Senior Cyber Security Architect Salary upto £80,000 Description: Since our establishment in 1990, Methods has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK. Our mission is to improve and safeguard public-facing services. We apply digital thinking to ensure the future of our public services is centred around our citizens. Our human touch sets us apart from other consultancies, system integrators and software houses - we have a customer-centric value system whereby we focus on delivering what is right for our clients. We passionately support our clients in the success of their projects while working collaboratively to share skill sets and solve problems. At Methods we have fun while working hard; we are not afraid of making mistakes and learning from them. Methods are experts in delivering secure, resilient cyber and information services - keeping systems and data safe. We help reduce risk and vulnerabilities from cyber-attacks by developing a security road-map tailored to your unique needs. We help organisations improve processes such as threat management by building an identity management programme, and establishing prevention, detection and response capabilities to cyber-attacks. Requirements Ability to research, articulate, pitch complex and innovative security advice, at both business and technical levels, for new or existing problems, with the objective to justify and communicate decisions directly to key customer stakeholders including senior management. Able to understand and comprehend the impact of decisions, balancing requirements and deciding between approaches Develop vision, principles and strategy for security for multiple projects or technologies; working in a particular field as subject matter expert, to support a team in delivering engagements at scale, which may require subtle security needs and requirements, contributing to development of information security policy, standards, procedures and guidelines. Effective business acumen and an understanding of the cyber security challenges faced by client, with the objective to develop our cyber assurance practice, by supporting business development and practice management. Experience of identifying and applying security risk and familiarity with common control frameworks, with the ability investigating major breaches of security and recommending appropriate control improvements. Maintaining awareness of key business and industry trends and understanding how they impact responses to cyber risk, with the contribution of the development of our team through training and coaching. Managing, delivering, leading cyber security and cyber risk assignments, with the management of portfolio of clients, across a variety of sectors and locations, including producing documentation, presentation, reports, recommendations and quality assuring, for the work produced by team members and being the point of escalation for lower grade roles. Providing our clients with trusted advice, rooted in a pragmatic and agnostic understanding of their business situation and objectives, to help them navigate complex, risk-driven cyber decisions. Working as a subject matter expert in your particular field, owning and delivering initiatives to embed quality through learning and other activity, working seamlessly and collaboratively with colleagues and clients from other service lines, supporting a team or colleagues to deliver engagements at scale, with the appropriate reach and influence across the teams and communities. Managing diverse teams within an inclusive team culture where people are recognised and encouraged for their contribution. Essential Skills and Experience: An experienced consultant with a background in Cyber Security Minimum 5-7 years of experience in Information Security related positions Minimum 3-5 years of experience in security architecture Cyber Security Certification eg ISC2 CISSP, ISC2 CCSP, ISACA CISM or similar Certification in AWS or Azure for Architecture and Security or similar IASME/Cyber Essentials Plus Certified Expert knowledge of secure network architecture and technical design Experience in creating secure architecture in either AWS and/or Azure Experience providing expert strategy, risk and technical advice, guidance and support on cyber security, both in business-as-usual and for live and planned projects within our clients' business. Expected to be the point of escalation for architects in lower grade roles and lead technical design of systems and services Broad range of cyber and information security skills, knowledge and experience such as security threats and vulnerabilities that impact/and/or emanate from system hardware, software and other infrastructure components, and relevant strategies, controls and activities to prevent, mitigate, detect and resolve security incidents affecting system hardware, software and other infrastructure components. Experience in gap analysis for specific domains, identify gaps in existing capabilities, service maturity. Identify missing cybersecurity and cyber-resiliency capabilities in alignment with changing business needs, threat land scape and technical requirements to increase the quality of the selected solutions also including topics such as products' convergence over time and products decommissioning. Expert knowledge of identifying, developing and communicating threat modelling and understanding the impact of decisions, balancing requirements and deciding between approaches Research and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate subtle design decisions Able to develop vision, principles and strategy for security architects for projects or technologies Demonstrably experienced in working as an effective member of a multi-disciplinary team and reach & influence a wide range of people across larger teams and communities. Excellent stakeholder management, presentation and communication skills, with the ability to interact with senior stakeholders across department and clients Pro-active approach to personal and professional development. Work closely with your peers in the security architecture group, service and solution architects, engineers, project teams. Must hold, or be able to hold, an HMG Security Check (SC) clearance. Ability to apply standards, practices, codes and assessment of certification programmes relevant to the IT industry and the specific organisation or business domain. Experience in writing and creating Cyber Security documents ie Risk Assessments, ESRM, DPIA etc and produce particular patterns and support quality assurance Knowledge of the IT/IS infrastructure (eg databases and LANs) and the IT applications and service processes used within own organisation, including those associated with sustainability and efficiency. Ability to use any tool or system which provides security access control (eg Active Directory) Showing proficiency in the principles and application of cloud/virtualisation (including ownership responsibilities and security implications) and be able to use tools and systems to manage virtualised environments eg Server/desktop virtualisation and SDDC (Software Defined Data Centre). Benefits Holiday: 25 days a year, plus bank holidays, with the option to buy 5 extra days each year Pension: 4% employer contribution and 5% employee contribution Discretionary bonus: based on company and individual performance Life assurance: 4 times base salary Private medical insurance: non-contributory (spouse and dependants included) Worldwide travel insurance: non-contributory (spouse and dependants included) Enhanced maternity and paternity leave after 18 months service Wellness: 24/7 confidential employee assistance programme, including counselling Social: Parties and social events, and commitment to charitable causes Professional development: access to LinkedIn Learning, and discretionary training budget Travel: season ticket loan, cycle to work scheme Development access to LinkedIn Learning, a management development programme and training Wellness 24/7 Confidential employee assistance programme
