Azure FinOps Analyst Salary: National ranging from £51,200 - £70,700 and London from £56,400 - £80,600 Job Location : London/Leeds/Edinburgh (Hybrid 40% Work from Office) The successful candidate will hold or will be required to obtain Security Clearance (SC) level vetting . Are you interested in joining a team at the forefront of operations, supporting all end users and partners in their day-to-day activities, and managing the FCA's end user services and associated suppliers? The team/department End User Compute provides change and run for a broad range of application and infrastructure services. We work in small cross functional, self-organising and autonomous teams, passionate about delivering value and having fun. What you will be doing (the role) The Azure FinOps Analyst sits in the End User Compute (EUC) Product Group and is responsible for monitoring Azure Cloud infrastructure and its usage, seeking to optimize value for the FCA. The role will drive FinOps best practices in the organization through education, standardization, and collaboration. The role will focus on monitoring and control, cost optimization and risk avoidance across the FCA's Azure estate. Key responsibilities include: Defining processes and delivering services in relation to product financial operations, monitoring costs to ensure adherence to standards and optimal configuration Proactively controlling costs and avoiding unnecessary and unexpected expenditure through the setting and enforcement of appropriate polices, processes and operational guardrails Building dashboards, forecasts and reporting on key metrics required to enable business-based decision making The skills and experience you will have Minimum We are a signatory to the Government's Disability Confident scheme. This means that we will offer an interview to disabled candidates entering under the scheme, should they meet the minimum criteria for a role. Experience in managing the cost/usage of Cloud infrastructure Experience in financial reporting and analysis Essential Knowledge of Azure Cloud concepts Role-specific know-how, transferrable skills, elements of core skills and behaviours that are essential to the role, referring to our Capability Framework as a source of information to help you design your criteria Proven experience in process optimization and Cloud cost and usage management Proficiency in financial modelling, budgeting, and forecasting, preferably using PowerBI Knowledge of Azure cloud concepts, Infrastructure as code, Azure Virtual devices, storage, networking, messaging, configuration, performance, and health. Azure account management, IAM, secrets, tagging and cost management, service catalogue and self-service concepts Security and compliance controls and tooling used by regulated enterprises, high availability and resiliency concepts for cloud infrastructure and applications Knowledge of and ability to make recommendations on FinOps tooling Highly analytical, able to take data from several sources and provide insight and analysis, seeking ways to improve upon reporting and data gathering Commercial acumen, able to interpret contracts and agreements with 3rd parties, identify opportunities for improvements to contractual terms to ensure best value and long-term relations with suppliers About the FCA The FCA regulates the conduct of 50,000 firms in the UK to ensure our financial markets are honest, fair and competitive. We do this to make sure markets work well for individuals, businesses and the economy as a whole. For more information on what we do, our three-year strategy can be found here. Useful information Applications for this role close at 23:59 on 8th May 2024 This role is graded as Senior Associate - Regulatory The assessment process comprises a first stage technical interview to discuss your FinOps experience and knowledge of Azure Cloud concepts. This will be followed by a competency-based interview. The final stage is a fireside chat to enable you to ask any final questions and meet further members of the team. If you are someone who is seeking that next challenge, and you have the experience and skills required, then please send me your CV. Our Recruitment Delivery Team are committed to offering an inclusive recruitment experience to all candidates. If you require any accommodations or adjustments as a result of disability, impairment, or health condition, please do not hesitate to let me know by emailing.
01/05/2024
Full time
Azure FinOps Analyst Salary: National ranging from £51,200 - £70,700 and London from £56,400 - £80,600 Job Location : London/Leeds/Edinburgh (Hybrid 40% Work from Office) The successful candidate will hold or will be required to obtain Security Clearance (SC) level vetting . Are you interested in joining a team at the forefront of operations, supporting all end users and partners in their day-to-day activities, and managing the FCA's end user services and associated suppliers? The team/department End User Compute provides change and run for a broad range of application and infrastructure services. We work in small cross functional, self-organising and autonomous teams, passionate about delivering value and having fun. What you will be doing (the role) The Azure FinOps Analyst sits in the End User Compute (EUC) Product Group and is responsible for monitoring Azure Cloud infrastructure and its usage, seeking to optimize value for the FCA. The role will drive FinOps best practices in the organization through education, standardization, and collaboration. The role will focus on monitoring and control, cost optimization and risk avoidance across the FCA's Azure estate. Key responsibilities include: Defining processes and delivering services in relation to product financial operations, monitoring costs to ensure adherence to standards and optimal configuration Proactively controlling costs and avoiding unnecessary and unexpected expenditure through the setting and enforcement of appropriate polices, processes and operational guardrails Building dashboards, forecasts and reporting on key metrics required to enable business-based decision making The skills and experience you will have Minimum We are a signatory to the Government's Disability Confident scheme. This means that we will offer an interview to disabled candidates entering under the scheme, should they meet the minimum criteria for a role. Experience in managing the cost/usage of Cloud infrastructure Experience in financial reporting and analysis Essential Knowledge of Azure Cloud concepts Role-specific know-how, transferrable skills, elements of core skills and behaviours that are essential to the role, referring to our Capability Framework as a source of information to help you design your criteria Proven experience in process optimization and Cloud cost and usage management Proficiency in financial modelling, budgeting, and forecasting, preferably using PowerBI Knowledge of Azure cloud concepts, Infrastructure as code, Azure Virtual devices, storage, networking, messaging, configuration, performance, and health. Azure account management, IAM, secrets, tagging and cost management, service catalogue and self-service concepts Security and compliance controls and tooling used by regulated enterprises, high availability and resiliency concepts for cloud infrastructure and applications Knowledge of and ability to make recommendations on FinOps tooling Highly analytical, able to take data from several sources and provide insight and analysis, seeking ways to improve upon reporting and data gathering Commercial acumen, able to interpret contracts and agreements with 3rd parties, identify opportunities for improvements to contractual terms to ensure best value and long-term relations with suppliers About the FCA The FCA regulates the conduct of 50,000 firms in the UK to ensure our financial markets are honest, fair and competitive. We do this to make sure markets work well for individuals, businesses and the economy as a whole. For more information on what we do, our three-year strategy can be found here. Useful information Applications for this role close at 23:59 on 8th May 2024 This role is graded as Senior Associate - Regulatory The assessment process comprises a first stage technical interview to discuss your FinOps experience and knowledge of Azure Cloud concepts. This will be followed by a competency-based interview. The final stage is a fireside chat to enable you to ask any final questions and meet further members of the team. If you are someone who is seeking that next challenge, and you have the experience and skills required, then please send me your CV. Our Recruitment Delivery Team are committed to offering an inclusive recruitment experience to all candidates. If you require any accommodations or adjustments as a result of disability, impairment, or health condition, please do not hesitate to let me know by emailing.
Senior Analyst - Information Governance/Data Protection Salary: Open + Bonus Location: Chicago, IL Hybrid: 3 days on-site, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 5+ years of applicable work experience Previous work with information or data governance control activities in the financial services industry. Experience in the financial services industry. Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Responsibilities Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy. Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships. Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings. Experience with Privacy requirements and work with personal information and its protection. Strong strategic thinking, problem solving, and analytic skills.
30/04/2024
Full time
Senior Analyst - Information Governance/Data Protection Salary: Open + Bonus Location: Chicago, IL Hybrid: 3 days on-site, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 5+ years of applicable work experience Previous work with information or data governance control activities in the financial services industry. Experience in the financial services industry. Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Responsibilities Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy. Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships. Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings. Experience with Privacy requirements and work with personal information and its protection. Strong strategic thinking, problem solving, and analytic skills.
