ARM (Advanced Resource Managers)
Reading, Berkshire
Threat Intelligence Specialist 6 months £540 per day (Inside IR35) 5 Days per week in Reading My client in the telecommunications industry are looking for a Threat Intelligence Specialist to join their fast-paced team on an initial 6 month contract. The role will be fully on site in Reading so a local candidate will be most ideal. Responsibilities in the role; Identify information security and Threat Intelligence requirements and oversight of delivery by: Identifying business unit Priority Intelligence Requirements that enable the business unit to conduct its business continuously in a secure manner. Analysis of information across Strategic, Operational and Tactical arenas into actionable intelligence that allows stakeholders to make informed decisions. Ensuring delivery of the Threat Intelligence programme within the business unit, delivery of services and products provided by Group Security. Where services are delivered by external providers, ensuring delivery of the Threat Intelligence services as per requirements of business unit. Engage with the business unit to: Develop an understanding of business goals in order to constructively engage senior business leaders on information security, identifying key threats and areas for improvement, driving appropriate risk management decisions and collaborating with partners to achieve positive outcomes and business benefits Ensure emerging information and cyber security threats to the business are identified, discussed with senior business leadership and addressed through presented opportunities of security innovation. Build strong relationships within the business to gain an understanding of security-related business threats, vulnerabilities and risks. Facilitate Group Security support to business projects as the subject matter expert providing guidance and support in implementing Threat Intelligence project requirements. Embedding information security and cyber across the business unit by: Establish positive relationships engaging with technical teams and executives to deliver regular Threat Intelligence reporting and mitigation advisory and seek continuous improvement of TVM process. Monitoring of threat actors and groups, and identifying key trends leveraging internal and external threat data to enable positive business outcomes, keeping senior business leadership informed about information security-related issues and activities potentially affecting the organisation. Assist in running a threat intelligence platform that can store cyber threat intelligence idioms such as threat actors, exploit targets from disparate sources, devices, communities and industries in a structured & standardized way. Focus on awareness and training including by; Briefing regularly the business unit senior leadership team on cyber threats and risks profile. Delivering awareness and training to the relevant business unit team and high-risk users. Communicating the importance and promoting awareness of information security to the business. Increasing business awareness of emerging security threats and risks. Helping develop a security culture within the business. Partnering with the different functions working on controls by: Supporting Incident Response activities providing further context, OSINT support and behavioural analysis in the event of a security incident impacting the business unit. Maintaining a balanced relationship with risk functions, compliance functions and with internal and external audit functions. Ensure timely delivery of actionable threat intelligence across the organisation, including key stakeholders; Security Operations, Incident Response, Vulnerability Management, Security Leadership, Fraud Prevention and Industry intelligence communities. Continuous Improvement through the delivery of; Provide mentoring and development of Threat Intelligence Analysts through sharing learnings and best practices. Act as the point of escalation and support for Threat Intelligence analysts in the event of complex security incidents. Develop proven structure and processes such as run books that help the team achieve outstanding results. Championing and supporting Group Security's wider BCM, Incident and Crisis Management functions. Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission. Where the role is marked as Outside IR35 in the advertisement this is subject to receipt of a final Status Determination Statement from the end Client and may be subject to change.
Threat Intelligence Specialist 6 months £540 per day (Inside IR35) 5 Days per week in Reading My client in the telecommunications industry are looking for a Threat Intelligence Specialist to join their fast-paced team on an initial 6 month contract. The role will be fully on site in Reading so a local candidate will be most ideal. Responsibilities in the role; Identify information security and Threat Intelligence requirements and oversight of delivery by: Identifying business unit Priority Intelligence Requirements that enable the business unit to conduct its business continuously in a secure manner. Analysis of information across Strategic, Operational and Tactical arenas into actionable intelligence that allows stakeholders to make informed decisions. Ensuring delivery of the Threat Intelligence programme within the business unit, delivery of services and products provided by Group Security. Where services are delivered by external providers, ensuring delivery of the Threat Intelligence services as per requirements of business unit. Engage with the business unit to: Develop an understanding of business goals in order to constructively engage senior business leaders on information security, identifying key threats and areas for improvement, driving appropriate risk management decisions and collaborating with partners to achieve positive outcomes and business benefits Ensure emerging information and cyber security threats to the business are identified, discussed with senior business leadership and addressed through presented opportunities of security innovation. Build strong relationships within the business to gain an understanding of security-related business threats, vulnerabilities and risks. Facilitate Group Security support to business projects as the subject matter expert providing guidance and support in implementing Threat Intelligence project requirements. Embedding information security and cyber across the business unit by: Establish