Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
16/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
16/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
*Permanent - 3 Days per week in the Durham Office - Monday to Friday - Experience in a SOC role required* The company: A thriving company in the Durham area is looking to expand its cybersecurity services for their large client base. They are on a journey of service excellence and are looking for proactive team players to join them in their growth. With an aim for technical excellence, this company offers strong progression and training opportunities, alongside the opportunity to work alongside some of the best in the industry. The role: As a Security Analyst, where you will play a pivotal role in developing and enhancing the SIEM and Endpoint Detection and Response platforms. You will be supporting the expanding SOC service and will play a pivotal role in defining what cyber excellence looks like. This role will progress into cyber security engineering and take the technical lead on cyber strategy. It's a great opportunity for someone working within a SOC environment, who wants to grow a team and leverage their own career. You will be automating as many L1 incidents as possible, and focusing on the more complex an interesting incidents that arise. Day to Day of the role: Assist in customer onboarding to the Security Operations Centre (SOC) and SIEM. Create and implement new detection rules for the SIEM. Analyse and respond to alerts from SIEM solutions, focusing on identifying unusual and anomalous behaviours within our information systems. Conduct proactive threat and vulnerability searches within our information systems. Collaborate with Incident Response team members to contain and resolve security incidents. Continuously enhance the security posture for both our organisation and our clients. Required Skills & Qualifications: Prior experience working in a Security Operations Centre. Demonstrable expertise with SIEM, EDR, and Vulnerability Scanning tools, preferably Microsoft Sentinel and Defender. Proficiency in developing SOC triage runbooks. Ability to set up data connectors and integrate with third-party APIs and applications. Experience in creating and implementing use cases for analytics and threat hunting. Skill in fine-tuning SIEM platforms to reduce false positives and enhance automation. Relevant certifications in the field of cybersecurity. Strong analytical abilities and effective problem-solving skills. Resilience under pressure and adeptness in prioritising workloads. Benefits: 27 Days Annual Leave Your birthday off 7% matched pension contribution Hybrid and flexible working options Annual pay reviews Enhanced sick pay benefit Car lease scheme Training programmes Progression plans Perk box membership 4 months full pay maternity leave And more! Next Steps? If you would like to know anything more about this role then please apply to this advert. You must be fully eligible to work in the UK to apply to this position and be able to travel into office on occasion
15/05/2024
Full time
*Permanent - 3 Days per week in the Durham Office - Monday to Friday - Experience in a SOC role required* The company: A thriving company in the Durham area is looking to expand its cybersecurity services for their large client base. They are on a journey of service excellence and are looking for proactive team players to join them in their growth. With an aim for technical excellence, this company offers strong progression and training opportunities, alongside the opportunity to work alongside some of the best in the industry. The role: As a Security Analyst, where you will play a pivotal role in developing and enhancing the SIEM and Endpoint Detection and Response platforms. You will be supporting the expanding SOC service and will play a pivotal role in defining what cyber excellence looks like. This role will progress into cyber security engineering and take the technical lead on cyber strategy. It's a great opportunity for someone working within a SOC environment, who wants to grow a team and leverage their own career. You will be automating as many L1 incidents as possible, and focusing on the more complex an interesting incidents that arise. Day to Day of the role: Assist in customer onboarding to the Security Operations Centre (SOC) and SIEM. Create and implement new detection rules for the SIEM. Analyse and