Security Analyst - Hybrid - 3 days on site - Nottinghamshire Main Responsibilities: - Triage, analyse and investigate alerts, log data and network traffic using security tools to identify cyber-attacks/security incidents. This includes the investigation and root cause analysis of potential security incidents. - Proactively investigate potential security breaches by utilising threat intelligence and internal and external security systems and provide subject matter expertise for technical responses to confirmed cyber security incidents. - Create and maintain the clients target cyber security architecture. - Deliver subject matter expertise to key stakeholders to drive the implementation of security controls to meet the target architecture. - Accountable for vulnerability scanning, including the prioritisation of unpatched vulnerabilities and reporting against agreed KPIs and KRIs. - Support the annual penetration testing schedule by arranging penetration testing, including tracking, and communicating penetration testing results. - Perform supplementary testing of clients detection and response controls by procuring, installing, and running penetration testing tooling. - Participate in process improvement work to automate and improve critical cyber security processes such as monitoring, patching, and hardening. - Develop and maintain process documentation for security architecture, vulnerability management, cyber incident response, and playbooks. - Provide security representation across multiple geographies, business units and teams to achieve objectives, including engagement with the Information Security Enhancement Office. Skills, Knowledge and Experience - Has obtained one or more of the following qualifications: CEH, CRTSA, and OSCP. - Qualifications such as CISSP and CISM would be advantageous. - Problem solving skills, and the ability to come up with new solutions to existing challenges. - Strengths in key 'soft skill' areas such as relationship management, communication, and presentation of technical security information to a variety of audiences. - Technical skills to investigate potential breaches through existing tools, packet capture and log file analysis. - A logical mindset, the ability to identify proportionate, appropriate mitigations to identified security incidents, and to prioritise incidents based on risk. - Capable of working independently/without ongoing supervision on projects and day to day tasks. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
23/04/2024
Full time
Security Analyst - Hybrid - 3 days on site - Nottinghamshire Main Responsibilities: - Triage, analyse and investigate alerts, log data and network traffic using security tools to identify cyber-attacks/security incidents. This includes the investigation and root cause analysis of potential security incidents. - Proactively investigate potential security breaches by utilising threat intelligence and internal and external security systems and provide subject matter expertise for technical responses to confirmed cyber security incidents. - Create and maintain the clients target cyber security architecture. - Deliver subject matter expertise to key stakeholders to drive the implementation of security controls to meet the target architecture. - Accountable for vulnerability scanning, including the prioritisation of unpatched vulnerabilities and reporting against agreed KPIs and KRIs. - Support the annual penetration testing schedule by arranging penetration testing, including tracking, and communicating penetration testing results. - Perform supplementary testing of clients detection and response controls by procuring, installing, and running penetration testing tooling. - Participate in process improvement work to automate and improve critical cyber security processes such as monitoring, patching, and hardening. - Develop and maintain process documentation for security architecture, vulnerability management, cyber incident response, and playbooks. - Provide security representation across multiple geographies, business units and teams to achieve objectives, including engagement with the Information Security Enhancement Office. Skills, Knowledge and Experience - Has obtained one or more of the following qualifications: CEH, CRTSA, and OSCP. - Qualifications such as CISSP and CISM would be advantageous. - Problem solving skills, and the ability to come up with new solutions to existing challenges. - Strengths in key 'soft skill' areas such as relationship management, communication, and presentation of technical security information to a variety of audiences. - Technical skills to investigate potential breaches through existing tools, packet capture and log file analysis. - A logical mindset, the ability to identify proportionate, appropriate mitigations to identified security incidents, and to prioritise incidents based on risk. - Capable of working independently/without ongoing supervision on projects and day to day tasks. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
Cyber Defence Engineer - DV Clearance Required! The Cyber Defence Engineer will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extensions Corsham (4 days on site) What we're looking for: Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Experience using virtualisation software. Excellent communication skills Experience of writing Defence/Government documentation Someone hands on. Responsibilities include: Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further.
23/04/2024
Project-based
Cyber Defence Engineer - DV Clearance Required! The Cyber Defence Engineer will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extensions Corsham (4 days on site) What we're looking for: Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Experience using virtualisation software. Excellent communication skills Experience of writing Defence/Government documentation Someone hands on. Responsibilities include: Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further.
Cyber Defence Engineer - DV Clearance Required! The Cyber Defence Engineer will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extensions Corsham (4 days on site) What we're looking for: Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Experience using virtualisation software. Excellent communication skills Experience of writing Defence/Government documentation Someone hands on. Responsibilities include: Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further.
