QA Consulting has teams of Cyber Security Consultants working with a large public sector department in a variety of security roles. Initially, these teams provided interim capability over a period of six months, to help set up, assess and monitor operations in a new Cyber Security Operations Centre (CSOC). During this time, the client actively recruited permanent members of staff and rotated the QA Consulting teams to other projects within the department and where they are currently working as follows:
The DevSecOps team plans, builds, configures and maintains infrastructure and applications while enforcing security principles that ensure data is secure both at rest and in transit. They also support capacity management, diagnosis of data feed losses and servicing requests from the SOC Team.
Cyber Security Operations Centre (CSOC)
The CSOC team leads in security monitoring, system vulnerabilities checks and detection of incidents and concerns. They liaise with multiple operations teams to analyse systems and logs, mitigate and remedy any vulnerabilities or incidents and provide security awareness using a range of different, Vulnerability Assessment, Threat Intelligence and SIEMs tools and resources.
Information Technology Operations Centre (ITOC)
The ITOC analysts carry out 2nd line network support to provide immediate response to incidents that sometimes involve performing remote fixes of network devices (switches, access points etc.). Additionally, they monitor infrastructure, the network and associated applications for alerts and events using IT monitoring and management tools
The use of an IT service management solution allows the team to actively participate in problem resolution within agreed parameters ensuring issues are logged correctly and successfully closed or escalated to the appropriate 3rd Line resolver group. It also aids in ensuring that requests for assistance are responded to in a timely manner according to agreed SLA’s and OLA’s.
Monitoring of the IT service management solution, industry standard network management software suite, configuration management and Network Access Control ensures the smooth running of the client’s networks.