Job Title: Senior Security Analyst
Salary: £65,000 - £75,000
The Business:
Founded by a team of financial experts and ex-MAT professionals, IMP Software has a deep understanding of the challenges facing multi-academy trusts. Our mission is to empower multi-academy trusts with the tools and expertise they need to manage their finances more efficiently and effectively. We're proud to be at the forefront of innovation in the MAT finance sector, constantly looking for ways to improve our offering.
Role Description:
We understand that security breaches can be devastating to a business. This is true both from the perspective of IMP and of our customer MATs. Security works closely with software delivery teams, data professionals, IT, and operations to provide security guidance and tooling. This is the first dedicated Security role within IMP. The successful candidate must be comfortable managing their own tasks as part of a cross-functional team.
Key Responsibilities:
* Partner with leadership to identify and achieve relevant security certifications/accreditation.
* Define security level SLA/SLO.
* Identify and assess the company for relevant regulatory compliance.
* Maintain up-to-date knowledge of security threats and practices, advising the business.
* Coach delivery squads on security fundamentals and best practices.
* Ensure security awareness training is delivered to the wider business.
* Engage with the security community to keep abreast of developing trends.
* Monitor and respond to network risks and breaches using tools such as IPS/IDS.
* Detect, analyze, and respond to security threats before they harm business operations.
* Monitor systems for real-time threat intelligence, using tools such as security dashboards.
* Develop and run security incident procedures.
* Develop our Microsoft Entra ID and RBAC setup for maintainability and security.
* Oversee our Office365 and endpoint security posture in partnership with our MSP.
* Partner with the DPO to manage our data protection stance through technology and process.
* Evaluate the security of our applications, making use of AppSec tools such as SASD.
* Partner with external penetration test partners to explore and report on vulnerabilities.
* Partner with DevOps specialists to deliver IaC configurations, using yml and PowerShell.
* Manage Azure SQL firewall and other access controls.
* Advise our software development squads on access control in our software.
* Partner with delivery squads during the left-shifted release planning phase.
* Report on security awareness metrics such as the number of attacks and breaches.
* Develop and report on risk-based security metrics.
Skills, Experience, and Attributes:
Required:
Azure Security: Microsoft Defender for Cloud, Microsoft Entra ID, Azure DDoS, Key Vault, Azure Information Protection.
Desirable:
Microsoft Sentinel, PowerShell, C#, Azure Graph, git, AZ-500: Azure Security Engineer Associate.
Benefits:
* 27 days of holiday per year plus bank holidays.
* AXA Health insurance including dental and mental health.
* Broadband allowance.
* Home office stipend.
* Life assurance (4 x basic salary).
* Encouraged and funded CPD.
#J-18808-Ljbffr