18/04/2024
Full time
Senior Cyber Security Architect Salary upto £80,000 Description: Since our establishment in 1990, Methods has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK. Our mission is to improve and safeguard public-facing services. We apply digital thinking to ensure the future of our public services is centred around our citizens. Our human touch sets us apart from other consultancies, system integrators and software houses - we have a customer-centric value system whereby we focus on delivering what is right for our clients. We passionately support our clients in the success of their projects while working collaboratively to share skill sets and solve problems. At Methods we have fun while working hard; we are not afraid of making mistakes and learning from them. Methods are experts in delivering secure, resilient cyber and information services - keeping systems and data safe. We help reduce risk and vulnerabilities from cyber-attacks by developing a security road-map tailored to your unique needs. We help organisations improve processes such as threat management by building an identity management programme, and establishing prevention, detection and response capabilities to cyber-attacks. Requirements Ability to research, articulate, pitch complex and innovative security advice, at both business and technical levels, for new or existing problems, with the objective to justify and communicate decisions directly to key customer stakeholders including senior management. Able to understand and comprehend the impact of decisions, balancing requirements and deciding between approaches Develop vision, principles and strategy for security for multiple projects or technologies; working in a particular field as subject matter expert, to support a team in delivering engagements at scale, which may require subtle security needs and requirements, contributing to development of information security policy, standards, procedures and guidelines. Effective business acumen and an understanding of the cyber security challenges faced by client, with the objective to develop our cyber assurance practice, by supporting business development and practice management. Experience of identifying and applying security risk and familiarity with common control frameworks, with the ability investigating major breaches of security and recommending appropriate control improvements. Maintaining awareness of key business and industry trends and understanding how they impact responses to cyber risk, with the contribution of the development of our team through training and coaching. Managing, delivering, leading cyber security and cyber risk assignments, with the management of portfolio of clients, across a variety of sectors and locations, including producing documentation, presentation, reports, recommendations and quality assuring, for the work produced by team members and being the point of escalation for lower grade roles. Providing our clients with trusted advice, rooted in a pragmatic and agnostic understanding of their business situation and objectives, to help them navigate complex, risk-driven cyber decisions. Working as a subject matter expert in your particular field, owning and delivering initiatives to embed quality through learning and other activity, working seamlessly and collaboratively with colleagues and clients from other service lines, supporting a team or colleagues to deliver engagements at scale, with the appropriate reach and influence across the teams and communities. Managing diverse teams within an inclusive team culture where people are recognised and encouraged for their contribution. Essential Skills and Experience: An experienced consultant with a background in Cyber Security Minimum 5-7 years of experience in Information Security related positions Minimum 3-5 years of experience in security architecture Cyber Security Certification eg ISC2 CISSP, ISC2 CCSP, ISACA CISM or similar Certification in AWS or Azure for Architecture and Security or similar IASME/Cyber Essentials Plus Certified Expert knowledge of secure network architecture and technical design Experience in creating secure architecture in either AWS and/or Azure Experience providing expert strategy, risk and technical advice, guidance and support on cyber security, both in business-as-usual and for live and planned projects within our clients' business. Expected to be the point of escalation for architects in lower grade roles and lead technical design of systems and services Broad range of cyber and information security skills, knowledge and experience such as security threats and vulnerabilities that impact/and/or emanate from system hardware, software and other infrastructure components, and relevant strategies, controls and activities to prevent, mitigate, detect and resolve security incidents affecting system hardware, software and other infrastructure components. Experience in gap analysis for specific domains, identify gaps in existing capabilities, service maturity. Identify missing cybersecurity and cyber-resiliency capabilities in alignment with changing business needs, threat land scape and technical requirements to increase the quality of the selected solutions also including topics such as products' convergence over time and products decommissioning. Expert knowledge of identifying, developing and communicating threat modelling and understanding the impact of decisions, balancing requirements and deciding between approaches Research and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate subtle design decisions Able to develop vision, principles and strategy for security architects for projects or technologies Demonstrably experienced in working as an effective member of a multi-disciplinary team and reach & influence a wide range of people across larger teams and communities. Excellent stakeholder management, presentation and communication skills, with the ability to interact with senior stakeholders across department and clients Pro-active approach to personal and