positive relationships engaging with technical teams and executives to deliver regular Threat Intelligence reporting and mitigation advisory and seek continuous improvement of TVM process. Monitoring of threat actors and groups, and identifying key trends leveraging internal and external threat data to enable positive business outcomes, keeping senior business leadership informed about information security-related issues and activities potentially affecting the organisation. Assist in running a threat intelligence platform that can store cyber threat intelligence idioms such as threat actors, exploit targets from disparate sources, devices, communities and industries in a structured & standardized way. Focus on awareness and training including by; Briefing regularly the business unit senior leadership team on cyber threats and risks profile. Delivering awareness and training to the relevant business unit team and high-risk users. Communicating the importance and promoting awareness of information security to the business. Increasing business awareness of emerging security threats and risks. Helping develop a security culture within the business. Partnering with the different functions working on controls by: Supporting Incident Response activities providing further context, OSINT support and behavioural analysis in the event of a security incident impacting the business unit. Maintaining a balanced relationship with risk functions, compliance functions and with internal and external audit functions. Ensure timely delivery of actionable threat intelligence across the organisation, including key stakeholders; Security Operations, Incident Response, Vulnerability Management, Security Leadership, Fraud Prevention and Industry intelligence communities. Continuous Improvement through the delivery of; Provide mentoring and development of Threat Intelligence Analysts through sharing learnings and best practices. Act as the point of escalation and support for Threat Intelligence analysts in the event of complex security incidents. Develop proven structure and processes such as run books that help the team achieve outstanding results. Championing and supporting Group Security's wider BCM, Incident and Crisis Management functions. Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission. Where the role is marked as Outside IR35 in the advertisement this is subject to receipt of a final Status Determination Statement from the end Client and may be subject to change.
ARM (Advanced Resource Managers)
Lead IT Security Manager Permanent Birmingham - 2 Days per week on site £48,900 - £61,140 per annum My client in the Rail industry are looking for a Lead IT Security Manager to join their fast-paced Operations team on a permanent basis. The Lead IT Security Manager is responsible for is the effective management of the Security Operations pillar within the IT Security, Compliance & Identity function. This includes Security technology and Security Operations Centre management. Key focus areas for this role, the ideal candidate will have experience in each of the below; Threat & Vulnerability Management Security Operations Centre - 24/7 Outsourced Web & Content Filtering - ProofPoint, Zscaler, etc. Endpoint Security Infrastructure Security Accountabilities * Lead the Security Operations pillar, determining and delivering requirements, methods, and tools to provide value and reduce risk across proactive monitoring, incident response, threat management and vulnerability management (among other activity) . * Lead the creation and maintenance of Security Operations policy, standards procedures, and documentation (including playbooks and guidance). * Manage the application and compliance of security operations procedures, reviewing actual and potential security breaches, and ensuring their investigation. * Lead the Security Operations team's response to incidents, recommending actions and appropriate control improvements. * Monitor the external environment to gather intelligence on emerging technologies, documenting impacts, threats, and opportunities to IT. * Provide expert advice on threat intelligence activities, identifying which threat categories are most dangerous to the organization and how to defend against them. * Manage vulnerability assessment activities within company IT, providing expert advice where necessary in the review of vulnerability assessment tools and techniques. * Develop, maintain, and test Security Operations' incident management procedures, investigating escalated incidents and facilitating recovery post-incident resolution. * Lead Security Operations risk management activities, leading on the identification of risks and vulnerabilities and assessment of their impacts. * Manage and oversee the day-to-day activity of the SOC supplier who will deliver security capabilities, communicating their activity to relevant teams. * Manage the design, delivery, maintenance, and continuous improvement of the IT Security Ops capabilities in line with business needs. * Manage the Security Operations Centre (SOC) capability, ensuring effective protection, defence, and response to IT security risks. * Promote the Security, Compliance & Identity function to develop and enhance the team profile to develop enduring relationships with stakeholders and teams. * Implement a multi-year Security roadmap that provides proactive capabilities which enable business objectives. * Actively promote and embed Equality Diversity and Inclusion (EDI) in all your work, and support and comply with all organisational initiatives, policies and procedures on EDI. Skills: * Relationship Building. Ability to develop and maintain strong relationships with internal and external stakeholders. * Security Operations. Ability provide leadership for live security incidents and helping conduct robust investigations in order to identify corrective actions and see them through to completion. * Threat Intelligence. Ability to provide guidance on proactive threat identification, analysis, and mitigation. Skilled in actionable intelligence, industry sources, and general awareness of threat landscape. * Vulnerability Assessment. Ability to identify and classify security vulnerabilities in networks, systems and applications and mitigating or eliminating their impact. * Risk Management. Ability to identify IT security operations risks and the delivery of audit remediation activities. * Emerging technology monitoring. Ability to identify and assess