respond to alerts from SIEM solutions, focusing on identifying unusual and anomalous behaviours within our information systems. Conduct proactive threat and vulnerability searches within our information systems. Collaborate with Incident Response team members to contain and resolve security incidents. Continuously enhance the security posture for both our organisation and our clients. Required Skills & Qualifications: Prior experience working in a Security Operations Centre. Demonstrable expertise with SIEM, EDR, and Vulnerability Scanning tools, preferably Microsoft Sentinel and Defender. Proficiency in developing SOC triage runbooks. Ability to set up data connectors and integrate with third-party APIs and applications. Experience in creating and implementing use cases for analytics and threat hunting. Skill in fine-tuning SIEM platforms to reduce false positives and enhance automation. Relevant certifications in the field of cybersecurity. Strong analytical abilities and effective problem-solving skills. Resilience under pressure and adeptness in prioritising workloads. Benefits: 27 Days Annual Leave Your birthday off 7% matched pension contribution Hybrid and flexible working options Annual pay reviews Enhanced sick pay benefit Car lease scheme Training programmes Progression plans Perk box membership 4 months full pay maternity leave And more! Next Steps? If you would like to know anything more about this role then please apply to this advert. You must be fully eligible to work in the UK to apply to this position and be able to travel into office on occasion
Role: IT Specialist Location: Great Yarmouth Work Type: Contract Duration: 6 months Work Model: Hybrid My client, who is a leader in the energy sector, is looking for an IT Specialist to join their team on contract basis. You will be part of a company who are committed to safety and sustainability and drive the transition to renewable energy. With over a decade of experience, they operate the industry's largest fleet of jack-up installation vessels, ensuring flexibility and scalability for green projects. In this role you will: Assist on-site staff with technical issues through phone, email, and face-to-face interactions. Oversee, address, and close tickets within the designated ticketing system. Diagnose and fix hardware and software problems across various devices and company IT systems. Essential Skills: 2+ years of experience in IT support or other relevant positions in an IT department. Proficiency in troubleshooting general IT hardware, software, and network issues. Possess basic to intermediate understanding of cybersecurity and potential risks. Strong communication skills in both spoken and written English If you are a results-oriented professional with a passion for driving excellence in IT Specialist and Technical Support Specialist, we invite you to apply for this exciting opportunity by sharing your CV. Randstad Technologies is acting as an Employment Business in relation to this vacancy.
15/05/2024
Project-based
Role: IT Specialist Location: Great Yarmouth Work Type: Contract Duration: 6 months Work Model: Hybrid My client, who is a leader in the energy sector, is looking for an IT Specialist to join their team on contract basis. You will be part of a company who are committed to safety and sustainability and drive the transition to renewable energy. With over a decade of experience, they operate the industry's largest fleet of jack-up installation vessels, ensuring flexibility and scalability for green projects. In this role you will: Assist on-site staff with technical issues through phone, email, and face-to-face interactions. Oversee, address, and close tickets within the designated ticketing system. Diagnose and fix hardware and software problems across various devices and company IT systems. Essential Skills: 2+ years of experience in IT support or other relevant positions in an IT department. Proficiency in troubleshooting general IT hardware, software, and network issues. Possess basic to intermediate understanding of cybersecurity and potential risks. Strong communication skills in both spoken and written English If you are a results-oriented professional with a passion for driving excellence in IT Specialist and Technical Support Specialist, we invite you to apply for this exciting opportunity by sharing your CV. Randstad Technologies is acting as an Employment Business in relation to this vacancy.