professional development. Work closely with your peers in the security architecture group, service and solution architects, engineers, project teams. Must hold, or be able to hold, an HMG Security Check (SC) clearance. Ability to apply standards, practices, codes and assessment of certification programmes relevant to the IT industry and the specific organisation or business domain. Experience in writing and creating Cyber Security documents ie Risk Assessments, ESRM, DPIA etc and produce particular patterns and support quality assurance Knowledge of the IT/IS infrastructure (eg databases and LANs) and the IT applications and service processes used within own organisation, including those associated with sustainability and efficiency. Ability to use any tool or system which provides security access control (eg Active Directory) Showing proficiency in the principles and application of cloud/virtualisation (including ownership responsibilities and security implications) and be able to use tools and systems to manage virtualised environments eg Server/desktop virtualisation and SDDC (Software Defined Data Centre). Benefits Holiday: 25 days a year, plus bank holidays, with the option to buy 5 extra days each year Pension: 4% employer contribution and 5% employee contribution Discretionary bonus: based on company and individual performance Life assurance: 4 times base salary Private medical insurance: non-contributory (spouse and dependants included) Worldwide travel insurance: non-contributory (spouse and dependants included) Enhanced maternity and paternity leave after 18 months service Wellness: 24/7 confidential employee assistance programme, including counselling Social: Parties and social events, and commitment to charitable causes Professional development: access to LinkedIn Learning, and discretionary training budget Travel: season ticket loan, cycle to work scheme Development access to LinkedIn Learning, a management development programme and training Wellness 24/7 Confidential employee assistance programme
UNIX System Administrator Whitehall Resources are currently looking for a UNIX System Administrator based onsite 2-3 days a week in Bedfordshire for a 7-month contract. * INSIDE IR35.* Main Responsibilities: Provide technical expertise for planning and defining upgrade requirements and helping identify with the administrators' issues when discovered. Ensure adherence to quality standards as defined by the IT Organization Ensure appropriate response to audit/vulnerability assessment findings and recommendations. Perform patch management. Participate in meetings with UNIX service customers to define new system requirements and provide recommendations based on experience, company policies and best practices. Provide understanding of development team on release issues and patch management windows using Jira and other tracking tools for release/patch management Ensure that an up-to-date asset vulnerability inventory for all technology assets. Accountable to ensure adherence with Security and Compliance policies and procedures within Technical Operations service scope. Ensure addition, modification, or removal of any IT asset in a standard and controlled manner. Ensure that CIs are identified, accounted, reported, verified, and audited. Key Skills: Previous experience working as a UNIX System Administrator in an enterprise high availability environment with extensive knowledge of UNIX operating systems - Solaris/RHEL Experience in Operating system/Middleware hardening and security audits. Experience of using QualysGuard Enterprise suite Understanding of CVVS scoring and experience of managing and prioritizing vulnerabilities accordingly Experience utilizing ldap/pam for UNIX authentications and access. Experience of ITIL processes Good understanding of best practice within the Unix technology stack Understanding of CVEs and the remediation with a good understanding of security Good understanding of: Configuration parameters in Apache, Tomcat Administrative security settings in AIX, Solaris, RHEL Common infrastructure, including Active Directory, GPO and Kerberos All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description. Whitehall Resources are an equal opportunities employer who value a diverse and inclusive working environment. All qualified applicants will receive consideration for employment without regard to race, religion, gender identity or expression, sexual orientation, national origin, pregnancy, disability, age, veteran status, or other characteristics.
18/04/2024
Project-based
UNIX System Administrator Whitehall Resources are currently looking for a UNIX System Administrator based onsite 2-3 days a week in Bedfordshire for a 7-month contract. * INSIDE IR35.* Main Responsibilities: Provide technical expertise for planning and defining upgrade requirements and helping identify with the administrators' issues when discovered. Ensure adherence to quality standards as defined by the IT Organization Ensure appropriate response to audit/vulnerability assessment findings and recommendations. Perform patch management. Participate in meetings with UNIX service customers to define new system requirements and provide recommendations based on experience, company policies and best practices. Provide understanding of development team on release issues and patch management windows using Jira and other tracking tools for release/patch management Ensure that an up-to-date asset vulnerability inventory for all technology assets. Accountable to ensure adherence with Security and Compliance policies and procedures within Technical Operations service scope. Ensure addition, modification, or removal of any IT asset in a standard and controlled manner. Ensure that CIs are identified, accounted, reported, verified, and audited. Key Skills: Previous experience working as a UNIX System Administrator in an enterprise high availability environment with extensive knowledge of UNIX operating systems - Solaris/RHEL Experience in Operating system/Middleware hardening and security audits. Experience of using QualysGuard Enterprise suite Understanding of CVVS scoring and experience of managing and prioritizing vulnerabilities accordingly Experience utilizing ldap/pam for UNIX authentications and access. Experience of ITIL processes Good understanding of best practice within the Unix technology stack Understanding of CVEs and the remediation with a good understanding of security Good understanding of: Configuration parameters in Apache, Tomcat Administrative security settings in AIX, Solaris, RHEL Common infrastructure, including Active Directory, GPO and Kerberos All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description. Whitehall Resources are an equal opportunities employer who value a diverse and inclusive working environment. All qualified applicants will receive consideration for employment without regard to race, religion, gender identity or expression, sexual orientation, national origin, pregnancy, disability, age, veteran status, or other characteristics.
