Job Description

Job Title: Security Analyst – Identity Management

Grade: Technology Adviser

Details
The Security Analyst will participate in the Identity Management functions for the Information Security team, overseeing compliance with IM policy and Joiners, Leavers and changes processes.
Job Details
  • To monitor and maintain the security of Student Loans Company information systems.
  • Development, maintenance and promotion of technical ICT security procedures in response to defined risk, threats and technological requirements.
  • Representation at the ICT Security Group as a point of contact for IT security matters.
  • Provision of timely advice across the business on security issues.
  • Contribute to security management processes across ICT departments.
  • To coordinate the use of external suppliers to provide security support, consultancy and services for security.
  • To respond appropriately to security incidents, ensuring escalation and remediation activities.
  • To monitor and assess the impact of vulnerabilities and work with ICT to coordinate appropriate remedial actions.
Key Accountabilities
  • Report on compliance with attestation requirements, maintain a master role definition for systems and assist in reporting on the above.
  • To enforce and interpret technical policies and standards and promote compliance in line with Government security (i.e. HMG Security Policy Framework (SPF) and Infosec Standards), corporate policies and corporate or local procedures and legal and international security standards (i.e. ISO27001, COBIT),
  • Maintain and monitor security tools in conjunction with the ICT technical teams including configuration of such tools.
  • Assess technical security risks in terms of impact to systems and service confidentiality, integrity and availability, and report and escalate results of risk assessments.
  • To run the Security Incident Process for any real or potential security breaches in identity access management, providing information and leadership to ICT teams ensuring that appropriate remedial steps are taken.
  • Produce, review and constantly evaluate effectiveness and efficiency of technical security controls, standards and procedures in line with security requirements, business needs, delivering enhancements where applicable.
  • Assist in the provision of designs and technical solutions in support of corporate security policies and external standards.
  • Active sponsor of continuous process improvement, in relation to security matters, within ICT.
  • Provision of consultancy, advice and guidance to ICT technical teams involved in the design, development and delivery of SLC products and services.
  • Provide ICT security advice and consultancy on a day to day basis.
Essential Skills / Experience / Qualifications
  • Practical experience in Information Security.
  • A good ICT background in ICT infrastructure (UNIX, NT, Windows, LAN/WAN/VLAN, firewalls, web servers, IDS etc) and/or systems and application development (Oracle, Java, UNIX, Notes, web services etc).
  • Knowledge of current security standards.
  • A proven track record of analysis of requirements and implementing solutions to security requirements.
  • Experience in developing of technical security documentation and review of ICT technical documentation.
  • Knowledge of security monitoring tools.
  • Preferably holder of CISSP qualifications
About SLC
Student Loans Company is a non-profit making Government-owned organisation set up in 1989 to provide loans and grants to students in universities and colleges in the UK. We are responsible, in partnership with Local Authorities in England and Wales, the Student Awards Agency for Scotland, the Education and Library boards in Northern Ireland, the Higher Education Institutions and HM Revenue & Customs, for student support delivery in the UK.