new and emerging technologies, products, services, methods and techniques. Knowledge: * Knowledge of IT Service Frameworks, methodologies, and best practice such as ITIL v4 and Agile. * Knowledge of day-to-day activities and best practice within a SOC. * Knowledge of technical security such as Firewalls, network security groups, and access controls. Type of Experience: * Experience of leading a team through the full IT service life cycle, enhancing security posture, and evolving capabilities via continual service improvement. * Experience of leading live cyber incidents and the remediation actions. * Experience of partnering with supplier teams for managed services delivery of improvements. * Experience across the full IT security spectrum (software, Servers, infrastructure, and networks). * Experience designing and implementing secure systems, leading review where necessary of complex security issues. * Experience of enabling and informing risk-based decisions. * Experience dealing with the security implications of transformation and day-to-day product changes. * Experience working with system architectures, displaying a strong understanding of the impact of vulnerabilities on varied systems Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
Lead IT Security Manager Permanent Birmingham - 2 Days per week on site £48,900 - £61,140 per annum My client in the Rail industry are looking for a Lead IT Security Manager to join their fast-paced Operations team on a permanent basis. The Lead IT Security Manager is responsible for is the effective management of the Security Operations pillar within the IT Security, Compliance & Identity function. This includes Security technology and Security Operations Centre management. Key focus areas for this role, the ideal candidate will have experience in each of the below; Threat & Vulnerability Management Security Operations Centre - 24/7 Outsourced Web & Content Filtering - ProofPoint, Zscaler, etc. Endpoint Security Infrastructure Security Accountabilities * Lead the Security Operations pillar, determining and delivering requirements, methods, and tools to provide value and reduce risk across proactive monitoring, incident response, threat management and vulnerability management (among other activity) . * Lead the creation and maintenance of Security Operations policy, standards procedures, and documentation (including playbooks and guidance). * Manage the application and compliance of security operations procedures, reviewing actual and potential security breaches, and ensuring their investigation. * Lead the Security Operations team's response to incidents, recommending actions and appropriate control improvements. * Monitor the external environment to gather intelligence on emerging technologies, documenting impacts, threats, and opportunities to IT. * Provide expert advice on threat intelligence activities, identifying which threat categories are most dangerous to the organization and how to defend against them. * Manage vulnerability assessment activities within company IT, providing expert advice where necessary in the review of vulnerability assessment tools and techniques. * Develop, maintain, and test Security Operations' incident management procedures, investigating escalated incidents and facilitating recovery post-incident resolution. * Lead Security Operations risk management activities, leading on the identification of risks and vulnerabilities and assessment of their impacts. * Manage and oversee the day-to-day activity of the SOC supplier who will deliver security capabilities, communicating their activity to relevant teams. * Manage the design, delivery, maintenance, and continuous improvement of the IT Security Ops capabilities in line with business needs. * Manage the Security Operations Centre (SOC) capability, ensuring effective protection, defence, and response to IT security risks. * Promote the Security, Compliance & Identity function to develop and enhance the team profile to develop enduring relationships with stakeholders and teams. * Implement a multi-year Security roadmap that provides proactive capabilities which enable business objectives. * Actively promote and embed Equality Diversity and Inclusion (EDI) in all your work, and support and comply with all organisational initiatives, policies and procedures on EDI. Skills: * Relationship Building. Ability to develop and maintain strong relationships with internal and external stakeholders. * Security Operations. Ability provide leadership for live security incidents and helping conduct robust investigations in order to identify corrective actions and see them through to completion. * Threat Intelligence. Ability to provide guidance on proactive threat identification, analysis, and mitigation. Skilled in actionable intelligence, industry sources, and general awareness of threat landscape. * Vulnerability Assessment. Ability to identify and classify security vulnerabilities in networks, systems and applications and mitigating or eliminating their impact. * Risk Management. Ability to identify IT security operations risks and the delivery of audit remediation activities. * Emerging technology monitoring. Ability to identify and assess new and emerging technologies, products, services, methods and techniques. Knowledge: * Knowledge of IT Service Frameworks, methodologies, and best practice such as ITIL v4 and Agile. * Knowledge of day-to-day activities and best practice within a SOC. * Knowledge of technical security such as Firewalls, network security groups, and access controls. Type of Experience: * Experience of leading a team through the full IT service life cycle, enhancing security posture, and evolving capabilities via continual service improvement. * Experience of leading live cyber incidents and the remediation actions. * Experience of partnering with supplier teams for managed services delivery of improvements. * Experience across the full IT security spectrum (software, Servers, infrastructure, and networks). * Experience designing and implementing secure systems, leading review where necessary of complex security issues. * Experience of enabling and informing risk-based decisions. * Experience dealing with the security implications of transformation and day-to-day product changes. * Experience working with system architectures, displaying a strong understanding of the impact of vulnerabilities on varied systems Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.