JOB DESCRIPTION. 1. JOB TITLE: Information Security Officer. 4. DEPARTMENT: Learning and Information Services (LIS)



Similar documents
JOB DESCRIPTION. 1. JOB TITLE: LIS Graphic Design Manager 2. HRMS REFERENCE NUMBER: HRMS/ ROLE CODE: GDMGRLIS

JOB DESCRIPTION. Reporting directly to the Facilities Project and Admin Manager.

JOB DESCRIPTION. Finance Officer. (Purchase Ledger) Finance Assistant. (Purchase Ledger)

JOB DESCRIPTION. 1. JOB TITLE: Senior Project Officer: CRM Business Relationship Management. 4. DEPARTMENT: Learning and Information Services (LIS)

JOB DESCRIPTION. 1. JOB TITLE: Administrative Assistant (Student Liaison) 4. DEPARTMENT: University Centre Shrewsbury

JOB DESCRIPTION. 1. JOB TITLE: Receptionist/Clerical Assistant. 4. DEPARTMENT: Chester Business School

JOB DESCRIPTION. The role holder will be required to develop codes in response to on-going project development and evaluation.

JOB DESCRIPTION. 1. JOB TITLE: Assistant Subject Librarian (Institute of Medicine) 4. DEPARTMENT: Learning and Information Services

2: HRMS REFERENCE NUMBER:

JOB DESCRIPTION. Support Registry Services Department: Contribute to the wider function of the Registry Services Department as and when necessary.

JOB DESCRIPTION. 4. DEPARTMENT: Learning and Information Services

JOB DESCRIPTION. To provide administrative support for all assessment related processes for which Registry are responsible.

JOB DESCRIPTION. 1. JOB TITLE: Procurement Officer 2. HRMS REFERENCE NUMBER: HRMS/ ROLE CODE: 4. DEPARTMENT: Chief Financial Officer

JOB DESCRIPTION. 5. ORGANISATION CHART: Reports to the Institute of Medicine Administrator. Institute of Medicine Directors

JOB DESCRIPTION. To take design and developmental responsibility for the University s outward-facing web sites in liaison with the Web Manager.

JOB DESCRIPTION. 1. JOB TITLE: HR & Payroll Systems Officer 2. HRMS REFERENCE NUMBER: HRMS/ ROLE CODE: HRMISO

JOB DESCRIPTION. To ultimately liaise with departmental editors across the institution regarding development of their areas of the corporate site.

JOB DESCRIPTION. 1. JOB TITLE: Post-doctoral Researcher in Islamic Studies. 4. DEPARTMENT: Theology and Religious Studies. Head of Department

JOB DESCRIPTION. 1. JOB TITLE: Graduate Assistant/PhD Student: Biomedical Sciences/ Nutrition

JOB DESCRIPTION. Payroll Supervisor. Payroll Assistants

JOB DESCRIPTION. Director. Market Intelligence Officer. Outreach Manager. Web Project Manager Co-ordinator. Postgraduate

JOB DESCRIPTION. 1. JOB TITLE: Assistant Procurement Officer. 4. DEPARTMENT: Chief Financial Officer/Bursar s Office

Job Description. 1. JOB TITLE: Web Developer (Inter- University Systems) 4. DEPARTMENT: Faculty of Health and Social Care

JOB DESCRIPTION. 1. JOB TITLE: Senior Lecturer in Business and Management. 4. DEPARTMENT: Business Strategy, Finance and Entrepreneurship

JOB DESCRIPTION. 1. JOB TITLE: Senior Lecturer in Electronic and Electrical Engineering

JOB DESCRIPTION. Line management. Programme leader BSc Applied Psychology

JOB DESCRIPTION. 3. DEPARTMENT: Marketing, Recruitment and Admissions

JOB DESCRIPTION. 1. JOB TITLE: Lecturer in Human Resource Management

JOB DESCRIPTION. 5. ORGANISATION CHART: Reports to the Premises Manager (Thornton)