23/04/2024
Project-based
Cyber Defence Engineer - DV Clearance Required! The Cyber Defence Engineer will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extensions Corsham (4 days on site) What we're looking for: Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Experience using virtualisation software. Excellent communication skills Experience of writing Defence/Government documentation Someone hands on. Responsibilities include: Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further.
Our client are a leading Multi-channel retailer FTSE250 group based in Northampton and are looking for a Security Architect to join their existing team of Architects - the role is Hybrid with 2 days a week expectation in office, 3 can be from home. Security Architect You will play an integral role in growing the team of architects while demonstrating your leadership values through delegation, motivation and trust. You will not just lead, but you will "do". Their culture is exploring, thinking and doing, and you will live this every single day. Some accountabilities of the role: Domain Architect for the Security Domain, you are ultimately accountable for the as-is and target security architectures for the group, working closely with all stakeholders including technical teams, senior stakeholders and external vendors and partners. DevSecOps Work with the technical teams to embed a DevSecOps culture in the Group Technology and Data function, acting as an evangelist of this approach to bring colleagues at all levels on the journey. Mentor through the adoption of a learning mindset and contribute back to practice and technology teams. Whether you lead team members directly or influence more junior architects through mentorship, coaching and architecture reviews, you will help nurture the next generation of talent. Practice developer Contributing to the evolution of the architecture design process, ensuring it is effective and efficient through maintaining the artefacts, conventions and knowledge sharing Your background A confirmed background in hands on information security with extensive real-world experience of working in an agile product development model as well as large systems integration programs, comfortable in tailoring your ways of working to fit with the delivery approach. You keep on top of the changing security technology landscape, grasp the relevance of emerging trends and help the technology team navigate the constantly shifting threat landscape. You are comfortable rolling up your sleeves, getting involved, breaking down silos, and making security a core part of the delivery teams to enable them to succeed. Experience in leading and inspiring colleagues to accomplish exceptional outcomes while building a nurturing, respectful and supportive culture. What's in it for you? You'll be supported by some fantastic training and development and have the opportunity to learn, grow and develop across the Group. They'll also equip you with a benefits package that grows as you grow with the company: Competitive bonus Car allowance Save-as-you-earn scheme Buy-as-you-earn scheme Contributory pension scheme Colleague discount across a variety of Group businesses A bit about them As the largest distributor of building materials in the UK, they have been helping to build Britain for over 200 years. With over 5 businesses, 16,000 colleagues and more than 1,200 branches, stores and sites around the UK they believe they have the best people and the best place to work. Everyone works hard together to deliver results, but most importantly, have some fun along the way. security analyst architect agile architect architecture risk governance compliance cloud pci dss security agile cyber retail northampton bedford milton keynes rugby bicester oxford hybrid devsecops devsecops information security it process audit security analyst architect agile architect architecture risk governance compliance cloud pci dss security agile cyber retail northampton bedford milton keynes rugby bicester oxford hybrid devsecops devsecops information security it process audit security analyst architect agile architect architecture risk governance compliance cloud pci dss security agile cyber retail northampton bedford milton keynes rugby bicester oxford hybrid devsecops devsecops information security it process audit IT stores retail
19/04/2024
Full time
Our client are a leading Multi-channel retailer FTSE250 group based in Northampton and are looking for a Security Architect to join their existing team of Architects - the role is Hybrid with 2 days a week expectation in office, 3 can be from home. Security Architect You will play an integral role in growing the team of architects while demonstrating your leadership values through delegation, motivation and trust. You will not just lead, but you will "do". Their culture is exploring, thinking and doing, and you will live this every single day. Some accountabilities of the role: Domain Architect for the Security Domain, you are ultimately accountable for the as-is and target security architectures for the group, working closely with all stakeholders including technical teams, senior stakeholders and external vendors and partners. DevSecOps Work with the technical teams to embed a DevSecOps culture in the Group Technology and Data function, acting as an evangelist of this approach to bring colleagues at all levels on the journey. Mentor through the adoption of a learning mindset and contribute back to practice and technology teams. Whether you lead team members directly or influence more junior architects through mentorship, coaching and architecture reviews, you will help nurture the next generation of talent. Practice developer Contributing to the evolution of the architecture design process, ensuring it is effective and efficient through maintaining the artefacts, conventions and knowledge sharing Your background A confirmed background in hands on information security with extensive real-world experience of working in an agile product development model as well as large systems integration programs, comfortable in tailoring your ways of working to fit with the delivery approach. You keep on top of the changing security technology landscape, grasp the relevance of emerging trends and help the technology team navigate the constantly shifting threat landscape. You are comfortable rolling up your sleeves, getting involved, breaking down silos, and making security a core part of the delivery teams to enable them to succeed. Experience in leading and inspiring colleagues to accomplish exceptional outcomes while building a nurturing, respectful and supportive culture. What's