AWS/Security/DevSecOps/Control Tower/IAM Are you an enthusiastic security specialist in AWS? A top-tier DevSecOps Engineer? Are you eager to take charge of the technical direction for one of the most rapidly expanding companies in the PropTech sector? If so, and you have - 3+ years' experience as a DevSecOps Engineer or Security Engineer with AWS In depth knowledge of AWS security tools inc. SecurityHub, Inspector, Detective, CloudTrail, GuardDuty and CloudWatch Proficiency in AWS services and features, including IAM, VPC, EC2, S3, RDS, Lambda, and CloudFormation Strong understanding of security best practices, principles, and frameworks, such as ISO 27001 controls and NIST Guidelines Experience in implementing security automation using Scripting languages eg Python and infrastructure-as-code (IaC) tools Ability to perform security threat modelling and risk assessments to identify and prioritize security risks Experience with security incident response and handling, including log analysis and forensics Outstanding business stakeholder engagement and management experience, inc. presenting of solutions to the exec team Certifications such as AWS Certified Security Specialist are a plus 70/75K, Occasional Travel to the Midlands Required Then get in touch today, interviews next week for the right candidates!
31/05/2024
Full time
AWS/Security/DevSecOps/Control Tower/IAM Are you an enthusiastic security specialist in AWS? A top-tier DevSecOps Engineer? Are you eager to take charge of the technical direction for one of the most rapidly expanding companies in the PropTech sector? If so, and you have - 3+ years' experience as a DevSecOps Engineer or Security Engineer with AWS In depth knowledge of AWS security tools inc. SecurityHub, Inspector, Detective, CloudTrail, GuardDuty and CloudWatch Proficiency in AWS services and features, including IAM, VPC, EC2, S3, RDS, Lambda, and CloudFormation Strong understanding of security best practices, principles, and frameworks, such as ISO 27001 controls and NIST Guidelines Experience in implementing security automation using Scripting languages eg Python and infrastructure-as-code (IaC) tools Ability to perform security threat modelling and risk assessments to identify and prioritize security risks Experience with security incident response and handling, including log analysis and forensics Outstanding business stakeholder engagement and management experience, inc. presenting of solutions to the exec team Certifications such as AWS Certified Security Specialist are a plus 70/75K, Occasional Travel to the Midlands Required Then get in touch today, interviews next week for the right candidates!
SIEM/Incident SME (Active DV Clearance) ELK (Elastic, Logstash, Kibana) Tanium MITRE ATT&CK Cyber Kill Chain Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months We are Global IT Recruitment specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Description: Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
30/05/2024
Project-based
SIEM/Incident SME (Active DV Clearance) ELK (Elastic, Logstash, Kibana) Tanium MITRE ATT&CK Cyber Kill Chain Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months We are Global IT Recruitment specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Description: Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
SOC Analyst/Engineer - vacancy requiring profound Qradar and Sentinel knowledge for our Basel based client in the financial sector . Your tasks: Providing SOC Tier 2/3 analysis work, handling alerts, and triaging cases and incidents within the Cyber Security Operations team Working on incident cases and running investigations and analysis Managing security alerts using ticketing tools Performing on-call incident response duties Collaborating with team members to resolve security issues Ensuring timely documentation and reporting of security incidents Your experience/knowledge: Experience in security operations/support, level 2 and 3, with proven experience in case/alerts investigation Proficiency with network protocols, such as HTTP, DNS, LDAP, FTP, and networking, including Firewalls, NGFW, IPS/IDS, packet captures Strong background in log analysis and digital forensics Working experience or knowledge with SIEM, preferably IBM QRadar and Azure Sentinel Incident handling experience and coordination with stakeholders Experience with dynamic malware analysis, threat hunting, and threat detection Language skills: English - fluent in written and spoken Your soft skills: Excellent analytical and problem-solving skills Ability to adapt and thrive in different situations or changing environments Location: Basel, Switzerland Sector: Financial Start: ASAP or 07/2024 Duration: 12MM+ Ref .Nr.: BH21723 Take the next step and send us your resume along with a daytime phone number where we can reach you. Due to Swiss work permit restrictions, we can only consider applications from Swiss nationals, EU citizens as well as current work-permit holders for Switzerland. Ukrainian refugees are warmly welcomed, we will support you all the way. We welcome applications from individuals of all genders, age groups, sexual orientations, personal expressions, ethnic backgrounds, and religious beliefs. Therefore, there is no requirement to provide gender information or a photo in your application. As per client requirements, we need information about your marital status, nationality, date of birth, and a valid Swiss work permit. For applicants with disabilities, we are happy to explore potential solutions with our end client.