In a world of increasing digital connectivity, parallels the rise of cyber threats. Therefore, transformative Systems Engineers are required to make a real difference influencing some of the most important decisions across the full spectrum of the business. Ambitious and driven Systems Engineers are needed to join their industry-leading team of experts, in a consultative and client-facing environment. No day will ever be the same, by helping the UK become a safer place, from business transformation through to large-scale Cyber programme delivery. The successful candidate will have the ability to manage a variety of stakeholders as one will manage cross-functional projects. We'd love client facing and consulting capability, along with a few of the following: Experience of working as a System Engineer within IT, networking, digital or cyber security Ideally working in a Consultancy, large Systems Integrator or public sector organisation delivering complex products and services ie Defence/Law Enforcement/National Security/Public Sector Technical exposure includes: delivery life cycles (V-model), spiral and agile, technical risk management, cost & capability, requirements elicitation and management Excellent communication skills As well as gaining the opportunity to engage in a critical programme for the UK, this boutique Consultancy offers an array of learning and development platforms. From internal bespoke training masterclasses, to the development of new propositions to pitch to clients, you can engage, contribute and grow within the Security Sector team. Due to the nature of the work, DV clearance will be required. Please get in touch to find out more: (see below)
15/05/2024
Full time
In a world of increasing digital connectivity, parallels the rise of cyber threats. Therefore, transformative Systems Engineers are required to make a real difference influencing some of the most important decisions across the full spectrum of the business. Ambitious and driven Systems Engineers are needed to join their industry-leading team of experts, in a consultative and client-facing environment. No day will ever be the same, by helping the UK become a safer place, from business transformation through to large-scale Cyber programme delivery. The successful candidate will have the ability to manage a variety of stakeholders as one will manage cross-functional projects. We'd love client facing and consulting capability, along with a few of the following: Experience of working as a System Engineer within IT, networking, digital or cyber security Ideally working in a Consultancy, large Systems Integrator or public sector organisation delivering complex products and services ie Defence/Law Enforcement/National Security/Public Sector Technical exposure includes: delivery life cycles (V-model), spiral and agile, technical risk management, cost & capability, requirements elicitation and management Excellent communication skills As well as gaining the opportunity to engage in a critical programme for the UK, this boutique Consultancy offers an array of learning and development platforms. From internal bespoke training masterclasses, to the development of new propositions to pitch to clients, you can engage, contribute and grow within the Security Sector team. Due to the nature of the work, DV clearance will be required. Please get in touch to find out more: (see below)
Your new company Working for a market leading group of companies with a strong focus on security across the globe. Providing sector specific technology to provide tailored solutions. Your new role Responsible for managing Networking, IT Infrastructure, Cloud solutions and delivering end-user support to a range of desktop, mobile and business software applications. Leading with your expert knowledge of support teams, including infrastructure engineers and service desk professionals to deliver excellent technical services. The position will take the lead in working with 3rd party vendors and the wider internal teams to support in consulting and the delivery of the company's IT strategy. What you'll need to succeed A strong understanding of operating in an ITIL environment with excellent networking experience alongside support for Microsoft solutions. Capable and hands-on experience with Cisco network deployments (CCNA/CCNP Desirable) Demonstrable proficiency with Azure and On-Prem Infrastructure Experience with managing teams to ensure KPIs and SLAs are achieved & exceeded and to support their development. Able to share your expert knowledge with the wider team to develop an effective service. Firewall deployment, particularly across SD-WAN solutions. Strong understanding of Cybersecurity to maintain system integrity. Delivering end-user support to a range of desktop, mobile and business software applications. What you'll get in return Salary of up to £55,000 DOE Elements of Hybrid with a 3 in 2 from home split Options for Flexible working hours provided Core hours are covered. Chance to improve your knowledge and personal development. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
15/05/2024
Full time
