Job Description
The role holder will provide specialist Information Security incident response support to the Security & Risk business in the UK & Ireland- They will work closely with the Co-Ordination & Intelligence team in the region to provide input into investigations of fraud, staff misuse, data leakage and other breaches of RBS Group policies, taking direction from and providing support to the Information Security Incident Response Specialist- As an experienced Information Security Incident Response Analyst they will work alongside the Information Security Incident Response Specialist, divisionally facing Information Security Specialists and Information Security forensics team to support investigations relating to regional incidents, meeting all legal/regulatory requirements- The UK & Ireland, Information Security Incident Response Analyst will be required to assist with the creation and ongoing production of high quality management information specifically related to Information Security incidents covering intrusion attempts, theft, loss of assets, data leakage and any other Information Security related incidents- They will escalate issues, where appropriate, to the Information Security Incident Response Specialist- The role holder may be asked to assist Human Resources and Executive level support on sensitive or time critical investigations-
Requirements
General · Provide technical advice and guidance to support incidents as required § Production of high quality statements and investigative briefing updates · Follow the Security & Risk incident management processes and procedures · Understand the IT environment of the Group's infrastructure e-g- network, email, platforms and intranet in order to provide appropriate advice in relation to incidents · Understand the Global laws and regulations in respect of forensic capture and investigations · Understand HR policy and structure in respect of employee investigations · Assist with production of management information to support / measure effective delivery of services and determine threat levels and number of specific incidents · Prioritise incidents for Security & Risk in the UK & Ireland and escalate where appropriate · Support incidents through to recovery or conclusion by participating in incident control groups and mobilising resource as required · Develop and maintain relationships with key stakeholders, specifically divisional risk functions and OSAC
Responsibilities
Experience: - Proven experience of incident response
- General Information Security experience
- Working with a broad range of business units across the RBS Group or other Global organisations
- Good communication skills - written and verbal and ability to write evidentially sound notes
The Individual
Technical Knowledge: · Working towards industry relevant qualifications (e-g- CISSP, Bond Solon) Knowledge of Internet/Web Security technologies, in particular : · IP Networks, Java, Web application security, email, middleware (e-g- Websphere), authentication, encryption- Other desirable · Mainframe/midrange (IBM Z/OS, AS/400, Tandem)- · Firewalls (Checkpoint Firewall-1, Cisco)- · Network Security (Cisco routers etc)- · Oracle and other Databases · UNIX (HP, SUN and IBM AIX) · Windows NT/Windows 2000/Windows XP/Win2003 · Cryptography (Symmetric, Asymmetric, Message Digests) · Virus management and other malicious software · IDS and IPS · Encase/Vogon Messaging systems (Lotus Notes/Exchange)
| 
