IT Cyber Security Analyst & Team Leader - CISSP or CySA+ or MSc Information Security Weymouth, Dorset, or London, South East UK or Stoke on Trent, Staffordshire £50,000pa + Hybrid & Flexi-Working & Training & Certifications Available Weymouth, Dorset, or London, South East UK, or Staffordshire + Hybrid and Flexible Working as Standard The Client: Are a well-known High St and Online retailer who are seeking a Senior IT Cyber Security Analyst who specialises in Microsoft/Wintel Servers and Virtualisation supporting a UK wide infrastructure. Objective: You will Lead 2 x Cyber Security Analysts, giving support to the Head of Cyber Security in delivering the Information Security service to the global business. You will lead all Cyber Security Operations function and be the first point of contact for technical information security related matters. Role Responsibilities: You will Lead 2 x Cyber Security Analysts, giving support to the Head of Cyber Security Act as the first point of action or escalation for the identification of security incidents and their investigation. Be responsible for the managed Security Operations Centre (SOC), Network Monitoring and Managed Detection and Response services and associated vendor relationships. Offer mentoring, advice and guidance to those in your Team Be the subject matter expert for technical security related queries, providing the Security Architect, IT Service and Delivery teams and business stakeholders with authoritative advice and defined security requirements. Be responsible for the Security Education and Awareness scheme. Ensure Cyber Security campaigns are conducted, and improvements implemented and ensure colleague queries around policies and requirements are appropriately answered in a timely manner. Be responsible for the Vulnerability Management process. Act on vulnerability information and conduct Cyber Security risk assessments and work with suppliers, partners, and internal teams to ensure security vulnerabilities are identified, assessed, and remediated in good time. Key Requirements you will need: In depth knowledge of Information Security concepts and principles, including cloud security capabilities. Experience with configuring and utilising security tooling, including SIEM, EDR, vulnerability scanners, CASB, network scanning, DLP. Hands-on IT experience with proven expertise in a previous Information Security role. Vendor management experience. A relevant intermediate or advanced Information Security based qualification (eg CISSP, CySA+, MSc Information Security) Ability to critically analyse information and make decisions based on judgement, knowledge, and experience. Business Knowledge: Knowledge of Retail and eCommerce is of great advantage but is not essential. Working knowledge of the Information Security elements of Data Protection regulations (eg GDPR, The Data Protection Act 2018) is essential. Knowledge of the NIST Cyber Security Framework is of advantage. Awareness of regulations that affect Retail, such as PCI DSS, is of great advantage but experience of maintaining compliance is not essential. CISSP or CySA+ or MSc Information Security Certifications will be advantageous. Call today!
18/04/2024
Full time
IT Cyber Security Analyst & Team Leader - CISSP or CySA+ or MSc Information Security Weymouth, Dorset, or London, South East UK or Stoke on Trent, Staffordshire £50,000pa + Hybrid & Flexi-Working & Training & Certifications Available Weymouth, Dorset, or London, South East UK, or Staffordshire + Hybrid and Flexible Working as Standard The Client: Are a well-known High St and Online retailer who are seeking a Senior IT Cyber Security Analyst who specialises in Microsoft/Wintel Servers and Virtualisation supporting a UK wide infrastructure. Objective: You will Lead 2 x Cyber Security Analysts, giving support to the Head of Cyber Security in delivering the Information Security service to the global business. You will lead all Cyber Security Operations function and be the first point of contact for technical information security related matters. Role Responsibilities: You will Lead 2 x Cyber Security Analysts, giving support to the Head of Cyber Security Act as the first point of action or escalation for the identification of security incidents and their investigation. Be responsible for the managed Security Operations Centre (SOC), Network Monitoring and Managed Detection and Response services and associated vendor relationships. Offer mentoring, advice and guidance to those in your Team Be the subject matter expert for technical security related queries, providing the Security Architect, IT Service and Delivery teams and business stakeholders with authoritative advice and defined security requirements. Be responsible for the Security Education and Awareness scheme. Ensure Cyber Security campaigns are conducted, and improvements implemented and ensure colleague queries around policies and requirements are appropriately answered in a timely manner. Be responsible for the Vulnerability Management process. Act on vulnerability information and conduct Cyber Security risk assessments and work with suppliers, partners, and internal teams to ensure security vulnerabilities are identified, assessed, and remediated in good time. Key Requirements you will need: In depth knowledge of Information Security concepts and principles, including cloud security capabilities. Experience with configuring and utilising security tooling, including SIEM, EDR, vulnerability scanners, CASB, network scanning, DLP. Hands-on IT experience with proven expertise in a previous Information Security role. Vendor management experience. A relevant intermediate or advanced Information Security based qualification (eg CISSP, CySA+, MSc Information Security) Ability to critically analyse information and make decisions based on judgement, knowledge, and experience. Business Knowledge: Knowledge of Retail and eCommerce is of great advantage but is not essential. Working knowledge of the Information Security elements of Data Protection regulations (eg GDPR, The Data Protection Act 2018) is essential. Knowledge of the NIST Cyber Security Framework is of advantage. Awareness of regulations that affect Retail, such as PCI DSS, is of great advantage but experience of maintaining compliance is not essential. CISSP or CySA+ or MSc Information Security Certifications will be advantageous. Call today!