ARM (Advanced Resource Managers)
Reading, Berkshire
Threat Intelligence Specialist 6 months £540 per day (Inside IR35) 5 Days per week in Reading My client in the telecommunications industry are looking for a Threat Intelligence Specialist to join their fast-paced team on an initial 6 month contract. The role will be fully on site in Reading so a local candidate will be most ideal. Responsibilities in the role; Identify information security and Threat Intelligence requirements and oversight of delivery by: Identifying business unit Priority Intelligence Requirements that enable the business unit to conduct its business continuously in a secure manner. Analysis of information across Strategic, Operational and Tactical arenas into actionable intelligence that allows stakeholders to make informed decisions. Ensuring delivery of the Threat Intelligence programme within the business unit, delivery of services and products provided by Group Security. Where services are delivered by external providers, ensuring delivery of the Threat Intelligence services as per requirements of business unit. Engage with the business unit to: Develop an understanding of business goals in order to constructively engage senior business leaders on information security, identifying key threats and areas for improvement, driving appropriate risk management decisions and collaborating with partners to achieve positive outcomes and business benefits Ensure emerging information and cyber security threats to the business are identified, discussed with senior business leadership and addressed through presented opportunities of security innovation. Build strong relationships within the business to gain an understanding of security-related business threats, vulnerabilities and risks. Facilitate Group Security support to business projects as the subject matter expert providing guidance and support in implementing Threat Intelligence project requirements. Embedding information security and cyber across the business unit by: Establish positive relationships engaging with technical teams and executives to deliver regular Threat Intelligence reporting and mitigation advisory and seek continuous improvement of TVM process. Monitoring of threat actors and groups, and identifying key trends leveraging internal and external threat data to enable positive business outcomes, keeping senior business leadership informed about information security-related issues and activities potentially affecting the organisation. Assist in running a threat intelligence platform that can store cyber threat intelligence idioms such as threat actors, exploit targets from disparate sources, devices, communities and industries in a structured & standardized way. Focus on awareness and training including by; Briefing regularly the business unit senior leadership team on cyber threats and risks profile. Delivering awareness and training to the relevant business unit team and high-risk users. Communicating the importance and promoting awareness of information security to the business. Increasing business awareness of emerging security threats and risks. Helping develop a security culture within the business. Partnering with the different functions working on controls by: Supporting Incident Response activities providing further context, OSINT support and behavioural analysis in the event of a security incident impacting the business unit. Maintaining a balanced relationship with risk functions, compliance functions and with internal and external audit functions. Ensure timely delivery of actionable threat intelligence across the organisation, including key stakeholders; Security Operations, Incident Response, Vulnerability Management, Security Leadership, Fraud Prevention and Industry intelligence communities. Continuous Improvement through the delivery of; Provide mentoring and development of Threat Intelligence Analysts through sharing learnings and best practices. Act as the point of escalation and support for Threat Intelligence analysts in the event of complex security incidents. Develop proven structure and processes such as run books that help the team achieve outstanding results. Championing and supporting Group Security's wider BCM, Incident and Crisis Management functions. Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission. Where the role is marked as Outside IR35 in the advertisement this is subject to receipt of a final Status Determination Statement from the end Client and may be subject to change.
