Page 1 of 2

Position Description Form

Document Name Position Description

Document Number QMF207

Job Title Group IT Manager

Department IT

Reports to Chief Financial Officer (CFO)

Employment Status Full-time x Part-time Temporary Trainee

Hours worked 40 hours per week Pay period Monthly

Date Reviewed October 2024 Reviewed by LJM

Purpose of position: This is a standalone IT role to ensure a robust and high performing IT infrastructure is in place, to support the delivery of business objectives and ensure maximum efficiency. The IT Manager will be responsible for implementing the IT strategy across the Group and ensuring the correct processes and structure is in place.

Reports to: Chief Financial Officer (CFO)

Skills/Attributes required: • Hands-on approach and a versatile IT skill set, ready for strategic planning and daily operations

• The ability to communicate effectively with stakeholders, including senior management, to provide updates and recommendations

• Problem-Solving: Strong analytical and problem-solving abilities

Education/Experience required: • Extensive experience in system management and IT leadership roles

• Technical expertise in IT infrastructure and systems administration, with proficiency in networking and security

• Excellent ERP support experience • Proficiency in User Support, including Office 365, SharePoint

and Teams

Certificate/License required: N/A

Primary Responsibilities: • Identify, develop and implement IT strategies and improvement opportunities that align with the company's goals and objectives

• Identify gaps in IT across the Group and implement processes to overcome these

• Manage and monitor controlled access to the company's network and associated systems

Page 2 of 2

• Evaluate potential IT investments and identify areas of organisational growth

• Roll out training and educate employees across the Group on system use

• Manage user’s rights on local infrastructure & access control • Deliver comprehensive 1st, 2nd, and 3rd line support to

internal users on business systems • Ensure robust cybersecurity measures are in place to

safeguard the business against potential threats • Responsible for ensuring the ERP system is fit for purpose

and meets internal stakeholder requirements • Accountable for facilitating software and hardware upgrades,

ensuring they are delivered successfully and within budgetary limits

• Work with other departments as and when necessary to support with the implementation of automation

• Manage the IT and telecoms budgets • Liaise with third party IT support provider to ensure the

Group is receiving the best service • Be the point of escalation for all technical issues • Set up IT equipment and systems for new team members and

ensure new employees have a detailed IT induction • Resolve other day to day issues as and when they arise

Performance Objectives: • Ensure the IT infrastructure is reliable and robust

Key Performance Indicators (KPIs):

TBC

This Job Description forms part of the contract of employment of the person appointed to this post. It reflects

the position at the present time only, and may be changed at the discretion of the management. As a general

term of employment the Company may affect any necessary changes in job content, or may require the post

holder to undertake other duties, at any location in the Company, provided that such changes are appropriate

to the employee's remuneration and status.

Director Authorisation

Name Date

Employee Signature Date

Job Title Identity & Access Management (IAM) Specialist

Department

Cyber Resilience Team

Reports to Cyber Resilience Manager

Grade

Grade 5

Purpose & Overview ­ The Identity & Access Management (IAM) Specialist in Wales & West Utilities (WWU)’s Cyber Resilience Team is responsible for designing, implementing and managing robust IAM strategies and solutions to safeguard WWU's information assets.

­ The role involves ensuring secure and efficient access to resources, mitigating insider threats and enhancing overall cyber resilience.

­ Reporting to the Cyber Resilience Manager, this role is instrumental in maintaining a secure and efficient access control environment within WWU. By implementing IAM strategies, ensuring compliance with policies and managing access to resources effectively, this role significantly contributes to WWU's cyber resilience.

­ Strong collaboration across the business (e.g. IT, HR) is essential for success in this role.

Key Responsibilities ­ Develop and implement a comprehensive IAM strategy aligned with WWU’s Cyber Security Strategy.

­ Design IAM architectures that support secure and efficient access controls across the business.

­ Establish and enforce access governance policies and procedures.

­ Conduct periodic access reviews and certifications to ensure compliance with security policies and regulatory requirements.

­ Design and implement processes for the entire identity lifecycle, including joiners, movers and leavers (JML).

­ Collaborate with HR and IT teams to automate and streamline identity provisioning and de-provisioning.

­ Implement and manage SSO solutions to enhance user experience and security across the business.

­ Deploy and oversee MFA mechanisms to strengthen authentication controls.

­ Implement and manage PAM solutions to control and monitor privileged access.

­ Enforce least privilege principles for privileged accounts and conduct regular audits.

­ Regularly review and update role assignments to reflect changes to WWU’s active directory.

­ Integrate IAM solutions with other cyber security and IT systems, such as identity sources, directories and applications.

­ Collaborate with the appropriate IT teams to ensure seamless user experiences across different systems.

­ Develop and enhance IAM-related incident response plans to address potential security incidents.

­ Collaborate with the incident response team to investigate and remediate IAM-related incidents.

­ Ensure IAM practices comply with relevant regulations, industry standards and internal policies.

­ Support internal and external audits related to IAM controls.

Technical Skills ­ Significant experience in a similar role, ideally some of which has been spent in a CNI environment.

Qualifications Essential: ­ Proven experience in IAM or related roles. ­ In-depth knowledge of IAM principles, technologies, and best

practices. ­ Familiarity with IAM frameworks and standards. ­ Strong analytical and problem-solving skills.

Desired: ­ Bachelor's or Master's degree in Cyber Security, Information

Technology or related field. ­ tbc ­ Other relevant cyber security certifications

Additional Information ­ Vetting

Job Title Incident Response Analyst

Department

Cyber Resilience Team

Reports to Cyber Threat Intelligence Expert

Grade

Grade 5

Purpose & Overview ­ This position plays a crucial part in enhancing WWU's cyber

resilience by providing actionable insights, informing decision-

making, and proactively contributing to mitigating potential

threats.

­ The Incident Response Analyst collaborates with various

teams, both internal and external, to ensure a comprehensive

understanding of the threat landscape and WWU’s response to

any incidents.

­ Often working within the security operations centre (SOC), the primary responsibility of an incident responder is to rapidly investigate and document cybersecurity incidents within an organization.

­ Once a possible incident has been identified, the incident responder is tasked to investigate events and mitigate potential impact.

­ As a member of the CSIRT, the incident responder works closely with the enterprise’s security organization to categorize and classify attack methods and intended payloads in support of an effort to build protection for further similar incidents.

Key Responsibilities ­ Monitor and analyse network traffic, system logs, and other data sources to identify potential security incidents.

­ Investigate alerts and suspicious activity to determine if an incident has occurred.

­ Contain affected systems and networks to prevent the incident from spreading.

­ Implement temporary measures to mitigate the impact of the incident.

­ Work with other teams, such as IT and security operations, to develop and implement a containment strategy.

­ Analyse incident data to determine the root cause of the incident and identify recommendations for improvement.

­ Document and report incidents to the incident response team and other relevant stakeholders.

­ Develop and implement security plans, policies, and training to prepare the organization to respond efficiently and effectively to cyber threats.

Technical Skills ­ Experience in a similar role, ideally some of which has been spent in a CNI environment.

Qualifications Essential: ­ Proven experience operating in a SOC or a related cyber

security role. ­ In-depth knowledge of cyber threats, threat intelligence

frameworks and cyber security best practice. ­ Strong analytical and problem-solving skills. ­ GIAC Certified Incident Handler

Desirable: ­ Bachelor’s or master’s degree in cyber security or related field. ­ Other relevant cyber security certifications

Additional Information ­ Vetting