Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
17/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
17/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
Senior Security Engineer Up to £85,000 + 20% Bonus + 20% Pension Central London - Hybrid You will be joining a prestigious, family-run financial organisation who are on a large-scale digital transformation journey. The company itself is made up of around 500 heads, so you will have great exposure to different areas of the business whilst making a huge impact on the work you do. You will be joining as a Senior Security Engineer; this is the second hire within a growing Security team. Your role will cover all areas of security, covering support on projects that require security input (Design and concept) and BAU projects. Areas will cover things like vulnerability management, network security and general security support. Experience required: Security/Cyber Security Generalist Background in IT Support CISSP or an equivalent qualification Strong understanding of Servers Vulnerability Management Network Security Desirable but not required: Qualis Zscaler DLP Access Management (IAM/PAM) Please apply directly and we will be in touch to provide further information!
17/05/2024
Full time
Senior Security Engineer Up to £85,000 + 20% Bonus + 20% Pension Central London - Hybrid You will be joining a prestigious, family-run financial organisation who are on a large-scale digital transformation journey. The company itself is made up of around 500 heads, so you will have great exposure to different areas of the business whilst making a huge impact on the work you do. You will be joining as a Senior Security Engineer; this is the second hire within a growing Security team. Your role will cover all areas of security, covering support on projects that require security input (Design and concept) and BAU projects. Areas will cover things like vulnerability management, network security and general security support. Experience required: Security/Cyber Security Generalist Background in IT Support CISSP or an equivalent qualification Strong understanding of Servers Vulnerability Management Network Security Desirable but not required: Qualis Zscaler DLP Access Management (IAM/PAM) Please apply directly and we will be in touch to provide further information!
Senior Cloud Network Engineer Permanent, 3 days in office in London Overview: The Company is a leading financial services firm. The technology is being transformed to a Cloud-First, Cloud-Native architectural model, utilizing DevSecOps processes and adoption of systems-thinking concepts to enhance productivity. The Cloud Network Engineer are responsible for delivering modern end user solutions that are fully automated through code, ensuring scalability and optimize availability and reliability 24/7. Responsibilities: Engineer and secure core Azure platform services across global footprint. Go deep on Cloud Network Engineer, adopting Zero Trust Architecture principles. Engineer and maintain Cloud Secure Web Gateways, Next-Gen CASB solutions Advance branch/SD-WAN solution to optimise network performance and connectivity. Colloborate with other areas of engineering and Service operations to ensure the successful integration of SSE/SASE Automate every operational aspect of infrastructure and systems life cycle Respond to incidents. Run Infrastructure with Python/PowerShell, Ansible, Terraform, Azure DevOps, CI/CD, Kubernetes. Design, build and maintain core infrastructure. Debub production issues Requirements: Strong experience in Windows Servers, Virtulisation, Containerisation tech on Azure Proficiency in Object Oriented programming and developing automated solutions through code. Experience in configuration management systems like Ansible Passion for network security and desire to protect organisations from cyber threats. Keen on Open Source development. Collaborative and able to communicate effectively and asynchronously.
16/05/2024
Full time
Senior Cloud Network Engineer Permanent, 3 days in office in London Overview: The Company is a leading financial services firm. The technology is being transformed to a Cloud-First, Cloud-Native architectural model, utilizing DevSecOps processes and adoption of systems-thinking concepts to enhance productivity. The Cloud Network Engineer are responsible for delivering modern end user solutions that are fully automated through code, ensuring scalability and optimize availability and reliability 24/7. Responsibilities: Engineer and secure core Azure platform services across global footprint. Go deep on Cloud Network Engineer, adopting Zero Trust Architecture principles. Engineer and maintain Cloud Secure Web Gateways, Next-Gen CASB solutions Advance branch/SD-WAN solution to optimise network performance and connectivity. Colloborate with other areas of engineering and Service operations to ensure the successful integration of SSE/SASE Automate every operational aspect of infrastructure and systems life cycle Respond to incidents. Run Infrastructure with Python/PowerShell, Ansible, Terraform, Azure DevOps, CI/CD, Kubernetes. Design, build and maintain core infrastructure. Debub production issues Requirements: Strong experience in Windows Servers, Virtulisation, Containerisation tech on Azure Proficiency in Object Oriented programming and developing automated solutions through code. Experience in configuration management systems like Ansible Passion for network security and desire to protect organisations from cyber threats. Keen on Open Source development. Collaborative and able to communicate effectively and asynchronously.
An excellent 12-month contract for a Fluent French speaking Embedded Software Engineer. Onsite in Belgium, possibility of remote working in the future. Daily rate: 450 Euros The client specialises in the Defence, Security (including Cyber) and Aerospace. MISSION The client wants to reinforce its technical team and is looking for an engineer who wants to develop as an Embedded software engineer. As an Embedded Software Engineer, you will integrate a multidisciplinary team of development within the Engineering department. You will be required, in the context of on firing systems or smart ammunitions, to specify, design, develop, validate, and test Embedded software. You will have the opportunity to work with innovated systems and tools in a high-tech environment. You will be expected to support multiple projects and as such will require planning and organising skills. RESPONSIBILITY Based on upper system specifications, allocate performances, define a software solution Write low- and high-level software requirements using dedicated tools and ensure traceability between requirements. Develop software in C/C++ on Microprocessor, bare metal, or Linux RTOS architecture. Understand and solve the constraints of Real Time applications, low/high level communications, multi-tread management, memory concurrency, etc. Collaborate with hardware engineer to develop abstraction layer of the hardware. Use configuration managements tools (GIT, BitBucket, Jenkins, SonarQube) Ensure code quality by checking code coverage and verify the software using unit testing procedure. Debug low level software using oscilloscopes. Collaborate with V&V and DevOps team to setup a continuous integration system. Write Software Description Documents to capitalize knowledges. Participate to internal project reviews within the company, and external reviews with the customers. Participate in the development of FPGA (VHDL language) as a plus. PROFILE You graduated with a master's degree in software or Electronic Engineer with 3 to 10 years of experience. You are architect and senior developer in C, C++ on Embedded systems Real Time application. You understand the challenges of embedding Real Time solution in micro-controllers. You have an experience in development of FPGA using VHDL and communication systems (CAN, UART,SPI, I2C, Ethernet TCP/IP and Phy, MIL-STD-1553/1760, ARINC429 ) You are a good communicator; you can show pedagogy to support other developers. You are self-motivated and like to take initiatives. You can work with Agile culture. You like following the latest trends in innovation. An experience in aeronautical, spatial, defence or automotive industry, as well as a knowledge of the standards DO-178, ARP4754 or ISO26262, is a plus. English and French (spoken and written) Please get in touch for further details.
16/05/2024
Project-based
An excellent 12-month contract for a Fluent French speaking Embedded Software Engineer. Onsite in Belgium, possibility of remote working in the future. Daily rate: 450 Euros The client specialises in the Defence, Security (including Cyber) and Aerospace. MISSION The client wants to reinforce its technical team and is looking for an engineer who wants to develop as an Embedded software engineer. As an Embedded Software Engineer, you will integrate a multidisciplinary team of development within the Engineering department. You will be required, in the context of on firing systems or smart ammunitions, to specify, design, develop, validate, and test Embedded software. You will have the opportunity to work with innovated systems and tools in a high-tech environment. You will be expected to support multiple projects and as such will require planning and organising skills. RESPONSIBILITY Based on upper system specifications, allocate performances, define a software solution Write low- and high-level software requirements using dedicated tools and ensure traceability between requirements. Develop software in C/C++ on Microprocessor, bare metal, or Linux RTOS architecture. Understand and solve the constraints of Real Time applications, low/high level communications, multi-tread management, memory concurrency, etc. Collaborate with hardware engineer to develop abstraction layer of the hardware. Use configuration managements tools (GIT, BitBucket, Jenkins, SonarQube) Ensure code quality by checking code coverage and verify the software using unit testing procedure. Debug low level software using oscilloscopes. Collaborate with V&V and DevOps team to setup a continuous integration system. Write Software Description Documents to capitalize knowledges. Participate to internal project reviews within the company, and external reviews with the customers. Participate in the development of FPGA (VHDL language) as a plus. PROFILE You graduated with a master's degree in software or Electronic Engineer with 3 to 10 years of experience. You are architect and senior developer in C, C++ on Embedded systems Real Time application. You understand the challenges of embedding Real Time solution in micro-controllers. You have an experience in development of FPGA using VHDL and communication systems (CAN, UART,SPI, I2C, Ethernet TCP/IP and Phy, MIL-STD-1553/1760, ARINC429 ) You are a good communicator; you can show pedagogy to support other developers. You are self-motivated and like to take initiatives. You can work with Agile culture. You like following the latest trends in innovation. An experience in aeronautical, spatial, defence or automotive industry, as well as a knowledge of the standards DO-178, ARP4754 or ISO26262, is a plus. English and French (spoken and written) Please get in touch for further details.
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
16/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
16/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
SC Cleared Software Engineer Salary: up to £74,000 D.O.E Location: West Midlands (Onsite) Our client, a rapidly growing defence company, are looking for a SC Cleared Software Engineer who's with Python and Networking experience to join them on a permanent basis. They offer world class technological and scientific knowledge to provide global security. As a software engineer, you'll be part of a highly motivated, skilled and multi-disciplinary team delivering to enhance national security , in sectors such as crypt-key , cyber assurance and other complex programmes! Key Tech: Python, Linux, Networking What you get: Flexible, adaptive working Health Cash Plan, Private Medical Insurance and Dental Insurance Matched contribution pension scheme, with life assurance Employee discount portal: Personal Accident Insurance, Travel Insurance, Restaurants, Cinema Tickets and much more Holiday Trading is a benefit that allows most employees to buy up to 5 days' additional leave. We are proud to support the Armed Forces community by honouring the Armed Forces Covenant And more! Our client has a 2 stage interview process and for the right candidate will interview as early as this week! If you're interested in this role, or know anyone who would be, then please apply to this advert with your latest CV.
15/05/2024
Full time
SC Cleared Software Engineer Salary: up to £74,000 D.O.E Location: West Midlands (Onsite) Our client, a rapidly growing defence company, are looking for a SC Cleared Software Engineer who's with Python and Networking experience to join them on a permanent basis. They offer world class technological and scientific knowledge to provide global security. As a software engineer, you'll be part of a highly motivated, skilled and multi-disciplinary team delivering to enhance national security , in sectors such as crypt-key , cyber assurance and other complex programmes! Key Tech: Python, Linux, Networking What you get: Flexible, adaptive working Health Cash Plan, Private Medical Insurance and Dental Insurance Matched contribution pension scheme, with life assurance Employee discount portal: Personal Accident Insurance, Travel Insurance, Restaurants, Cinema Tickets and much more Holiday Trading is a benefit that allows most employees to buy up to 5 days' additional leave. We are proud to support the Armed Forces community by honouring the Armed Forces Covenant And more! Our client has a 2 stage interview process and for the right candidate will interview as early as this week! If you're interested in this role, or know anyone who would be, then please apply to this advert with your latest CV.
Global Technology Solutions Ltd
Chippenham, Wiltshire
Cloud IT Solutions Technical Consultant - Service Desk Consultant Permanent - Chippenham Onsite/Hybrid Working £45,000 - £60,000 Must Drive - Happy to Travel as needed. You will be an experienced Technical Consultant with a methodical approach to problem-solving who has an enthusiastic "can do" attitude. You have ambition and a growth mindset so you will be keen to learn, progress and are willing to study to become an exceptional IT professional. MAIN DUTIES * Architect, Design, and Implement Modern Cloud IT Solutions * Completion of Infrastructure, Cyber Risk and Microsoft 365 Adoption Consultancy * Escalation Technical Resource for Project Engineers * Work as part of our dedicated Projects Team away from the Service Desk * Support and guide our customers on their Technical Roadmap * Work with the Projects Administrator to ensure projects are a success * Assist the commercial team with technical roadmaps and presales consultancy ESSENTIAL SKILLS & EXPERIENCE * At least 4 years' experience progressing through a service desk 1st/2nd/3rd line to Technical Consultant * Microsoft Azure (Migration, Deployment and Management of services) * Microsoft 365 including Modern Endpoint Management and Security * Hyper-V/VMware in both on-premises and hybrid deployments * Networking (TCP/IP, VLANs, routing, Firewalls, port forwarding and NAT etc.) * Comfortable communicating at all levels including Management, Senior Leadership Team and Board/Directors * Design and implementation of technical roadmaps, from start to finish. QUALIFICATIONS * Desirable Microsoft Certifications (MS-100/101, AZ-104, MS-500) * Desirable Security Certifications (Security+, CEH) WHAT WE OFFER People & Culture is the heartbeat. We believe success is built from within and is why we are incredibly proud of our team, our working environment and our fun, friendly and inclusive office culture. We live by our values. It is a fast paced, energetic and fun environment to be in. As an employee we will invest in you. We will invest in your training. We will invest our time and energy to help you develop your career and become the very best in your field of work. * Unlimited holiday * Performance and salary reviews * Enrolment into the Academy, aimed on your training and development needs with time available to complete during working hours * Access to online courses, work related plus more, all at your fingertips * Auto Enrolment pension scheme * Staff and Customer referral scheme * Great working atmosphere and balanced work environment - we are high performance and we take good care of each other * Employee socials and events run by our Social Committee * Lots of cake and fruit * And of course, you get to work for a fast-growing, modern, market leader like us! This is a fantastic opportunity to join a welcoming, dynamic company offering a great culture and the chance to build a successful career. NOTES 37.5 hours a week Mon-Fri, due to the nature of the job some occasional work at weekends and outside of normal hours may be required. Travel to customer sites may be required so the ability to travel as and when required is essential. This role requires a DBS and BPSS check as well as you to obtain SC clearance (fully funded). "In applying for this position, you consent to your personal data being shared with the specified employer and for your details to remain with GTS for as long as is necessary to process your application. See our Privacy Notice for full information Global Technology Solutions is acting as an Employment Agency in relation to this vacancy.
15/05/2024
Full time
Cloud IT Solutions Technical Consultant - Service Desk Consultant Permanent - Chippenham Onsite/Hybrid Working £45,000 - £60,000 Must Drive - Happy to Travel as needed. You will be an experienced Technical Consultant with a methodical approach to problem-solving who has an enthusiastic "can do" attitude. You have ambition and a growth mindset so you will be keen to learn, progress and are willing to study to become an exceptional IT professional. MAIN DUTIES * Architect, Design, and Implement Modern Cloud IT Solutions * Completion of Infrastructure, Cyber Risk and Microsoft 365 Adoption Consultancy * Escalation Technical Resource for Project Engineers * Work as part of our dedicated Projects Team away from the Service Desk * Support and guide our customers on their Technical Roadmap * Work with the Projects Administrator to ensure projects are a success * Assist the commercial team with technical roadmaps and presales consultancy ESSENTIAL SKILLS & EXPERIENCE * At least 4 years' experience progressing through a service desk 1st/2nd/3rd line to Technical Consultant * Microsoft Azure (Migration, Deployment and Management of services) * Microsoft 365 including Modern Endpoint Management and Security * Hyper-V/VMware in both on-premises and hybrid deployments * Networking (TCP/IP, VLANs, routing, Firewalls, port forwarding and NAT etc.) * Comfortable communicating at all levels including Management, Senior Leadership Team and Board/Directors * Design and implementation of technical roadmaps, from start to finish. QUALIFICATIONS * Desirable Microsoft Certifications (MS-100/101, AZ-104, MS-500) * Desirable Security Certifications (Security+, CEH) WHAT WE OFFER People & Culture is the heartbeat. We believe success is built from within and is why we are incredibly proud of our team, our working environment and our fun, friendly and inclusive office culture. We live by our values. It is a fast paced, energetic and fun environment to be in. As an employee we will invest in you. We will invest in your training. We will invest our time and energy to help you develop your career and become the very best in your field of work. * Unlimited holiday * Performance and salary reviews * Enrolment into the Academy, aimed on your training and development needs with time available to complete during working hours * Access to online courses, work related plus more, all at your fingertips * Auto Enrolment pension scheme * Staff and Customer referral scheme * Great working atmosphere and balanced work environment - we are high performance and we take good care of each other * Employee socials and events run by our Social Committee * Lots of cake and fruit * And of course, you get to work for a fast-growing, modern, market leader like us! This is a fantastic opportunity to join a welcoming, dynamic company offering a great culture and the chance to build a successful career. NOTES 37.5 hours a week Mon-Fri, due to the nature of the job some occasional work at weekends and outside of normal hours may be required. Travel to customer sites may be required so the ability to travel as and when required is essential. This role requires a DBS and BPSS check as well as you to obtain SC clearance (fully funded). "In applying for this position, you consent to your personal data being shared with the specified employer and for your details to remain with GTS for as long as is necessary to process your application. See our Privacy Notice for full information Global Technology Solutions is acting as an Employment Agency in relation to this vacancy.
Group Senior Penetration Tester - Azure/AWS - Crest - PEN £70k + Benefits + Bonus UK - FULLY REMOTE - (with occasion visits to closest uk office) *Security Check (SC) vetting clearance is a conditional requirement of the role* A global enterprise company are looking for a skilled Senior Penetration Tester to join their highly regarded cyber-security team. The role will be to develop and implement pen testing strategies and measures to maintain and enhance the cyber-security of our business systems, infrastructure, and own the pen testing function in house . Responsibilities for the Group Senior Pen Tester position will include: Develop and implement a comprehensive pen testing strategy for Group business and schedule of pen testing activities. Conduct Pen Tests and output risk assessments and vulnerability assessments to identify potential weaknesses in the organisation's systems, processes, infrastructure, supply chain and employee susceptibility to social engineering techniques. Collaborate with internal teams to develop and implement appropriate controls and measures to mitigate identified risks and vulnerabilities. Conduct thorough and comprehensive penetration tests on various systems, network and applications to identify vulnerabilities and potential security risks. Develop and execute detailed penetration testing methodologies and strategies tailored to meet the specific requirements of the businesses. You will need the following: Must be a Crest Registered Tester (CRT) and hold one or more Crest Certified Tester (CTT) Proven experience as a Penetration Tester, with a strong track record of conducting successful penetration tests on a variety of systems and end to end solutions, applications (SaaS and on-premises), APIs, infrastructure both on premise and cloud (AWS & AZURE). Strong understanding of common security vulnerabilities and attack vectors, as well as the ability to exploit and mitigate them.
15/05/2024
Full time
Group Senior Penetration Tester - Azure/AWS - Crest - PEN £70k + Benefits + Bonus UK - FULLY REMOTE - (with occasion visits to closest uk office) *Security Check (SC) vetting clearance is a conditional requirement of the role* A global enterprise company are looking for a skilled Senior Penetration Tester to join their highly regarded cyber-security team. The role will be to develop and implement pen testing strategies and measures to maintain and enhance the cyber-security of our business systems, infrastructure, and own the pen testing function in house . Responsibilities for the Group Senior Pen Tester position will include: Develop and implement a comprehensive pen testing strategy for Group business and schedule of pen testing activities. Conduct Pen Tests and output risk assessments and vulnerability assessments to identify potential weaknesses in the organisation's systems, processes, infrastructure, supply chain and employee susceptibility to social engineering techniques. Collaborate with internal teams to develop and implement appropriate controls and measures to mitigate identified risks and vulnerabilities. Conduct thorough and comprehensive penetration tests on various systems, network and applications to identify vulnerabilities and potential security risks. Develop and execute detailed penetration testing methodologies and strategies tailored to meet the specific requirements of the businesses. You will need the following: Must be a Crest Registered Tester (CRT) and hold one or more Crest Certified Tester (CTT) Proven experience as a Penetration Tester, with a strong track record of conducting successful penetration tests on a variety of systems and end to end solutions, applications (SaaS and on-premises), APIs, infrastructure both on premise and cloud (AWS & AZURE). Strong understanding of common security vulnerabilities and attack vectors, as well as the ability to exploit and mitigate them.
Senior Security Engineer - Capellen, Luxembourg (Hybrid role) - €69K + Car allowance + Bonus An exciting opportunity to join a global IT solutions and services organisation currently seeking a Senior Security Engineer. By bringing together talented people, world-class technology partners and emerging innovators, we help our clients solve some of the world's most significant technological, business and societal challenges. As the Senior Security Engineer at NTT, you will be responsible for designing, implementing, and managing security solutions to safeguard the network, applications, and digital assets of our client. You will work with technologies, such as Palo Alto, Bluecoat, F5 (LTM, ASM, APM), ASA VPN, Mobile Iron, Infoblox, Splunk, Fireye or PKI, to ensure the highest level of security for our organization. Key Responsibilities: Being responsible to implement projects to replace/upgrade the current infrastructure with new versions or solutions, and you will analyze, recommend, and implement new cyber security technologies and solutions. Monitor operational infrastructure - leveraging standard tools & processes to respond & resolve incidents and requests in a timely manner. Incident Response - Monitor security events, investigate & respond to security incidents, and assist in post-incident analysis & remediation. Collaboration: Work closely with cross-functional teams, including IT, Network, and App Dev, ensuring integration of security measures. Research & Innovation: Staying up to dat with emerging tech threats. Qualifications : Relevant Bachelor's degree in Computer Science, Info Security, or a relevant field. 6+ years field experience in networking & security area with solutions. Proven experience in network and application security, with expertise in Palo Alto, Bluecoat, F5 (LTM, ASM, APM), ASA VPN or Splunk. Knowledge of Firewall management, intrusion detection, content filtering, web application security, and VPN technologies. Proficiency in PKI design and management, digital certificate issuance, and secure key management. A proactive approach to identifying & mitigating security vulnerabilities and risks. Skills Summary Automation Tools, Cloud Security, Firewalls, Local Area Network (LAN), Palo Alto Networks Prisma Access Secure Access Service Edge (SASE), Security Technologies, TCP/IP Networking, Threat Management Senior Security Engineer - Capellen, Luxembourg (Hybrid role) - €69K + Car allowance + Bonus
14/05/2024
Full time
Senior Security Engineer - Capellen, Luxembourg (Hybrid role) - €69K + Car allowance + Bonus An exciting opportunity to join a global IT solutions and services organisation currently seeking a Senior Security Engineer. By bringing together talented people, world-class technology partners and emerging innovators, we help our clients solve some of the world's most significant technological, business and societal challenges. As the Senior Security Engineer at NTT, you will be responsible for designing, implementing, and managing security solutions to safeguard the network, applications, and digital assets of our client. You will work with technologies, such as Palo Alto, Bluecoat, F5 (LTM, ASM, APM), ASA VPN, Mobile Iron, Infoblox, Splunk, Fireye or PKI, to ensure the highest level of security for our organization. Key Responsibilities: Being responsible to implement projects to replace/upgrade the current infrastructure with new versions or solutions, and you will analyze, recommend, and implement new cyber security technologies and solutions. Monitor operational infrastructure - leveraging standard tools & processes to respond & resolve incidents and requests in a timely manner. Incident Response - Monitor security events, investigate & respond to security incidents, and assist in post-incident analysis & remediation. Collaboration: Work closely with cross-functional teams, including IT, Network, and App Dev, ensuring integration of security measures. Research & Innovation: Staying up to dat with emerging tech threats. Qualifications : Relevant Bachelor's degree in Computer Science, Info Security, or a relevant field. 6+ years field experience in networking & security area with solutions. Proven experience in network and application security, with expertise in Palo Alto, Bluecoat, F5 (LTM, ASM, APM), ASA VPN or Splunk. Knowledge of Firewall management, intrusion detection, content filtering, web application security, and VPN technologies. Proficiency in PKI design and management, digital certificate issuance, and secure key management. A proactive approach to identifying & mitigating security vulnerabilities and risks. Skills Summary Automation Tools, Cloud Security, Firewalls, Local Area Network (LAN), Palo Alto Networks Prisma Access Secure Access Service Edge (SASE), Security Technologies, TCP/IP Networking, Threat Management Senior Security Engineer - Capellen, Luxembourg (Hybrid role) - €69K + Car allowance + Bonus
DevSecOps Senior & Team Lead (Public Transport) 50% remote, 50% on-site in Brussels Do you want to lead a high-performing DevSecOps team and make a real impact in the public transport sector? We are looking for a talented and experienced DevSecOps Senior & Team Lead to join my client's team. In this role, you will be responsible for leading a team of technical professionals and driving innovation in our DevSecOps practices. About the role Lead and motivate a team of 6-10 engineers (junior, mid-level, and senior) Foster a collaborative and positive work environment Ensure efficient and timely delivery of projects Manage budgets and resources effectively Possess excellent communication and interpersonal skills Be able to work effectively under pressure and prioritize tasks Work with a customer-centric approach and maintain confidentiality Technical Skills and Experience Master's degree in engineering or computer science (or equivalent experience) Proven experience leading a technical team Experience with Agile methodologies Strong understanding of Linux operating systems (Red Hat) and Scripting (Bash, Python) Fluency in Dutch, French, and English Solid experience with cybersecurity for OT infrastructure Experience working in a production environment Basic knowledge of Javascript and Java Basic understanding of network administration (Routers, Switches, VPNs, Firewalls) A plus: Certifications: CISSP, CISM, ISO 27001 Experience with DevSecOps tools: Puppet (open source), Ansible Monitoring tools: Zabbix, Nagios Logging and analytics: Elastic Stack (including Kibana) Database technologies: MySQL, PostgreSQL Atlassian suite (Jira, Confluence, Git) VMWare (vCenter) Git version control Configuration Management Databases (CMDBs) like GLPI For immediate consideration, please forward your latest CV.
13/05/2024
Project-based
DevSecOps Senior & Team Lead (Public Transport) 50% remote, 50% on-site in Brussels Do you want to lead a high-performing DevSecOps team and make a real impact in the public transport sector? We are looking for a talented and experienced DevSecOps Senior & Team Lead to join my client's team. In this role, you will be responsible for leading a team of technical professionals and driving innovation in our DevSecOps practices. About the role Lead and motivate a team of 6-10 engineers (junior, mid-level, and senior) Foster a collaborative and positive work environment Ensure efficient and timely delivery of projects Manage budgets and resources effectively Possess excellent communication and interpersonal skills Be able to work effectively under pressure and prioritize tasks Work with a customer-centric approach and maintain confidentiality Technical Skills and Experience Master's degree in engineering or computer science (or equivalent experience) Proven experience leading a technical team Experience with Agile methodologies Strong understanding of Linux operating systems (Red Hat) and Scripting (Bash, Python) Fluency in Dutch, French, and English Solid experience with cybersecurity for OT infrastructure Experience working in a production environment Basic knowledge of Javascript and Java Basic understanding of network administration (Routers, Switches, VPNs, Firewalls) A plus: Certifications: CISSP, CISM, ISO 27001 Experience with DevSecOps tools: Puppet (open source), Ansible Monitoring tools: Zabbix, Nagios Logging and analytics: Elastic Stack (including Kibana) Database technologies: MySQL, PostgreSQL Atlassian suite (Jira, Confluence, Git) VMWare (vCenter) Git version control Configuration Management Databases (CMDBs) like GLPI For immediate consideration, please forward your latest CV.