- Follow-up of copyright and malware incidents which have not been resolved by first line.
- Management of major incidents, including liaison with multiple stakeholders (e.g. ISD, Faculties, HR, the Data Protection Officer and the police), correlation of incident data, and documentation.
- Forensic data acquisition and investigation in accordance with ACPO guidelines.
- Penetration testing
- Web application testing
- Monthly scanning of key servers
Information Security Monitoring
- Monitoring of incoming, outgoing and internal attacks.
- Provision of metrics to stakeholders.
- Development and management of IDS, SIEM.
- Creation, agreement and maintenance or documentation to support appropriate information security in all UCL operations.
- Review of existing documentation at least once per year, development of new policies, retirement of old.
- Creating and maintaining a database of relevant and appropriate technical resources and assisting UCL members in interpreting it for their situation.
- Provision of advice and guidance to new and on-going initiatives.
- Addressing information security risk and compliance requirements of projects and services, with full lifecycle contact to a level commensurate with risk.
Information Security Management System Support
- Advice, guidance, and software tools to assist Schools and Faculties in managing their information security risk. Includes development and maintenance of software tools.
- Audit of information security management systems against appropriate standard (e.g. IG Toolkit, ISO/IEC 27001, PCI DSS).
Information Security Awareness
- Raising the understanding of information security amongst UCL members of staff and students. To include: awareness campaigns, email newsletters, website, blog, training courses.
- Information Security Awareness course