Request Technology - Craig Johnson
San Francisco, California
*We are unable to sponsor for this 6+ Month Contract role* Prestigious Fortune 500 Company is currently seeking a Security Red Team Operator. Candidate will take a structured approach to Red Team operations (ie, testing in lab environments, creating and operating according to runbooks and SOPs, writing detailed after-action reports, participating in daily operation syncs). This is currently a two-person team. As such, the candidate will need to be a highly motivated, self-sufficient, and capable of collaborating on a small team where consensus is a must for operations to be successful. This role will also be involved in our Tabletop Exercise planning and execution, and therefore, will need excellent written and oral communication skills when dealing with all levels of the organization, from executives to individual contributors. The Red team is responsible for testing the overall strength of our organizations defenses (the technology, the processes, and the people) by simulating the objectives and actions of an attacker. Responsibilities: Perform internal and external penetration testing of network infrastructure and applications Perform Red team assessments including physical, social engineering, and network exploitation Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases Perform network reconnaissance, OSINT, social engineering, and physical security reviews Participate in regular exercises and perform adversary simulations to test defense controls Assist with scoping prospective engagements, leading engagements from kickoff through remediation Work closely with Blue team to test efficacy of existing alerts and help create new detection. Create findings reports and communicate to stakeholders Contribute to enhancing the teams toolkit Write custom scripts to automate tasks related to finding new vulnerabilities Maintain runbooks to continually improve penetration testing methodologies and threat modelling. Qualifications : 5+ years of experience in Penetration testing, Red Team and Purple Team Bachelor of Science in Engineering, Computer Science, Information Technology, or equivalent work experience Advanced knowledge in common penetration testing tools (Metasploit, Burp Suite, Cobalt Strike, Empire, KALI Linux etc.) Must have a demonstrable understanding of voice and data networks, major operating systems, Active Directory, cloud technologies Must demonstrate knowledge of MITREs ATT&CK framework, execute and chain TTPs Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms. Ability to optimally code in a Scripting language (Python, Bash, PowerShell, Perl, etc.) OSCP
17/04/2024
Project-based
*We are unable to sponsor for this 6+ Month Contract role* Prestigious Fortune 500 Company is currently seeking a Security Red Team Operator. Candidate will take a structured approach to Red Team operations (ie, testing in lab environments, creating and operating according to runbooks and SOPs, writing detailed after-action reports, participating in daily operation syncs). This is currently a two-person team. As such, the candidate will need to be a highly motivated, self-sufficient, and capable of collaborating on a small team where consensus is a must for operations to be successful. This role will also be involved in our Tabletop Exercise planning and execution, and therefore, will need excellent written and oral communication skills when dealing with all levels of the organization, from executives to individual contributors. The Red team is responsible for testing the overall strength of our organizations defenses (the technology, the processes, and the people) by simulating the objectives and actions of an attacker. Responsibilities: Perform internal and external penetration testing of network infrastructure and applications Perform Red team assessments including physical, social engineering, and network exploitation Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases Perform network reconnaissance, OSINT, social engineering, and physical security reviews Participate in regular exercises and perform adversary simulations to test defense controls Assist with scoping prospective engagements, leading engagements from kickoff through remediation Work closely with Blue team to test efficacy of existing alerts and help create new detection. Create findings reports and communicate to stakeholders Contribute to enhancing the teams toolkit Write custom scripts to automate tasks related to finding new vulnerabilities Maintain runbooks to continually improve penetration testing methodologies and threat modelling. Qualifications : 5+ years of experience in Penetration testing, Red Team and Purple Team Bachelor of Science in Engineering, Computer Science, Information Technology, or equivalent work experience Advanced knowledge in common penetration testing tools (Metasploit, Burp Suite, Cobalt Strike, Empire, KALI Linux etc.) Must have a demonstrable understanding of voice and data networks, major operating systems, Active Directory, cloud technologies Must demonstrate knowledge of MITREs ATT&CK framework, execute and chain TTPs Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms. Ability to optimally code in a Scripting language (Python, Bash, PowerShell, Perl, etc.) OSCP
Looking for ForgeRock Identity Cloud SME: Job Description for ForgeRock: 5 years of experience on Implementation, Configuration, Development and administration and Operations using ForgeRock CIAM solutions - On-premise and Cloud. Experience in developing ForgeRock OpenAM/AM Custom Authentication modules. Hands-on experience in the installation and configuration of ForgeRock OpenAM on Windows, UNIX/Linux platforms with Open DJ/Active Directory/LDAP. Experience in implementing Single Sign-On/Social Sign-On/Mobile Authentication & Authorization/Intelligent Authentication/Federation/Web & API Protection/MFA/Self-Service for applications using OpenAM. Strong understanding of ForgeRock Directory Services(Open DS), Oracle Unified Directory, ForgeRock Access Manager (OpenAM), ForgeRock Identity Gateway. Experience in session management, authorization policies, adapter & rule/policy customization, adapter customization, UI customization, Fedlet, JavaScript, Groovy, build & deployment. Experience on utilities such as Amster, Configurator, Admin tools, Web Agents and Java Agents. Experience on implementing solutions using SAML, WS-Trust, OAuth, Kerberos, OpenID Connect and REST API. Experience in setting up Authentication Trees of ForgeRock AM. Primary Skills ForgeRock Identity Cloud (at least 2 projects completed) ForgeRock Identity Platform Java/J2EE Secondary Skills CIAM certifications with ForgeRock, OKTA, Auth0, OneLogin, etc. Industry certifications like CISSP, Azure & AWS related certifications would be plus. Note: Support experience on ForgeRock must