Your new company Working for a market leading group of companies with a strong focus on security across the globe. Providing sector specific technology to provide tailored solutions. Your new role Responsible for managing Networking, IT Infrastructure, Cloud solutions and delivering end-user support to a range of desktop, mobile and business software applications. Leading with your expert knowledge of support teams, including infrastructure engineers and service desk professionals to deliver excellent technical services. The position will take the lead in working with 3rd party vendors and the wider internal teams to support in consulting and the delivery of the company's IT strategy. What you'll need to succeed A strong understanding of operating in an ITIL environment with excellent networking experience alongside support for Microsoft solutions. Capable and hands-on experience with Cisco network deployments (CCNA/CCNP Desirable) Demonstrable proficiency with Azure and On-Prem Infrastructure Experience with managing teams to ensure KPIs and SLAs are achieved & exceeded and to support their development. Able to share your expert knowledge with the wider team to develop an effective service. Firewall deployment, particularly across SD-WAN solutions. Strong understanding of Cybersecurity to maintain system integrity. Delivering end-user support to a range of desktop, mobile and business software applications. What you'll get in return Salary of up to £55,000 DOE Elements of Hybrid with a 3 in 2 from home split Options for Flexible working hours provided Core hours are covered. Chance to improve your knowledge and personal development. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
Global Technology Solutions Ltd
Chippenham, Wiltshire
Cloud IT Solutions Technical Consultant - Service Desk Consultant Permanent - Chippenham Onsite/Hybrid Working £45,000 - £60,000 Must Drive - Happy to Travel as needed. You will be an experienced Technical Consultant with a methodical approach to problem-solving who has an enthusiastic "can do" attitude. You have ambition and a growth mindset so you will be keen to learn, progress and are willing to study to become an exceptional IT professional. MAIN DUTIES * Architect, Design, and Implement Modern Cloud IT Solutions * Completion of Infrastructure, Cyber Risk and Microsoft 365 Adoption Consultancy * Escalation Technical Resource for Project Engineers * Work as part of our dedicated Projects Team away from the Service Desk * Support and guide our customers on their Technical Roadmap * Work with the Projects Administrator to ensure projects are a success * Assist the commercial team with technical roadmaps and presales consultancy ESSENTIAL SKILLS & EXPERIENCE * At least 4 years' experience progressing through a service desk 1st/2nd/3rd line to Technical Consultant * Microsoft Azure (Migration, Deployment and Management of services) * Microsoft 365 including Modern Endpoint Management and Security * Hyper-V/VMware in both on-premises and hybrid deployments * Networking (TCP/IP, VLANs, routing, Firewalls, port forwarding and NAT etc.) * Comfortable communicating at all levels including Management, Senior Leadership Team and Board/Directors * Design and implementation of technical roadmaps, from start to finish. QUALIFICATIONS * Desirable Microsoft Certifications (MS-100/101, AZ-104, MS-500) * Desirable Security Certifications (Security+, CEH) WHAT WE OFFER People & Culture is the heartbeat. We believe success is built from within and is why we are incredibly proud of our team, our working environment and our fun, friendly and inclusive office culture. We live by our values. It is a fast paced, energetic and fun environment to be in. As an employee we will invest in you. We will invest in your training. We will invest our time and energy to help you develop your career and become the very best in your field of work. * Unlimited holiday * Performance and salary reviews * Enrolment into the Academy, aimed on your training and development needs with time available to complete during working hours * Access to online courses, work related plus more, all at your fingertips * Auto Enrolment pension scheme * Staff and Customer referral scheme * Great working atmosphere and balanced work environment - we are high performance and we take good care of each other * Employee socials and events run by our Social Committee * Lots of cake and fruit * And of course, you get to work for a fast-growing, modern, market leader like us! This is a fantastic opportunity to join a welcoming, dynamic company offering a great culture and the chance to build a successful career. NOTES 37.5 hours a week Mon-Fri, due to the nature of the job some occasional work at weekends and outside of normal hours may be required. Travel to customer sites may be required so the ability to travel as and when required is essential. This role requires a DBS and BPSS check as well as you to obtain SC clearance (fully funded). "In applying for this position, you consent to your personal data being shared with the specified employer and for your details to remain with GTS for as long as is necessary to process your application. See our Privacy Notice for full information Global Technology Solutions is acting as an Employment Agency in relation to this vacancy.