JOB DESCRIPTION. 1. JOB TITLE: Lecturer in Criminology. 4. DEPARTMENT: Social and Political Science

JOB DESCRIPTION. 1. JOB TITLE: Lecturer in Spanish//Hispano-American Studies 2. HRMS REFERENCE NUMBER: HR

JOB DESCRIPTION. 1. JOB TITLE: Senior Lecturer in Sport Management. 4. DEPARTMENT: Sport and Community Engagement

JOB DESCRIPTION. 1. JOB TITLE: Senior Lecturer in Computer Science (Cyber Security)

JOB DESCRIPTION. 1. JOB TITLE: Senior Lecturer (MA Special Educational Needs)

JOB DESCRIPTION. 4. DEPARTMENT: Faculty of Education and Children s Services - Department of Initial Teacher Education (ITE)

JOB DESCRIPTION. 1. ROLE TITLE: Lecturer in Digital Marketing and Business. 4. DEPARTMENT: Department of Marketing, Tourism, Events Management & HRM

JOB DESCRIPTION. 5. ORGANISATION CHART: Reports directly to the Maintenance Team Leader

JOB DESCRIPTION. 1. JOB TITLE: Senior Lecturer in Public Health Nutrition

JOB DESCRIPTION. 1. JOB TITLE: Senior Lecturer in Computer Science (Cyber Security)

JOB DESCRIPTION. 1. JOB TITLE: Lecturer in Theology and Religious Studies. 2. DEPARTMENT: Theology and Religious Studies. 3. DATE: October 2012

JOB DESCRIPTION. 4. DEPARTMENT: Warrington School of Management

JOB DESCRIPTION. 1. JOB TITLE: Senior Lecturer in Marketing and Public Relations. 4. DEPARTMENT: Warrington School of Management.

JOB DESCRIPTION. 1. JOB TITLE: 1.0 Lecturer/Senior Lecturer in Graphic Design (Network Media)

JOB DESCRIPTION SYSTEMS DEVELOPMENT OFFICER - Grade 6

KINGSTON MAURWARD COLLEGE JOB DESCRIPTION. 15, per annum which is Point 17 on the Support Staff Salary Scale

JOB DESCRIPTION. Service Desk Technician

Job Description. The post-holder will be expected to implement and work within the University s Policies, Procedures and Guidelines.

Job Description. International Talent Management Advisor International HR People & Organisational Development

JOB DESCRIPTION. Mobile Application Developer / Web developer

Board Executive Assistant. Rivermead Gate, Chelmsford. Full time, but variable hours. The Assistant Secretary. No direct line of responsibility

Application Information Pack HR Assistant Maternity cover Fixed term contract 10 months

Job Description. Triage, resolve or escalate support calls within agreed timescales using IT Service Management principles and logging systems.

London Strengthening Communities Support Officer

Key Worker Job Description & Person Specification

Role Activity Grade 5 PAS Professional Officer

JOB SPECIFICATION. Service Support Manager ORGANISATION CHART: JOB PURPOSE:

APPLICATION PACK PROJECT MANAGER HR SOFTWARE

24,315 26,437 (incl. LWA) per annum

JOB DESCRIPTION. T&T Security and Resilience Manager. Technology and Telecommunications. Bedford, Chelmsford or Norwich

Accountant. Applications are invited for the position of Accountant for UCL Consultants Ltd.

Job Description- SQL Database Administrator

1. To ensure the College desktop virtual environment is appropriately configured to maintain security and optimal performance.

JOB DESCRIPTION. Financial Services and Support. Lead Service Desk Analyst

Isle of Man Government. General Registry. Courts Division. Personal Assistant to the First Deemster GR

Job Application Pack. Senior HR Adviser. August 2015

JOB DESCRIPTION. Salary: NHS Band 5 equivalent ( 21,388-27,901) Full Time (37.5 hrs) / 25 days + Bank holidays

Application Information Pack Digital Project Intern

SYSTEMS ANALYST (INTEGRATION & DEVELOPMENT) BASED IN C2K CENTRE, BELFAST

Application Information Pack Digital Editor

BUSINESS SERVICES ORGANISATION - INFORMATION TECHNOLOGY SERVICES. Band 4 ICT Technician JOB DESCRIPTION

Thank you for your enquiry regarding the above post. Please find enclosed the application pack for this post together with various monitoring forms.

