Senior Cyber Security Architect Salary upto £80,000 Description: Since our establishment in 1990, Methods has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK. Our mission is to improve and safeguard public-facing services. We apply digital thinking to ensure the future of our public services is centred around our citizens. Our human touch sets us apart from other consultancies, system integrators and software houses - we have a customer-centric value system whereby we focus on delivering what is right for our clients. We passionately support our clients in the success of their projects while working collaboratively to share skill sets and solve problems. At Methods we have fun while working hard; we are not afraid of making mistakes and learning from them. Methods are experts in delivering secure, resilient cyber and information services - keeping systems and data safe. We help reduce risk and vulnerabilities from cyber-attacks by developing a security road-map tailored to your unique needs. We help organisations improve processes such as threat management by building an identity management programme, and establishing prevention, detection and response capabilities to cyber-attacks. Requirements Ability to research, articulate, pitch complex and innovative security advice, at both business and technical levels, for new or existing problems, with the objective to justify and communicate decisions directly to key customer stakeholders including senior management. Able to understand and comprehend the impact of decisions, balancing requirements and deciding between approaches Develop vision, principles and strategy for security for multiple projects or technologies; working in a particular field as subject matter expert, to support a team in delivering engagements at scale, which may require subtle security needs and requirements, contributing to development of information security policy, standards, procedures and guidelines. Effective business acumen and an understanding of the cyber security challenges faced by client, with the objective to develop our cyber assurance practice, by supporting business development and practice management. Experience of identifying and applying security risk and familiarity with common control frameworks, with the ability investigating major breaches of security and recommending appropriate control improvements. Maintaining awareness of key business and industry trends and understanding how they impact responses to cyber risk, with the contribution of the development of our team through training and coaching. Managing, delivering, leading cyber security and cyber risk assignments, with the management of portfolio of clients, across a variety of sectors and locations, including producing documentation, presentation, reports, recommendations and quality assuring, for the work produced by team members and being the point of escalation for lower grade roles. Providing our clients with trusted advice, rooted in a pragmatic and agnostic understanding of their business situation and objectives, to help them navigate complex, risk-driven cyber decisions. Working as a subject matter expert in your particular field, owning and delivering initiatives to embed quality through learning and other activity, working seamlessly and collaboratively with colleagues and clients from other service lines, supporting a team or colleagues to deliver engagements at scale, with the appropriate reach and influence across the teams and communities. Managing diverse teams within an inclusive team culture where people are recognised and encouraged for their contribution. Essential Skills and Experience: An experienced consultant with a background in Cyber Security Minimum 5-7 years of experience in Information Security related positions Minimum 3-5 years of experience in security architecture Cyber Security Certification eg ISC2 CISSP, ISC2 CCSP, ISACA CISM or similar Certification in AWS or Azure for Architecture and Security or similar IASME/Cyber Essentials Plus Certified Expert knowledge of secure network architecture and technical design Experience in creating secure architecture in either AWS and/or Azure Experience providing expert strategy, risk and technical advice, guidance and support on cyber security, both in business-as-usual and for live and planned projects within our clients' business. Expected to be the point of escalation for architects in lower grade roles and lead technical design of systems and services Broad range of cyber and information security skills, knowledge and experience such as security threats and vulnerabilities that impact/and/or emanate from system hardware, software and other infrastructure components, and relevant strategies, controls and activities to prevent, mitigate, detect and resolve security incidents affecting system hardware, software and other infrastructure components. Experience in gap analysis for specific domains, identify gaps in existing capabilities, service maturity. Identify missing cybersecurity and cyber-resiliency capabilities in alignment with changing business needs, threat land scape and technical requirements to increase the quality of the selected solutions also including topics such as products' convergence over time and products decommissioning. Expert knowledge of identifying, developing and communicating threat modelling and understanding the impact of decisions, balancing requirements and deciding between approaches Research and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate subtle design decisions Able to develop vision, principles and strategy for security architects for projects or technologies Demonstrably experienced in working as an effective member of a multi-disciplinary team and reach & influence a wide range of people across larger teams and communities. Excellent stakeholder management, presentation and communication skills, with the ability to interact with senior stakeholders across department and clients Pro-active approach to personal and professional development. Work closely with your peers in the security architecture group, service and solution architects, engineers, project teams. Must hold, or be able to hold, an HMG Security Check (SC) clearance. Ability to apply standards, practices, codes and assessment of certification programmes relevant to the IT industry and the specific organisation or business domain. Experience in writing and creating Cyber Security