17/04/2024
Project-based
Looking for ForgeRock Identity Cloud SME: Job Description for ForgeRock: 5 years of experience on Implementation, Configuration, Development and administration and Operations using ForgeRock CIAM solutions - On-premise and Cloud. Experience in developing ForgeRock OpenAM/AM Custom Authentication modules. Hands-on experience in the installation and configuration of ForgeRock OpenAM on Windows, UNIX/Linux platforms with Open DJ/Active Directory/LDAP. Experience in implementing Single Sign-On/Social Sign-On/Mobile Authentication & Authorization/Intelligent Authentication/Federation/Web & API Protection/MFA/Self-Service for applications using OpenAM. Strong understanding of ForgeRock Directory Services(Open DS), Oracle Unified Directory, ForgeRock Access Manager (OpenAM), ForgeRock Identity Gateway. Experience in session management, authorization policies, adapter & rule/policy customization, adapter customization, UI customization, Fedlet, JavaScript, Groovy, build & deployment. Experience on utilities such as Amster, Configurator, Admin tools, Web Agents and Java Agents. Experience on implementing solutions using SAML, WS-Trust, OAuth, Kerberos, OpenID Connect and REST API. Experience in setting up Authentication Trees of ForgeRock AM. Primary Skills ForgeRock Identity Cloud (at least 2 projects completed) ForgeRock Identity Platform Java/J2EE Secondary Skills CIAM certifications with ForgeRock, OKTA, Auth0, OneLogin, etc. Industry certifications like CISSP, Azure & AWS related certifications would be plus. Note: Support experience on ForgeRock must
DV Cleared SIEM/Incident SME Location: Northallerton/Corsham/Portsmouth Duration: 6 - 12 Months Rate to SSC: Market Rate MUST BE PAYE THROUGH UMBRELLA Role Description: The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
15/04/2024
Project-based
DV Cleared SIEM/Incident SME Location: Northallerton/Corsham/Portsmouth Duration: 6 - 12 Months Rate to SSC: Market Rate MUST BE PAYE THROUGH UMBRELLA Role Description: The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
Robert Half have partnered on an exclsuive business with a growing IT Solutions Provider in central Edinburgh to recruit a Systems Engineer as they continue to grow their technical offering as part of wider business growth. Responsibilities : Implement and support new technology projects/initiatives/onboardings Management of various multi-tenant platforms in a team environment Respond and action alerts from centralised management system Work with remote support teams and respond to escalated issues in a timely fashion Provide SME support to new client onboardings Skills: Highly logical thinker and skilled in identifying root cause and solutions Must be able to work both independently and in project teams Ability to work under pressure and with short deadlines Ability to mitigate risk and engage other team members when needed Must have availability to occasionally work nights and some weekends Strong Technical skills in the following areas: Azure (Cloud Technologies) Office 365 Citrix Netscaler Windows Server Technologies-Active Directory VMWare ESXi/vCenter Veeam Storage (PureStorage/Nimble) Citrix virtual apps and desktops Qualifications: Strong technical skills with public cloud technologies, Azure specifically Minimum 2-3 years' experience in a system engineering role Certifications preferred (Azure Expert, MCSE, VCP, CCP) Understanding of Remote Access/Delivery Platforms (RemoteApp, AVD, XenDesktop) MSP experience preferred Salary/package: £60,000-£65,000 basic salary Hybrid working (1-2 days a week in office) Robert Half Ltd acts as an employment business for temporary positions and an employment agency for permanent positions. Robert Half is committed to equal opportunity and diversity. Suitable candidates with equivalent qualifications and more or less experience can apply. Rates of pay and salary ranges are dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data: Security alert: scammers are currently targeting jobseekers. Robert Half do not ask candidates for a fee or request candidates to send applications through instant messaging services such as WhatsApp or Telegram. Learn how to protect yourself by visiting our website:
15/04/2024
Full time
Robert Half have partnered on an exclsuive business with a growing IT Solutions Provider in central Edinburgh to recruit a Systems Engineer as they continue to grow their technical offering as part of wider business growth. Responsibilities : Implement and support new technology projects/initiatives/onboardings Management of various multi-tenant platforms in a team environment Respond and action alerts from centralised management system Work with remote support teams and respond to escalated issues in a timely fashion Provide SME support to new client onboardings Skills: Highly logical thinker and skilled in identifying root cause and solutions Must be able to work both independently and in project teams Ability to work under pressure and with short deadlines Ability to mitigate risk and engage other team members when needed Must have availability to occasionally work nights and some weekends Strong Technical skills in the following areas: Azure (Cloud Technologies) Office 365 Citrix Netscaler Windows Server Technologies-Active Directory VMWare ESXi/vCenter Veeam Storage (PureStorage/Nimble) Citrix virtual apps and desktops Qualifications: Strong technical skills with public cloud technologies, Azure specifically Minimum 2-3 years' experience in a system engineering role Certifications preferred (Azure Expert, MCSE, VCP, CCP) Understanding of Remote Access/Delivery Platforms (RemoteApp, AVD, XenDesktop) MSP experience preferred Salary/package: £60,000-£65,000 basic salary Hybrid working (1-2 days a week in office) Robert Half Ltd acts as an employment business for temporary positions and an employment agency for permanent positions. Robert Half is committed to equal opportunity and diversity. Suitable candidates with equivalent qualifications and more or less experience can apply. Rates of pay and salary ranges are dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data: Security alert: scammers are currently targeting jobseekers. Robert Half do not ask candidates for a fee or request candidates to send applications through instant messaging services such as WhatsApp or Telegram. Learn how to protect yourself by visiting our website:
2nd Line IT Support Engineer - Bristol area/Gloucestershire | South West Hybrid Role - part office (2 days), part wfh (3 days), part Field Based (once a month) Permanent Salary is up to £31,000 + Bonus + Overtime (if required/not essential) + fantastic other company benefits, excellent opportunities to learn, build skills and fantastic long term career progression An exciting new role has arisen to join a market leading IT solutions provider who support across SME to enterprise clients across the region. Joining a team, you will provide the highest level of support to customers and be involved in upgrade projects for an established & growing client base. We are looking for a candidate that has excellent technical and interpersonal skills with, preferably with experience working for a IT solutions provider previously in an IT Field Service Based role. The company have a fantastic company culture, and heavily invest in their employees. This is a fantastic opportunity to join a successful and established organisation that can offer a long term career with consistent learning and progression. We are seeking a motivated and committed 2nd Line Support Engineer who ideally has worked for a Managed Services Provider, supporting and delivering excellent customer service to external companies, who would like to join an organisation that will certainly return a bright future. Daily Duties and Responsibilities (not limited to!): Troubleshooting 2nd Line Support tickets within a team, dealing with more complex issues that have been escalated from the 1st Line Engineers, proactively monitoring the queue to ensure actions and resolutions within company SLAs to their customers are met Occasionally attending client sites (when required), this can be to deliver IT Services physically, equipment and potentially perform troubleshooting or fault resolution, delivering a high standard of service and being a representative of the Solutions Provider. Maintaining excellent customer service and support, building relationships externally with clients, taking ownership of the support process end to end, and internally to stakeholders and assisting 1st Line Engineers, under the support of a Team Leader Experience and Requirements: At least 24 months in a recent 2nd Line IT Support Engineer position Driving Licence is essential (Automatic is fine) A DBS will be required as part of your successful onboarding Experience supporting and troubleshooting Microsoft Applications, Exchange, 365, Teams, OneDrive, Active Directory, Group Policy etc Windows Server experience, 2012 > 2019, patching, PPM and DR Reports Basic Networking experience, DNS, DHCP, TCP/IP, switching, routing and Firewall configuration, VPN and WAN environments
12/04/2024
Full time
2nd Line IT Support Engineer - Bristol area/Gloucestershire | South West Hybrid Role - part office (2 days), part wfh (3 days), part Field Based (once a month) Permanent Salary is up to £31,000 + Bonus + Overtime (if required/not essential) + fantastic other company benefits, excellent opportunities to learn, build skills and fantastic long term career progression An exciting new role has arisen to join a market leading IT solutions provider who support across SME to enterprise clients across the region. Joining a team, you will provide the highest level of support to customers and be involved in upgrade projects for an established & growing client base. We are looking for a candidate that has excellent technical and interpersonal skills with, preferably with experience working for a IT solutions provider previously in an IT Field Service Based role. The company have a fantastic company culture, and heavily invest in their employees. This is a fantastic opportunity to join a successful and established organisation that can offer a long term career with consistent learning and progression. We are seeking a motivated and committed 2nd Line Support Engineer who ideally has worked for a Managed Services Provider, supporting and delivering excellent customer service to external companies, who would like to join an organisation that will certainly return a bright future. Daily Duties and Responsibilities (not limited to!): Troubleshooting 2nd Line Support tickets within a team, dealing with more complex issues that have been escalated from the 1st Line Engineers, proactively monitoring the queue to ensure actions and resolutions within company SLAs to their customers are met Occasionally attending client sites (when required), this can be to deliver IT Services physically, equipment and potentially perform troubleshooting or fault resolution, delivering a high standard of service and being a representative of the Solutions Provider. Maintaining excellent customer service and support, building relationships externally with clients, taking ownership of the support process end to end, and internally to stakeholders and assisting 1st Line Engineers, under the support of a Team Leader Experience and Requirements: At least 24 months in a recent 2nd Line IT Support Engineer position Driving Licence is essential (Automatic is fine) A DBS will be required as part of your successful onboarding Experience supporting and troubleshooting Microsoft Applications, Exchange, 365, Teams, OneDrive, Active Directory, Group Policy etc Windows Server experience, 2012 > 2019, patching, PPM and DR Reports Basic Networking experience, DNS, DHCP, TCP/IP, switching, routing and Firewall configuration, VPN and WAN environments
