Cyber security is a wide-ranging industry developing at a rapid pace in response to the growing sophistication of cyber criminals and hackers. As a cyber security specialist you are responsible for protecting an organisations IT system from attack and online threats, in order to protect against data breaches and loss of confidential information. Any computer or mobile device connected to the internet is vulnerable to cyber-attacks. The role involves regularly monitoring and scanning data centres, networks and software systems for vulnerabilities and risks and ensuring all hardware and software applications are up to date.

As a Cyber Security Specialist your primary objective is to protect the confidentiality, integrity and availability of the organisations data. You will respond to and resolve network incidents, and create and implement regular security audits across computer hardware and software programmes to validate they are processing data as expected.

Specialists in cyber security need to balance a strong technical ability with an inquisitive intuition that enables them to continually keep one-step ahead of an increasingly daring and ruthless cohort of hackers and organised crime. Consequently, Cyber Security Specialists are among the most sought after professionals in the tech sector, commanding robust salaries as technology and security concerns continue to develop.

Main duties and responsibilities

As Cyber Security Specialist you are responsible for discovering vulnerabilities and risks in the businesses networks, software systems and data centres. You will undertake ongoing vulnerability scans, monitor network data and ensure hardware and software applications are kept up to date. Typical duties and responsibilities include:

• Conducting threat and risk analyses and assessing potential vulnerabilities and risks against the impact they may have on existing systems and technologies. Developing resultant strategies and actions to mitigate the risk.
• Design security policies and procedures. Develop training materials and training sessions and provide ongoing technical support.
• Configure and audit operating systems, web servers and databases to detect patterns and potentially malicious activities in the infrastructure.
• Provide customised security assessments and develop and implement security policies and improvements.
• Run diagnostics on any changes to data to verify any undetected breaches.
• Develops plans and protocols for responding to incidents as quickly as possible, to minimise any potential damage. This may include notifying authorities, restoring from backups, issuing public statements.
• Support the procurement and implementation of new networks, software systems and data centres to plan in security requirements during the design stage.
• Setup measures such as firewalls, data encryption and two-factor authentication to secure the data infrastructure. Configure anti-virus systems and conduct software upgrades.
• Develop and conduct security protocols and establish risk ratings for vulnerabilities and incident reporting.
• Continually monitor for incoming attacks and intrusions. Closing off and securing systems where a potential threat or attempted breach has been discovered.
• Liaising with authorities where necessary to help identify perpetrators.
• Manage authorised users’ permissions and privileges.
• Keeping up to date with developments in cyber security and new threats and protection options that may emerge by attending educational workshops and reviewing publications.

Skills and experience

To be successful in this role, you must have strong technical skills, be able to think critically to identify potential threats and be a creative problem solver. You must have a deep understanding of the network infrastructure and software and the ability to troubleshoot problems and make decisions in high-stress situations. You must also be able to communicate effectively with other members of your team and report your findings to executives and colleagues. Other skills and experience required:

• An in-depth understanding of OWASP testing methodology, dynamic and static application security testing, re-engineering, automation, ASP.NET/JAVA, IDS/IPS systems, Burp Suite, Nmap, Nessus, Qualys, and Metasploit, etc.
• A deep technical understanding of network infrastructure (inc routers, hubs and switches), system administration, firewall administration and network security.
• Strong written and verbal communication
• The ability to work under intense pressure and in stressful situations
• Problem solving, analytical and critical thinking skills
• Strategic thinking, project management and process improvement skills
• An in-depth understanding of tools and technologies that can detect and defend against threats

Qualifications Required

• Bachelor’s degree in computer science, information systems, telecommunications, computer engineering or equivalent education or work experience
• Advanced certifications such as CompTIA Security+, Cisco Certified Entry Networking Technician (CCENT), Cisco Certified Network Associate – Routing and Switching (CCNA), Cisco Certified Network Associate – Security (CCNA-Security), Microsoft Technology Associate (MTA) – Windows Server Administration Fundamentals, SANS GIAC / GCIA / GCAH, CISSP or CASP and / or SIEM-specific training and certification
• Hold DoD-8570 IAT level 2 baseline certification (security_ CE or equivalent)
• Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defence-in-depth and common security elements such as HTTPS
• 5+ years prior, relevant experience
• Experience at analysing high volumes of logs, network data in supporting incident investigations
• In-depth knowledge of architecture, engineering and operations of at least one enterprise SIEM platform (eg Nitro / McAfee Enterprise Security Manager ArcSight, QRadar, LogLogic, Splunk)
• Experience developing and deploying signatures (eg YARA, Snort, Suricate, HIPS)
• Understanding of mobile technologies and OS (ie Androis, IOS and Windows), VMware technology and Unix including basic Unix commands.

Institute of Brewing and Distilling
Tel: 020 7499 8144
Website: http://www.ibd.org.uk
Twitter: @IBDHQ
Facebook: https://www.facebook.com/IBDHQ

National Skills Academy for Food and Drink
Tel: 0330 174 1253
E-mail: info@nsafd.co.uk
Website: http://nsafd.co.uk
Twitter: @NSAFD

Scotland Food and Drink
Tel: 0131 335 0940
Website: http://www.foodanddrink.scot
Twitter: @scotfooddrink
Facebook: https://www.facebook.com/scotfooddrink