documents ie Risk Assessments, ESRM, DPIA etc and produce particular patterns and support quality assurance Knowledge of the IT/IS infrastructure (eg databases and LANs) and the IT applications and service processes used within own organisation, including those associated with sustainability and efficiency. Ability to use any tool or system which provides security access control (eg Active Directory) Showing proficiency in the principles and application of cloud/virtualisation (including ownership responsibilities and security implications) and be able to use tools and systems to manage virtualised environments eg Server/desktop virtualisation and SDDC (Software Defined Data Centre). Benefits Holiday: 25 days a year, plus bank holidays, with the option to buy 5 extra days each year Pension: 4% employer contribution and 5% employee contribution Discretionary bonus: based on company and individual performance Life assurance: 4 times base salary Private medical insurance: non-contributory (spouse and dependants included) Worldwide travel insurance: non-contributory (spouse and dependants included) Enhanced maternity and paternity leave after 18 months service Wellness: 24/7 confidential employee assistance programme, including counselling Social: Parties and social events, and commitment to charitable causes Professional development: access to LinkedIn Learning, and discretionary training budget Travel: season ticket loan, cycle to work scheme Development access to LinkedIn Learning, a management development programme and training Wellness 24/7 Confidential employee assistance programme
18/04/2024
Full time
Senior Cyber Security Architect Salary upto £80,000 Description: Since our establishment in 1990, Methods has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK. Our mission is to improve and safeguard public-facing services. We apply digital thinking to ensure the future of our public services is centred around our citizens. Our human touch sets us apart from other consultancies, system integrators and software houses - we have a customer-centric value system whereby we focus on delivering what is right for our clients. We passionately support our clients in the success of their projects while working collaboratively to share skill sets and solve problems. At Methods we have fun while working hard; we are not afraid of making mistakes and learning from them. Methods are experts in delivering secure, resilient cyber and information services - keeping systems and data safe. We help reduce risk and vulnerabilities from cyber-attacks by developing a security road-map tailored to your unique needs. We help organisations improve processes such as threat management by building an identity management programme, and establishing prevention, detection and response capabilities to cyber-attacks. Requirements Ability to research, articulate, pitch complex and innovative security advice, at both business and technical levels, for new or existing problems, with the objective to justify and communicate decisions directly to key customer stakeholders including senior management. Able to understand and comprehend the impact of decisions, balancing requirements and deciding between approaches Develop vision, principles and strategy for security for multiple projects or technologies; working in a particular field as subject matter expert, to support a team in delivering engagements at scale, which may require subtle security needs and requirements, contributing to development of information security policy, standards, procedures and guidelines. Effective business acumen and an understanding of the cyber security challenges faced by client, with the objective to develop our cyber assurance practice, by supporting business development and practice management. Experience of identifying and applying security risk and familiarity with common control frameworks, with the ability investigating major breaches of security and recommending appropriate control improvements. Maintaining awareness of key business and industry trends and understanding how they impact responses to cyber risk, with the contribution of the development of our team through training and coaching. Managing, delivering, leading cyber security and cyber risk assignments, with the management of portfolio of clients, across a variety of sectors and locations, including producing documentation, presentation, reports, recommendations and quality assuring, for the work produced by team members and being the point of escalation for lower grade roles. Providing our clients with trusted advice, rooted in a pragmatic and agnostic understanding of their business situation and objectives, to help them navigate complex, risk-driven cyber decisions. Working as a subject matter expert in your particular field, owning and delivering initiatives to embed quality through learning and other activity, working seamlessly and collaboratively with colleagues and clients from other service lines, supporting a team or colleagues to deliver engagements at scale, with the appropriate reach and influence across the teams and communities. Managing diverse teams within an inclusive team culture where people are recognised and encouraged for their contribution. Essential Skills and Experience: An experienced consultant with a background in Cyber Security Minimum 5-7 years of experience in Information Security related positions Minimum 3-5 years of experience in security architecture Cyber Security Certification eg ISC2 CISSP, ISC2 CCSP, ISACA CISM or similar Certification in AWS or Azure for Architecture and Security or similar IASME/Cyber Essentials Plus Certified Expert knowledge of secure network architecture and technical design Experience in creating secure architecture in either AWS and/or Azure Experience providing expert strategy, risk and technical advice, guidance and support on cyber security, both in business-as-usual and for live and planned projects within our clients' business. Expected to be the point of escalation for architects in lower grade roles and lead technical design of systems and services Broad range of cyber and information security skills, knowledge and experience such as security threats and vulnerabilities that impact/and/or emanate from system hardware, software and other infrastructure components, and relevant strategies, controls and activities to prevent, mitigate, detect and resolve security incidents affecting system hardware, software and other infrastructure components. Experience in gap analysis for specific domains, identify gaps in existing capabilities, service maturity. Identify missing cybersecurity and cyber-resiliency capabilities in alignment with changing business needs, threat land scape and technical requirements to increase the quality of the selected solutions also including topics such as products' convergence over time and products decommissioning. Expert knowledge of identifying, developing and communicating threat modelling and understanding the impact of decisions, balancing requirements and deciding between approaches Research and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate subtle design decisions Able to develop vision, principles and strategy for security architects for projects or technologies Demonstrably experienced in working as an effective member of a multi-disciplinary team and reach & influence a wide range of people across larger teams and communities. Excellent stakeholder management, presentation and communication skills, with the ability to interact with senior stakeholders across department and clients Pro-active approach to personal and professional development. Work closely with your peers in the security architecture group, service and solution architects, engineers, project teams. Must hold, or be able to hold, an HMG Security Check (SC) clearance. Ability to apply standards, practices, codes and assessment of certification programmes relevant to the IT industry and the specific organisation or business domain. Experience in writing and creating Cyber Security documents ie Risk Assessments, ESRM, DPIA etc and produce particular patterns and support quality assurance Knowledge of the IT/IS infrastructure (eg databases and LANs) and the IT applications and service processes used within own organisation, including those associated with sustainability and efficiency. Ability to use any tool or system which provides security access control (eg Active Directory) Showing proficiency in the principles and application of cloud/virtualisation (including ownership responsibilities and security implications) and be able to use tools and systems to manage virtualised environments eg Server/desktop virtualisation and SDDC (Software Defined Data Centre). Benefits Holiday: 25 days a year, plus bank holidays, with the option to buy 5 extra days each year Pension: 4% employer contribution and 5% employee contribution Discretionary bonus: based on company and individual performance Life assurance: 4 times base salary Private medical insurance: non-contributory (spouse and dependants included) Worldwide travel insurance: non-contributory (spouse and dependants included) Enhanced maternity and paternity leave after 18 months service Wellness: 24/7 confidential employee assistance programme, including counselling Social: Parties and social events, and commitment to charitable causes Professional development: access to LinkedIn Learning, and discretionary training budget Travel: season ticket loan, cycle to work scheme Development access to LinkedIn Learning, a management development programme and training Wellness 24/7 Confidential employee assistance programme
LA International Computer Consultants Ltd
Hereford, Herefordshire
DV Cleared Onsite in Hereford Duration: 6 months initially Market Rates via Umbrella Role Description: Cyber Defence Engineer will join a growing security team responsible for the testing, implementation, deployment, maintenance, configuration and troubleshooting of the SOC's technology stack (hardware and software). The engineer will also assist with the continued development and maintenance of data pipelines and signature updates and the professional development of the system engineering team. Tasks: * Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration. * Manage system/server resources including performance, capacity, availability, serviceability, and recoverability. * Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability. * Coordinate with SOC and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave. * Manage the compilation, cataloguing, distribution, and retrieval of data from a range of enterprise networks and data sources. * Implement data management standards, requirements, and specifications. * Develop data standards, policies, and procedures. * Analyse data sources to provide actionable recommendations and facilitate data-gathering methods. * To share knowledge, skills and experience, create and improve documentation, and train new members of the data engineering team. Knowledge: * Knowledge of big data technologies and ecosystems (eg, NiFi). * Knowledge of current market and emerging leaders in data analytical and SIEM platforms. * Knowledge of network security implementations (eg, host-based IDS, IPS), including their function and placement in a network. * Knowledge of intrusion detection systems and signature development. * Knowledge of Front End collection systems, including network traffic collection, filtering, and selection. * Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. * Knowledge of cyber defence and information security policies, procedures and regulations. * Knowledge of network security architecture concepts including topology, protocols, components and principles. Skills/Experience: * Previous experience of Enterprise ICS/network architectures and technologies. * Working with frameworks and technologies that support data-intensive distributed applications. * Experience maintaining and administrating data analytical and SIEM platforms. * Experience using host and network-based IDS/IPS. Experience using packet capture solutions. * Skill in developing and deploying signatures. * Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). * Ability to provide technical and service leadership to junior SOC Engineers (mentor/coach). Desirable Qualifications/Certifications * Red Hat System Administration I & II (RH124/RH134). * Baseline Cyber Courses eg Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp. * Certified engineer in a market leading data analysis/SIEM platform. * SANS SEC501 Advanced Security Essentials Enterprise Defender. * SANS SEC 511 Continuous Monitoring & Security Operations. * SANS SEC555: SIEM with Tactical Analytics Available locations: -Hereford -Northallerton -Corsham -Portsmouth Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 18 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
17/04/2024
Project-based
DV Cleared Onsite in Hereford Duration: 6 months initially Market Rates via Umbrella Role Description: Cyber Defence Engineer will join a growing security team responsible for the testing, implementation, deployment, maintenance, configuration and troubleshooting of the SOC's technology stack (hardware and software). The engineer will also assist with the continued development and maintenance of data pipelines and signature updates and the professional development of the system engineering team. Tasks: * Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration. * Manage system/server resources including performance, capacity, availability, serviceability, and recoverability. * Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability. * Coordinate with SOC and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave. * Manage the compilation, cataloguing, distribution, and retrieval of data from a range of enterprise networks and data sources. * Implement data management standards, requirements, and specifications. * Develop data standards, policies, and procedures. * Analyse data sources to provide actionable recommendations and facilitate data-gathering methods. * To share knowledge, skills and experience, create and improve documentation, and train new members of the data engineering team. Knowledge: * Knowledge of big data technologies and ecosystems (eg, NiFi). * Knowledge of current market and emerging leaders in data analytical and SIEM platforms. * Knowledge of network security implementations (eg, host-based IDS, IPS), including their function and placement in a network. * Knowledge of intrusion detection systems and signature development. * Knowledge of Front End collection systems, including network traffic collection, filtering, and selection. * Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. * Knowledge of cyber defence and information security policies, procedures and regulations. * Knowledge of network security architecture concepts including topology, protocols, components and principles. Skills/Experience: * Previous experience of Enterprise ICS/network architectures and technologies. * Working with frameworks and technologies that support data-intensive distributed applications. * Experience maintaining and administrating data analytical and SIEM platforms. * Experience using host and network-based IDS/IPS. Experience using packet capture solutions. * Skill in developing and deploying signatures. * Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). * Ability to provide technical and service leadership to junior SOC Engineers (mentor/coach). Desirable Qualifications/Certifications * Red Hat System Administration I & II (RH124/RH134). * Baseline Cyber Courses eg Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp. * Certified engineer in a market leading data analysis/SIEM platform. * SANS SEC501 Advanced Security Essentials Enterprise Defender. * SANS SEC 511 Continuous Monitoring & Security Operations. * SANS SEC555: SIEM with Tactical Analytics Available locations: -Hereford -Northallerton -Corsham -Portsmouth Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 18 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
Cyber Security Engineer - Luxemburg - 60-77k + Bonus Global IT Services provider are recruiting for multiple mid level and senior security engineers to work on a security cleared project based in Luxemburg. The client is happy to consider people relocating from anywhere in the UK, EU or US. you will be responsible for designing, implementing, and managing security solutions to safeguard the network, applications, and digital assets. Key Responsibilities Replace/upgrade the current infrastructure with new versions or solutions. Recommend and implement new cyber security technologies and solutions. Monitor operational infrastructure - you will leverage standard tools and processes to respond and resolve incidents and requests. Incident Response - Monitor security events, investigate and respond to security incidents, and assist in post-incident analysis and remediation. Documentation: Create and maintain comprehensive documentation related to security configurations, policies, procedures, and incidents. Collaboration: Work closely with cross-functional teams, including IT, Network, and Application Development, to ensure the integration of security measures across the organization. Research and Innovation: Stay up-to-date with emerging security threats, technologies, and best practices, and provide recommendations where appropriate. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field. At least 6 years of field experience in the networking and security area with solutions. Proven experience in network and application security, with expertise in Palo Alto, Bluecoat, F5 (LTM, ASM, APM), ASA VPN or Splunk. Knowledge of Firewall management, intrusion detection, content filtering, web application security, and VPN technologies. Proficiency in PKI design and management, digital certificate issuance, and secure key management. Strong communication skills and the ability to collaborate with diverse teams. A proactive approach to identifying and mitigating security vulnerabilities and risks. Demonstrated ability to work in a fast-paced and dynamic environment. Fluent in English Key Skills Automation Tools, Cloud Security, Firewalls, Local Area Network (LAN), Palo Alto Networks Prisma Access Secure Access Service Edge (SASE), Security Technologies, TCP/IP Networking, Threat Management Cyber Security Engineer - Luxemburg - 60-77k + Bonus Desired Skills and Experience Palo Alto/Blue Coat/F5/Splunk/Fireye/Network Security
17/04/2024
Full time
