Sys Admin – Cyber Security
London/Hybrid 3 days in office
1. Job purpose:
- The purpose of this role is to manage and maintain the IT systems and security for the organisation.
- It is a strongly collaborative role, working with the Technical Manager, Head of Technology and the Service Manager to support the Museum in delivering existing technologies to users while ensuring cyber security safeguards are maintained. As such the Technology Security and Systems Administrator will ensure that information assets and associated technology, applications, systems, infrastructure, and processes are adequately protected.
2. Key responsibilities:
- Oversee cyber security systems, processes and controls including the monitoring and assessment of and response to alerts together with escalation of cyber issues as appropriate
- Work with third party providers where appropriate to ensure contracted services are monitored and delivered in accordance with agreed standards
- Oversee security aspects of Active Directory and M365, ensuring data is kept accurate and UpToDate
- Analyse and monitor the data security risks and work proactively with Colleagues to put in place appropriate responses to mitigate impacts;
- Provide relevant data and statistics to all colleagues to support a strong data security environment
- Work with People & Culture and Internal Communications teams to devise and deliver appropriate training and support to all all staff to minimise data security risks
- Ensure plan to achieve and maintain Cyber Essentials and subsequently Cyber Essentials Plus certifications.
- Deliver periodic cloud and network vulnerability testing; respond to security-related events and lead remediation work.
- Monitor and maintain IT systems, including on-premise and cloud applications.
- Work with other members of the Technology team, vendors and Managed Service Providers to update, improve and implement services for the organisation to support current and new activities.
- Take an active role in technical projects, working as a technical lead or supporting the technical lead to facilitate successful implementation of new services.
Essential criteria:
- Experience with InfoSec technologies, Threat management and remediation.
- Knowledge of Microsoft stack technologies, M365, defender, AAD, including Enterprise Apps and conditional access.
- Minimum, two years’ experience identifying threats and developing appropriate protection measures.
- Good knowledge of relevant data security standards and protocols relating to the public sector
- Knowledge of network and server infrastructure, OS and services – Firewalls, switches, DNS, DHCP, DC, AD, AAD, ADConnect, RDS.
- Demonstrable experience of working effectively with managed suppliers and vendors.
- Commitment to high level of customer service, and evidence of how this has been delivered
- Demonstrable experience reviewing system changes for security implications and recommending improvements.