Senior Systems Administrator - Vulnerability Management
Newport, Wales, United Kingdom - Remote
Applications have closed
Target Group
We're FCA regulated experts and provide digital transformation, collections servicing and Business Process Outsourcing to clients. Top tier banks and public bodies trust us to deliver excellent customer outcomes. Learn why.Target Group are a leading business services provider in lending, investments and insurance, creating value for our clients through digital customer journey, outsourcing and operational transformation.
At Target, we give you the opportunity to make a difference. You’ll be involved in shaping the growth of the business – and you’ll get to try new things along the way. If you are up for a challenge and are willing to work hard, working with us will give you a fulfilling and varied career.
Although our offices are based in Newport and Cardiff, we offer 100% flexible working so welcome applications from across the UK!
What you can expect…
The role is a senior position in the team and is a hybrid role across Information Security Operations and IT Infrastructure.
The role has been developed to uplift the security posture of the organisation by addressing vulnerabilities and security weaknesses within the IT Infrastructure estate as well as implementing new technologies to continue to address the ever increasing risk from threat actors.
You will be remediating security vulnerabilities, primarily in configuration items, identified by our detective toolsets. You will work closely with the wider team to agree on priority items set by the CISO but will have flexibility to select the order of remediation activities. You will be able to bring suggestions to the team for future activities based upon your knowledge and experience. The Information Security Team have a flexible approach to working and operate on an outcome basis.
My Accountabilities – what will I be doing?
- Remediating file and folder permission errors, ensuring no impact on availability, using findings from Data Management Tooling to identify and resolve incorrect permissions
- Remediate findings on incorrect ACLs within Active Directory
- Remediating security shortfalls identified by Microsoft Security Centre within Azure and Office 365 deployments
- Ensuring all SaaS platforms which support MFA and Active Directory Services integration have these features configured and enforced
- Remediating vulnerabilities identified by Alert Logic platform, such as ensuring that only supported versions of TLS are configured along with recommended cipher suites.
- Analysis of Red Hat Security advisories for vulnerabilities identified within Alert Logic Platform to confirm if action is required to remediate
- Ensuring IT Run function have 100% patch coverage by identifying any shortfalls and escalating to Patching Team with management oversight of progress until objective is achieved on a monthly basis
- Ensuring that CIS benchmarking across the entire estate achieved 95% compliance by identifying required changes, writing the necessary change submissions and undertaking the configuration changes to ensure compliance.
- Working with TechM colleagues to understand what configuration changes need to be implemented to improve protections against ransomware identified by Cymulate tool, e.g. implementation of AppLocker and restrictive PowerShell policies.
- Improving Service Security by migrating service accounts to GMSA (Group Managed Service Accounts)
- Reduce risk of security breach by remediating findings from Varonis tool on privileged account use (eg removal of legacy service accounts and depreciated security groups within Active Directory)
- Improve data security by reviewing configurations within Forcepoint DLP platforms, providing recommendations for rule base changes and following these through until completion
Requirements
We're looking for someone who is:
- A keen independent learner with a passion for technology and information security
- Methodical and organised – you will have multiple actions open at any one time and you will need to prioritise based on criticality, supported by mentors and the wider team.
- Flexible and adaptable as you will be using new systems and required to learn new interfaces, read documentation, and undertake training courses to familiarise yourself with the tooling to extract the greatest business benefit.
- Able to clearly communicate in spoken and written word.
We're looking for someone who has:
- An extensive understanding of Information Technology with a strong working knowledge of Windows, Linux and networking.
- A strong working knowledge of Microsoft Suite of applications is required, you will need to be proficient in Microsoft Word, Excel, PowerPoint and Visio as you create Process Documentation and effectively communicate pgoress against key objectives.
Benefits
In addition to your basic salary (between £40,000 and £60,000, depending on experience), we offer a comprehensive, flexible and market-competitive benefits package. Our flexible benefits package allows you to choose the benefits that best suit your lifestyle.
Core Benefits:
- Annual Pay Review
- Discretionary Company Performance Bonus
- Employee Assistance Program
- Free Private Health Care
- Free Flu Vaccinations + Eye Tests + Voucher towards glasses
- My Recognition
- Free access to GP, Physiotherapists and more
- 25 days holiday
- 4 x Salary Life Insurance
Our flexible benefits scheme gives employees access to additional benefits to supplement their core package:
- Pension Contribution – Salary Sacrifice
- Cycle2Work + Car Leasing – Electric Cars
- Critical Illness Cover + Dental Insurance
- Gym Flex
- Hello Fresh / Taste Card / Gourmet Card
- RAC Breakdown Cover
- Charitable Payroll Giving
- Buy / Sell holiday
- Technology loans
Tags: Active Directory Azure CISO Compliance IT infrastructure Linux PowerShell Red Hat SaaS TLS Vulnerabilities Vulnerability management Windows
Perks/benefits: Career development Competitive pay Flex hours Health care Salary bonus
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Senior Cyber Security Specialist jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs