ARM (Advanced Resource Managers)
Reading, Berkshire
Threat Intelligence Specialist 6 months £540 per day (Inside IR35) 5 Days per week in Reading My client in the telecommunications industry are looking for a Threat Intelligence Specialist to join their fast-paced team on an initial 6 month contract. The role will be fully on site in Reading so a local candidate will be most ideal. Responsibilities in the role; Identify information security and Threat Intelligence requirements and oversight of delivery by: Identifying business unit Priority Intelligence Requirements that enable the business unit to conduct its business continuously in a secure manner. Analysis of information across Strategic, Operational and Tactical arenas into actionable intelligence that allows stakeholders to make informed decisions. Ensuring delivery of the Threat Intelligence programme within the business unit, delivery of services and products provided by Group Security. Where services are delivered by external providers, ensuring delivery of the Threat Intelligence services as per requirements of business unit. Engage with the business unit to: Develop an understanding of business goals in order to constructively engage senior business leaders on information security, identifying key threats and areas for improvement, driving appropriate risk management decisions and collaborating with partners to achieve positive outcomes and business benefits Ensure emerging information and cyber security threats to the business are identified, discussed with senior business leadership and addressed through presented opportunities of security innovation. Build strong relationships within the business to gain an understanding of security-related business threats, vulnerabilities and risks. Facilitate Group Security support to business projects as the subject matter expert providing guidance and support in implementing Threat Intelligence project requirements. Embedding information security and cyber across the business unit by: Establish positive relationships engaging with technical teams and executives to deliver regular Threat Intelligence reporting and mitigation advisory and seek continuous improvement of TVM process. Monitoring of threat actors and groups, and identifying key trends leveraging internal and external threat data to enable positive business outcomes, keeping senior business leadership informed about information security-related issues and activities potentially affecting the organisation. Assist in running a threat intelligence platform that can store cyber threat intelligence idioms such as threat actors, exploit targets from disparate sources, devices, communities and industries in a structured & standardized way. Focus on awareness and training including by; Briefing regularly the business unit senior leadership team on cyber threats and risks profile. Delivering awareness and training to the relevant business unit team and high-risk users. Communicating the importance and promoting awareness of information security to the business. Increasing business awareness of emerging security threats and risks. Helping develop a security culture within the business. Partnering with the different functions working on controls by: Supporting Incident Response activities providing further context, OSINT support and behavioural analysis in the event of a security incident impacting the business unit. Maintaining a balanced relationship with risk functions, compliance functions and with internal and external audit functions. Ensure timely delivery of actionable threat intelligence across the organisation, including key stakeholders; Security Operations, Incident Response, Vulnerability Management, Security Leadership, Fraud Prevention and Industry intelligence communities. Continuous Improvement through the delivery of; Provide mentoring and development of Threat Intelligence Analysts through sharing learnings and best practices. Act as the point of escalation and support for Threat Intelligence analysts in the event of complex security incidents. Develop proven structure and processes such as run books that help the team achieve outstanding results. Championing and supporting Group Security's wider BCM, Incident and Crisis Management functions. Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission. Where the role is marked as Outside IR35 in the advertisement this is subject to receipt of a final Status Determination Statement from the end Client and may be subject to change.
26/04/2024
Project-based
Threat Intelligence Specialist 6 months £540 per day (Inside IR35) 5 Days per week in Reading My client in the telecommunications industry are looking for a Threat Intelligence Specialist to join their fast-paced team on an initial 6 month contract. The role will be fully on site in Reading so a local candidate will be most ideal. Responsibilities in the role; Identify information security and Threat Intelligence requirements and oversight of delivery by: Identifying business unit Priority Intelligence Requirements that enable the business unit to conduct its business continuously in a secure manner. Analysis of information across Strategic, Operational and Tactical arenas into actionable intelligence that allows stakeholders to make informed decisions. Ensuring delivery of the Threat Intelligence programme within the business unit, delivery of services and products provided by Group Security. Where services are delivered by external providers, ensuring delivery of the Threat Intelligence services as per requirements of business unit. Engage with the business unit to: Develop an understanding of business goals in order to constructively engage senior business leaders on information security, identifying key threats and areas for improvement, driving appropriate risk management decisions and collaborating with partners to achieve positive outcomes and business benefits Ensure emerging information and cyber security threats to the business are identified, discussed with senior business leadership and addressed through presented opportunities of security innovation. Build strong relationships within the business to gain an understanding of security-related business threats, vulnerabilities and risks. Facilitate Group Security support to business projects as the subject matter expert providing guidance and support in implementing Threat Intelligence project requirements. Embedding information security and cyber across the business unit by: Establish positive relationships engaging with technical teams and executives to deliver regular Threat Intelligence reporting and mitigation advisory and seek continuous improvement of TVM process. Monitoring of threat actors and groups, and identifying key trends leveraging internal and external threat data to enable positive business outcomes, keeping senior business leadership informed about information security-related issues and activities potentially affecting the organisation. Assist in running a threat intelligence platform that can store cyber threat intelligence idioms such as threat actors, exploit targets from disparate sources, devices, communities and industries in a structured & standardized way. Focus on awareness and training including by; Briefing regularly the business unit senior leadership team on cyber threats and risks profile. Delivering awareness and training to the relevant business unit team and high-risk users. Communicating the importance and promoting awareness of information security to the business. Increasing business awareness of emerging security threats and risks. Helping develop a security culture within the business. Partnering with the different functions working on controls by: Supporting Incident Response activities providing further context, OSINT support and behavioural analysis in the event of a security incident impacting the business unit. Maintaining a balanced relationship with risk functions, compliance functions and with internal and external audit functions. Ensure timely delivery of actionable threat intelligence across the organisation, including key stakeholders; Security Operations, Incident Response, Vulnerability Management, Security Leadership, Fraud Prevention and Industry intelligence communities. Continuous Improvement through the delivery of; Provide mentoring and development of Threat Intelligence Analysts through sharing learnings and best practices. Act as the point of escalation and support for Threat Intelligence analysts in the event of complex security incidents. Develop proven structure and processes such as run books that help the team achieve outstanding results. Championing and supporting Group Security's wider BCM, Incident and Crisis Management functions. Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission. Where the role is marked as Outside IR35 in the advertisement this is subject to receipt of a final Status Determination Statement from the end Client and may be subject to change.
SC cleared Software Solutions Architect Portsmouth (5 days a wweek on site) 12 months initially £92.37 Inside IR35/Umbrella Due to the urgent nature of the role candidates must have current and transferrable SC Clearance. Role Description A senior role with in the Training & Simulation team responsible for defining the overall strategic direction of the software solution for the Training & Simulation Maritime Synthetic Core (MSC) Defining, developing, assessing and reviewing the set of architectural artefacts required to identify the software elements necessary to satisfy software and/or system requirements for the MSC Establishing, maintaining and/or enhancing the set of transformational activities and supporting tools deployed to develop and maintain software design artefacts and related work products throughout the engineering life cycle for the MSC. Providing specialist expertise to guide development of creative and innovative software solutions utilise analysis and fault finding skills in support of product prototyping/development and to enhance MSC performance. This position is based in Portsmouth but will require occasional travel to exhibitions, conferences, subcontractor and customer sites. Core Duties Produce, document, own and maintain the MSC software architecture(s), clearly communicating the associated software solutions to the wider team. Design and document the software architecture for Training and Simulation products, taking account of the need to design for the modernisation and modularisation of existing capability, commonality of approach and re-use of capability across solutions, integration of new capabilities and open standards and integration of third party products and capabilities Provide specialist expertise to guide development of creative and innovative software solutions utilise analysis and fault finding skills in support of product prototyping/development and to enhance product performance. Define, implement and maintain the software configuration management toolsets and processes needed to manage the product software, including structure of repositories, build processes and seek endorsement from the Head of Engineering and Technology/Product Lead for the proposed approach. Design software solutions to meet overarching functional requirements. Provide guidance to and co-ordinate with Project teams in the integration of product software into deliverable systems and systems architecture. Support bid work undertaken by projects and Business Development including solution design, documentation and software estimating. Design for product security and produce solutions that address Maritime Services Cyber Security and Export Control requirements. Working experience of Host infrastructure systems and software development using a variety of software languages. Network communications for local and wide area connectivity. Knowledge of synthetic environments and associated communication protocols eg High Level Architecture (HLA). Knowledge and understanding of training systems and combat system capabilities, interfaces and integration. Knowledge of technology trends and their potential road maps. Awareness and understanding of different stakeholders and their organizational structures is essential. Knowledge and experience of the client's Systems' engineering governance and life cycle management processes is desirable. Excellent awareness of emerging software techniques and technologies. Skills: Ability to design solutions that integrate systems and software across multiple projects. Ability to design solutions that integrate third party applications across multiple projects. Excellent problem solving skills required for complex systems and software issues. Self-reliant. Able to be self-motivated and work without direction when required to achieve the overall objectives. Experience of multiple software languages Technically lead the software design process and resultant solutions Able to clearly present and justify complex information and concepts to a wide range of stakeholders both internally and externally. Ability to prioritise workload across multiple projects and concurrent developments/requirements. Able to build strong relationships at all levels internally and externally. The ability to understand and propose solution recommendations and trade-offs on software technical aspects pertaining to the projects whilst ensuring the balance between technical risk and cost is fully understood for the solutions, is essential. The ability to communicate well and work collaboratively with colleagues, team members, line management and senior management is essential. Qualifications: Degree qualified or equivalent technical professional experience and have relevant IT and/or business experience. Defence industry is ideal, but open to other industries providing they have the relevant technical experience. About the team you'll be working in Sits within the product team, part of the wider Training & Simulation Team Reporting in to Product Delivery Lead Software and Systems Team of 13 that has plans to grow over the year.
25/04/2024
Project-based
SC cleared Software Solutions Architect Portsmouth (5 days a wweek on site) 12 months initially £92.37 Inside IR35/Umbrella Due to the urgent nature of the role candidates must have current and transferrable SC Clearance. Role Description A senior role with in the Training & Simulation team responsible for defining the overall strategic direction of the software solution for the Training & Simulation Maritime Synthetic Core (MSC) Defining, developing, assessing and reviewing the set of architectural artefacts required to identify the software elements necessary to satisfy software and/or system requirements for the MSC Establishing, maintaining and/or enhancing the set of transformational activities and supporting tools deployed to develop and maintain software design artefacts and related work products throughout the engineering life cycle for the MSC. Providing specialist expertise to guide development of creative and innovative software solutions utilise analysis and fault finding skills in support of product prototyping/development and to enhance MSC performance. This position is based in Portsmouth but will require occasional travel to exhibitions, conferences, subcontractor and customer sites. Core Duties Produce, document, own and maintain the MSC software architecture(s), clearly communicating the associated software solutions to the wider team. Design and document the software architecture for Training and Simulation products, taking account of the need to design for the modernisation and modularisation of existing capability, commonality of approach and re-use of capability across solutions, integration of new capabilities and open standards and integration of third party products and capabilities Provide specialist expertise to guide development of creative and innovative software solutions utilise analysis and fault finding skills in support of product prototyping/development and to enhance product performance. Define, implement and maintain the software configuration management toolsets and processes needed to manage the product software, including structure of repositories, build processes and seek endorsement from the Head of Engineering and Technology/Product Lead for the proposed approach. Design software solutions to meet overarching functional requirements. Provide guidance to and co-ordinate with Project teams in the integration of product software into deliverable systems and systems architecture. Support bid work undertaken by projects and Business Development including solution design, documentation and software estimating. Design for product security and produce solutions that address Maritime Services Cyber Security and Export Control requirements. Working experience of Host infrastructure systems and software development using a variety of software languages. Network communications for local and wide area connectivity. Knowledge of synthetic environments and associated communication protocols eg High Level Architecture (HLA). Knowledge and understanding of training systems and combat system capabilities, interfaces and integration. Knowledge of technology trends and their potential road maps. Awareness and understanding of different stakeholders and their organizational structures is essential. Knowledge and experience of the client's Systems' engineering governance and life cycle management processes is desirable. Excellent awareness of emerging software techniques and technologies. Skills: Ability to design solutions that integrate systems and software across multiple projects. Ability to design solutions that integrate third party applications across multiple projects. Excellent problem solving skills required for complex systems and software issues. Self-reliant. Able to be self-motivated and work without direction when required to achieve the overall objectives. Experience of multiple software languages Technically lead the software design process and resultant solutions Able to clearly present and justify complex information and concepts to a wide range of stakeholders both internally and externally. Ability to prioritise workload across multiple projects and concurrent developments/requirements. Able to build strong relationships at all levels internally and externally. The ability to understand and propose solution recommendations and trade-offs on software technical aspects pertaining to the projects whilst ensuring the balance between technical risk and cost is fully understood for the solutions, is essential. The ability to communicate well and work collaboratively with colleagues, team members, line management and senior management is essential. Qualifications: Degree qualified or equivalent technical professional experience and have relevant IT and/or business experience. Defence industry is ideal, but open to other industries providing they have the relevant technical experience. About the team you'll be working in Sits within the product team, part of the wider Training & Simulation Team Reporting in to Product Delivery Lead Software and Systems Team of 13 that has plans to grow over the year.
Key Accountabilities Lead the creation, development, and management of OTSNs risk assessment frameworks and principles to support the cyber security decision making processes within ET. Provide expert technical support for the risk assessment of vulnerabilities and deviations from the target state including agreeing mitigating actions within agreed delegated authority. Support the development of cyber security policies and specifications to reduce risk. Improve organisational cyber security maturity and support compliance with the NIS Regulation for the OTSN by managing OTSN registers in line with our risk appetite. Support the business to understand cyber security requirements for OTSN through engagement with projects and design teams on OTSN risks. Support the business to understand cyber security risks through appropriate reporting and communication of current risks and vulnerabilities. Influence security and resilience strategies to accelerate cyber security risk reduction. Support the optimisation of OTSN management strategies in the long-term interests of consumers. Experience Relevant experience risk reporting including leading teams of risk analysts and/or project management. Strong data analytical skills and excellent written and communication skills with the ability to interface comfortably with senior stakeholders. Strong investigation and problem-solving skills, demonstrating autonomy and initiative. Proactive with the ability to work under tight deadline pressures across multiple workstreams. Sound understanding and proven experience of IEC 62443, ISO27000, NIST CSF and audit processes. Experience of introducing changes to specifications or policies that apply to a technical audience. Extensive experience communicating difficult and standard issues associated with areas of expertise in a clear and concise manner both verbally & in writing. Eager to develop their business and technical skills, you will be comfortable breaking new ground and changing the way the business makes decisions. Technical or Specialist Technical understanding of the LAN/WAN Networks and Operational Technology (OT). Detailed understanding of how cyber security risks can manifest within networks, devices, and systems. Understanding of asset management principles, including risk management, decision making, planning, asset life cycle and asset data/information. Experience of using and developing decision making frameworks and tools including economic assessments (NPV, CBA) and whole life asset assessments (WLV) Familiarity with international standards related to cyber security including IEC62443 and IEC62351 Commensurate experience with O365, including excel and preferable Power BI. Experience with MITRE ATT&CK desirable, preferably MITRE ICS.
25/04/2024
Full time
Key Accountabilities Lead the creation, development, and management of OTSNs risk assessment frameworks and principles to support the cyber security decision making processes within ET. Provide expert technical support for the risk assessment of vulnerabilities and deviations from the target state including agreeing mitigating actions within agreed delegated authority. Support the development of cyber security policies and specifications to reduce risk. Improve organisational cyber security maturity and support compliance with the NIS Regulation for the OTSN by managing OTSN registers in line with our risk appetite. Support the business to understand cyber security requirements for OTSN through engagement with projects and design teams on OTSN risks. Support the business to understand cyber security risks through appropriate reporting and communication of current risks and vulnerabilities. Influence security and resilience strategies to accelerate cyber security risk reduction. Support the optimisation of OTSN management strategies in the long-term interests of consumers. Experience Relevant experience risk reporting including leading teams of risk analysts and/or project management. Strong data analytical skills and excellent written and communication skills with the ability to interface comfortably with senior stakeholders. Strong investigation and problem-solving skills, demonstrating autonomy and initiative. Proactive with the ability to work under tight deadline pressures across multiple workstreams. Sound understanding and proven experience of IEC 62443, ISO27000, NIST CSF and audit processes. Experience of introducing changes to specifications or policies that apply to a technical audience. Extensive experience communicating difficult and standard issues associated with areas of expertise in a clear and concise manner both verbally & in writing. Eager to develop their business and technical skills, you will be comfortable breaking new ground and changing the way the business makes decisions. Technical or Specialist Technical understanding of the LAN/WAN Networks and Operational Technology (OT). Detailed understanding of how cyber security risks can manifest within networks, devices, and systems. Understanding of asset management principles, including risk management, decision making, planning, asset life cycle and asset data/information. Experience of using and developing decision making frameworks and tools including economic assessments (NPV, CBA) and whole life asset assessments (WLV) Familiarity with international standards related to cyber security including IEC62443 and IEC62351 Commensurate experience with O365, including excel and preferable Power BI. Experience with MITRE ATT&CK desirable, preferably MITRE ICS.