30/04/2024
Project-based
Threat Intelligence Specialist 6 months £540 per day (Inside IR35) 5 Days per week in Reading My client in the telecommunications industry are looking for a Threat Intelligence Specialist to join their fast-paced team on an initial 6 month contract. The role will be fully on site in Reading so a local candidate will be most ideal. Responsibilities in the role; Identify information security and Threat Intelligence requirements and oversight of delivery by: Identifying business unit Priority Intelligence Requirements that enable the business unit to conduct its business continuously in a secure manner. Analysis of information across Strategic, Operational and Tactical arenas into actionable intelligence that allows stakeholders to make informed decisions. Ensuring delivery of the Threat Intelligence programme within the business unit, delivery of services and products provided by Group Security. Where services are delivered by external providers, ensuring delivery of the Threat Intelligence services as per requirements of business unit. Engage with the business unit to: Develop an understanding of business goals in order to constructively engage senior business leaders on information security, identifying key threats and areas for improvement, driving appropriate risk management decisions and collaborating with partners to achieve positive outcomes and business benefits Ensure emerging information and cyber security threats to the business are identified, discussed with senior business leadership and addressed through presented opportunities of security innovation. Build strong relationships within the business to gain an understanding of security-related business threats, vulnerabilities and risks. Facilitate Group Security support to business projects as the subject matter expert providing guidance and support in implementing Threat Intelligence project requirements. Embedding information security and cyber across the business unit by: Establish positive relationships engaging with technical teams and executives to deliver regular Threat Intelligence reporting and mitigation advisory and seek continuous improvement of TVM process. Monitoring of threat actors and groups, and identifying key trends leveraging internal and external threat data to enable positive business outcomes, keeping senior business leadership informed about information security-related issues and activities potentially affecting the organisation. Assist in running a threat intelligence platform that can store cyber threat intelligence idioms such as threat actors, exploit targets from disparate sources, devices, communities and industries in a structured & standardized way. Focus on awareness and training including by; Briefing regularly the business unit senior leadership team on cyber threats and risks profile. Delivering awareness and training to the relevant business unit team and high-risk users. Communicating the importance and promoting awareness of information security to the business. Increasing business awareness of emerging security threats and risks. Helping develop a security culture within the business. Partnering with the different functions working on controls by: Supporting Incident Response activities providing further context, OSINT support and behavioural analysis in the event of a security incident impacting the business unit. Maintaining a balanced relationship with risk functions, compliance functions and with internal and external audit functions. Ensure timely delivery of actionable threat intelligence across the organisation, including key stakeholders; Security Operations, Incident Response, Vulnerability Management, Security Leadership, Fraud Prevention and Industry intelligence communities. Continuous Improvement through the delivery of; Provide mentoring and development of Threat Intelligence Analysts through sharing learnings and best practices. Act as the point of escalation and support for Threat Intelligence analysts in the event of complex security incidents. Develop proven structure and processes such as run books that help the team achieve outstanding results. Championing and supporting Group Security's wider BCM, Incident and Crisis Management functions. Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission. Where the role is marked as Outside IR35 in the advertisement this is subject to receipt of a final Status Determination Statement from the end Client and may be subject to change.
Request Technology - Craig Johnson
Chicago, Illinois
*Position is bonus eligible* Prestigious Financial Company is currently seeking an Information Data Governance and Protection Analyst. Candidate will be responsible for supporting the development and implementation of the information governance, data protection, and privacy program. This includes supporting the development of strategies, policies, procedures, and controls related to the governance and protection of information throughout its life cycle. In addition, the role will work with stakeholders to define the information governance, data protection, and privacy requirements; will facilitate compliance with the identified requirements to control risk; will represent the program to internal and external stakeholders; and will support the development and implementation of training and awareness programs. This role will focus on compliance with applicable regulatory and legal rules and requirements (ie SEC-Regulation SCI, CFTC-System Safeguards, etc.) as they relate to information including support of regulatory exam and Internal Audit remediation planning, tracking, and mitigation. Responsibilities: Work with appropriate stakeholders and across the organization to create a culture that manages information as an enterprise asset Implementation of the information governance, data protection, and privacy program including the development of policies, procedures, and job aids Identification, implementation, and use of technologies to support program objectives and classification standards Execution of controls and risk assessments (eg, third-party risk, privacy, data protection) Responsible in performing the privacy impact assessment on data incidents and working with relevant stakeholders like Security Services and Legal to help closing the incident. Creation and execution of strategies to identify information across the organization and throughout its life cycle Preparation of program for regulatory and internal audits/examinations and timely remediation of any findings Use of technology/tools to track projects, manage deliverables and create reporting that support the program and its objectives Support of compliance assessments for information governance, data protection, and privacy including development of controls to measure risk Development and maintenance of the organization's Records and Information Management (RIM) program, ensuring information across all media and formats is properly retained and disposed including remediation of Legacy information Ensure retention, disposition, protection, and classification are addressed in new applications, platforms, and systems Collaborate with internal and external stakeholders to implement information governance, data protection, and privacy policies and requirements Support and develop training and awareness programs for information governance, data protection, and privacy. Identify trends in privacy and regulatory requirements, compliance enforcement, and action the necessary changes in the program. Qualifications: Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings Experience with Privacy requirements and work with personal information and its protection Strong strategic thinking, problem solving, and analytic skills Utilize metrics as means to improve performance Ability to adapt to change in emerging environments and work across multiple areas Experience in developing policies and procedures Experience in project management, project execution, and managing multiple priorities in a timeline driven environment Experience working in a highly regulated environment including an understanding of audit and compliance requirements Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Bachelor's degree or higher in information management, information systems, law, computer science or BA/BS in another discipline with equivalent experience Experience in the financial services industry Certifications Preferred: Certifications in Information, Data, Privacy Records or Security such as: Certified Information Privacy Professional (CIPP), Certified Information Privacy Management (CIPM), Certified Records Manager (CRM), and/or Certified Information Privacy Technologist (CIPT), Certified Information Systems Security Professional (CISSP), Information Governance Professional (IGP), Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA)
30/04/2024
Full time
*Position is bonus eligible* Prestigious Financial Company is currently seeking an Information Data Governance and Protection Analyst. Candidate will be responsible for supporting the development and implementation of the information governance, data protection, and privacy program. This includes supporting the development of strategies, policies, procedures, and controls related to the governance and protection of information throughout its life cycle. In addition, the role will work with stakeholders to define the information governance, data protection, and privacy requirements; will facilitate compliance with the identified requirements to control risk; will represent the program to internal and external stakeholders; and will support the development and implementation of training and awareness programs. This role will focus on compliance with applicable regulatory and legal rules and requirements (ie SEC-Regulation SCI, CFTC-System Safeguards, etc.) as they relate to information including support of regulatory exam and Internal Audit remediation planning, tracking, and mitigation. Responsibilities: Work with appropriate stakeholders and across the organization to create a culture that manages information as an enterprise asset Implementation of the information governance, data protection, and privacy program including the development of policies, procedures, and job aids Identification, implementation, and use of technologies to support program objectives and classification standards Execution of controls and risk assessments (eg, third-party risk, privacy, data protection) Responsible in performing the privacy impact assessment on data incidents and working with relevant stakeholders like Security Services and Legal to help closing the incident. Creation and execution of strategies to identify information across the organization and throughout its life cycle Preparation of program for regulatory and internal audits/examinations and timely remediation of any findings Use of technology/tools to track projects, manage deliverables and create reporting that support the program and its objectives Support of compliance assessments for information governance, data protection, and privacy including development of controls to measure risk Development and maintenance of the organization's Records and Information Management (RIM) program, ensuring information across all media and formats is properly retained and disposed including remediation of Legacy information Ensure retention, disposition, protection, and classification are addressed in new applications, platforms, and systems Collaborate with internal and external stakeholders to implement information governance, data protection, and privacy policies and requirements Support and develop training and awareness programs for information governance, data protection, and privacy. Identify trends in privacy and regulatory requirements, compliance enforcement, and action the necessary changes in the program. Qualifications: Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings Experience with Privacy requirements and work with personal information and its protection Strong strategic thinking, problem solving, and analytic skills Utilize metrics as means to improve performance Ability to adapt to change in emerging environments and work across multiple areas Experience in developing policies and procedures Experience in project management, project execution, and managing multiple priorities in a timeline driven environment Experience working in a highly regulated environment including an understanding of audit and compliance requirements Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Bachelor's degree or higher in information management, information systems, law, computer science or BA/BS in another discipline with equivalent experience Experience in the financial services industry Certifications Preferred: Certifications in Information, Data, Privacy Records or Security such as: Certified Information Privacy Professional (CIPP), Certified Information Privacy Management (CIPM), Certified Records Manager (CRM), and/or Certified Information Privacy Technologist (CIPT), Certified Information Systems Security Professional (CISSP), Information Governance Professional (IGP), Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA)
Senior SOC Analyst This is a chance for an individual to be in 'at the ground up' at the start of the development of the SOC and will play a leading role in the day-to-day activity of the SOC and influence of the SOC on an operational, technical and strategic level. The role will require SC Security Clearance and therefore candidate must only be UK nationals (duel nationality isn't accepted unfortunately) £50000 - £60000 per annum + Remote working London, Central What will you be doing? Primarily the role will be concerned with selecting and standing up an appropriate SIEM platform to service our client's needs. Once the tool is Embedded and processes are in place to ensure Business as Usual running, the role will then involve leading security monitoring efforts, conducting in-depth investigations, and actively participating in incident response activities. Duties & Responsibilities: Security Monitoring: Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct Real Time analysis of security alerts and escalate incidents as necessary. Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Investigations: Perform in-depth investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. Collaboration: Collaborate with cross-functional teams, including IT, legal, and management, to address security incidents and implement preventive measures. Provide expertise and guidance to other analysts. Security Tool Management: Manage and optimise security tools, ensuring they are properly configured and updated to maximize effectiveness. Evaluate new security technologies and recommend enhancements to the security infrastructure. Security Awareness: Contribute to security awareness training programs for employees to promote a culture of cybersecurity vigilance. Provide guidance on security best practices to various teams within the organization. Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Create monthly reporting packs as per contractual requirements. Create and document robust event and incident management processes Essential Skills and Experience: Analytical mindset with the ability to troubleshoot and solve complex security issues. Excellent communication and interpersonal skills for collaborating with diverse teams. Leadership qualities to guide Junior Analysts and drive security initiatives. Up-to-date knowledge of cybersecurity trends and threats. Full understanding of SIEM systems - IBM QRadar, FortiSIEM, Splunk, Sentinel etc IT Security Management, Policies, Procedures, Standards and Guidelines Risk Assessment Privacy and Compliance Conversant with security best practices (including ISO27001) and relevant security legislation Security Operations and Incident Handling IT Security Architecture If you are interested in hearing more please apply below or ring or send your CV to (see below)
29/04/2024
Full time
Senior SOC Analyst This is a chance for an individual to be in 'at the ground up' at the start of the development of the SOC and will play a leading role in the day-to-day activity of the SOC and influence of the SOC on an operational, technical and strategic level. The role will require SC Security Clearance and therefore candidate must only be UK nationals (duel nationality isn't accepted unfortunately) £50000 - £60000 per annum + Remote working London, Central What will you be doing? Primarily the role will be concerned with selecting and standing up an appropriate SIEM platform to service our client's needs. Once the tool is Embedded and processes are in place to ensure Business as Usual running, the role will then involve leading security monitoring efforts, conducting in-depth investigations, and actively participating in incident response activities. Duties & Responsibilities: Security Monitoring: Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct Real Time analysis of security alerts and escalate incidents as necessary. Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Investigations: Perform in-depth investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. Collaboration: Collaborate with cross-functional teams, including IT, legal, and management, to address security incidents and implement preventive measures. Provide expertise and guidance to other analysts. Security Tool Management: Manage and optimise security tools, ensuring they are properly configured and updated to maximize effectiveness. Evaluate new security technologies and recommend enhancements to the security infrastructure. Security Awareness: Contribute to security awareness training programs for employees to promote a culture of cybersecurity vigilance. Provide guidance on security best practices to various teams within the organization. Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Create monthly reporting packs as per contractual requirements. Create and document robust event and incident management processes Essential Skills and Experience: Analytical mindset with the ability to troubleshoot and solve complex security issues. Excellent communication and interpersonal skills for collaborating with diverse teams. Leadership qualities to guide Junior Analysts and drive security initiatives. Up-to-date knowledge of cybersecurity trends and threats. Full understanding of SIEM systems - IBM QRadar, FortiSIEM, Splunk, Sentinel etc IT Security Management, Policies, Procedures, Standards and Guidelines Risk Assessment Privacy and Compliance Conversant with security best practices (including ISO27001) and relevant security legislation Security Operations and Incident Handling IT Security Architecture If you are interested in hearing more please apply below or ring or send your CV to (see below)