Cyber Security Engineer - Luxemburg - 60-77k + Bonus Global IT Services provider are recruiting for multiple mid level and senior security engineers to work on a security cleared project based in Luxemburg. The client is happy to consider people relocating from anywhere in the UK, EU or US. you will be responsible for designing, implementing, and managing security solutions to safeguard the network, applications, and digital assets. Key Responsibilities Replace/upgrade the current infrastructure with new versions or solutions. Recommend and implement new cyber security technologies and solutions. Monitor operational infrastructure - you will leverage standard tools and processes to respond and resolve incidents and requests. Incident Response - Monitor security events, investigate and respond to security incidents, and assist in post-incident analysis and remediation. Documentation: Create and maintain comprehensive documentation related to security configurations, policies, procedures, and incidents. Collaboration: Work closely with cross-functional teams, including IT, Network, and Application Development, to ensure the integration of security measures across the organization. Research and Innovation: Stay up-to-date with emerging security threats, technologies, and best practices, and provide recommendations where appropriate. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field. At least 6 years of field experience in the networking and security area with solutions. Proven experience in network and application security, with expertise in Palo Alto, Bluecoat, F5 (LTM, ASM, APM), ASA VPN or Splunk. Knowledge of Firewall management, intrusion detection, content filtering, web application security, and VPN technologies. Proficiency in PKI design and management, digital certificate issuance, and secure key management. Strong communication skills and the ability to collaborate with diverse teams. A proactive approach to identifying and mitigating security vulnerabilities and risks. Demonstrated ability to work in a fast-paced and dynamic environment. Fluent in English Key Skills Automation Tools, Cloud Security, Firewalls, Local Area Network (LAN), Palo Alto Networks Prisma Access Secure Access Service Edge (SASE), Security Technologies, TCP/IP Networking, Threat Management Cyber Security Engineer - Luxemburg - 60-77k + Bonus Desired Skills and Experience Palo Alto/Blue Coat/F5/Splunk/Fireye/Network Security
Job: Security Architect Location: Reading, UK, Hybrid Job Type: Permanent Job Description We are seeking a highly skilled and experienced Security Architect to join our team who will be responsible for development of the Security Architecture that ensures the appropriate protection of all aspects of security, (people, process, electronic, data, physical) in Spring Fibre. You will be a subject matter expert and provide security guidance and recommendations to technology/business teams and contribute toSpring's security policies, standards, and guidelines related to information and Network security. This is a technical role and suitable for someone who has hands on experience in Cybersecurity. Responsibilities Help develop an Enterprise Security Architecture Framework, including patterns for identity & authentication, authorization and access control, cryptographic key and certificate management, auditing and security monitoring, data leakage prevention, privacy enhancement & protection and other standards in alignment with Enterprise Architect platforms. Establish metrics and monitoring to report the effectiveness and efficiency of the Security Architecture function. Identify, register and maintain security risks throughout their lifetimes, including agreeing treatment of risks with their owners, and reporting &escalating to Internal Audit and the CIO, when necessary. Develop, review and update security & privacy policies & standards and provide awareness guidelines, implementation and exceptions advice. Engage with owners & custodians of BAU IT systems to understand the architecture, data flow and security controls in their systems. Conduct periodic security compliance assessments and ISO 27001/2 reviews of BAU IT applications, infrastructures & ISMS. Review the security posture of potential M&A acquisition targets. Requirement Mapping long term business requirements to security architecture frameworks such as NIST, CIS etc. Experience delivering Hybrid Cloud and Internet facing applications with a strong focus on cyber security. Broad hands-on knowledge of Firewalls, intrusion detection systems, data encryption, and other industry-standard techniques and practices. Strong knowledge of IT infrastructure, IP Networking, security best practices, and automation technologies. Application security: including but not limited to: authentication, identity and access management, auditing, use of cryptography, data security, privacy enhancing technologies, web services security, OWASP, threat & vulnerability management and secure code development methodologies. Infrastructure security: including but not limited to: network security, host security, database security, device security, VPNs & SSLs, secure file transfers, security event monitoring, malware security and cyber security. Operational security: including but not limited to: incident management, change & patch management, data centre & physical security, backups, DR & BCP, outsourcing, managed services, cloud computing, asset management, cryptographic keys & certificate management, PCI DSS and DPA compliance and ISO 27001/2. Analysing network security controls, including Firewall and Router security configuration. Preferred Delivering the security review processes and frameworks, with full audit trail. Managing multiple security assessments and changing priorities, simultaneously Ensuring Security Architecture Review is built into group wide and business specific processes for acquiring and developing new technology,including developing any needed processes. Aligning business requirements to complex security architecture frameworks. Skills Required: In depth knowledge of: Firewall: Juniper/Cisco/PaloAlto. Onion Security, Splunk, Suricata, Kali. Application Security. Identity and Access Management. Data Protection. Endpoint Security. Cyber Security Operations. Experienced with Threat Modelling. Pen testing and basic incident response. Scripting languages ( python, or PowerShell/building dashboards/au-tomating common tasks) Preferred: Experience in designing systems against a zero-trust architecture. Experience with designing SOC architectures (ie SIEM, SOAR and vulnerability management solutions). Expert-level certification in either AWS or Azure, with a Security specialization. Experience in working within regulated environments, such as PCI-DSS Experience in defining secure development life cycles. Qualifications Bachelor's Degree in either Computer Science, Computer Engineering, Software Engineering, Electrical Engineering, Math, Physics. CISSP, Certified Information Systems Security Professional, International Information Systems Security Certification Consortium (ISC2) Certification, Microsoft Azure Solutions Architect, or AWS Solutions Architect.
