IT Security Analyst - Dublin

RSA is one of the world's leading general insurers and a global FTSE 100 Company with a heritage dating back over 300 years, and we are proud of it!
Our products are high quality and innovative – just ask our 20 million customers in over 100 countries.
At RSA we know that people make the difference and our culture is all about bringing the best out in our people ‘Your Best U’ and providing our customers with the best experience possible!
 
Unique career opportunity for a IT Security Analyst to join a dynamic & innovative Security Team in our Dublin office.
 
This IT Security Analyst is an important position within our Information Security team. The Information Security team, under the guidance of the CISO, is responsible for the management and governance of a suite of leading practice IT Security services provided by IT Outsourcers and 3rd parties.
The role involves working with leading practice Information Security services and tooling deployed across our IT operations in RSA & 123.ie across all our locations Dublin, Belfast and Galway. As part of a small team, you will have the opportunity to influence and shape the design and operation of our IT Security services as they develop and mature.
You will operate oversight controls and manage IT Validation activities that demonstrate the effective operation of IT Security controls and highlight deficiencies for remediation.
You will work closely with our IT outsourced partners (for IT Security, Infrastructure, and development services) with the IT Risk and Compliance function to manage risk pertaining to IT Security and with key business representatives, providing advice, managing risks and concerns, and ensuring compliance with the appropriate standards.

Key Responsibilities:

• Oversight and Governance of IT outsourcers providing IT Security services including Firewall rule management, Monitoring and Logging (SIEM), DDOS, IDPS, PAM, IDAM, Vulnerability Scanning, penetration testing, Malware & DLP protection, internet/email filtering, Remote Access, asset hardening, Crypto key/PKI Management, patching, training and awareness
• Drive resolution of remediation actions for IT Security, for example, from penetration testing, vulnerability scanning internal Risk Management, Validation/ Assurance and internal and external/Compliance audit activities
• 2nd/3rd line response to Security Incidents and alerts. Assist in the management of incidents with Major Incident Manager. Support forensic response and problem management as required
• Govern User Access Management services including Privileged Access Management, Identity Access Management, recertifications, Continued Business Need (CBN) validations, Segregations of duties, roles and privilege management
• Assessing the information Security risks associated with changes, projects, data transfers and integration with 3rd party organisations and systems
• Operation of specific controls related to governing IT Security, monitoring of user activities
• Managing IT Validation (1st Line) and support for IT Risk Management, Assurance (2nd line) and Audit (GIA) activity in relation to IT Security
• Assist in the development and execution of IT Security training and awareness programmers. Incident Response, Crisis Management simulations
• Liaison with Group Information Security colleagues. Interface with UK& International Technical Operational Risk Management team, GIA, Risk, Compliance teams as required
• Providing IT Security related advice, support and assistance to all areas to ensure compliance with policies, procedures, standards, guidelines and reporting requirements

Requirements:

• Degree or equivalent in computer science, information systems, computer forensics, or information security.
• Previous experiences within an Information Security, ideally in a multi-national or FS environment
• Minimum 2 years’ industry experience in various aspects of IT Security, Risk and governance roles
• Experience with use of IT Security, Risk and compliance tools

The following Industry certification are desirable:

• CISSP (Certified Information System Security Professional)
• Certified Ethical Hacker
• Systems Security Certified Practitioner
• IT / Computing Security Certifications (Cisco, Microsoft, Oracle, etc.)

RSA Insurance Ireland DAC and its affiliate companies consider applicants on the basis of qualifications and without regard to race, colour, religion, sex, national origin, age, marital or veteran status, sexual orientation, disability or any other legally protected status