Lead IT Security Manager Permanent Birmingham - 2 Days per week on site £48,900 - £61,140 per annum My client in the Rail industry are looking for a Lead IT Security Manager to join their fast-paced Operations team on a permanent basis. The Lead IT Security Manager is responsible for is the effective management of the Security Operations pillar within the IT Security, Compliance & Identity function. This includes Security technology and Security Operations Centre management. Key focus areas for this role, the ideal candidate will have experience in each of the below; Threat & Vulnerability Management Security Operations Centre - 24/7 Outsourced Web & Content Filtering - ProofPoint, Zscaler, etc. Endpoint Security Infrastructure Security Accountabilities * Lead the Security Operations pillar, determining and delivering requirements, methods, and tools to provide value and reduce risk across proactive monitoring, incident response, threat management and vulnerability management (among other activity) . * Lead the creation and maintenance of Security Operations policy, standards procedures, and documentation (including playbooks and guidance). * Manage the application and compliance of security operations procedures, reviewing actual and potential security breaches, and ensuring their investigation. * Lead the Security Operations team's response to incidents, recommending actions and appropriate control improvements. * Monitor the external environment to gather intelligence on emerging technologies, documenting impacts, threats, and opportunities to IT. * Provide expert advice on threat intelligence activities, identifying which threat categories are most dangerous to the organization and how to defend against them. * Manage vulnerability assessment activities within company IT, providing expert advice where necessary in the review of vulnerability assessment tools and techniques. * Develop, maintain, and test Security Operations' incident management procedures, investigating escalated incidents and facilitating recovery post-incident resolution. * Lead Security Operations risk management activities, leading on the identification of risks and vulnerabilities and assessment of their impacts. * Manage and oversee the day-to-day activity of the SOC supplier who will deliver security capabilities, communicating their activity to relevant teams. * Manage the design, delivery, maintenance, and continuous improvement of the IT Security Ops capabilities in line with business needs. * Manage the Security Operations Centre (SOC) capability, ensuring effective protection, defence, and response to IT security risks. * Promote the Security, Compliance & Identity function to develop and enhance the team profile to develop enduring relationships with stakeholders and teams. * Implement a multi-year Security roadmap that provides proactive capabilities which enable business objectives. * Actively promote and embed Equality Diversity and Inclusion (EDI) in all your work, and support and comply with all organisational initiatives, policies and procedures on EDI. Skills: * Relationship Building. Ability to develop and maintain strong relationships with internal and external stakeholders. * Security Operations. Ability provide leadership for live security incidents and helping conduct robust investigations in order to identify corrective actions and see them through to completion. * Threat Intelligence. Ability to provide guidance on proactive threat identification, analysis, and mitigation. Skilled in actionable intelligence, industry sources, and general awareness of threat landscape. * Vulnerability Assessment. Ability to identify and classify security vulnerabilities in networks, systems and applications and mitigating or eliminating their impact. * Risk Management. Ability to identify IT security operations risks and the delivery of audit remediation activities. * Emerging technology monitoring. Ability to identify and assess new and emerging technologies, products, services, methods and techniques. Knowledge: * Knowledge of IT Service Frameworks, methodologies, and best practice such as ITIL v4 and Agile. * Knowledge of day-to-day activities and best practice within a SOC. * Knowledge of technical security such as Firewalls, network security groups, and access controls. Type of Experience: * Experience of leading a team through the full IT service life cycle, enhancing security posture, and evolving capabilities via continual service improvement. * Experience of leading live cyber incidents and the remediation actions. * Experience of partnering with supplier teams for managed services delivery of improvements. * Experience across the full IT security spectrum (software, Servers, infrastructure, and networks). * Experience designing and implementing secure systems, leading review where necessary of complex security issues. * Experience of enabling and informing risk-based decisions. * Experience dealing with the security implications of transformation and day-to-day product changes. * Experience working with system architectures, displaying a strong understanding of the impact of vulnerabilities on varied systems Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
23/04/2024
Full time
Lead IT Security Manager Permanent Birmingham - 2 Days per week on site £48,900 - £61,140 per annum My client in the Rail industry are looking for a Lead IT Security Manager to join their fast-paced Operations team on a permanent basis. The Lead IT Security Manager is responsible for is the effective management of the Security Operations pillar within the IT Security, Compliance & Identity function. This includes Security technology and Security Operations Centre management. Key focus areas for this role, the ideal candidate will have experience in each of the below; Threat & Vulnerability Management Security Operations Centre - 24/7 Outsourced Web & Content Filtering - ProofPoint, Zscaler, etc. Endpoint Security Infrastructure Security Accountabilities * Lead the Security Operations pillar, determining and delivering requirements, methods, and tools to provide value and reduce risk across proactive monitoring, incident response, threat management and vulnerability management (among other activity) . * Lead the creation and maintenance of Security Operations policy, standards procedures, and documentation (including playbooks and guidance). * Manage the application and compliance of security operations procedures, reviewing actual and potential security breaches, and ensuring their investigation. * Lead the Security Operations team's response to incidents, recommending actions and appropriate control improvements. * Monitor the external environment to gather intelligence on emerging technologies, documenting impacts, threats, and opportunities to IT. * Provide expert advice on threat intelligence activities, identifying which threat categories are most dangerous to the organization and how to defend against them. * Manage vulnerability assessment activities within company IT, providing expert advice where necessary in the review of vulnerability assessment tools and techniques. * Develop, maintain, and test Security Operations' incident management procedures, investigating escalated incidents and facilitating recovery post-incident resolution. * Lead Security Operations risk management activities, leading on the identification of risks and vulnerabilities and assessment of their impacts. * Manage and oversee the day-to-day activity of the SOC supplier who will deliver security capabilities, communicating their activity to relevant teams. * Manage the design, delivery, maintenance, and continuous improvement of the IT Security Ops capabilities in line with business needs. * Manage the Security Operations Centre (SOC) capability, ensuring effective protection, defence, and response to IT security risks. * Promote the Security, Compliance & Identity function to develop and enhance the team profile to develop enduring relationships with stakeholders and teams. * Implement a multi-year Security roadmap that provides proactive capabilities which enable business objectives. * Actively promote and embed Equality Diversity and Inclusion (EDI) in all your work, and support and comply with all organisational initiatives, policies and procedures on EDI. Skills: * Relationship Building. Ability to develop and maintain strong relationships with internal and external stakeholders. * Security Operations. Ability provide leadership for live security incidents and helping conduct robust investigations in order to identify corrective actions and see them through to completion. * Threat Intelligence. Ability to provide guidance on proactive threat identification, analysis, and mitigation. Skilled in actionable intelligence, industry sources, and general awareness of threat landscape. * Vulnerability Assessment. Ability to identify and classify security vulnerabilities in networks, systems and applications and mitigating or eliminating their impact. * Risk Management. Ability to identify IT security operations risks and the delivery of audit remediation activities. * Emerging technology monitoring. Ability to identify and assess new and emerging technologies, products, services, methods and techniques. Knowledge: * Knowledge of IT Service Frameworks, methodologies, and best practice such as ITIL v4 and Agile. * Knowledge of day-to-day activities and best practice within a SOC. * Knowledge of technical security such as Firewalls, network security groups, and access controls. Type of Experience: * Experience of leading a team through the full IT service life cycle, enhancing security posture, and evolving capabilities via continual service improvement. * Experience of leading live cyber incidents and the remediation actions. * Experience of partnering with supplier teams for managed services delivery of improvements. * Experience across the full IT security spectrum (software, Servers, infrastructure, and networks). * Experience designing and implementing secure systems, leading review where necessary of complex security issues. * Experience of enabling and informing risk-based decisions. * Experience dealing with the security implications of transformation and day-to-day product changes. * Experience working with system architectures, displaying a strong understanding of the impact of vulnerabilities on varied systems Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