15/05/2024
Full time
Cloud IT Solutions Technical Consultant - Service Desk Consultant Permanent - Chippenham Onsite/Hybrid Working £45,000 - £60,000 Must Drive - Happy to Travel as needed. You will be an experienced Technical Consultant with a methodical approach to problem-solving who has an enthusiastic "can do" attitude. You have ambition and a growth mindset so you will be keen to learn, progress and are willing to study to become an exceptional IT professional. MAIN DUTIES * Architect, Design, and Implement Modern Cloud IT Solutions * Completion of Infrastructure, Cyber Risk and Microsoft 365 Adoption Consultancy * Escalation Technical Resource for Project Engineers * Work as part of our dedicated Projects Team away from the Service Desk * Support and guide our customers on their Technical Roadmap * Work with the Projects Administrator to ensure projects are a success * Assist the commercial team with technical roadmaps and presales consultancy ESSENTIAL SKILLS & EXPERIENCE * At least 4 years' experience progressing through a service desk 1st/2nd/3rd line to Technical Consultant * Microsoft Azure (Migration, Deployment and Management of services) * Microsoft 365 including Modern Endpoint Management and Security * Hyper-V/VMware in both on-premises and hybrid deployments * Networking (TCP/IP, VLANs, routing, Firewalls, port forwarding and NAT etc.) * Comfortable communicating at all levels including Management, Senior Leadership Team and Board/Directors * Design and implementation of technical roadmaps, from start to finish. QUALIFICATIONS * Desirable Microsoft Certifications (MS-100/101, AZ-104, MS-500) * Desirable Security Certifications (Security+, CEH) WHAT WE OFFER People & Culture is the heartbeat. We believe success is built from within and is why we are incredibly proud of our team, our working environment and our fun, friendly and inclusive office culture. We live by our values. It is a fast paced, energetic and fun environment to be in. As an employee we will invest in you. We will invest in your training. We will invest our time and energy to help you develop your career and become the very best in your field of work. * Unlimited holiday * Performance and salary reviews * Enrolment into the Academy, aimed on your training and development needs with time available to complete during working hours * Access to online courses, work related plus more, all at your fingertips * Auto Enrolment pension scheme * Staff and Customer referral scheme * Great working atmosphere and balanced work environment - we are high performance and we take good care of each other * Employee socials and events run by our Social Committee * Lots of cake and fruit * And of course, you get to work for a fast-growing, modern, market leader like us! This is a fantastic opportunity to join a welcoming, dynamic company offering a great culture and the chance to build a successful career. NOTES 37.5 hours a week Mon-Fri, due to the nature of the job some occasional work at weekends and outside of normal hours may be required. Travel to customer sites may be required so the ability to travel as and when required is essential. This role requires a DBS and BPSS check as well as you to obtain SC clearance (fully funded). "In applying for this position, you consent to your personal data being shared with the specified employer and for your details to remain with GTS for as long as is necessary to process your application. See our Privacy Notice for full information Global Technology Solutions is acting as an Employment Agency in relation to this vacancy.
We have an excellent Platform Engineer permanent job opportunity, which is hybrid working based in Manchester. Key to this role is supporting and delivering cloud migration programmes. The role includes designing, building and maintenance of the delivery infrastructure, systems and processes, leading with modern platforms and ways of working. Candidates applying for this role should have some of the following skills and experience:- Expertise and confidence to lead the definition and support of the Azure, AWS and GCP delivery platform in complex engagements, typically working in multi-disciplinary teams. Familiarity with collaboration suites ie Atlassian products (Jira, Confluence). Hands on with any of Azure, AWS or GCP Services. Automating cloud services. Exposure towards Infrastructure Management, Data Migration. Scripting with one or more of the following: Powershell, Python, Go. SecOps experience. Automating delivery of Infrastructure as Code (IaC) via Terraform. Deep understanding of CI/CD pipeline. Code Repository Management (eg Gitlab, GitHub, Bitbucket). Architecture awareness and experience around enterprise scale applications and distributed systems. Has a DevOps mind-set towards Automation. Understanding of Security Compliance PCI DSS, ISO, Cyber Essentials. Charlene Morrison - (see below)