Description: General Information: Start date: ASAP Planned duration: 12 months + extension Workplace: Basel Workload: 100% Team: 4 On call: yes (1/months) Background : Are you passionate about Information (IT) and Automation Technology (OT) and aspiring to make a meaningful impact? You are a customer focused individual with aspiration to deliver high quality support in a GMP Lab environment. Behind every product sold by Pharma Global Technical Operations (PT). Starting with Phase I of the development process and continuing through to product maturity, PT makes lifesaving medicines at 11 locations, with the support of partners from around the world. Information (IT) and Automation Technology (OT) teams are key in producing and delivering medicine to patients. The organization is currently undergoing a transformation towards digitalization, advancing fundamental elements to meet future needs, such as leveraging new technologies. You as a System Process Specialist (SPS) will be acting in the 1-Stop-Shop and are part of the support and continuous improvement structure. The System Process Specialist has a profound process understanding and is collaborating with the Business Community to continuously improve business processes and underlying IT Assess & Release applications. By this, he/she acts as a trusted adviser of the end-user/key-user as well as a bridge between the end user and other roles in the Informatics support layers. The SPS can raise incidents on behalf of the user area or work with Process Owner & other local business roles to train (key-)users. In projects, the System Process Specialist can also represent the interests of the systems user group and has the responsibility of coordinating and bringing input from the area of responsibility to the project and communicating project goals, information and progress back to the business areas. The perfect candidate is familiar with ITSM processes and support tools for incident and change management. Also we are looking for someone who works independently within guidelines while receiving minimal guidance. Tasks & Responsibilities: End-User-Support Laboratory Systems End to End accountability for Assess & Release System support Responsible for Assess & Release System support Responsible for 24/7 on-call, nights and weekends on a rotational basis Personal contact person for Key and End User out of the business department Log incident/requests into a ticket system for further processing Triages, prioritizes incidents/requests and performs root cause analysis in problem management (handling issue, data issue, authorization issue, IT issue). Resolves or forwards incidents/requests based on individual knowledge or knowledge articles Coordination of End User groups and escalation management as required Distributes application issues and non-application issues that cannot be solved by him/her, or based on catalog to the 2nd level support Supports issue clarification on request of 2nd level support Validate the resolution proposals and performs the necessary test in case tests are required on request of the 2nd level support Cooperate with 2nd level support team during analysis of reported incidents Communicating and coordination of End User activities if there is a major incident Interface Monitoring (Business Errors) Support Execution of system actions Support Implementation of new Systems and Equipment Continuous Improvement of Laboratory Systems Regular exchange with the Support network and or Business Process Experts (BPE) on support cases, best practices and process improvement proposals with network relevance Helps the End User to submit new ideas for process improvements, allowing a comprehensive approach for assessing both the process interdependencies as well impact to all underlying systems. Describes the full life cycle of an integrated Change process to Business Process with System impact. This Framework combines the Assessment of the requirement, build and test work as well as deployment and possibly delivery of the added value to the End User. Support Processes & Tools for Laboratory Systems Local Labsystem and Lab Equipment Bundle, Application Support for eg Cedex Bio, Cedex HiRes, SoloVPE, Cary WinUV Local Support of Informatics Products eg Central Label Management Software, Nextlab, Labx, Labware, Smartline Data Cockpit, Unicorn Use of Service Now for incident, problem, request and change management Must Haves: Relevant completed apprenticeship in IT area or equivalent and/or ideally an advanced degree in the IT or automation field (*) 3+ years professional experience in complex business environments (*) Knowledge and experience in systems administration and support of laboratory systems (*) Knowledge and experience in Windows Server, Active Directory and Client operating systems (*) Knowledge and experience in Computerized System Validation (*) Knowledge and experience in Network topology (*) Fluency German and English is a must (spoken and written) Good communication skills Service oriented attitude, being able to communicate with our customers, also in emergency situations Team player Nice to Have: Knowledge and experience in systems administration in the manufacturing area (eg MES, PI, SCADA, PCS) Trainer skills, methodology skills to perform trainings for end-users in specific area (refresh and new) Skills: German English pharmaceutical Systems engineering Support Engineering Administration LabIT windows server client operating system Customer service CSV Annex technical suppot team player Assess & Release System support 2nd level support Active Directory laboratory mes PI SCADA PCS Employee Value Proposition: Highly skilled team Great company Mostly onsite, but possible somtimes to work from home Job Title: Quality Systems Specialist Location: Basel, Switzerland Job Type: Contract TEKsystems, an Allegis Group company. Allegis Group AG, Aeschengraben 20, CH-4051 Basel, Switzerland. Registration No. CHE-101.865.121. TEKsystems is a company within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Aston Carter, EASi, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands. If you apply, your personal data will be processed as described in the Allegis Group Online Privacy Notice available at our website. To access our Online Privacy Notice, which explains what information we may collect, use, share, and store about you, and describes your rights and choices about this, please go our website. We are part of a global network of companies and as a result, the personal data you provide will be shared within Allegis Group and transferred and processed outside the UK, Switzerland and European Economic Area subject to the protections described in the Allegis Group Online Privacy Notice. We store personal data in the UK, EEA, Switzerland and the USA. If you would like to exercise your privacy rights, please visit the "Contacting Us" section of our Online Privacy Notice on our website for details on how to contact us. To protect your privacy and security, we may take steps to verify your identity, such as a password and user ID if there is an account associated with your request, or identifying information such as your address or date of birth, before proceeding with your request. commitments under the UK Data Protection Act, EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield.