Threat Detection Engineer - 6 Month Contract - Inside IR35 - Hybrid Working Hamilton Barnes is representing a prestigious global banking organization in their search for a skilled Threat Detection Engineer, the role offers hybrid working with offices based in both London and Swindon. The position offers a competitive day rate signed off inside IR35. As a Threat Detection Engineer, you will play a pivotal role in enhancing our threat detection capabilities and fortifying the client's defences against evolving cyber threats. Your expertise in incident detection, monitoring, handling, and response will be essential in analysing emerging threats and developing proactive security measures. Responsibilities: Transform Intelligence into Action: Utilize your expertise to translate intelligence into actionable tasks, including creating and enhancing use cases, reconstructing attack Tactics, Techniques, and Procedures (TTPs), and conducting threat hunting operations. Implement Ruleset and Policy Changes: Take charge of deploying ruleset and policy changes across our security controls, ensuring adherence to change management protocols to maintain operational integrity. Provide Security Metrics: Assist in delivering security metrics and Key Performance Indicators (KPIs) to our Security leadership team on a regular basis, enabling informed decision-making and continuous improvement of our security posture. What you will Ideally Bring: In-depth knowledge and practical experience with the MITRE ATT&CK framework, demonstrating a thorough understanding of its tactics, techniques, and procedures (TTPs). Proven ability to translate threat intelligence into actionable insights, with a track record of developing effective detection rules and recommending preventive measures. Strong proficiency in query language development, particularly in KQL (Microsoft) and/or SPL (Splunk), enabling precise and efficient threat detection and analysis. Excellent communication skills, with the ability to articulate complex technical concepts to non-technical stakeholders effectively. Contract Details: Duration: 6 months Location: London or Swindon (3 Days Per Week) Day Rate: Up to £550 Per Day (Inside IR35) Start Date: ASAP Threat Detection Engineer - 6 Month Contract - Inside IR35 - Hybrid Working
23/04/2024
Project-based
Threat Detection Engineer - 6 Month Contract - Inside IR35 - Hybrid Working Hamilton Barnes is representing a prestigious global banking organization in their search for a skilled Threat Detection Engineer, the role offers hybrid working with offices based in both London and Swindon. The position offers a competitive day rate signed off inside IR35. As a Threat Detection Engineer, you will play a pivotal role in enhancing our threat detection capabilities and fortifying the client's defences against evolving cyber threats. Your expertise in incident detection, monitoring, handling, and response will be essential in analysing emerging threats and developing proactive security measures. Responsibilities: Transform Intelligence into Action: Utilize your expertise to translate intelligence into actionable tasks, including creating and enhancing use cases, reconstructing attack Tactics, Techniques, and Procedures (TTPs), and conducting threat hunting operations. Implement Ruleset and Policy Changes: Take charge of deploying ruleset and policy changes across our security controls, ensuring adherence to change management protocols to maintain operational integrity. Provide Security Metrics: Assist in delivering security metrics and Key Performance Indicators (KPIs) to our Security leadership team on a regular basis, enabling informed decision-making and continuous improvement of our security posture. What you will Ideally Bring: In-depth knowledge and practical experience with the MITRE ATT&CK framework, demonstrating a thorough understanding of its tactics, techniques, and procedures (TTPs). Proven ability to translate threat intelligence into actionable insights, with a track record of developing effective detection rules and recommending preventive measures. Strong proficiency in query language development, particularly in KQL (Microsoft) and/or SPL (Splunk), enabling precise and efficient threat detection and analysis. Excellent communication skills, with the ability to articulate complex technical concepts to non-technical stakeholders effectively. Contract Details: Duration: 6 months Location: London or Swindon (3 Days Per Week) Day Rate: Up to £550 Per Day (Inside IR35) Start Date: ASAP Threat Detection Engineer - 6 Month Contract - Inside IR35 - Hybrid Working