Key Accountabilities Lead the creation, development, and management of OTSNs risk assessment frameworks and principles to support the cyber security decision making processes within ET. Provide expert technical support for the risk assessment of vulnerabilities and deviations from the target state including agreeing mitigating actions within agreed delegated authority. Support the development of cyber security policies and specifications to reduce risk. Improve organisational cyber security maturity and support compliance with the NIS Regulation for the OTSN by managing OTSN registers in line with our risk appetite. Support the business to understand cyber security requirements for OTSN through engagement with projects and design teams on OTSN risks. Support the business to understand cyber security risks through appropriate reporting and communication of current risks and vulnerabilities. Influence security and resilience strategies to accelerate cyber security risk reduction. Support the optimisation of OTSN management strategies in the long-term interests of consumers. Experience Relevant experience risk reporting including leading teams of risk analysts and/or project management. Strong data analytical skills and excellent written and communication skills with the ability to interface comfortably with senior stakeholders. Strong investigation and problem-solving skills, demonstrating autonomy and initiative. Proactive with the ability to work under tight deadline pressures across multiple workstreams. Sound understanding and proven experience of IEC 62443, ISO27000, NIST CSF and audit processes. Experience of introducing changes to specifications or policies that apply to a technical audience. Extensive experience communicating difficult and standard issues associated with areas of expertise in a clear and concise manner both verbally & in writing. Eager to develop their business and technical skills, you will be comfortable breaking new ground and changing the way the business makes decisions. Technical or Specialist Technical understanding of the LAN/WAN Networks and Operational Technology (OT). Detailed understanding of how cyber security risks can manifest within networks, devices, and systems. Understanding of asset management principles, including risk management, decision making, planning, asset life cycle and asset data/information. Experience of using and developing decision making frameworks and tools including economic assessments (NPV, CBA) and whole life asset assessments (WLV) Familiarity with international standards related to cyber security including IEC62443 and IEC62351 Commensurate experience with O365, including excel and preferable Power BI. Experience with MITRE ATT&CK desirable, preferably MITRE ICS.
25/04/2024
Full time
Key Accountabilities Lead the creation, development, and management of OTSNs risk assessment frameworks and principles to support the cyber security decision making processes within ET. Provide expert technical support for the risk assessment of vulnerabilities and deviations from the target state including agreeing mitigating actions within agreed delegated authority. Support the development of cyber security policies and specifications to reduce risk. Improve organisational cyber security maturity and support compliance with the NIS Regulation for the OTSN by managing OTSN registers in line with our risk appetite. Support the business to understand cyber security requirements for OTSN through engagement with projects and design teams on OTSN risks. Support the business to understand cyber security risks through appropriate reporting and communication of current risks and vulnerabilities. Influence security and resilience strategies to accelerate cyber security risk reduction. Support the optimisation of OTSN management strategies in the long-term interests of consumers. Experience Relevant experience risk reporting including leading teams of risk analysts and/or project management. Strong data analytical skills and excellent written and communication skills with the ability to interface comfortably with senior stakeholders. Strong investigation and problem-solving skills, demonstrating autonomy and initiative. Proactive with the ability to work under tight deadline pressures across multiple workstreams. Sound understanding and proven experience of IEC 62443, ISO27000, NIST CSF and audit processes. Experience of introducing changes to specifications or policies that apply to a technical audience. Extensive experience communicating difficult and standard issues associated with areas of expertise in a clear and concise manner both verbally & in writing. Eager to develop their business and technical skills, you will be comfortable breaking new ground and changing the way the business makes decisions. Technical or Specialist Technical understanding of the LAN/WAN Networks and Operational Technology (OT). Detailed understanding of how cyber security risks can manifest within networks, devices, and systems. Understanding of asset management principles, including risk management, decision making, planning, asset life cycle and asset data/information. Experience of using and developing decision making frameworks and tools including economic assessments (NPV, CBA) and whole life asset assessments (WLV) Familiarity with international standards related to cyber security including IEC62443 and IEC62351 Commensurate experience with O365, including excel and preferable Power BI. Experience with MITRE ATT&CK desirable, preferably MITRE ICS.