14/05/2024
Full time
We have an excellent Platform Engineer permanent job opportunity, which is hybrid working based in Manchester. Key to this role is supporting and delivering cloud migration programmes. The role includes designing, building and maintenance of the delivery infrastructure, systems and processes, leading with modern platforms and ways of working. Candidates applying for this role should have some of the following skills and experience:- Expertise and confidence to lead the definition and support of the Azure, AWS and GCP delivery platform in complex engagements, typically working in multi-disciplinary teams. Familiarity with collaboration suites ie Atlassian products (Jira, Confluence). Hands on with any of Azure, AWS or GCP Services. Automating cloud services. Exposure towards Infrastructure Management, Data Migration. Scripting with one or more of the following: Powershell, Python, Go. SecOps experience. Automating delivery of Infrastructure as Code (IaC) via Terraform. Deep understanding of CI/CD pipeline. Code Repository Management (eg Gitlab, GitHub, Bitbucket). Architecture awareness and experience around enterprise scale applications and distributed systems. Has a DevOps mind-set towards Automation. Understanding of Security Compliance PCI DSS, ISO, Cyber Essentials. Charlene Morrison - (see below)
Senior Cloud Security Engineer Permanent, 3 days in office in London Overview: The Company is a leading financial services firm. The technology is being transformed to a Cloud-First, Cloud-Native architectural model, utilizing DevSecOps processes and adoption of systems-thinking concepts to enhance productivity. The Cloud Security Engineer are responsible for delivering modern end user solutions that are fully automated through code, ensuring scalability and optimize availability and reliability 24/7. Responsibilities: Engineer and secure core Azure platform services across global footprint. Design, implement and maintain secure cloud architectures across Azure cloud platform. Develop and enforce cloud security policies, procedures and best practices. Implement and manage cloud security tools and services such as SIEM, IAM and DLP. Conduct regular security assessments, audits and penetration testing. Investigate and respond to security incidents and global frameworks. Provide guidance and training to team members on cloud security best practices. Stay up to date with latest cloud security threats, technologies. Run Infrastructure with Python/PowerShell, Ansible, Terraform, Azure DevOps, CI/CD, Kubernetes. Design, build and maintain core infrastructure. Debub production issues Requirements Strong experience in cybersecurity and protecting cloud based assets in Financial Services environment. Experience in identifying and addressing potential security risks. Attention to details and ability to think like an attacker. Continual learning and advancement of Azure technologies Experience in configuration management systems like Ansible Keen on Open Source development. Collaborative and able to communicate effectively and asynchronously.
14/05/2024
Full time
Senior Cloud Security Engineer Permanent, 3 days in office in London Overview: The Company is a leading financial services firm. The technology is being transformed to a Cloud-First, Cloud-Native architectural model, utilizing DevSecOps processes and adoption of systems-thinking concepts to enhance productivity. The Cloud Security Engineer are responsible for delivering modern end user solutions that are fully automated through code, ensuring scalability and optimize availability and reliability 24/7. Responsibilities: Engineer and secure core Azure platform services across global footprint. Design, implement and maintain secure cloud architectures across Azure cloud platform. Develop and enforce cloud security policies, procedures and best practices. Implement and manage cloud security tools and services such as SIEM, IAM and DLP. Conduct regular security assessments, audits and penetration testing. Investigate and respond to security incidents and global frameworks. Provide guidance and training to team members on cloud security best practices. Stay up to date with latest cloud security threats, technologies. Run Infrastructure with Python/PowerShell, Ansible, Terraform, Azure DevOps, CI/CD, Kubernetes. Design, build and maintain core infrastructure. Debub production issues Requirements Strong experience in cybersecurity and protecting cloud based assets in Financial Services environment. Experience in identifying and addressing potential security risks. Attention to details and ability to think like an attacker. Continual learning and advancement of Azure technologies Experience in configuration management systems like Ansible Keen on Open Source development. Collaborative and able to communicate effectively and asynchronously.