Outstanding opportunity to this fast paced, rapidly growing, PropTech scale up on a permanent basis as an AWS DevSecOps (AWS Security Engineer). This software business provides the world's leading technology platform for property management and estate agency globally and offers the opportunity to shape the direction of a newly formed DevSecOps function regarding security policies, tooling and best practice. We're looking for an experienced engineer, competent in responding and resolving cloud security incidents with deep AWS security expertise and an understanding of engineering cloud platforms on an infrastructure as code basis (IaC). You'll require the following skills and experience: 3+ years' experience as a DevSecOps Engineer or Security Engineer with AWS In depth knowledge of AWS security tools inc. SecurityHub, Inspector, Detective, CloudTrail, GuardDuty and CloudWatch Proficiency in AWS services and features, including IAM, VPC, EC2, S3, RDS, Lambda, and CloudFormation Strong understanding of security best practices, principles, and frameworks, such as ISO 27001 controls and NIST Guidelines Experience in implementing security automation using Scripting languages eg Python and infrastructure-as-code (IaC) tools Ability to perform security threat modelling and risk assessments to identify and prioritize security risks Experience with security incident response and handling, including log analysis and forensics Outstanding business stakeholder engagement and management experience, inc. presenting of solutions to the exec team Certifications such as AWS Certified Security Specialist are a plus £70k-£75k + bonus + benefits. 90% remote, occasional travel the Midlands
22/04/2024
Full time
Outstanding opportunity to this fast paced, rapidly growing, PropTech scale up on a permanent basis as an AWS DevSecOps (AWS Security Engineer). This software business provides the world's leading technology platform for property management and estate agency globally and offers the opportunity to shape the direction of a newly formed DevSecOps function regarding security policies, tooling and best practice. We're looking for an experienced engineer, competent in responding and resolving cloud security incidents with deep AWS security expertise and an understanding of engineering cloud platforms on an infrastructure as code basis (IaC). You'll require the following skills and experience: 3+ years' experience as a DevSecOps Engineer or Security Engineer with AWS In depth knowledge of AWS security tools inc. SecurityHub, Inspector, Detective, CloudTrail, GuardDuty and CloudWatch Proficiency in AWS services and features, including IAM, VPC, EC2, S3, RDS, Lambda, and CloudFormation Strong understanding of security best practices, principles, and frameworks, such as ISO 27001 controls and NIST Guidelines Experience in implementing security automation using Scripting languages eg Python and infrastructure-as-code (IaC) tools Ability to perform security threat modelling and risk assessments to identify and prioritize security risks Experience with security incident response and handling, including log analysis and forensics Outstanding business stakeholder engagement and management experience, inc. presenting of solutions to the exec team Certifications such as AWS Certified Security Specialist are a plus £70k-£75k + bonus + benefits. 90% remote, occasional travel the Midlands
SecOps Engineer, Hybrid Working, Hatfield, Competitive Salary plus Benefits! Join Our Team: SecOps Engineer Needed Are you passionate about IT security and eager to work at the forefront of protecting IT infrastructure? We are seeking a skilled SecOps Engineer to join my clients dynamic team, offering a pivotal role in bridging the gap between information security and IT operations. Your expertise will be crucial in managing application, infrastructure, and network security, ensuring a proactive approach is taken to the management of vulnerabilities. This is a brand-new position within my client's IT division. This will provide you with the opportunity to introduce a new way of working and will best suit a confident person with a self-starter attitude to be willing to get to know the wider business and collaborate. As a SecOps Engineer, you will be entrusted with a broad spectrum of security technologies, with an immediate focus on fortifying the security posture of their multi-country IT infrastructure and minimising vulnerabilities. Your responsibilities will include: - Creating and implementing security solutions across on-premises and cloud platforms. - Vigilant monitoring of security systems for potential threats and efficient incident management. - Establishing technical standards aligned with corporate security policies and regulatory compliance. - Conducting thorough vulnerability assessments and driving effective remediation strategies. - Engaging in security architecture reviews to identify and rectify gaps. - Playing an active role in the Change Advisory Board to manage the security aspects of IT changes. - Leading the response to high-priority security incidents within the organisation. You'll work with tools like Varonis DatAdvantage, Qualys, SCCM, Symantec Endpoint Protection, QRadar, and more, across platforms such as Azure, AWS, and Microsoft Office365. Knowledge of Active Directory, network protocols, and virtual platforms is highly desirable. This role is not just a job; it's an opportunity to make a significant impact on the security and integrity of my client's IT operations. If you are ready to take on this challenge and contribute to their mission of maintaining a secure and resilient IT environment, apply now!