17/04/2024
Full time
Job: Security Architect Location: Reading, UK, Hybrid Job Type: Permanent Job Description We are seeking a highly skilled and experienced Security Architect to join our team who will be responsible for development of the Security Architecture that ensures the appropriate protection of all aspects of security, (people, process, electronic, data, physical) in Spring Fibre. You will be a subject matter expert and provide security guidance and recommendations to technology/business teams and contribute toSpring's security policies, standards, and guidelines related to information and Network security. This is a technical role and suitable for someone who has hands on experience in Cybersecurity. Responsibilities Help develop an Enterprise Security Architecture Framework, including patterns for identity & authentication, authorization and access control, cryptographic key and certificate management, auditing and security monitoring, data leakage prevention, privacy enhancement & protection and other standards in alignment with Enterprise Architect platforms. Establish metrics and monitoring to report the effectiveness and efficiency of the Security Architecture function. Identify, register and maintain security risks throughout their lifetimes, including agreeing treatment of risks with their owners, and reporting &escalating to Internal Audit and the CIO, when necessary. Develop, review and update security & privacy policies & standards and provide awareness guidelines, implementation and exceptions advice. Engage with owners & custodians of BAU IT systems to understand the architecture, data flow and security controls in their systems. Conduct periodic security compliance assessments and ISO 27001/2 reviews of BAU IT applications, infrastructures & ISMS. Review the security posture of potential M&A acquisition targets. Requirement Mapping long term business requirements to security architecture frameworks such as NIST, CIS etc. Experience delivering Hybrid Cloud and Internet facing applications with a strong focus on cyber security. Broad hands-on knowledge of Firewalls, intrusion detection systems, data encryption, and other industry-standard techniques and practices. Strong knowledge of IT infrastructure, IP Networking, security best practices, and automation technologies. Application security: including but not limited to: authentication, identity and access management, auditing, use of cryptography, data security, privacy enhancing technologies, web services security, OWASP, threat & vulnerability management and secure code development methodologies. Infrastructure security: including but not limited to: network security, host security, database security, device security, VPNs & SSLs, secure file transfers, security event monitoring, malware security and cyber security. Operational security: including but not limited to: incident management, change & patch management, data centre & physical security, backups, DR & BCP, outsourcing, managed services, cloud computing, asset management, cryptographic keys & certificate management, PCI DSS and DPA compliance and ISO 27001/2. Analysing network security controls, including Firewall and Router security configuration. Preferred Delivering the security review processes and frameworks, with full audit trail. Managing multiple security assessments and changing priorities, simultaneously Ensuring Security Architecture Review is built into group wide and business specific processes for acquiring and developing new technology,including developing any needed processes. Aligning business requirements to complex security architecture frameworks. Skills Required: In depth knowledge of: Firewall: Juniper/Cisco/PaloAlto. Onion Security, Splunk, Suricata, Kali. Application Security. Identity and Access Management. Data Protection. Endpoint Security. Cyber Security Operations. Experienced with Threat Modelling. Pen testing and basic incident response. Scripting languages ( python, or PowerShell/building dashboards/au-tomating common tasks) Preferred: Experience in designing systems against a zero-trust architecture. Experience with designing SOC architectures (ie SIEM, SOAR and vulnerability management solutions). Expert-level certification in either AWS or Azure, with a Security specialization. Experience in working within regulated environments, such as PCI-DSS Experience in defining secure development life cycles. Qualifications Bachelor's Degree in either Computer Science, Computer Engineering, Software Engineering, Electrical Engineering, Math, Physics. CISSP, Certified Information Systems Security Professional, International Information Systems Security Certification Consortium (ISC2) Certification, Microsoft Azure Solutions Architect, or AWS Solutions Architect.
DV Cleared SIEM/Incident SME Location: Northallerton/Corsham/Portsmouth Duration: 6 - 12 Months Rate to SSC: Market Rate MUST BE PAYE THROUGH UMBRELLA Role Description: The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
15/04/2024
Project-based
DV Cleared SIEM/Incident SME Location: Northallerton/Corsham/Portsmouth Duration: 6 - 12 Months Rate to SSC: Market Rate MUST BE PAYE THROUGH UMBRELLA Role Description: The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
Cyber Defence Engineer Location: Full Time onsite in Hereford Duration: 6 months MUST BE PAYE THROUGH UMBRELLA We are heading up a recruitment drive on behalf of a leading IT consultancy that require a DV cleared Cyber Defence Engineer to join their team on a major defence project that is based in Hereford. Role Description: Role Description: Cyber Defence Engineer will join a growing security team responsible for the testing, implementation, deployment, maintenance, configuration and troubleshooting of the SOC's technology stack (hardware and software). The engineer will also assist with the continued development and maintenance of data pipelines and signature updates and the professional development of the system engineering team. Tasks: Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration. Manage system/server resources including performance, capacity, availability, serviceability, and recoverability. Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability. Coordinate with SOC and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave. Manage the compilation, cataloguing, distribution, and retrieval of data from a range of enterprise networks and data sources. Implement data management standards, requirements, and specifications. Develop data standards, policies, and procedures. Analyse data sources to provide actionable recommendations and facilitate data-gathering methods. To share knowledge, skills and experience, create and improve documentation, and train new members of the data engineering team. Knowledge: Knowledge of big data technologies and ecosystems (eg, NiFi). Knowledge of current market and emerging leaders in data analytical and SIEM platforms. Knowledge of network security implementations (eg, host-based IDS, IPS), including their function and placement in a network. Knowledge of intrusion detection systems and signature development. Knowledge of Front End collection systems, including network traffic collection, filtering, and selection. Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. Knowledge of cyber defence and information security policies, procedures and regulations. Knowledge of network security architecture concepts including topology, protocols, components and principles. Skills/Experience: Previous experience of Enterprise ICS/network architectures and technologies. Working with frameworks and technologies that support data-intensive distributed applications. Experience maintaining and administrating data analytical and SIEM platforms. Experience using host and network-based IDS/IPS Experience using packet capture solutions. Skill in developing and deploying signatures. Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Ability to provide technical and service leadership to junior SOC Engineers (mentor/coach). Desirable Qualifications/Certifications Red Hat System Administration I & II (RH124/RH134). Baseline Cyber Courses eg Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp. Certified engineer in a market leading data analysis/SIEM platform. SANS SEC501 Advanced Security Essentials Enterprise Defender. SANS SEC 511 Continuous Monitoring & Security Operations. SANS SEC555: SIEM with Tactical Analytics
15/04/2024
Project-based
Cyber Defence Engineer Location: Full Time onsite in Hereford Duration: 6 months MUST BE PAYE THROUGH UMBRELLA We are heading up a recruitment drive on behalf of a leading IT consultancy that require a DV cleared Cyber Defence Engineer to join their team on a major defence project that is based in Hereford. Role Description: Role Description: Cyber Defence Engineer will join a growing security team responsible for the testing, implementation, deployment, maintenance, configuration and troubleshooting of the SOC's technology stack (hardware and software). The engineer will also assist with the continued development and maintenance of data pipelines and signature updates and the professional development of the system engineering team. Tasks: Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration. Manage system/server resources including performance, capacity, availability, serviceability, and recoverability. Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability. Coordinate with SOC and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave. Manage the compilation, cataloguing, distribution, and retrieval of data from a range of enterprise networks and data sources. Implement data management standards, requirements, and specifications. Develop data standards, policies, and procedures. Analyse data sources to provide actionable recommendations and facilitate data-gathering methods. To share knowledge, skills and experience, create and improve documentation, and train new members of the data engineering team. Knowledge: Knowledge of big data technologies and ecosystems (eg, NiFi). Knowledge of current market and emerging leaders in data analytical and SIEM platforms. Knowledge of network security implementations (eg, host-based IDS, IPS), including their function and placement in a network. Knowledge of intrusion detection systems and signature development. Knowledge of Front End collection systems, including network traffic collection, filtering, and selection. Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. Knowledge of cyber defence and information security policies, procedures and regulations. Knowledge of network security architecture concepts including topology, protocols, components and principles. Skills/Experience: Previous experience of Enterprise ICS/network architectures and technologies. Working with frameworks and technologies that support data-intensive distributed applications. Experience maintaining and administrating data analytical and SIEM platforms. Experience using host and network-based IDS/IPS Experience using packet capture solutions. Skill in developing and deploying signatures. Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Ability to provide technical and service leadership to junior SOC Engineers (mentor/coach). Desirable Qualifications/Certifications Red Hat System Administration I & II (RH124/RH134). Baseline Cyber Courses eg Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp. Certified engineer in a market leading data analysis/SIEM platform. SANS SEC501 Advanced Security Essentials Enterprise Defender. SANS SEC 511 Continuous Monitoring & Security Operations. SANS SEC555: SIEM with Tactical Analytics
Security Engineer - SOAR One of our Global consultancy clients is looking for an experienced Security Engineer for one of its leading multinational Travel clients. This is an exciting contract opportunity which is initially until 31/12/24 with potential to extend. This role is hybrid with 3 days per week (may be flexible further down the line) being based out of the clients office in Villeneuve Loubet - 15 mins from Nice Airport. The end client works at the heart of the global travel industry and provides the technology which keeps the travel sector moving - from initial search to making a booking, from pricing to ticketing, from managing reservations to managing check-in and departure processes. Their products and solutions help to improve the business performance of their customers; travel agencies, corporations, airlines, ground handlers, hotels, railways, car rental companies, airports, cruise lines and ferry operators. Responsibilities: We are seeking a Security Orchestration and Automated Response (SOAR) engineer responsible for maintaining our SOAR solution, developing playbooks and implementing integrations within the SOC Platform Engineering team. The SOAR engineer will collaborate closely with cross-functional teams, leveraging various technologies to implement security automation and supporting our Incident Response Team in improving analyst productivity against cyber threats. Key Responsibilities: Maintain our SOAR platform at its optimum level, Update and enhance existing playbooks to adapt to organizational needs, Develop new playbooks to address specific security requirements, Collaborate with stakeholders to identify use cases, Develop and maintain automation scripts (Python), Support security analysts in automating incident response activities, Document processes and workflows for internal sharing, Participate in technical study. Requirements: 2 or more years of experience in developing playbooks and implementing integrations. Experience with SIEM or Cloud Infrastructure, such as Splunk or Microsoft Azure. Ideally a degree in IT or Computer Science Python Skill Level - Advanced Fluent in French and English
15/04/2024
Project-based