POSITION INFORMATION DOCUMENT

Job Pack. Appointment of Investigators. Information for candidates. Job Description. Person Specification

Leeds Beckett University Job Description

JOB DESCRIPTION. POST: CRM Manager DATE: October SERVICE: Marketing POST NO: SMG-M15

Based at 61 Westminster Bridge Road, Waterloo (SE1) site, the post-holder may be required to carry out duties at other College sites.

Business Insights Analyst

Job description. Executive Assistant to the Chair, Medical Director and Manager

Preamble. Worcester College, Oxford. Human Resources Advisor. Job description, February Human Resources Advisor / Payroll Administrator

Reporting to Senior HMI, Regulatory Inspection Managers will manage the activity and performance of a number of social care regulatory inspectors.

Senior Project Manager

CANDIDATE INFORMATION PACK

Transcription:

JOB DESCRIPTION 1. JOB TITLE: Information Security Officer 2. HRMS REFERENCE NUMBER: HRMS/13152 3. ROLE CODE: FINCIO 4. DEPARTMENT: Learning and Information Services (LIS) 5. ORGANISATION CHART: The post will report to the Deputy Director of LIS 6. JOB PURPOSE: Responsible for the Implementation of University IT Security Policy Responsible for the day to day implementation of Server Operating System Security Responsible for the day to day implementation of Network Security Responsible for defining IT Security practice and procedures for use within LIS To work closely with the Institution Compliance Officer with regards to Security, Data Protection and Information Handling To work closely with the LIS Management team to maintain Institute LIS Risk register and Disaster Recovery / Business Continuity Plan To work closely with the LIS Management team to support system enhancement and development 7. BACKGROUND INFORMATION: Learning and Information Services was formed in early 2007 from Learning Resources (Library, Media & Print) and CIT Services (IT, Networks & Phones). As part of the continuing development of the department, LIS is looking to appoint an Information Security Officer to support efforts that impact the security profile of the University IT Services. 8. WORK PERFORMED AND/OR KEY RESULT AREAS: 8.1 Communicating Effectively Liaise by letter, email and phone with external service providers. For example communication with JANET CSIRT/CERT concerning IT Security related notifications Liaise by letter, email, phone and meeting to build effective working relationships with appropriate University departments, such Faculty Administrators regarding IT Security requirements. Liaise by email, phone and meeting with the Institution Compliance Officer to ensure LIS practice is in line with legal obligation and is deliverable throughout the University. Act as an advisor to staff, academic managers and teaching staff in respect of IT Security matters.

8.2 Leadership and Working Collaboratively The role holder is expected to participate and contribute to a number of teams: the Network team, the Infrastructure team, the Business Improvement team and the overall Learning & Information Services. Within each team the role holder is required to contribute to overall team objectives. 8.3 Liaison and Networking To be an advisor to all University staff on IT Security issues. The role-holder participates in and contributes to university networks by involvement in IT Security issues. 8.4 Delivering a High Quality Standard of Service The role holder will provide a high standard of technical service for academic or other staff and students who ask for IT Security guidance and is required to create a positive image of the institution by being responsive and prompt in responding to requests and referring the user to the right person if necessary. The role holder will work with LIS Staff to ensure day to day implementation of Server Security including:- Staying current with any Server OS known patches Staying current with any Server Application patches Upgrading Server Operating Systems when necessary The role holder will work with LIS Staff to ensure day to day implementation of Network Security including:- Implementing Firewall rules Reviewing and updating Firewall rules The role holder will work with LIS Staff to ensure day to day implementation of Desktop Security including:- Updating and distributing Anti-virus Software Detecting and eliminating Spyware Staying current with Desktop Operating System and Application Patches Work with LIS Staff to develop effective methods of Network Intrusion Detection Work with the institutional Compliance Officer regarding the development and maintenance of: security related guidance and training; the Information Asset Register; and more general ISO27002 compliance. Work with LIS Staff to develop effective Network usage and Auditing methods