12/04/2024
Project-based
Description: General Information: Start date: ASAP Planned duration: 12 months + extension Workplace: Basel Workload: 100% Team: 4 On call: yes (1/months) Background : Are you passionate about Information (IT) and Automation Technology (OT) and aspiring to make a meaningful impact? You are a customer focused individual with aspiration to deliver high quality support in a GMP Lab environment. Behind every product sold by Pharma Global Technical Operations (PT). Starting with Phase I of the development process and continuing through to product maturity, PT makes lifesaving medicines at 11 locations, with the support of partners from around the world. Information (IT) and Automation Technology (OT) teams are key in producing and delivering medicine to patients. The organization is currently undergoing a transformation towards digitalization, advancing fundamental elements to meet future needs, such as leveraging new technologies. You as a System Process Specialist (SPS) will be acting in the 1-Stop-Shop and are part of the support and continuous improvement structure. The System Process Specialist has a profound process understanding and is collaborating with the Business Community to continuously improve business processes and underlying IT Assess & Release applications. By this, he/she acts as a trusted adviser of the end-user/key-user as well as a bridge between the end user and other roles in the Informatics support layers. The SPS can raise incidents on behalf of the user area or work with Process Owner & other local business roles to train (key-)users. In projects, the System Process Specialist can also represent the interests of the systems user group and has the responsibility of coordinating and bringing input from the area of responsibility to the project and communicating project goals, information and progress back to the business areas. The perfect candidate is familiar with ITSM processes and support tools for incident and change management. Also we are looking for someone who works independently within guidelines while receiving minimal guidance. Tasks & Responsibilities: End-User-Support Laboratory Systems End to End accountability for Assess & Release System support Responsible for Assess & Release System support Responsible for 24/7 on-call, nights and weekends on a rotational basis Personal contact person for Key and End User out of the business department Log incident/requests into a ticket system for further processing Triages, prioritizes incidents/requests and performs root cause analysis in problem management (handling issue, data issue, authorization issue, IT issue). Resolves or forwards incidents/requests based on individual knowledge or knowledge articles Coordination of End User groups and escalation management as required Distributes application issues and non-application issues that cannot be solved by him/her, or based on catalog to the 2nd level support Supports issue clarification on request of 2nd level support Validate the resolution proposals and performs the necessary test in case tests are required on request of the 2nd level support Cooperate with 2nd level support team during analysis of reported incidents Communicating and coordination of End User activities if there is a major incident Interface Monitoring (Business Errors) Support Execution of system actions Support Implementation of new Systems and Equipment Continuous Improvement of Laboratory Systems Regular exchange with the Support network and or Business Process Experts (BPE) on support cases, best practices and process improvement proposals with network relevance Helps the End User to submit new ideas for process improvements, allowing a comprehensive approach for assessing both the process interdependencies as well impact to all underlying systems. Describes the full life cycle of an integrated Change process to Business Process with System impact. This Framework combines the Assessment of the requirement, build and test work as well as deployment and possibly delivery of the added value to the End User. Support Processes & Tools for Laboratory Systems Local Labsystem and Lab Equipment Bundle, Application Support for eg Cedex Bio, Cedex HiRes, SoloVPE, Cary WinUV Local Support of Informatics Products eg Central Label Management Software, Nextlab, Labx, Labware, Smartline Data Cockpit, Unicorn Use of Service Now for incident, problem, request and change management Must Haves: Relevant completed apprenticeship in IT area or equivalent and/or ideally an advanced degree in the IT or automation field (*) 3+ years professional experience in complex business environments (*) Knowledge and experience in systems administration and support of laboratory systems (*) Knowledge and experience in Windows Server, Active Directory and Client operating systems (*) Knowledge and experience in Computerized System Validation (*) Knowledge and experience in Network topology (*) Fluency German and English is a must (spoken and written) Good communication skills Service oriented attitude, being able to communicate with our customers, also in emergency situations Team player Nice to Have: Knowledge and experience in systems administration in the manufacturing area (eg MES, PI, SCADA, PCS) Trainer skills, methodology skills to perform trainings for end-users in specific area (refresh and new) Skills: German English pharmaceutical Systems engineering Support Engineering Administration LabIT windows server client operating system Customer service CSV Annex technical suppot team player Assess & Release System support 2nd level support Active Directory laboratory mes PI SCADA PCS Employee Value Proposition: Highly skilled team Great company Mostly onsite, but possible somtimes to work from home Job Title: Quality Systems Specialist Location: Basel, Switzerland Job Type: Contract TEKsystems, an Allegis Group company. Allegis Group AG, Aeschengraben 20, CH-4051 Basel, Switzerland. Registration No. CHE-101.865.121. TEKsystems is a company within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Aston Carter, EASi, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands. If you apply, your personal data will be processed as described in the Allegis Group Online Privacy Notice available at our website. To access our Online Privacy Notice, which explains what information we may collect, use, share, and store about you, and describes your rights and choices about this, please go our website. We are part of a global network of companies and as a result, the personal data you provide will be shared within Allegis Group and transferred and processed outside the UK, Switzerland and European Economic Area subject to the protections described in the Allegis Group Online Privacy Notice. We store personal data in the UK, EEA, Switzerland and the USA. If you would like to exercise your privacy rights, please visit the "Contacting Us" section of our Online Privacy Notice on our website for details on how to contact us. To protect your privacy and security, we may take steps to verify your identity, such as a password and user ID if there is an account associated with your request, or identifying information such as your address or date of birth, before proceeding with your request. commitments under the UK Data Protection Act, EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield.