensure risk and control owners are appropriately briefed on their responsibilities. In response to legal and regulatory changes and emerging cyber security threats, recommend changes to the University’s cyber security policies and review and update University cyber security procedures ensuring that they meet the University’s business needs. Provide advice and recommendations on the technical aspects of cyber security compliance and supplier due diligence. Secure Computing Through the deployment of appropriate tools, provide robust processes and procedures (that may be used by others) to perform regular vulnerability scanning and penetration testing to assist in threat detection and threat management. Identify and recommend mitigations for cyber security weaknesses in existing and planned IT services (as well as other services that rely upon IT). Security Consulting and Education Provide advice on achieving and maintaining compliance against externally mandated cyber security requirements. Develop and maintain a programme of cyber security education and awareness to ensure colleagues and students are aware of cyber security threats and mitigations. Data Reporting and Analytics Identify and compile cyber security metrics for reporting within NUIT; across the University; and where necessary external to the University. Miscellaneous Any other reasonable duties that fall within the scope of the post, as allocated by the line manager

The Person

Knowledge, Skills and Experience

Possess and demonstrate a good professional knowledge of cyber security, IT infrastructure including relevant legislation.

Solve problems based upon past experience, and the ability to seek out new information.

Can communicate effectively with a range of colleagues, students and suppliers.

Working and resolving problems in an enterprise environment

Giving advice and training on cyber security issues including server hardening

Can demonstrate extensive practical IT and cyber security experience:

Mobile device security

Cyber security baselines

Network, server and application security scanning and penetration testing using both commercial and open source software

Strong operating system experience, including Windows, Android, iOS and Linux.

Strong network security experience, e.g. network mapping, device discovery scanning, firewall rule assessments.

Performing cyber security investigations

The successful and appropriate use of encryption in an enterprise environment

Must be willing to undertake any necessary security checks and/or clearances appropriate for this role.

Attributes and Behaviour

Delivering Services

Knows and understands customer/stakeholder needs in terms of outputs

Co-operates with others in achieving targets.

Communicating

Disseminate key organisational messages internally and externally and ensures understanding

Understand how best to appeal to the other person/group, correctly interpreting the right way to approach a situation.

Can put forward own view whilst listening and respecting the views and opinions of others

Clear and concise; gets the message across to others.

Finding Solutions

Recognises urgency and takes decisive action when required

Identifies when given contradictory or inaccurate information

Looks at ways of overcoming obstacles rather than coming to a standstill.

Makes decisions based on understanding the wider organisational needs and having considered a range of possible options

Team Working

Operates with a number of different teams across the institution

Looks at ways of developing cross functional co-operation and support.

Confident in adopting a range of team roles.

Respects the expertise and contribution of others even if own opinion is different

Gets involved with team tasks

Willing to help others and share workloads

Thinking Strategically

Understands and is sensitive to wider organisational priorities.

Understands the key aims of own area and how it relates to own job and responsibilities.

Qualifications

Graduate in IT or have an equivalent professional qualification

Newcastle University is committed to being a fully inclusive Global University which actively recruits, supports and retains staff from all sectors of society. We value diversity as well as celebrate, support and thrive on the contributions of all our employees and the communities they represent. We are proud to be an equal opportunities employer and encourage applications from everybody, regardless of race, sex, ethnicity, religion, nationality, sexual orientation, age, disability, gender identity, marital status/civil partnership, pregnancy and maternity, as well as being open to flexible working practices.

The University holds a silver Athena SWAN award in recognition of our good employment practices for the advancement of gender equality. The University also holds the HR Excellence in Research award for our work to support the career development of our researchers, and is a member of the Euraxess initiative supporting researchers in Europe.