19/04/2024
Full time
SecOps Engineer, Hybrid Working, Hatfield, Competitive Salary plus Benefits! Join Our Team: SecOps Engineer Needed Are you passionate about IT security and eager to work at the forefront of protecting IT infrastructure? We are seeking a skilled SecOps Engineer to join my clients dynamic team, offering a pivotal role in bridging the gap between information security and IT operations. Your expertise will be crucial in managing application, infrastructure, and network security, ensuring a proactive approach is taken to the management of vulnerabilities. This is a brand-new position within my client's IT division. This will provide you with the opportunity to introduce a new way of working and will best suit a confident person with a self-starter attitude to be willing to get to know the wider business and collaborate. As a SecOps Engineer, you will be entrusted with a broad spectrum of security technologies, with an immediate focus on fortifying the security posture of their multi-country IT infrastructure and minimising vulnerabilities. Your responsibilities will include: - Creating and implementing security solutions across on-premises and cloud platforms. - Vigilant monitoring of security systems for potential threats and efficient incident management. - Establishing technical standards aligned with corporate security policies and regulatory compliance. - Conducting thorough vulnerability assessments and driving effective remediation strategies. - Engaging in security architecture reviews to identify and rectify gaps. - Playing an active role in the Change Advisory Board to manage the security aspects of IT changes. - Leading the response to high-priority security incidents within the organisation. You'll work with tools like Varonis DatAdvantage, Qualys, SCCM, Symantec Endpoint Protection, QRadar, and more, across platforms such as Azure, AWS, and Microsoft Office365. Knowledge of Active Directory, network protocols, and virtual platforms is highly desirable. This role is not just a job; it's an opportunity to make a significant impact on the security and integrity of my client's IT operations. If you are ready to take on this challenge and contribute to their mission of maintaining a secure and resilient IT environment, apply now!
Position: Windows/Dell Infra Admin Location: Rugby, UK Duration: Permanent JOB DESCRIPTION: As a Senior Windows Infrastructure Admin/Engineer, you'll have a broad remit of responsibilities across the entire Windows infrastructure, service operations and support, including Active Directory, DNS, DHCP, Group policy, MFA (Multi-Factor Authentication) and Windows Server 2003 to 2012 R2 and Widows desktop solutions. You will proactively troubleshoot complex issues, devising innovative solutions and proactively introducing improvements, enhancements, and automation. Working with a wide variety of platforms and programming languages, you will be a key player in delivering a reliable, high-quality trading environment as part of a diverse, globally distributed team. Essential Responsibilities/Qualifications: Take ownership of Active Directory and Windows Server infrastructure, service operations and support. Proven track record in a similar role supporting and maintaining Microsoft AD & Server Environments. Lead on all phases of Active Directory and Windows Server estate life cycle management. Lead on troubleshooting Active Directory, DNS, DHCP, MFA and Group Policy issues. Strong technical experience in administering MFA (Multi-Factor Authentication) technologies across server and client components. Actively manage and monitor Active Directory and Server estate related ServiceNow tickets, and remediations from monitoring and alerting systems. Strong Windows Support Skills - 2012 to 2019. Experience in supporting MS Exchange. Experience in Microsoft 365 services and Endpoint Manager Good knowledge of VMWare ESX. Strong PowerShell, SCCM and SCOM skills. Contribute to IT infrastructure related security, maintenance, performance, capacity, and life cycle management. Contribute reports on infrastructure operations, services, and major incidents. Create and maintain work plans, design, and operations documentation sets. Create and review change requests to support project delivery and operational change. Work as part of a team to deliver complex solutions as lead specialist, project team resource or technical support. Good understanding of ITIL & related processes. Liaise with third parties and vendors. ITILv3/ITIL4 certified or recent relevant experience working in ITIL controlled environment. Experience writing process documentation including operational support guidelines, policies, and procedures. Strong Change management, Incident Management and Problem Management processes. Ability to create and maintain technical and design documents. Must be willing to work out of Rugby, UK site (subject to COVID regulations). Candidate must have the valid SC Clearance. Look forward to your response at earliest.
18/04/2024
Full time
Position: Windows/Dell Infra Admin Location: Rugby, UK Duration: Permanent JOB DESCRIPTION: As a Senior Windows Infrastructure Admin/Engineer, you'll have a broad remit of responsibilities across the entire Windows infrastructure, service operations and support, including Active Directory, DNS, DHCP, Group policy, MFA (Multi-Factor Authentication) and Windows Server 2003 to 2012 R2 and Widows desktop solutions. You will proactively troubleshoot complex issues, devising innovative solutions and proactively introducing improvements, enhancements, and automation. Working with a wide variety of platforms and programming languages, you will be a key player in delivering a reliable, high-quality trading environment as part of a diverse, globally distributed team. Essential Responsibilities/Qualifications: Take ownership of Active Directory and Windows Server infrastructure, service operations and support. Proven track record in a similar role supporting and maintaining Microsoft AD & Server Environments. Lead on all phases of Active Directory and Windows Server estate life cycle management. Lead on troubleshooting Active Directory, DNS, DHCP, MFA and Group Policy issues. Strong technical experience in administering MFA (Multi-Factor Authentication) technologies across server and client components. Actively manage and monitor Active Directory and Server estate related ServiceNow tickets, and remediations from monitoring and alerting systems. Strong Windows Support Skills - 2012 to 2019. Experience in supporting MS Exchange. Experience in Microsoft 365 services and Endpoint Manager Good knowledge of VMWare ESX. Strong PowerShell, SCCM and SCOM skills. Contribute to IT infrastructure related security, maintenance, performance, capacity, and life cycle management. Contribute reports on infrastructure operations, services, and major incidents. Create and maintain work plans, design, and operations documentation sets. Create and review change requests to support project delivery and operational change. Work as part of a team to deliver complex solutions as lead specialist, project team resource or technical support. Good understanding of ITIL & related processes. Liaise with third parties and vendors. ITILv3/ITIL4 certified or recent relevant experience working in ITIL controlled environment. Experience writing process documentation including operational support guidelines, policies, and procedures. Strong Change management, Incident Management and Problem Management processes. Ability to create and maintain technical and design documents. Must be willing to work out of Rugby, UK site (subject to COVID regulations). Candidate must have the valid SC Clearance. Look forward to your response at earliest.