30/05/2024
Project-based
SOC Analyst/Engineer - vacancy requiring profound Qradar and Sentinel knowledge for our Basel based client in the financial sector . Your tasks: Providing SOC Tier 2/3 analysis work, handling alerts, and triaging cases and incidents within the Cyber Security Operations team Working on incident cases and running investigations and analysis Managing security alerts using ticketing tools Performing on-call incident response duties Collaborating with team members to resolve security issues Ensuring timely documentation and reporting of security incidents Your experience/knowledge: Experience in security operations/support, level 2 and 3, with proven experience in case/alerts investigation Proficiency with network protocols, such as HTTP, DNS, LDAP, FTP, and networking, including Firewalls, NGFW, IPS/IDS, packet captures Strong background in log analysis and digital forensics Working experience or knowledge with SIEM, preferably IBM QRadar and Azure Sentinel Incident handling experience and coordination with stakeholders Experience with dynamic malware analysis, threat hunting, and threat detection Language skills: English - fluent in written and spoken Your soft skills: Excellent analytical and problem-solving skills Ability to adapt and thrive in different situations or changing environments Location: Basel, Switzerland Sector: Financial Start: ASAP or 07/2024 Duration: 12MM+ Ref .Nr.: BH21723 Take the next step and send us your resume along with a daytime phone number where we can reach you. Due to Swiss work permit restrictions, we can only consider applications from Swiss nationals, EU citizens as well as current work-permit holders for Switzerland. Ukrainian refugees are warmly welcomed, we will support you all the way. We welcome applications from individuals of all genders, age groups, sexual orientations, personal expressions, ethnic backgrounds, and religious beliefs. Therefore, there is no requirement to provide gender information or a photo in your application. As per client requirements, we need information about your marital status, nationality, date of birth, and a valid Swiss work permit. For applicants with disabilities, we are happy to explore potential solutions with our end client.
End User Compute Engineer York - Hybrid Contract - Inside IR35 The role delivers ongoing operational business requirements in the following areas: * Day to day operational performance of the End user estate to agreed SLAs and KPIs. * Changes to the End user estate to meet ongoing business demands. * Delivering continuous service improvement * Emergency response to critical incidents. Operational performance * Ensure effective operation of the End user estate, including but not limited to: o Front End equipment builds and security hardening. o Hardware selection and validation for user personas. o All Desktop applications specifically including O365 and associated applications. o Application and OS life cycle management. o Patching, specifically Intune, Autopilot, MDM, and OS Patching. o Vulnerability Management. o Print Services. o Facilities, physical security services and supporting platforms. * Make sure operational service are delivered to agreed SLAs, where service does not meet these standards, put in place remedial action to correct. * Ensure the End user estate is being monitored for service performance and where problems are identified these are resolved within agreed SLAs.
29/05/2024
Full time
End User Compute Engineer York - Hybrid Contract - Inside IR35 The role delivers ongoing operational business requirements in the following areas: * Day to day operational performance of the End user estate to agreed SLAs and KPIs. * Changes to the End user estate to meet ongoing business demands. * Delivering continuous service improvement * Emergency response to critical incidents. Operational performance * Ensure effective operation of the End user estate, including but not limited to: o Front End equipment builds and security hardening. o Hardware selection and validation for user personas. o All Desktop applications specifically including O365 and associated applications. o Application and OS life cycle management. o Patching, specifically Intune, Autopilot, MDM, and OS Patching. o Vulnerability Management. o Print Services. o Facilities, physical security services and supporting platforms. * Make sure operational service are delivered to agreed SLAs, where service does not meet these standards, put in place remedial action to correct. * Ensure the End user estate is being monitored for service performance and where problems are identified these are resolved within agreed SLAs.