IT Security Specialist

Division: IT Services

Reports To: IT Security Services Manager

Based: Sheffield K-House / NDC Newland House

Company Overview

The largest multi-channel distributor of business supplies and services in the industry with unparalleled reach and experience in the UK, EVO Group provides sourcing, storage and fulfilment services to over 20,000 resellers, corporate organisations and direct customers through VOW, VOW RETAIL, Banner and Truline.

With an unrivalled logistics platform, the highest number of direct manufacturer relations and the broadest multi-channel sales structure, we continue to lead the business supplies and services industry across the UK and Ireland.  Through constant innovation, progressive business services and the most extensive product range, we remain at the forefront of our industry offering an exceptional overall customer experience.

Role Specification

Role Objective:

To maintain effective security of Group IT systems and services through application of personal expertise, the maintenance and evolution of security measures and ongoing assessment of current and emerging threats, countermeasures, mitigation and best practise.

Summary of Role Responsibilities:

Manage Endpoint protection on all corporate user devices including PCs, laptops and other electronic devices deployed, using the security tools currently implemented:

• Carry out the routine security tasks required to maintain effective endpoint security
• Deploy and update security software.
• Monitor the endpoint estate for anomalies that could impact the effectiveness of security
• Remediate security anomalies on the end-point estate including; unprotected devices, infected devices or devices and software with malfunction affecting security
• Assess and deploy security patches and configuration for endpoint devices in a timely manner, including hardware, operating systems, applications and end-user cloud services.
• Determine security violations by conducting periodic audits
• Create, evolve, update and maintain security policy and documentation.
• Create, manage, maintain and carry out, the procedures and processes required to control inactive user and computer accounts within Active Directory. Highlighting inactive machines to the Desktop manager and inactive users to the Service Desk manager.
• Record and highlight security risks to the IT Security manager
• Maintain a high level of knowledge and understanding of Microsoft Active Directory, PC Operating Systems, and corporate software to efficiently troubleshoot technical issues in both physical and virtual desktop environments.
• Maintain personal expertise in current and emerging security threats, countermeasures and best practise.
• Proactively seek opportunities to broaden and deepen knowledge base and proficiencies
• Create and submit proposals for improvement of the company IT security, to the IT Security manager.
• Plan and implement projects relating to IT security under the direction of the IT Security Manager
• Take all reasonable action to troubleshoot and resolve reported incidents or escalate to the appropriate contact.
• Escalate and manage issues with third parties where applicable
• Participate in the successful conclusion of Security audits and tender responses by customers and auditing bodies.
• Work closely with Desktop Services to maintain and deploy a secure corporate standard desktop environment that provides a stable, performant and productive user experience.
• Provide user/technical training as and when necessary to including documentation
• Share acquired skills and knowledge with team members through formal and informal channels.
• Demonstrate a commitment to continuous improvement, to include understanding and application of technology (hardware, software, equipment and processes).
• Use the company service management tool to create records for of all reported incidents, changes, problems and requests, documenting actions and customer interactions with accuracy, thoroughness, and timeliness.

Person Specification

QUALIFICATIONS/EXPERIENCE

Essential

• Significant experience in an IT incident management role preferably within an ITIL or ISO 20000 environment. 
• 1 year Support and administration of Anti-Virus products, automated software deployment and patch deployment systems
• Working knowledge of Active Directory and Network Analysis Tools
• Experience of using a call logging/ticketing system to log requests and incidents

Desirable

• A recognised ITIL Service Management qualification held
• A recognised IT Security Certification held
• Working knowledge of security forensics and remediation tools
• Working knowledge/awareness of incident, problem & change management
• Working knowledge of MS cloud services including O365, Azure Active directory and security

SKILLS/ ABILITIES

Essential

• Customer Service Orientation
• Technical and Professional Competence
• Attention to Detail
• Ability to prioritise
• Adaptability
• Initiative
• Analytics / Logical
• Broad knowledge of computer hardware and peripherals
• Good understanding of networking concepts
• Excellent troubleshooting Skills
• Recognizes problems by identifying abnormalities & violations
• Good knowledge of malware concepts
• In-depth knowledge of Microsoft Desktop Operating systems
• In-depth knowledge of Microsoft Office applications
• Good interpersonal skill
• Good Communication Skills

Desirable

• Knowledge of developments in Cyber Security
• Knowledge of Information Security standards including PCI, Security Essentials and ISO 27001
• Good Understanding of VOIP systems (Avaya/Cisco)
• Good understanding of phone systems from a user and admin perspective

NOTE: The responsibilities associated with this position are not limited to the above description and may be modified at any time by the Company.