Urban Science

  • IT Operations Senior Specialist - Security

    Location UK-SRY-Reading
    Posted Date 2 weeks ago(4/5/2018 1:32 PM)
    Job ID
    2018-3973
    # Positions
    1
    Category
    Information Technology
  • Overview and Summary

    Urban Science is a business-solutions company focused on supporting the needs of the sales and marketing function of the automotive industry. We leverage a scientific methodology to help our client partner sell more vehicles, improve profitability and increase customer loyalty. And we do that by helping solve their toughest challenges including planning an optimal dealership network, improving individual dealer performance and efficiently converting sales leads into sales. In short, we guide business through science-and we’ve been doing this since 1977.

     

    POSITION OVERVIEW 

    The IT Operations Senior Specialist, Security works as an integral part of the Urban Science Security Team to protect the confidentiality, integrity and availability of company and client information assets. This individual will support the development and maintenance of an ISO 27001-compliant information security management system (ISMS). This includes management of the assessable asset catalog, risk/vulnerability assessment of information assets, risk management to full remediation and closure, and provision of ISMS/risk metrics and reporting.

    Essential Duties and Responsibilities

    • Support the implementation and operation of a global ISO 27001 information security management system.
    • Author, update, and manage ISMS documentation set including process descriptions, flow diagrams, checklists, etc.
    • Manage Security Intranet site including standard SharePoint, Wiki, and Power BI sites.
    • Work with virtual security teams on global security implementation, remediation, and improvement projects.
    • Assist with technical vulnerability management including the use of vulnerability scanning tools (application, network, database, etc.), and the management of detected vulnerabilities to remediation.
    • Assist with business continuity and disaster recovery planning and testing.
    • Manage security corrective action and continuous improvement process.
    • Work with clients and account teams to provide responses to security assessments and questionnaires.
    • Support regular risk assessment, controls reviews, and access reviews.
    • Provide security expertise and support to Urban Science business and technical teams.
    • Participate in relevant security training events and activities.
    • Achieve and maintain relevant technical and operational security skills and certifications.

    Qualifications - Education and Experience

    To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skills, abilities, and competencies required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

    • Strong understanding of various risk management frameworks, such as ISO 27000, SOC2, ITIL, etc.
    • Understanding of global compliance law/regulation (e.g. EU/DPD, Safe Harbor, GDPR, Privacy Guard, PIPEDA)
    • Understanding of application, infrastructure, and database vulnerabilities; along with a basic understanding of how they work, how to remediate. Some understanding of related vulnerability scanning/management tools.
    • Understanding of network, firewall, IDP/IDS, server/desktop/laptop technologies.
    • Understanding of log management technologies (LogRhythm).
    • Strong knowledge of Microsoft Office products – Word, Excel, PowerPoint.
    • Knowledge of current technological developments/trends in area of expertise. 
    • Knowledge and understanding of ITIL processes.
    • Ability to work in a highly confidential manner.
    • Time Management: Requires strong capability to prioritize competing demands, manage multiple concurrent tasks and run meetings on schedule.
    • Project Management: Project management skills required, including the ability to estimate work efforts, define work plans, delegate work, monitor progress and report schedule variances and scope changes; requires the ability to follow established internal PMO procedures and present project conclusions; proficiency in MS Project strongly preferred.
    • Verbal Communication: Requires the ability to compose and verbally deliver information of varying levels, using appropriate grammar, tone, inflection and non-verbal cues, while also listening to and correctly deciphering verbal communication delivered by others.
    • Written Communication: Requires the ability and capacity to communicate ideas, facts and data in writing using appropriate grammar, syntax and sentence structure including the ability to create technical documents. 
    • Analytical Thinking/Reasoning: Requires the ability to understand a situation by breaking it apart into smaller pieces, and/or tracing the implications of a situation in a step-by-step causal way. 
    • Results Orientation: Requires the ability to strive for optimal results by taking responsibility for timeliness, commitment to task and adherence to performance standards.
    • Ethics/Integrity: Requires the ability to behave in a trustworthy & transparent manner.
    • Teamwork & Cooperation: Requires the ability to work cooperatively with others and be part of a team.
    • Self-Control: Requires the ability to keep emotions under control and to restrain from negative actions or behaviors.
    • Customer Service Orientation: Requires the ability to understand and help/assist both internal and external customers and meet their needs.
    • Flexibility/Adaptability: Requires the ability to adapt to and work effectively within a variety of situations, individuals or groups, as well as understand and appreciate different and opposing perspectives. 
    • Conceptual Thinking: Requires the ability to understand a situation or problem by putting the different pieces together to see the bigger picture.
    • Interpersonal Understanding: Requires the ability to understand other’s feelings and concerns, and to value individual differences in people.
    • Organizational Commitment: Requires the ability and willingness to align his/her own behavior with the needs, priorities and goals of the organization.
    • Relationship Building: Requires the ability to effectively build and maintain friendly, warm relationships or networks of contacts with clients/customers.
    • Assertiveness: Requires the ability and intent to appropriately display assertive behaviors to ensure others follow and comply with given directions.

    EDUCATION AND EXPERIENCE

    • Must have a baccalaureate degree in information technology, or related field, from an accredited U.S. college or university, or equivalent foreign institution. 
    • Must have a minimum of five years relevant work experience.
    • One or more of the following certifications is desirable:
      • ITIL – Information Technology Infrastructure Library
      • Microsoft Certified Systems Engineer: Security
      • CISSP – Certified Information Systems Security Professional
      • ISSAP – Information Systems Security Architecture Professional
      • CISA – Certified Information Systems Auditor
      • CISM – Certified Information Security Manager

    WORK ENVIRONMENT 

    The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

     

    This description is intended to describe the type and level of work being performed by a person assigned to this position. It is NOT an exhaustive list of all duties and responsibilities required by a person so classified. The job may require additional hours beyond a traditional 40-hour workweek.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed