Information Security Administrator

Amnesty International

London, United Kingdom

Experience: 0 to 3 Years

Skill Required: IT and ICT

You will have a passion and knowledge of information security, remain updated on current information technology security trends and have prior experience performing security administration tasks. In addition, you will be comfortable working alongside stakeholders within the Information and Technology (I&T) team and beyond, with an ability to communicate complex technical issues clearly and concisely.

Main Responsibilities:

  • Analysing and responding to anomalous behaviour, escalating appropriately when needed.
  • Act as a security focal point by providing advice to the organisation and ensuring that security standards are understood and complied with.
  • Ensure a strong and efficient security coverage with continuous maintenance, finetuning, and troubleshooting of security systems
  • Performing security administration tasks and changes in the following areas
  • Email and Web filtering Protection policies
  • Cloud Monitoring and Security Information & Event Management (SIEM) policies
  • Data Loss Prevention (DLP), and Endpoint Detection & Response (EDR) policies
  • IT Systems access policies (review)
  • Vulnerability management
  • Application security reviews and threat modelling
  • Network security reviews and remediation
  • Researching and evaluating emerging cyber security threats.
  • Lead investigations into alerts generated by various security systems as well as by other reporting means in the organisation.
  • Working to maintain security standard requirements through audit remediation / support, Vulnerability scans, penetration testing and remediation where appropriate.

Skills And Experience:

  • Excellent communicator with strong interpersonal skills, with the ability to explain complex topics around information security and risk to non-technical audiences.
  • Demonstratable experience in Information Security systems – including cloud monitoring, anti-virus, advanced endpoint protection, vulnerability management, email and web security systems.
  • Experience securing, monitoring and operating enterprise cloud infrastructure – ideally Azure.
  • Experience securing, monitoring and operating enterprise cloud services – ideally Office 365.
  • Experienced in the following technologies or equivalents: Microsoft Defender, Sentinel, Azure. Qualys vulnerability management, ZScaler web protection.