LA International Computer Consultants Ltd
Hereford, Herefordshire
DV Cleared Onsite in Hereford Duration: 6 months initially Market Rates via Umbrella Role Description: Cyber Defence Engineer will join a growing security team responsible for the testing, implementation, deployment, maintenance, configuration and troubleshooting of the SOC's technology stack (hardware and software). The engineer will also assist with the continued development and maintenance of data pipelines and signature updates and the professional development of the system engineering team. Tasks: * Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration. * Manage system/server resources including performance, capacity, availability, serviceability, and recoverability. * Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability. * Coordinate with SOC and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave. * Manage the compilation, cataloguing, distribution, and retrieval of data from a range of enterprise networks and data sources. * Implement data management standards, requirements, and specifications. * Develop data standards, policies, and procedures. * Analyse data sources to provide actionable recommendations and facilitate data-gathering methods. * To share knowledge, skills and experience, create and improve documentation, and train new members of the data engineering team. Knowledge: * Knowledge of big data technologies and ecosystems (eg, NiFi). * Knowledge of current market and emerging leaders in data analytical and SIEM platforms. * Knowledge of network security implementations (eg, host-based IDS, IPS), including their function and placement in a network. * Knowledge of intrusion detection systems and signature development. * Knowledge of Front End collection systems, including network traffic collection, filtering, and selection. * Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. * Knowledge of cyber defence and information security policies, procedures and regulations. * Knowledge of network security architecture concepts including topology, protocols, components and principles. Skills/Experience: * Previous experience of Enterprise ICS/network architectures and technologies. * Working with frameworks and technologies that support data-intensive distributed applications. * Experience maintaining and administrating data analytical and SIEM platforms. * Experience using host and network-based IDS/IPS. Experience using packet capture solutions. * Skill in developing and deploying signatures. * Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). * Ability to provide technical and service leadership to junior SOC Engineers (mentor/coach). Desirable Qualifications/Certifications * Red Hat System Administration I & II (RH124/RH134). * Baseline Cyber Courses eg Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp. * Certified engineer in a market leading data analysis/SIEM platform. * SANS SEC501 Advanced Security Essentials Enterprise Defender. * SANS SEC 511 Continuous Monitoring & Security Operations. * SANS SEC555: SIEM with Tactical Analytics Available locations: -Hereford -Northallerton -Corsham -Portsmouth Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 18 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
17/04/2024
Project-based
DV Cleared Onsite in Hereford Duration: 6 months initially Market Rates via Umbrella Role Description: Cyber Defence Engineer will join a growing security team responsible for the testing, implementation, deployment, maintenance, configuration and troubleshooting of the SOC's technology stack (hardware and software). The engineer will also assist with the continued development and maintenance of data pipelines and signature updates and the professional development of the system engineering team. Tasks: * Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration. * Manage system/server resources including performance, capacity, availability, serviceability, and recoverability. * Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability. * Coordinate with SOC and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave. * Manage the compilation, cataloguing, distribution, and retrieval of data from a range of enterprise networks and data sources. * Implement data management standards, requirements, and specifications. * Develop data standards, policies, and procedures. * Analyse data sources to provide actionable recommendations and facilitate data-gathering methods. * To share knowledge, skills and experience, create and improve documentation, and train new members of the data engineering team. Knowledge: * Knowledge of big data technologies and ecosystems (eg, NiFi). * Knowledge of current market and emerging leaders in data analytical and SIEM platforms. * Knowledge of network security implementations (eg, host-based IDS, IPS), including their function and placement in a network. * Knowledge of intrusion detection systems and signature development. * Knowledge of Front End collection systems, including network traffic collection, filtering, and selection. * Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. * Knowledge of cyber defence and information security policies, procedures and regulations. * Knowledge of network security architecture concepts including topology, protocols, components and principles. Skills/Experience: * Previous experience of Enterprise ICS/network architectures and technologies. * Working with frameworks and technologies that support data-intensive distributed applications. * Experience maintaining and administrating data analytical and SIEM platforms. * Experience using host and network-based IDS/IPS. Experience using packet capture solutions. * Skill in developing and deploying signatures. * Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). * Ability to provide technical and service leadership to junior SOC Engineers (mentor/coach). Desirable Qualifications/Certifications * Red Hat System Administration I & II (RH124/RH134). * Baseline Cyber Courses eg Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp. * Certified engineer in a market leading data analysis/SIEM platform. * SANS SEC501 Advanced Security Essentials Enterprise Defender. * SANS SEC 511 Continuous Monitoring & Security Operations. * SANS SEC555: SIEM with Tactical Analytics Available locations: -Hereford -Northallerton -Corsham -Portsmouth Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 18 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
As a senior Cloud Native OPS Engineer, you have over 5 years of technical system expertise to perform technical cloud engineering services: - You configure Azure services and work with Terraform Scripting (infrastructure as a code), AWS networking/gateways, AWS Landing Zone setup, lambda and container services; - You evaluate and translate requirements into design; - You evaluate design benefits and trade-offs; - You validate design compliance and support deployment of the design to ensure the requirements are met; - You use development tools to efficiently solve technical or business challenges, incl. technology evolution, capacity management, and performance optimization; - You innovate to present new ideas which improve an existing system/process/service; - You maintain knowledge of existing technology documents via technical writing; - You perform (complex) incident resolution and root cause analyses; - On duty call for the systems you are responsible for, can be required. Next to a proven experience in system software and cloud infrastructure, you have the following core competences: Adaptive, Analytical thinking, Collaborating, Flexible, IT Infrastructure, Result driven, Software development. knowledge of: public cloud AWS CICD tooling AWS Lambda Python Terraform AWS Athena As a part of our team, you are responsible for the architectural decisions, engineering, integration and maintenance of the cloud platform. Currently we actively manage AWS & Azure cloud environments and keep an eye on other cloud platforms. The focus is on technology/infrastructure services, not the usage and development methodologies that use the cloud platform. The latter is handled by DevOps teams with whom you will be working closely. You assist in feasibility studies to take on new technological services or improvements and help design the services with focus on security, maintainability, flexibility and efficiency. You work together with architects and analysts to come to a proper final design, product owners and scrum masters to govern the exercise and its allocated resources, and software engineering to ensure effective positioning and service offerings.
16/04/2024
Project-based
As a senior Cloud Native OPS Engineer, you have over 5 years of technical system expertise to perform technical cloud engineering services: - You configure Azure services and work with Terraform Scripting (infrastructure as a code), AWS networking/gateways, AWS Landing Zone setup, lambda and container services; - You evaluate and translate requirements into design; - You evaluate design benefits and trade-offs; - You validate design compliance and support deployment of the design to ensure the requirements are met; - You use development tools to efficiently solve technical or business challenges, incl. technology evolution, capacity management, and performance optimization; - You innovate to present new ideas which improve an existing system/process/service; - You maintain knowledge of existing technology documents via technical writing; - You perform (complex) incident resolution and root cause analyses; - On duty call for the systems you are responsible for, can be required. Next to a proven experience in system software and cloud infrastructure, you have the following core competences: Adaptive, Analytical thinking, Collaborating, Flexible, IT Infrastructure, Result driven, Software development. knowledge of: public cloud AWS CICD tooling AWS Lambda Python Terraform AWS Athena As a part of our team, you are responsible for the architectural decisions, engineering, integration and maintenance of the cloud platform. Currently we actively manage AWS & Azure cloud environments and keep an eye on other cloud platforms. The focus is on technology/infrastructure services, not the usage and development methodologies that use the cloud platform. The latter is handled by DevOps teams with whom you will be working closely. You assist in feasibility studies to take on new technological services or improvements and help design the services with focus on security, maintainability, flexibility and efficiency. You work together with architects and analysts to come to a proper final design, product owners and scrum masters to govern the exercise and its allocated resources, and software engineering to ensure effective positioning and service offerings.