LA International Computer Consultants Ltd
Hereford, Herefordshire
DV Cleared Onsite in Hereford Duration: 6 months initially Market Rates via Umbrella Role Description: Cyber Defence Engineer will join a growing security team responsible for the testing, implementation, deployment, maintenance, configuration and troubleshooting of the SOC's technology stack (hardware and software). The engineer will also assist with the continued development and maintenance of data pipelines and signature updates and the professional development of the system engineering team. Tasks: * Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration. * Manage system/server resources including performance, capacity, availability, serviceability, and recoverability. * Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability. * Coordinate with SOC and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave. * Manage the compilation, cataloguing, distribution, and retrieval of data from a range of enterprise networks and data sources. * Implement data management standards, requirements, and specifications. * Develop data standards, policies, and procedures. * Analyse data sources to provide actionable recommendations and facilitate data-gathering methods. * To share knowledge, skills and experience, create and improve documentation, and train new members of the data engineering team. Knowledge: * Knowledge of big data technologies and ecosystems (eg, NiFi). * Knowledge of current market and emerging leaders in data analytical and SIEM platforms. * Knowledge of network security implementations (eg, host-based IDS, IPS), including their function and placement in a network. * Knowledge of intrusion detection systems and signature development. * Knowledge of Front End collection systems, including network traffic collection, filtering, and selection. * Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. * Knowledge of cyber defence and information security policies, procedures and regulations. * Knowledge of network security architecture concepts including topology, protocols, components and principles. Skills/Experience: * Previous experience of Enterprise ICS/network architectures and technologies. * Working with frameworks and technologies that support data-intensive distributed applications. * Experience maintaining and administrating data analytical and SIEM platforms. * Experience using host and network-based IDS/IPS. Experience using packet capture solutions. * Skill in developing and deploying signatures. * Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). * Ability to provide technical and service leadership to junior SOC Engineers (mentor/coach). Desirable Qualifications/Certifications * Red Hat System Administration I & II (RH124/RH134). * Baseline Cyber Courses eg Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp. * Certified engineer in a market leading data analysis/SIEM platform. * SANS SEC501 Advanced Security Essentials Enterprise Defender. * SANS SEC 511 Continuous Monitoring & Security Operations. * SANS SEC555: SIEM with Tactical Analytics Available locations: -Hereford -Northallerton -Corsham -Portsmouth Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 18 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
17/04/2024
Project-based
DV Cleared Onsite in Hereford Duration: 6 months initially Market Rates via Umbrella Role Description: Cyber Defence Engineer will join a growing security team responsible for the testing, implementation, deployment, maintenance, configuration and troubleshooting of the SOC's technology stack (hardware and software). The engineer will also assist with the continued development and maintenance of data pipelines and signature updates and the professional development of the system engineering team. Tasks: * Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration. * Manage system/server resources including performance, capacity, availability, serviceability, and recoverability. * Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability. * Coordinate with SOC and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave. * Manage the compilation, cataloguing, distribution, and retrieval of data from a range of enterprise networks and data sources. * Implement data management standards, requirements, and specifications. * Develop data standards, policies, and procedures. * Analyse data sources to provide actionable recommendations and facilitate data-gathering methods. * To share knowledge, skills and experience, create and improve documentation, and train new members of the data engineering team. Knowledge: * Knowledge of big data technologies and ecosystems (eg, NiFi). * Knowledge of current market and emerging leaders in data analytical and SIEM platforms. * Knowledge of network security implementations (eg, host-based IDS, IPS), including their function and placement in a network. * Knowledge of intrusion detection systems and signature development. * Knowledge of Front End collection systems, including network traffic collection, filtering, and selection. * Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. * Knowledge of cyber defence and information security policies, procedures and regulations. * Knowledge of network security architecture concepts including topology, protocols, components and principles. Skills/Experience: * Previous experience of Enterprise ICS/network architectures and technologies. * Working with frameworks and technologies that support data-intensive distributed applications. * Experience maintaining and administrating data analytical and SIEM platforms. * Experience using host and network-based IDS/IPS. Experience using packet capture solutions. * Skill in developing and deploying signatures. * Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). * Ability to provide technical and service leadership to junior SOC Engineers (mentor/coach). Desirable Qualifications/Certifications * Red Hat System Administration I & II (RH124/RH134). * Baseline Cyber Courses eg Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp. * Certified engineer in a market leading data analysis/SIEM platform. * SANS SEC501 Advanced Security Essentials Enterprise Defender. * SANS SEC 511 Continuous Monitoring & Security Operations. * SANS SEC555: SIEM with Tactical Analytics Available locations: -Hereford -Northallerton -Corsham -Portsmouth Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 18 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.