The information security analyst plays a crucial role in protecting the organisation’s valuable data from cyber threats and unauthorised access.
The duties to be assigned include the following although this list is not exhaustive and may be reviewed from time to time as organisational needs require:
- Monitoring and Incident Response: Monitor network traffic for security incidents and events. Investigate incidents and respond to events in real time. Write detailed incident response reports.
- Security Infrastructure: Review and manage firewalls, encryption programs, and other security software. Fix vulnerabilities to enhance system security.
- Responding to all security breaches: To deal with a security incident effectively, follow a process that minimizes damage and disturbance, and that involves communicating with the team and any external parties.
- Best Practices and Risk Assessment: Develop and promote best practices for information security. Conduct threat research to stay informed about the latest cyber threats. Perform periodic risk assessments and penetration tests.
- Security Management: Monitor and manage the organization’s extended detection and response system. Maintain information security records in accordance with policies and procedures.
- Technical Skills: Review raw log files, perform data correlation, and analyse firewall, network flow, intrusion detection systems, and system logs. Familiarity with firewalls, VPNs, and proxies. Experience with Windows, Mac, and Linux operating systems.
- Frameworks and Standards: Contribute to the development of company-wide best practices for ICT security. Stay up to date on ICT security trends and recommend new technologies. Knowledge of best practice standards and frameworks such as Public Service Cyber Security Baselines Standards, NIS2, CyFun, NIST CSF, ISO 27001,
- Staying up-to-date with the latest security systems, standards, authentication protocols, and products: continuously learn about new threats and technologies to protect the company’s digital assets effectively. Continue to develop ICT skills as technology changes and to enter into an agreed personal development plan.
- Delivering training: Design and delivery of regular security awareness training to both management and staff.
- People skills. When required, have the ability to manage, mentor and coach staff.
The above specification is not intended to be a comprehensive list of all duties involved and consequently, the post holder may be required to perform other duties as appropriate to the post which may be assigned to him/her from time to time and to contribute to the development of the post while in office.
Each candidate must have on the latest date for receipt of completed application forms;
- a qualification at Level 8 on the National Framework of Qualifications (NFQ) major award (i.e., honours degree) in a relevant computing discipline and at least 3 years directly relevant, recent ICT hands-on experience from your employment to date*
OR
- a qualification at Level 8 on the National Framework of Qualifications (NFQ) major award (i.e., honours degree) or higher, with computing taken in the final year and at least 4 years directly relevant, recent ICT hands-on experience form your employment to date*
OR
- a Level 7 NFQ major award qualification in a relevant computing discipline and at least 4 years directly relevant, recent ICT hands-on experience form your employment to date*
OR
- a level 6 NFQ major award qualification in a relevant computing discipline and at least 5 years directly relevant, recent ICT hands-on experience form your employment to date*
AND
- have a satisfactory knowledge of public service organisation or the ability to acquire such knowledge
Applicants should at the date of applying hold a full unendorsed valid Irish /EU licence, for Class B vehicles, or a licence acceptable to NDLS for transfer to full Irish licence, (Link below).
https://www.ndls.ie/help/faq.html#exchange-of-foreign-driving-licences
**Relevant ICT hands-on experience should include, but is not limited to: areas such as managing delivery of digital solutions, enterprise architecture, software and applications development projects involving a range of technologies and platforms covering web development, data management, database administration, business analysis/discovery, business intelligence and data analytics, DevOps, enterprise architecture, technical infrastructure service design and delivery, server and client operating systems and architecture stacks, telecommunications and networking infrastructure delivery support, technical support, ICT service management, operations and server support,
ICT/cyber security, mobile device management, virtualisation delivery support, database and application support, cloud computing etc.
Desirable Qualifications (not essential);
It is desirable that candidates hold a qualification or certificate related to Cybersecurity.
*Non-Irish Qualifications must be accompanied by a determination from Quality and Qualifications Ireland (QQI) to establish their comparability against the Irish National Framework of Qualifications, overseas qualifications must also be accompanied by a translation document
The ideal candidate’s hands-on experience should include but is not limited to:
- Delivery & support of technical infrastructure: Focus on the implementation and maintenance of security measures to protect the organization’s technical infrastructure. This includes firewalls, intrusion detection systems, and network security.
- Server & client operating systems: Understand the security aspects of various operating systems. Be able to harden them against potential threats and perform regular security updates and patches.
- Telecommunications: Knowledge of secure communication protocols and encryption methods. Ability to detect and prevent eavesdropping and man-in-the-middle attacks.
- Data centre and networking infrastructure: Implement security measures for physical and virtual data centres. Understand network security protocols and intrusion detection/prevention systems.
- Cyber security: This is the core skill. It involves threat intelligence, risk assessment, vulnerability assessment, incident response, knowledge of backup and recovery.
- Mobile device management: Implement security policies for mobile devices. Understand the threats associated with mobile devices and how to mitigate them.
- Virtualisation: Understand the security implications of virtual environments. Implement security measures for virtual machines and containers.
- Database and application support: Implement security measures for databases and applications. This includes SQL injection prevention, secure coding practices, and regular security updates.
- Cloud computing: Understand the security aspects of cloud environments. This includes data security, access control, and secure configuration of cloud services.
- Service Desk Management: Manage security incidents reported to the service desk. This includes incident response, recovery, and user education about security best practices.
The successful ICT Cyber Security Analyst candidate will demonstrate through their application form and at the interview that they have:
- A passion for cybersecurity and a curiosity for continuous learning in the field.
- Excellent project management skills, with experience in managing security-related projects.
- Excellent problem-solving and troubleshooting skills, particularly in identifying and mitigating security threats.
- Ability to work under pressure, especially during potential security incidents.
- Excellent client-facing skills and an ability to clearly communicate security risks and protocols to all levels.
- Ability to take ownership of security issues/tasks and follow through without supervision.
- Ability to work as part of a team with a strong focus on protecting customer data.
- Flexibility regarding working hours and occasional unsociable hours, including weekends, for urgent security matters.
- Excellent timekeeping skills, particularly when responding to security alerts.
- Ability to meet day-to-day and project targets, especially those related to security compliance.
- Dedication to providing quality and excellent service in maintaining a secure environment.
- Excellent communication and interpersonal skills, with a positive and professional attitude towards security awareness.
- Detail-oriented person, particularly when analysing security logs or reports.
- Excellent analytic and organizational skills, especially when developing or improving security systems.
- Must be committed to self-development and be enthusiastic about acquiring new skills and embracing new technologies in the cybersecurity landscape.
Further Information is available in the Candidate Information Booklet available on our website.