Request Technology - Craig Johnson
Chicago, Illinois
*Position is bonus eligible* Prestigious Financial Company is currently seeking an Information Data Governance and Protection Analyst. Candidate will be responsible for supporting the development and implementation of the information governance, data protection, and privacy program. This includes supporting the development of strategies, policies, procedures, and controls related to the governance and protection of information throughout its life cycle. In addition, the role will work with stakeholders to define the information governance, data protection, and privacy requirements; will facilitate compliance with the identified requirements to control risk; will represent the program to internal and external stakeholders; and will support the development and implementation of training and awareness programs. This role will focus on compliance with applicable regulatory and legal rules and requirements (ie SEC-Regulation SCI, CFTC-System Safeguards, etc.) as they relate to information including support of regulatory exam and Internal Audit remediation planning, tracking, and mitigation. Responsibilities: Work with appropriate stakeholders and across the organization to create a culture that manages information as an enterprise asset Implementation of the information governance, data protection, and privacy program including the development of policies, procedures, and job aids Identification, implementation, and use of technologies to support program objectives and classification standards Execution of controls and risk assessments (eg, third-party risk, privacy, data protection) Responsible in performing the privacy impact assessment on data incidents and working with relevant stakeholders like Security Services and Legal to help closing the incident. Creation and execution of strategies to identify information across the organization and throughout its life cycle Preparation of program for regulatory and internal audits/examinations and timely remediation of any findings Use of technology/tools to track projects, manage deliverables and create reporting that support the program and its objectives Support of compliance assessments for information governance, data protection, and privacy including development of controls to measure risk Development and maintenance of the organization's Records and Information Management (RIM) program, ensuring information across all media and formats is properly retained and disposed including remediation of Legacy information Ensure retention, disposition, protection, and classification are addressed in new applications, platforms, and systems Collaborate with internal and external stakeholders to implement information governance, data protection, and privacy policies and requirements Support and develop training and awareness programs for information governance, data protection, and privacy. Identify trends in privacy and regulatory requirements, compliance enforcement, and action the necessary changes in the program. Qualifications: Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings Experience with Privacy requirements and work with personal information and its protection Strong strategic thinking, problem solving, and analytic skills Utilize metrics as means to improve performance Ability to adapt to change in emerging environments and work across multiple areas Experience in developing policies and procedures Experience in project management, project execution, and managing multiple priorities in a timeline driven environment Experience working in a highly regulated environment including an understanding of audit and compliance requirements Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Bachelor's degree or higher in information management, information systems, law, computer science or BA/BS in another discipline with equivalent experience Experience in the financial services industry Certifications Preferred: Certifications in Information, Data, Privacy Records or Security such as: Certified Information Privacy Professional (CIPP), Certified Information Privacy Management (CIPM), Certified Records Manager (CRM), and/or Certified Information Privacy Technologist (CIPT), Certified Information Systems Security Professional (CISSP), Information Governance Professional (IGP), Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA)
16/04/2024
Full time
*Position is bonus eligible* Prestigious Financial Company is currently seeking an Information Data Governance and Protection Analyst. Candidate will be responsible for supporting the development and implementation of the information governance, data protection, and privacy program. This includes supporting the development of strategies, policies, procedures, and controls related to the governance and protection of information throughout its life cycle. In addition, the role will work with stakeholders to define the information governance, data protection, and privacy requirements; will facilitate compliance with the identified requirements to control risk; will represent the program to internal and external stakeholders; and will support the development and implementation of training and awareness programs. This role will focus on compliance with applicable regulatory and legal rules and requirements (ie SEC-Regulation SCI, CFTC-System Safeguards, etc.) as they relate to information including support of regulatory exam and Internal Audit remediation planning, tracking, and mitigation. Responsibilities: Work with appropriate stakeholders and across the organization to create a culture that manages information as an enterprise asset Implementation of the information governance, data protection, and privacy program including the development of