- Head of Site Reliability/Infrastructure - Glasgow/Hybrid - Excellent Salary & Benefits Package - Immediate Start Fantastic new opportunity to the market to join our Glasgow-based Fintech client, specialising in managed Cloud provision. The business is entering a growth phase and now recruiting for a seasoned Head of Site Reliability with an infrastructure background, as they continue to grow their tech team from their newly opened, state-of-the-art tech hub in Glasgow. This is a key hire and the first in this space, as the business begins to build out their new Site Reliability team. The successful candidate will be responsible for building out the function, providing true leadership and co-ordination, whilst having a breadth of technical know-how. This opportunity is truly greenfield in nature and offers a blank canvas to implement plans and procedures with the aim of improving the infrastructure reliability, security and functionality with automation at the forefront. Reporting into the COO, you will be a natural leader of people and teams, with the goal of collaborating on the design, deployment, and maintenance of the global infrastructure and to provide system support for the Security, Network Operations and Development teams. The role would ideally suit an experienced automation-focused individual with comprehensive working infrastructure knowledge of Windows and Linux environments (RHEL, Ubuntu), as well as network operating systems experience. Commercial use of Infrastructure-As-Code (IAC) tooling such as Terraform and Ansible is also beneficial. Candidates who are proactive and dedicated are preferred, as this role is highly visible. You will also be a significant contributor to the team's IT success, supporting and delivering infrastructure and solutions and working directly with data centre, network, software development and project teams alike. Key Skills & Experience Proven experience in a site reliability engineering, DevOps, or similar role, with multiple years in a leadership position. Extensive background in cloud computing services (AWS, Google Cloud or Azure) Container orchestration technology exposure (eg Kubernetes). Proficiency in automation Knowledge of Scripting languages (Python, Shell or Go). Knowledge of Cyber Security principles and best practices. Knowledge of regulatory environments and compliance standards Exceptional problem-solving skills Ability to work under pressure in a fast-paced environment. Excellent communication and leadership abilities Strong track-record of building and motivating high-performing teams. Bachelor's or master's degree in Computer Science, Engineering, or a related field.The above is not exhaustive. Please forward your CV to discuss this requirement in more detail to (see below) The above is not exhaustive. Please forward your CV to discuss this requirement in more detail to (see below)
13/05/2024
Full time
- Head of Site Reliability/Infrastructure - Glasgow/Hybrid - Excellent Salary & Benefits Package - Immediate Start Fantastic new opportunity to the market to join our Glasgow-based Fintech client, specialising in managed Cloud provision. The business is entering a growth phase and now recruiting for a seasoned Head of Site Reliability with an infrastructure background, as they continue to grow their tech team from their newly opened, state-of-the-art tech hub in Glasgow. This is a key hire and the first in this space, as the business begins to build out their new Site Reliability team. The successful candidate will be responsible for building out the function, providing true leadership and co-ordination, whilst having a breadth of technical know-how. This opportunity is truly greenfield in nature and offers a blank canvas to implement plans and procedures with the aim of improving the infrastructure reliability, security and functionality with automation at the forefront. Reporting into the COO, you will be a natural leader of people and teams, with the goal of collaborating on the design, deployment, and maintenance of the global infrastructure and to provide system support for the Security, Network Operations and Development teams. The role would ideally suit an experienced automation-focused individual with comprehensive working infrastructure knowledge of Windows and Linux environments (RHEL, Ubuntu), as well as network operating systems experience. Commercial use of Infrastructure-As-Code (IAC) tooling such as Terraform and Ansible is also beneficial. Candidates who are proactive and dedicated are preferred, as this role is highly visible. You will also be a significant contributor to the team's IT success, supporting and delivering infrastructure and solutions and working directly with data centre, network, software development and project teams alike. Key Skills & Experience Proven experience in a site reliability engineering, DevOps, or similar role, with multiple years in a leadership position. Extensive background in cloud computing services (AWS, Google Cloud or Azure) Container orchestration technology exposure (eg Kubernetes). Proficiency in automation Knowledge of Scripting languages (Python, Shell or Go). Knowledge of Cyber Security principles and best practices. Knowledge of regulatory environments and compliance standards Exceptional problem-solving skills Ability to work under pressure in a fast-paced environment. Excellent communication and leadership abilities Strong track-record of building and motivating high-performing teams. Bachelor's or master's degree in Computer Science, Engineering, or a related field.The above is not exhaustive. Please forward your CV to discuss this requirement in more detail to (see below) The above is not exhaustive. Please forward your CV to discuss this requirement in more detail to (see below)
DevSecOps Senior & Team Lead (Public Transport) 50% remote, 50% on-site in Brussels Do you want to lead a high-performing DevSecOps team and make a real impact in the public transport sector? We are looking for a talented and experienced DevSecOps Senior & Team Lead to join my client's team. In this role, you will be responsible for leading a team of technical professionals and driving innovation in our DevSecOps practices. About the role Lead and motivate a team of 6-10 engineers (junior, mid-level, and senior) Foster a collaborative and positive work environment Ensure efficient and timely delivery of projects Manage budgets and resources effectively Possess excellent communication and interpersonal skills Be able to work effectively under pressure and prioritize tasks Work with a customer-centric approach and maintain confidentiality Technical Skills and Experience Master's degree in engineering or computer science (or equivalent experience) Proven experience leading a technical team Experience with Agile methodologies Strong understanding of Linux operating systems (Red Hat) and Scripting (Bash, Python) Fluency in Dutch, French, and English Solid experience with cybersecurity for OT infrastructure Experience working in a production environment Basic knowledge of Javascript and Java Basic understanding of network administration (Routers, Switches, VPNs, Firewalls) A plus: Certifications: CISSP, CISM, ISO 27001 Experience with DevSecOps tools: Puppet (open source), Ansible Monitoring tools: Zabbix, Nagios Logging and analytics: Elastic Stack (including Kibana) Database technologies: MySQL, PostgreSQL Atlassian suite (Jira, Confluence, Git) VMWare (vCenter) Git version control Configuration Management Databases (CMDBs) like GLPI For immediate consideration, please forward your latest CV.
13/05/2024
Project-based
DevSecOps Senior & Team Lead (Public Transport) 50% remote, 50% on-site in Brussels Do you want to lead a high-performing DevSecOps team and make a real impact in the public transport sector? We are looking for a talented and experienced DevSecOps Senior & Team Lead to join my client's team. In this role, you will be responsible for leading a team of technical professionals and driving innovation in our DevSecOps practices. About the role Lead and motivate a team of 6-10 engineers (junior, mid-level, and senior) Foster a collaborative and positive work environment Ensure efficient and timely delivery of projects Manage budgets and resources effectively Possess excellent communication and interpersonal skills Be able to work effectively under pressure and prioritize tasks Work with a customer-centric approach and maintain confidentiality Technical Skills and Experience Master's degree in engineering or computer science (or equivalent experience) Proven experience leading a technical team Experience with Agile methodologies Strong understanding of Linux operating systems (Red Hat) and Scripting (Bash, Python) Fluency in Dutch, French, and English Solid experience with cybersecurity for OT infrastructure Experience working in a production environment Basic knowledge of Javascript and Java Basic understanding of network administration (Routers, Switches, VPNs, Firewalls) A plus: Certifications: CISSP, CISM, ISO 27001 Experience with DevSecOps tools: Puppet (open source), Ansible Monitoring tools: Zabbix, Nagios Logging and analytics: Elastic Stack (including Kibana) Database technologies: MySQL, PostgreSQL Atlassian suite (Jira, Confluence, Git) VMWare (vCenter) Git version control Configuration Management Databases (CMDBs) like GLPI For immediate consideration, please forward your latest CV.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
10/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
10/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.