Security Engineer - SOAR One of our Global consultancy clients is looking for an experienced Security Engineer for one of its leading multinational Travel clients. This is an exciting contract opportunity which is initially until 31/12/24 with potential to extend. This role is hybrid with 3 days per week (may be flexible further down the line) being based out of the clients office in Villeneuve Loubet - 15 mins from Nice Airport. The end client works at the heart of the global travel industry and provides the technology which keeps the travel sector moving - from initial search to making a booking, from pricing to ticketing, from managing reservations to managing check-in and departure processes. Their products and solutions help to improve the business performance of their customers; travel agencies, corporations, airlines, ground handlers, hotels, railways, car rental companies, airports, cruise lines and ferry operators. Responsibilities: We are seeking a Security Orchestration and Automated Response (SOAR) engineer responsible for maintaining our SOAR solution, developing playbooks and implementing integrations within the SOC Platform Engineering team. The SOAR engineer will collaborate closely with cross-functional teams, leveraging various technologies to implement security automation and supporting our Incident Response Team in improving analyst productivity against cyber threats. Key Responsibilities: Maintain our SOAR platform at its optimum level, Update and enhance existing playbooks to adapt to organizational needs, Develop new playbooks to address specific security requirements, Collaborate with stakeholders to identify use cases, Develop and maintain automation scripts (Python), Support security analysts in automating incident response activities, Document processes and workflows for internal sharing, Participate in technical study. Requirements: 2 or more years of experience in developing playbooks and implementing integrations. Experience with SIEM or Cloud Infrastructure, such as Splunk or Microsoft Azure. Ideally a degree in IT or Computer Science Python Skill Level - Advanced Fluent in French and English
Junior SOC Analyst - Hybrid - 3 days on site - Nottinghamshire Main Responsibilities: - Triage, analyse and investigate alerts, log data and network traffic using security tools to identify cyber-attacks/security incidents. This includes the investigation and root cause analysis of potential security incidents. - Proactively investigate potential security breaches by utilising threat intelligence and internal and external security systems and provide subject matter expertise for technical responses to confirmed cyber security incidents. - Create and maintain the clients target cyber security architecture. - Deliver subject matter expertise to key stakeholders to drive the implementation of security controls to meet the target architecture. - Accountable for vulnerability scanning, including the prioritisation of unpatched vulnerabilities and reporting against agreed KPIs and KRIs. - Support the annual penetration testing schedule by arranging penetration testing, including tracking, and communicating penetration testing results. - Perform supplementary testing of clients detection and response controls by procuring, installing, and running penetration testing tooling. - Participate in process improvement work to automate and improve critical cyber security processes such as monitoring, patching, and hardening. - Develop and maintain process documentation for security architecture, vulnerability management, cyber incident response, and playbooks. - Provide security representation across multiple geographies, business units and teams to achieve objectives, including engagement with the Information Security Enhancement Office. Skills, Knowledge and Experience - Has obtained one or more of the following qualifications: CEH, CRTSA, and OSCP. - Qualifications such as CISSP and CISM would be advantageous. - Problem solving skills, and the ability to come up with new solutions to existing challenges. - Strengths in key 'soft skill' areas such as relationship management, communication, and presentation of technical security information to a variety of audiences. - Technical skills to investigate potential breaches through existing tools, packet capture and log file analysis. - A logical mindset, the ability to identify proportionate, appropriate mitigations to identified security incidents, and to prioritise incidents based on risk. - Capable of working independently/without ongoing supervision on projects and day to day tasks. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
12/04/2024
Full time
Junior SOC Analyst - Hybrid - 3 days on site - Nottinghamshire Main Responsibilities: - Triage, analyse and investigate alerts, log data and network traffic using security tools to identify cyber-attacks/security incidents. This includes the investigation and root cause analysis of potential security incidents. - Proactively investigate potential security breaches by utilising threat intelligence and internal and external security systems and provide subject matter expertise for technical responses to confirmed cyber security incidents. - Create and maintain the clients target cyber security architecture. - Deliver subject matter expertise to key stakeholders to drive the implementation of security controls to meet the target architecture. - Accountable for vulnerability scanning, including the prioritisation of unpatched vulnerabilities and reporting against agreed KPIs and KRIs. - Support the annual penetration testing schedule by arranging penetration testing, including tracking, and communicating penetration testing results. - Perform supplementary testing of clients detection and response controls by procuring, installing, and running penetration testing tooling. - Participate in process improvement work to automate and improve critical cyber security processes such as monitoring, patching, and hardening. - Develop and maintain process documentation for security architecture, vulnerability management, cyber incident response, and playbooks. - Provide security representation across multiple geographies, business units and teams to achieve objectives, including engagement with the Information Security Enhancement Office. Skills, Knowledge and Experience - Has obtained one or more of the following qualifications: CEH, CRTSA, and OSCP. - Qualifications such as CISSP and CISM would be advantageous. - Problem solving skills, and the ability to come up with new solutions to existing challenges. - Strengths in key 'soft skill' areas such as relationship management, communication, and presentation of technical security information to a variety of audiences. - Technical skills to investigate potential breaches through existing tools, packet capture and log file analysis. - A logical mindset, the ability to identify proportionate, appropriate mitigations to identified security incidents, and to prioritise incidents based on risk. - Capable of working independently/without ongoing supervision on projects and day to day tasks. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website