policies, procedures, and job aids Identification, implementation, and use of technologies to support program objectives and classification standards Execution of controls and risk assessments (eg, third-party risk, privacy, data protection) Responsible in performing the privacy impact assessment on data incidents and working with relevant stakeholders like Security Services and Legal to help closing the incident. Creation and execution of strategies to identify information across the organization and throughout its life cycle Preparation of program for regulatory and internal audits/examinations and timely remediation of any findings Use of technology/tools to track projects, manage deliverables and create reporting that support the program and its objectives Support of compliance assessments for information governance, data protection, and privacy including development of controls to measure risk Development and maintenance of the organization's Records and Information Management (RIM) program, ensuring information across all media and formats is properly retained and disposed including remediation of Legacy information Ensure retention, disposition, protection, and classification are addressed in new applications, platforms, and systems Collaborate with internal and external stakeholders to implement information governance, data protection, and privacy policies and requirements Support and develop training and awareness programs for information governance, data protection, and privacy. Identify trends in privacy and regulatory requirements, compliance enforcement, and action the necessary changes in the program. Qualifications: Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings Experience with Privacy requirements and work with personal information and its protection Strong strategic thinking, problem solving, and analytic skills Utilize metrics as means to improve performance Ability to adapt to change in emerging environments and work across multiple areas Experience in developing policies and procedures Experience in project management, project execution, and managing multiple priorities in a timeline driven environment Experience working in a highly regulated environment including an understanding of audit and compliance requirements Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Bachelor's degree or higher in information management, information systems, law, computer science or BA/BS in another discipline with equivalent experience Experience in the financial services industry Certifications Preferred: Certifications in Information, Data, Privacy Records or Security such as: Certified Information Privacy Professional (CIPP), Certified Information Privacy Management (CIPM), Certified Records Manager (CRM), and/or Certified Information Privacy Technologist (CIPT), Certified Information Systems Security Professional (CISSP), Information Governance Professional (IGP), Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA)
DV Cleared SIEM/Incident SME Location: Northallerton/Corsham/Portsmouth Duration: 6 - 12 Months Rate to SSC: Market Rate MUST BE PAYE THROUGH UMBRELLA Role Description: The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
15/04/2024
Project-based
DV Cleared SIEM/Incident SME Location: Northallerton/Corsham/Portsmouth Duration: 6 - 12 Months Rate to SSC: Market Rate MUST BE PAYE THROUGH UMBRELLA Role Description: The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
Cyber Defence Engineer Location: Full Time onsite in Hereford Duration: 6 months MUST BE PAYE THROUGH UMBRELLA We are heading up a recruitment drive on behalf of a leading IT consultancy that require a DV cleared Cyber Defence Engineer to join their team on a major defence project that is based in Hereford. Role Description: Role Description: Cyber Defence Engineer will join a growing security team responsible for the testing, implementation, deployment, maintenance, configuration and troubleshooting of the SOC's technology stack (hardware and software). The engineer will also assist with the continued development and maintenance of data pipelines and signature updates and the professional development of the system engineering team. Tasks: Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration. Manage system/server resources including performance, capacity, availability, serviceability, and recoverability. Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability. Coordinate with SOC and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave. Manage the compilation, cataloguing, distribution, and retrieval of data from a range of enterprise networks and data sources. Implement data management standards, requirements, and specifications. Develop data standards, policies, and procedures. Analyse data sources to provide actionable recommendations and facilitate data-gathering methods. To share knowledge, skills and experience, create and improve documentation, and train new members of the data engineering team. Knowledge: Knowledge of big data technologies and ecosystems (eg, NiFi). Knowledge of current market and emerging leaders in data analytical and SIEM platforms. Knowledge of network security implementations (eg, host-based IDS, IPS), including their function and placement in a network. Knowledge of intrusion detection systems and signature development. Knowledge of Front End collection systems, including network traffic collection, filtering, and selection. Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. Knowledge of cyber defence and information security policies, procedures and regulations. Knowledge of network security architecture concepts including topology, protocols, components and principles. Skills/Experience: Previous experience of Enterprise ICS/network architectures and technologies. Working with frameworks and technologies that support data-intensive distributed applications. Experience maintaining and administrating data analytical and SIEM platforms. Experience using host and network-based IDS/IPS Experience using packet capture solutions. Skill in developing and deploying signatures. Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Ability to provide technical and service leadership to junior SOC Engineers (mentor/coach). Desirable Qualifications/Certifications Red Hat System Administration I & II (RH124/RH134). Baseline Cyber Courses eg Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp. Certified engineer in a market leading data analysis/SIEM platform. SANS SEC501 Advanced Security Essentials Enterprise Defender. SANS SEC 511 Continuous Monitoring & Security Operations. SANS SEC555: SIEM with Tactical Analytics
15/04/2024
Project-based
Cyber Defence Engineer Location: Full Time onsite in Hereford Duration: 6 months MUST BE PAYE THROUGH UMBRELLA We are heading up a recruitment drive on behalf of a leading IT consultancy that require a DV cleared Cyber Defence Engineer to join their team on a major defence project that is based in Hereford. Role Description: Role Description: Cyber Defence Engineer will join a growing security team responsible for the testing, implementation, deployment, maintenance, configuration and troubleshooting of the SOC's technology stack (hardware and software). The engineer will also assist with the continued development and maintenance of data pipelines and signature updates and the professional development of the system engineering team. Tasks: Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration. Manage system/server resources including performance, capacity, availability, serviceability, and recoverability. Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability. Coordinate with SOC and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave. Manage the compilation, cataloguing, distribution, and retrieval of data from a range of enterprise networks and data sources. Implement data management standards, requirements, and specifications. Develop data standards, policies, and procedures. Analyse data sources to provide actionable recommendations and facilitate data-gathering methods. To share knowledge, skills and experience, create and improve documentation, and train new members of the data engineering team. Knowledge: Knowledge of big data technologies and ecosystems (eg, NiFi). Knowledge of current market and emerging leaders in data analytical and SIEM platforms. Knowledge of network security implementations (eg, host-based IDS, IPS), including their function and placement in a network. Knowledge of intrusion detection systems and signature development. Knowledge of Front End collection systems, including network traffic collection, filtering, and selection. Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. Knowledge of cyber defence and information security policies, procedures and regulations. Knowledge of network security architecture concepts including topology, protocols, components and principles. Skills/Experience: Previous experience of Enterprise ICS/network architectures and technologies. Working with frameworks and technologies that support data-intensive distributed applications. Experience maintaining and administrating data analytical and SIEM platforms. Experience using host and network-based IDS/IPS Experience using packet capture solutions. Skill in developing and deploying signatures. Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Ability to provide technical and service leadership to junior SOC Engineers (mentor/coach). Desirable Qualifications/Certifications Red Hat System Administration I & II (RH124/RH134). Baseline Cyber Courses eg Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp. Certified engineer in a market leading data analysis/SIEM platform. SANS SEC501 Advanced Security Essentials Enterprise Defender. SANS SEC 511 Continuous Monitoring & Security Operations. SANS SEC555: SIEM with Tactical Analytics
As a senior Data Architect, you have over 5 years of experience in designing and implementing data architecture: - You focus on building solutions or services right and are passionate by building new solutions with new technologies; - You plan and develop the architectural runway of enablers in support of new business features and capabilities, working directly with Agile teams to implement them; - You enable the continuous delivery pipeline through appropriate design guidelines and investment advocacy; - You work with portfolio stakeholders, notably the Enterprise Architect, to develop, analyze, split and realize the implementation of enabler epics; - You participate in planning, definition and high-level design of the solution and exploration of solution alternatives. - You are a certified data architect with knowledge of configuration of AWS services and Terraform Scripting (infrastructure as a code); - You design and implement AWS networking/gateways, AWS Landing Zone setup; - You have experience with lambda and container services, and design of highly complex AWS big data applications. Next to a proven experience in Data Architecture, you have the following core competences: Analytical thinking, Collaborating, Conceptual thinking, Data driven, IT Security, Problem solving, Process driven, Result driven, Tactical & strategic planning. The intensive use of commercial data and data analysis has expanded into a strategic core competence for oiur client. Together with business and IT partners you will build a high-quality data environment, which is being developed on a Big Data platform in the Amazon Cloud with platform-specific tools and technologies. With this Big Data Platform we can continue to make data-driven decisions that enable to grow further. As a Big Data Cloud engineer, you are responsible for the engineering, integration and maintenance of the Big Data Platform. The Big Data Platform is build on top of the Amazon-Cloud by making use of services provided by the Cloud provider and 3th parties. The focus is both on technology and infrastructure services, as on development tools and methodologies for the Big Data Platform. You get your energy from working out the Big Data Platform in detail and you are also the key person between the platform team and the data engineers and data analysts. Together with them you ensure that they can build Artificial Intelligence models and integrate those AI-models in our operational and commercial processes. You contribute to the design and implementation of the platform and capabilities for data delivery and data processing. What do we expect from you? You help to design the platform and the required services with focus on security, maintainability, flexibility, efficiency in a cost efficient manner. You work together with architects and analysts to come to a proper design. You make use of services provided by the Cloud provider, by 3th parties and own development to implement the Big Data Platform. You contribute to the implementation and maintenance of the technical design. In addition, you support the data analysts and engineers in using the platform and the services. We expect you to come at least one day per week to our office in Leuven for a team day. AWS CICD tooling AWS Lambda AWS S3 GIThub/BitBucket Kubernetes Python Terraform
15/04/2024
Project-based
As a senior Data Architect, you have over 5 years of experience in designing and implementing data architecture: - You focus on building solutions or services right and are passionate by building new solutions with new technologies; - You plan and develop the architectural runway of enablers in support of new business features and capabilities, working directly with Agile teams to implement them; - You enable the continuous delivery pipeline through appropriate design guidelines and investment advocacy; - You work with portfolio stakeholders, notably the Enterprise Architect, to develop, analyze, split and realize the implementation of enabler epics; - You participate in planning, definition and high-level design of the solution and exploration of solution alternatives. - You are a certified data architect with knowledge of configuration of AWS services and Terraform Scripting (infrastructure as a code); - You design and implement AWS networking/gateways, AWS Landing Zone setup; - You have experience with lambda and container services, and design of highly complex AWS big data applications. Next to a proven experience in Data Architecture, you have the following core competences: Analytical thinking, Collaborating, Conceptual thinking, Data driven, IT Security, Problem solving, Process driven, Result driven, Tactical & strategic planning. The intensive use of commercial data and data analysis has expanded into a strategic core competence for oiur client. Together with business and IT partners you will build a high-quality data environment, which is being developed on a Big Data platform in the Amazon Cloud with platform-specific tools and technologies. With this Big Data Platform we can continue to make data-driven decisions that enable to grow further. As a Big Data Cloud engineer, you are responsible for the engineering, integration and maintenance of the Big Data Platform. The Big Data Platform is build on top of the Amazon-Cloud by making use of services provided by the Cloud provider and 3th parties. The focus is both on technology and infrastructure services, as on development tools and methodologies for the Big Data Platform. You get your energy from working out the Big Data Platform in detail and you are also the key person between the platform team and the data engineers and data analysts. Together with them you ensure that they can build Artificial Intelligence models and integrate those AI-models in our operational and commercial processes. You contribute to the design and implementation of the platform and capabilities for data delivery and data processing. What do we expect from you? You help to design the platform and the required services with focus on security, maintainability, flexibility, efficiency in a cost efficient manner. You work together with architects and analysts to come to a proper design. You make use of services provided by the Cloud provider, by 3th parties and own development to implement the Big Data Platform. You contribute to the implementation and maintenance of the technical design. In addition, you support the data analysts and engineers in using the platform and the services. We expect you to come at least one day per week to our office in Leuven for a team day. AWS CICD tooling AWS Lambda AWS S3 GIThub/BitBucket Kubernetes Python Terraform
Junior SOC Analyst - Hybrid - 3 days on site - Nottinghamshire Main Responsibilities: - Triage, analyse and investigate alerts, log data and network traffic using security tools to identify cyber-attacks/security incidents. This includes the investigation and root cause analysis of potential security incidents. - Proactively investigate potential security breaches by utilising threat intelligence and internal and external security systems and provide subject matter expertise for technical responses to confirmed cyber security incidents. - Create and maintain the clients target cyber security architecture. - Deliver subject matter expertise to key stakeholders to drive the implementation of security controls to meet the target architecture. - Accountable for vulnerability scanning, including the prioritisation of unpatched vulnerabilities and reporting against agreed KPIs and KRIs. - Support the annual penetration testing schedule by arranging penetration testing, including tracking, and communicating penetration testing results. - Perform supplementary testing of clients detection and response controls by procuring, installing, and running penetration testing tooling. - Participate in process improvement work to automate and improve critical cyber security processes such as monitoring, patching, and hardening. - Develop and maintain process documentation for security architecture, vulnerability management, cyber incident response, and playbooks. - Provide security representation across multiple geographies, business units and teams to achieve objectives, including engagement with the Information Security Enhancement Office. Skills, Knowledge and Experience - Has obtained one or more of the following qualifications: CEH, CRTSA, and OSCP. - Qualifications such as CISSP and CISM would be advantageous. - Problem solving skills, and the ability to come up with new solutions to existing challenges. - Strengths in key 'soft skill' areas such as relationship management, communication, and presentation of technical security information to a variety of audiences. - Technical skills to investigate potential breaches through existing tools, packet capture and log file analysis. - A logical mindset, the ability to identify proportionate, appropriate mitigations to identified security incidents, and to prioritise incidents based on risk. - Capable of working independently/without ongoing supervision on projects and day to day tasks. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
12/04/2024
Full time
Junior SOC Analyst - Hybrid - 3 days on site - Nottinghamshire Main Responsibilities: - Triage, analyse and investigate alerts, log data and network traffic using security tools to identify cyber-attacks/security incidents. This includes the investigation and root cause analysis of potential security incidents. - Proactively investigate potential security breaches by utilising threat intelligence and internal and external security systems and provide subject matter expertise for technical responses to confirmed cyber security incidents. - Create and maintain the clients target cyber security architecture. - Deliver subject matter expertise to key stakeholders to drive the implementation of security controls to meet the target architecture. - Accountable for vulnerability scanning, including the prioritisation of unpatched vulnerabilities and reporting against agreed KPIs and KRIs. - Support the annual penetration testing schedule by arranging penetration testing, including tracking, and communicating penetration testing results. - Perform supplementary testing of clients detection and response controls by procuring, installing, and running penetration testing tooling. - Participate in process improvement work to automate and improve critical cyber security processes such as monitoring, patching, and hardening. - Develop and maintain process documentation for security architecture, vulnerability management, cyber incident response, and playbooks. - Provide security representation across multiple geographies, business units and teams to achieve objectives, including engagement with the Information Security Enhancement Office. Skills, Knowledge and Experience - Has obtained one or more of the following qualifications: CEH, CRTSA, and OSCP. - Qualifications such as CISSP and CISM would be advantageous. - Problem solving skills, and the ability to come up with new solutions to existing challenges. - Strengths in key 'soft skill' areas such as relationship management, communication, and presentation of technical security information to a variety of audiences. - Technical skills to investigate potential breaches through existing tools, packet capture and log file analysis. - A logical mindset, the ability to identify proportionate, appropriate mitigations to identified security incidents, and to prioritise incidents based on risk. - Capable of working independently/without ongoing supervision on projects and day to day tasks. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
Senior Analyst - Information Governance/Data Protection Salary: Open + Bonus Location: Chicago, IL Hybrid: 3 days on-site, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 5+ years of applicable work experience Previous work with information or data governance control activities in the financial services industry. Experience in the financial services industry. Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Responsibilities Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy. Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships. Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings. Experience with Privacy requirements and work with personal information and its protection. Strong strategic thinking, problem solving, and analytic skills.
09/04/2024
Full time
Senior Analyst - Information Governance/Data Protection Salary: Open + Bonus Location: Chicago, IL Hybrid: 3 days on-site, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 5+ years of applicable work experience Previous work with information or data governance control activities in the financial services industry. Experience in the financial services industry. Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Responsibilities Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy. Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships. Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings. Experience with Privacy requirements and work with personal information and its protection. Strong strategic thinking, problem solving, and analytic skills.