8.5 Effective Decision Making The role holder has the freedom to be creative and take actions that will assist the day to day functioning of the University s IT Security. The role holder has the freedom to be creative and take actions that will assist the organisation of their work/office procedures. 8.6 Planning and Organising Self and Others The role holder is able to plan, prioritise and organise their own work or resources to achieve the objectives they have agreed with their manager. Project Manage IT Security change programmes and new installations. 8.7 Innovation and Improvement (Effective Problem Solving) The role holder will continually review IT Security installations and incorporate improvements and innovations as a matter of routine. It is an important requirement of the role to use initiative and creativity to resolve problems where the optimal solution may not be immediately apparent but has to be assessed by a process of reasoning, weighing up the pros and cons of different approaches; identify and assess practical options; break the problem down into component parts. The diagnosis and analysis of IT Security incidents and the testing of potential remedial action prior to implementation are examples of this requirement. 8.8 Analysis and Research The role holder is required to analyse and research appropriate IT Security techniques and solutions which may require advising others on their findings. It is a daily requirement of the role to solve technical and other problems by analysing routine data or information provided by relevant IT Security tools. It is essential that the role holder works accurately to complete the task and resolve the technical problems. 8.9 Sensory and Physical Demands The role holder is required to carry out tasks at a level which would require either learning certain methods or routines or involve moderate physical effort, such as the use of a trolley to move computer equipment. Needs to be aware of Health and Safety at Work and VDU use issues 8.10 Work Environment The role holder is required to work in an environment which is relatively stable and has little impact on the role holder or the way in which work is completed. They may be required to work across all University campuses but will be primarily based within LIS at the Parkgate Campus.

The role holder is also required to understand how the work environment could impact on their own work or that of colleagues and take standard actions, within health and safety guidelines where applicable, for example, when moving, installing and maintaining computer and other electrical equipment. Shared office space with busy and frequent interruptions by people and telephones. 8.11 Pastoral Care and Welfare The role holder is occasionally required to show sensitivity to those who may need help or, in extreme cases, are showing signs of obvious distress, for example if data has been lost due to a computer error. The role holder may initiate appropriate action by involving relevant specialist or more senior staff. 8.12 Team Development The role holder is occasionally required to train or guide others on specific tasks, for example, providing advice, guidance and feedback on the basis of their own IT Security knowledge or experience. Deliver training as appropriate to LIS staff relating to recent developments IT Security. 8.13 Teaching and Learning Support Help to develop and deliver training/guidance either verbally, written or within training workshops as appropriate to wider university staff and students in relation to the work of LIS. 8.14 Knowledge and Experience The role holder is required to have sufficient knowledge or expertise to work on day to day issues in their own area without direct or continuous reference to others. Knowledge and practical experience of system security issues Educated to degree level or equivalent Practical experience in dealing with computer security incidents and security vulnerabilities Comprehensive understanding of Ethernet and TCP/IP Knowledge of Network monitoring tools and Traffic analysis Knowledge of information security management best practices such as ISO 27000 Experience of working within a CSIRT/CERT environment Practical experience in intrusion detection systems Knowledge of threat and vulnerability analysis, risk assessment business impact analysis

Experience of writing effective security policies and procedures The ability to work effectively as part of a team and to relate positively to other people The ability to take the initiative in establishing new ways of working to achieve the objectives of the post Confidentiality, tact and diplomacy and the ability to work to deadlines Excellent communication skills Good time management and prioritisation skills Flexible approach to work Strong IT skills, including the ability to use a variety of software programmes, including word processing, spreadsheets and databases, web and email 8.15 General Undertake any other duties commensurate with your grade, and/or hours of work, as may reasonably be required of you. Take responsibility for upholding and complying with the University s Equality and Diversity policies and for behaving in ways that are consistent with fair and equal treatment for all. To comply with all University Health and Safety policies.

PERSON SPECIFICATION Job Title: Information Security Officer Department: Learning & Information PERSON SPECIFICATION Services Criteria / Desirable Method of identification Qualifications: Educated to degree level or equivalent Application Form Proven Experience: Proven experience of working in an ICT environment Delivering academic and service excellence: Knowledge and practical experience of system security issues Practical experience in dealing with computer security incidents and security vulnerabilities Comprehensive understanding of Ethernet and TCP/IP Knowledge of Network monitoring tools and Traffic analysis Knowledge of information security management best practices such as ISO 27000 Experience of working within a CSIRT/CERT environment Practical experience in intrusion detection systems Knowledge of threat and vulnerability analysis, risk assessment business impact analysis Experience of writing effective security policies and procedures Excellent IT skills, including the ability to use a variety of software programmes, including word processing, spreadsheets and databases, web and e-mail. Desirable Desirable Desirable Managing self and inspiring others: The ability to take the initiative in establishing new ways of working to achieve the objectives of the post Good time management and prioritisation skills Interview Interview

Working together: The ability to work independently and also as part of a team. Excellent communication skills Interview Application form/interview Organisational and stakeholder awareness: Confidentiality, tact and diplomacy and the ability to work to deadlines Application form/interview Requirements are those, without which, a candidate would not be able to do the job. Applicants who have not clearly demonstrated in their application that they possess the essential requirements will normally be rejected at shortlisting stage. Desirable Requirements are those that would be useful for the post holder to possess and will be considered when more than one applicant meets the essential requirements.

UNIVERSITY OF CHESTER TERMS & CONDITIONS OF EMPLOYMENT LEARNING AND INFORMATION SERVICES INFORMATION SECURITY OFFICER SALARY SCALE University Scale OS7, points 23-26, 25,013-27,318 per annum payable monthly in arrears. RESIDENCE REQUIREMENT It is a requirement of this post that within 12 months of appointment, the post-holder should live within a 30 mile radius or within a one hour travelling time by public transport from the University. HOURS OF WORK 36.5 hours per week to be worked as follows: Monday to Thursday 9:00am 5:30pm Friday 9.00am 4.30pm (less one hour break each day) A flexible approach to work will be required as there may be occasions when it would be necessary for you to work additional hours as dictated by the workload. HOLIDAY ENTITLEMENT 22 days per annum (pro-rata during the commencement and cessation years), rising to 27 days after five years' continuous service. Two extra statutory days per annum during the Christmas period. MEDICAL EXAMINATION Successful candidates will be required to complete an Occupational Health questionnaire, and may be required to undergo a medical examination. ESSENTIAL CERTIFICATES Short-listed candidates will be asked to bring to interview, proof of qualifications as outlined on the Job Description and Person Specification provided. Upon appointment, copies of essential certificates will be required by HRM Services. PENSION SCHEME The University operates two pension schemes for support staff: The default scheme is the Higher Education Defined Contribution Scheme (HEDCS), which is administered by Friends Life. The Cheshire Local Government Pension Scheme, to which the University is an admitted body. All support staff are entitled to participate in one of these schemes. Some staff will be automatically enrolled into a scheme, depending on their age and earnings, but if they do not wish to remain a member of the scheme, they will be entitled to opt out after enrolment. EQUAL OPPORTUNITIES The University has a policy of equal opportunity aimed at treating all applicants for employment fairly. SMOKING POLICY The University operates a No-Smoking policy. PROBATIONARY PERIOD A six months' probationary period applies to all University posts. CLOSING DATE Completed application forms should be submitted via our online webrecruitment page no later than Monday 7 th April 2014, quoting reference number HRMS/13152.