IT Security Engineer/Analyst
 
As The National Lottery security team is growing we are now looking for an IT Security lead to join the team and help provide Information Security services across our IT estate.
 
 In this role, the IT Security Analyst will support the operational day-to-day security activities, serve as an internal information security subject matter expert, support The National Lottery IT Security Audit program through participation and by providing technical input into existing and new security solutions’ design and implementation.
 
The role will work closely with the Head of IT Security. The position plays a key role in the following areas:

• Security Architecture & Strategy
• Security Governance, Risk and Compliance
• Threat Intel and Attack Surface Management
• Prevent and Protect (Controls Assurance & Information Protection)
• Detect and Respond (Incident Management & Cyber Forensics)
• Identity and Access Management
• Third-Party Security

 
 
Key Areas of Responsibility:
 

• Managing SIEM/SOC solution, Writing Custom SIEM/SOC Rules, Alerts, Reports
• Daily review of SOC investigations and remediations
• Monthly engagement with SOC Vendor for review of Monthly Metrics
• Vulnerability Management- both running internal regular scans and organising patching schedules 
• Reviewing Internal and External Vulnerability assessments and Pen Test findings.
• Remediation of escalated security incidents 
• Perform security risk assessments of technology solutions and work with 3rd party providers to determine information security risks to PLI
• Work closely with internal PLI Business Units to drive the implementation of appropriate controls to comply with PLIs policy/standards to reduce the security risk to an acceptable level.
• Responsible for Core network and security infrastructure with regard to, IPS, IDS, Firewalls etc.
• Actively manage MDM through Intune/Microsoft Endpoint Manager.
• Lead IAM/PAM and be involved with deployment and management of such solutions
• Actively review and maintain DLP security services 
• Conduct Firewall/Switches Security Reviews for Core networking infrastructure
• The ability to analyse event and systems logs, perform forensic analysis and analyse malware, and other incident response related data, as needed.
• Work closely with incident response teams by conducting evidence collection and containment and providing remediation assistance as needed.
• Conduct threat hunting activities by proactively searching for Indicators of compromise and threats that may be evading the current set of security tools in place.
• Proactively researching emerging threats and vulnerabilities to aid in the identification of cyber incidents.
• Researching new tools and attack vectors 
• Communicating with PLI Business Units in a professional manner in order to satisfy goals 
• Engagement with Security Tabletop exercises such as Ransomware, DDOS, Credential Stuffing, etc.
• Review of Phishing emails 
• Involved in rolling out new app functions to adhere to security best practices 

 
Key Requirements would include the following.:

• Bachelor’s degree in ICT, computer science, information security or a related field.
• Networking experience-Level 1
• Experience with Cloudflare, JIRA, Slack, Azure, Logzi.io, Rapid 7, etc. preferred.
• Experience of ISO audits
• Working knowledge with at least some of the following infrastructure level security tools, such as Endpoint Detection and Response, Identity Management, Anti-Malware, Web Proxy, Firewalls, Security Information and Event Management, Data Leakage Prevention, Web Application Firewall, Multi-Factor Authentication, Data Rights Management etc.
• Direct experience in Cybersecurity risk management practices and programs, Privacy by Design concepts, and conducting information security risk assessments or business impact assessments.
• Experience with Microsoft Security Stack
• Experience supporting vulnerability management activities
• Good understanding of incident response best practices and processes
• Experience with one or more Industry recognised ICT governance, control frameworks, and standards such as NIST CSF, CIS, ISO 27001, GPDR etc.
• Good knowledge and demonstrated experience in incident response tools, techniques and processes for effective threat containment, mitigation, and remediation.
• Functional knowledge of scripting, programming and/or development of bespoke tooling or solutions to solve unique problems.
• Strong communication and interpersonal skills, including the ability to clearly communicate technical issues to a non-technical audience
• Strive for continuous improvement across the delivery of the organisation’s security services
• Support sites across organisations on the implementation of OT security solutions and detailed designs.

Considered Advantageous Certification:

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• CompTIA Security+
• Microsoft Cybersecurity Architect

At National Lottery we promote a positive working environment where people feel valued and supported, championing diversity to build an inclusive culture. We believe that this diversity builds a stronger organisation and is in keeping with our core values of being Open, Ambitious, Reliable, and Generous. Our policy, therefore, is to provide equal employment opportunities for all applicants and employees. This means that we comply with all applicable human rights and employment legislation, and we do not discriminate in any aspect of employment. We believe that our workforce should be representative of our diverse population, and we are committed to reducing barriers to enable those from marginalised communities access our opportunities.