in it for you? You'll be supported by some fantastic training and development and have the opportunity to learn, grow and develop across the Group. They'll also equip you with a benefits package that grows as you grow with the company: Competitive bonus Car allowance Save-as-you-earn scheme Buy-as-you-earn scheme Contributory pension scheme Colleague discount across a variety of Group businesses A bit about them As the largest distributor of building materials in the UK, they have been helping to build Britain for over 200 years. With over 5 businesses, 16,000 colleagues and more than 1,200 branches, stores and sites around the UK they believe they have the best people and the best place to work. Everyone works hard together to deliver results, but most importantly, have some fun along the way. security analyst architect agile architect architecture risk governance compliance cloud pci dss security agile cyber retail northampton bedford milton keynes rugby bicester oxford hybrid devsecops devsecops information security it process audit security analyst architect agile architect architecture risk governance compliance cloud pci dss security agile cyber retail northampton bedford milton keynes rugby bicester oxford hybrid devsecops devsecops information security it process audit security analyst architect agile architect architecture risk governance compliance cloud pci dss security agile cyber retail northampton bedford milton keynes rugby bicester oxford hybrid devsecops devsecops information security it process audit IT stores retail
Cyber Defence Analyst - DV Clearance Required! The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extension Northallerton What we're looking for: * Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks * Skilled in maintaining Microsoft directory services. * Experience using virtualisation software. * Excellent communication skills * Experience of writing Defence/Government documentation Responsibilities include: * Develop and integrate security event monitoring and incident management services. * Respond to security incidents as they occur as part of an incident response team. * Implement metrics and dashboards to give visibility of the Enterprise infrastructure. * Produce documentation to ensure the repeatability and standardisation of security operating procedures. * Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further.
18/04/2024
Project-based
Cyber Defence Analyst - DV Clearance Required! The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extension Northallerton What we're looking for: * Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks * Skilled in maintaining Microsoft directory services. * Experience using virtualisation software. * Excellent communication skills * Experience of writing Defence/Government documentation Responsibilities include: * Develop and integrate security event monitoring and incident management services. * Respond to security incidents as they occur as part of an incident response team. * Implement metrics and dashboards to give visibility of the Enterprise infrastructure. * Produce documentation to ensure the repeatability and standardisation of security operating procedures. * Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further.
Cyber Defence Analyst - DV Clearance Required! The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extensio Corsham What we're looking for: * Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks . Skilled in maintaining Microsoft directory services. . Experience using virtualisation software. . Excellent communication skills . Experience of writing Defence/Government documentation Responsibilities include: * Develop and integrate security event monitoring and incident management services. . Respond to security incidents as they occur as part of an incident response team. . Implement metrics and dashboards to give visibility of the Enterprise infrastructure. . Produce documentation to ensure the repeatability and standardisation of security operating procedures. . Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further.
18/04/2024
Project-based
Cyber Defence Analyst - DV Clearance Required! The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extensio Corsham What we're looking for: * Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks . Skilled in maintaining Microsoft directory services. . Experience using virtualisation software. . Excellent communication skills . Experience of writing Defence/Government documentation Responsibilities include: * Develop and integrate security event monitoring and incident management services. . Respond to security incidents as they occur as part of an incident response team. . Implement metrics and dashboards to give visibility of the Enterprise infrastructure. . Produce documentation to ensure the repeatability and standardisation of security operating procedures. . Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further.
Cyber Defence Analyst - DV Clearance Required! The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extensio Portsmouth What we're looking for: * Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks * Skilled in maintaining Microsoft directory services. * Experience using virtualisation software. * Excellent communication skills * Experience of writing Defence/Government documentation Responsibilities include: * Develop and integrate security event monitoring and incident management services. * Respond to security incidents as they occur as part of an incident response team. * Implement metrics and dashboards to give visibility of the Enterprise infrastructure. * Produce documentation to ensure the repeatability and standardisation of security operating procedures. * Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further.
18/04/2024
Project-based
Cyber Defence Analyst - DV Clearance Required! The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extensio Portsmouth What we're looking for: * Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks * Skilled in maintaining Microsoft directory services. * Experience using virtualisation software. * Excellent communication skills * Experience of writing Defence/Government documentation Responsibilities include: * Develop and integrate security event monitoring and incident management services. * Respond to security incidents as they occur as part of an incident response team. * Implement metrics and dashboards to give visibility of the Enterprise infrastructure. * Produce documentation to ensure the repeatability and standardisation of security operating procedures. * Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further.