We are Global IT Recruitment specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME (Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months Role Description: Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
17/05/2024
Project-based
We are Global IT Recruitment specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME (Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months Role Description: Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
Cyber Security Engineer Manchester City Centre Hybrid Cybersecurity Engineer Are you a skilled cybersecurity professional looking to take your career to the next level? We're seeking a Mid-Level Cybersecurity Engineer to join our team and contribute to our organisation's security posture. If you're passionate about protecting systems, networks, and data, this role is for you! Responsibilities: Evaluate ongoing security needs: Continuously assess the organization's security requirements and establish standard operating procedures to respond to inbound security issues. Develop and implement threat models: Stay informed about new threats and attack vectors, and proactively address them. Perform routine security assessments/audits: Evaluate networks, systems, code, controls, and applications to identify vulnerabilities. Investigate intrusion attempts: Conduct in-depth analysis of exploits and security incidents. Stay educated: Keep up-to-date with the latest cybersecurity trends and best practices. Qualifications: Education: Relevant degree (eg, Bachelor's in Engineering, Information Security, Information Assurance, Computer Science). Certifications (preferred): CISSP (Certified Information Systems Security Professional) CEH (Certified Ethical Hacker) CompTIA Security+ Other relevant certifications (eg, GIAC, TIA, IAM) Experience: At least 3 years of experience in incident detection, response, and forensics. Technical Skills: Familiarity with NIST SP 800-53 and RMF implementation. Knowledge of PKI infrastructure tools. Understanding of Firewalls, proxies, and encryption. Proficiency in programming languages (Python, C++, Java, etc.). If you're interested, please apply below to have your application processed TODAY!
17/05/2024
Full time
Cyber Security Engineer Manchester City Centre Hybrid Cybersecurity Engineer Are you a skilled cybersecurity professional looking to take your career to the next level? We're seeking a Mid-Level Cybersecurity Engineer to join our team and contribute to our organisation's security posture. If you're passionate about protecting systems, networks, and data, this role is for you! Responsibilities: Evaluate ongoing security needs: Continuously assess the organization's security requirements and establish standard operating procedures to respond to inbound security issues. Develop and implement threat models: Stay informed about new threats and attack vectors, and proactively address them. Perform routine security assessments/audits: Evaluate networks, systems, code, controls, and applications to identify vulnerabilities. Investigate intrusion attempts: Conduct in-depth analysis of exploits and security incidents. Stay educated: Keep up-to-date with the latest cybersecurity trends and best practices. Qualifications: Education: Relevant degree (eg, Bachelor's in Engineering, Information Security, Information Assurance, Computer Science). Certifications (preferred): CISSP (Certified Information Systems Security Professional) CEH (Certified Ethical Hacker) CompTIA Security+ Other relevant certifications (eg, GIAC, TIA, IAM) Experience: At least 3 years of experience in incident detection, response, and forensics. Technical Skills: Familiarity with NIST SP 800-53 and RMF implementation. Knowledge of PKI infrastructure tools. Understanding of Firewalls, proxies, and encryption. Proficiency in programming languages (Python, C++, Java, etc.). If you're interested, please apply below to have your application processed TODAY!
Technology Resilience Lead - Disaster Recovery - London Salary £60-70k - 2 Day per week office based Bonus Scheme Technology Resilience Lead required for a leading client based in London. My client is currently seeking a suitable candidate to Support the capacity and capability of our clients' collective, including their operational entities and subsidiaries, to prepare for, respond to, and rebound from disruptions to our global technology infrastructure and operational environments. We seek a highly skilled IT professional with expertise in one or more of the following areas: infrastructure, cybersecurity, engineering, testing, and project management. Your dedication lies in ensuring our clients maintain a robust and resilient technological ecosystem, mitigating risks, and enhancing operational readiness. Your commitment extends to ensuring the continuity of critical business functions and technology systems despite disruptions or challenges. Your role entails defining the standards of technology resilience and overseeing the Group-wide Disaster Recovery program. This program emphasizes testing the resilience, continuity, and recoverability of our critical applications and systems. Key skills: -Display unwavering dedication to our clients' core values by adhering to our standards of business conduct, ensuring compliance with Group policies and procedures, and setting a precedent through personal example. -Your duties will encompass delineating the criteria for robust technology resilience and overseeing the Group-wide Disaster Recovery program, concentrating on assessing the resilience, continuity, and recoverability of vital applications and systems. -You'll collaborate with Technology Service Owners and broader Group IT and Operating Business teams to facilitate data restoration exercises and execute backups. This involves maintaining and testing existing backups to uphold data integrity and availability. -Conducting operational assessments of defined Disaster Recovery plans will be part of your responsibilities. This entails utilizing various methods such as checklists, walk-throughs, tabletop exercises, simulations (parallel or full interrupt), and comprehensive exercises, coordinated with related plans like IT DR plans and crisis management plans. -Furthermore, you'll integrate cybersecurity scenarios, analyse test outcomes, implement lessons learned, and incorporate necessary improvements or corrective actions into IT DR and Cyber Resilience plans. -By conducting post-incident reviews and analysing pre-planned testing outcomes, you'll continuously monitor and assess key performance indicators (KPIs) like recovery time objectives (RTOs) and recovery point objectives (RPOs). This process aims to continually enhance the efficiency and effectiveness of the disaster recovery program. -Foster a work environment that emphasizes the significance of employees acting with integrity and ethics, aligning with the Group Code of Conduct. -Serve as a subject matter expert, forging trusted partnerships with the business and staying abreast of the latest advancements and innovations in the field. -Assume responsibility for overseeing the implementation of the clients' disaster recovery plan in the event of a crisis, facilitating swift responses to potential disruptions such as cyberattacks or infrastructure damage. -Possessing one of the following certifications is advantageous: CompTIA Network +, CompTIA Security +, CISM, CISSP, or COBIT 5. -Demonstrate a fundamental understanding of frameworks such as NIST CSF, ISO 27001/27002, and COBIT. -Experience in Operational Technology Security, with the ability to identify and address IT and operational vulnerabilities, is preferred. Interested? Please submit your updated CV to Dean Parkes at Crimson for immediate consideration. Not interested? Do you know someone who might be a perfect fit for this role? Refer a friend and earn £250 worth of vouchers! Crimson is acting as an employment agency regarding this vacancy
16/05/2024
Full time
Technology Resilience Lead - Disaster Recovery - London Salary £60-70k - 2 Day per week office based Bonus Scheme Technology Resilience Lead required for a leading client based in London. My client is currently seeking a suitable candidate to Support the capacity and capability of our clients' collective, including their operational entities and subsidiaries, to prepare for, respond to, and rebound from disruptions to our global technology infrastructure and operational environments. We seek a highly skilled IT professional with expertise in one or more of the following areas: infrastructure, cybersecurity, engineering, testing, and project management. Your dedication lies in ensuring our clients maintain a robust and resilient technological ecosystem, mitigating risks, and enhancing operational readiness. Your commitment extends to ensuring the continuity of critical business functions and technology systems despite disruptions or challenges. Your role entails defining the standards of technology resilience and overseeing the Group-wide Disaster Recovery program. This program emphasizes testing the resilience, continuity, and recoverability of our critical applications and systems. Key skills: -Display unwavering dedication to our clients' core values by adhering to our standards of business conduct, ensuring compliance with Group policies and procedures, and setting a precedent through personal example. -Your duties will encompass delineating the criteria for robust technology resilience and overseeing the Group-wide Disaster Recovery program, concentrating on assessing the resilience, continuity, and recoverability of vital applications and systems. -You'll collaborate with Technology Service Owners and broader Group IT and Operating Business teams to facilitate data restoration exercises and execute backups. This involves maintaining and testing existing backups to uphold data integrity and availability. -Conducting operational assessments of defined Disaster Recovery plans will be part of your responsibilities. This entails utilizing various methods such as checklists, walk-throughs, tabletop exercises, simulations (parallel or full interrupt), and comprehensive exercises, coordinated with related plans like IT DR plans and crisis management plans. -Furthermore, you'll integrate cybersecurity scenarios, analyse test outcomes, implement lessons learned, and incorporate necessary improvements or corrective actions into IT DR and Cyber Resilience plans. -By conducting post-incident reviews and analysing pre-planned testing outcomes, you'll continuously monitor and assess key performance indicators (KPIs) like recovery time objectives (RTOs) and recovery point objectives (RPOs). This process aims to continually enhance the efficiency and effectiveness of the disaster recovery program. -Foster a work environment that emphasizes the significance of employees acting with integrity and ethics, aligning with the Group Code of Conduct. -Serve as a subject matter expert, forging trusted partnerships with the business and staying abreast of the latest advancements and innovations in the field. -Assume responsibility for overseeing the implementation of the clients' disaster recovery plan in the event of a crisis, facilitating swift responses to potential disruptions such as cyberattacks or infrastructure damage. -Possessing one of the following certifications is advantageous: CompTIA Network +, CompTIA Security +, CISM, CISSP, or COBIT 5. -Demonstrate a fundamental understanding of frameworks such as NIST CSF, ISO 27001/27002, and COBIT. -Experience in Operational Technology Security, with the ability to identify and address IT and operational vulnerabilities, is preferred. Interested? Please submit your updated CV to Dean Parkes at Crimson for immediate consideration. Not interested? Do you know someone who might be a perfect fit for this role? Refer a friend and earn £250 worth of vouchers! Crimson is acting as an employment agency regarding this vacancy
Senior Security Engineer - Capellen, Luxembourg (Hybrid role) - €69K + Car allowance + Bonus An exciting opportunity to join a global IT solutions and services organisation currently seeking a Senior Security Engineer. By bringing together talented people, world-class technology partners and emerging innovators, we help our clients solve some of the world's most significant technological, business and societal challenges. As the Senior Security Engineer at NTT, you will be responsible for designing, implementing, and managing security solutions to safeguard the network, applications, and digital assets of our client. You will work with technologies, such as Palo Alto, Bluecoat, F5 (LTM, ASM, APM), ASA VPN, Mobile Iron, Infoblox, Splunk, Fireye or PKI, to ensure the highest level of security for our organization. Key Responsibilities: Being responsible to implement projects to replace/upgrade the current infrastructure with new versions or solutions, and you will analyze, recommend, and implement new cyber security technologies and solutions. Monitor operational infrastructure - leveraging standard tools & processes to respond & resolve incidents and requests in a timely manner. Incident Response - Monitor security events, investigate & respond to security incidents, and assist in post-incident analysis & remediation. Collaboration: Work closely with cross-functional teams, including IT, Network, and App Dev, ensuring integration of security measures. Research & Innovation: Staying up to dat with emerging tech threats. Qualifications : Relevant Bachelor's degree in Computer Science, Info Security, or a relevant field. 6+ years field experience in networking & security area with solutions. Proven experience in network and application security, with expertise in Palo Alto, Bluecoat, F5 (LTM, ASM, APM), ASA VPN or Splunk. Knowledge of Firewall management, intrusion detection, content filtering, web application security, and VPN technologies. Proficiency in PKI design and management, digital certificate issuance, and secure key management. A proactive approach to identifying & mitigating security vulnerabilities and risks. Skills Summary Automation Tools, Cloud Security, Firewalls, Local Area Network (LAN), Palo Alto Networks Prisma Access Secure Access Service Edge (SASE), Security Technologies, TCP/IP Networking, Threat Management Senior Security Engineer - Capellen, Luxembourg (Hybrid role) - €69K + Car allowance + Bonus
14/05/2024
Full time
Senior Security Engineer - Capellen, Luxembourg (Hybrid role) - €69K + Car allowance + Bonus An exciting opportunity to join a global IT solutions and services organisation currently seeking a Senior Security Engineer. By bringing together talented people, world-class technology partners and emerging innovators, we help our clients solve some of the world's most significant technological, business and societal challenges. As the Senior Security Engineer at NTT, you will be responsible for designing, implementing, and managing security solutions to safeguard the network, applications, and digital assets of our client. You will work with technologies, such as Palo Alto, Bluecoat, F5 (LTM, ASM, APM), ASA VPN, Mobile Iron, Infoblox, Splunk, Fireye or PKI, to ensure the highest level of security for our organization. Key Responsibilities: Being responsible to implement projects to replace/upgrade the current infrastructure with new versions or solutions, and you will analyze, recommend, and implement new cyber security technologies and solutions. Monitor operational infrastructure - leveraging standard tools & processes to respond & resolve incidents and requests in a timely manner. Incident Response - Monitor security events, investigate & respond to security incidents, and assist in post-incident analysis & remediation. Collaboration: Work closely with cross-functional teams, including IT, Network, and App Dev, ensuring integration of security measures. Research & Innovation: Staying up to dat with emerging tech threats. Qualifications : Relevant Bachelor's degree in Computer Science, Info Security, or a relevant field. 6+ years field experience in networking & security area with solutions. Proven experience in network and application security, with expertise in Palo Alto, Bluecoat, F5 (LTM, ASM, APM), ASA VPN or Splunk. Knowledge of Firewall management, intrusion detection, content filtering, web application security, and VPN technologies. Proficiency in PKI design and management, digital certificate issuance, and secure key management. A proactive approach to identifying & mitigating security vulnerabilities and risks. Skills Summary Automation Tools, Cloud Security, Firewalls, Local Area Network (LAN), Palo Alto Networks Prisma Access Secure Access Service Edge (SASE), Security Technologies, TCP/IP Networking, Threat Management Senior Security Engineer - Capellen, Luxembourg (Hybrid role) - €69K + Car allowance + Bonus