Role Title: SIEM/Incident SME Duration: 6 months Location: Hybrid/Corsham, Portsmouth or Northallerton - 2/3 days per week at ONE site Rate: £700/d - Umbrella only PLEASE NOTE: Applicants must hold active DV Clearance to be considered for this role Would you like to join a global leader in consulting, technology services and digital transformation? Our client is at the forefront of innovation to address the entire breadth of opportunities in the evolving world of cloud, digital and platforms. Role purpose/summary The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Key Skills/requirements Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications : Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent) All profiles will be reviewed against the required skills and experience. Due to the high number of applications, we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!
20/05/2024
Project-based
Role Title: SIEM/Incident SME Duration: 6 months Location: Hybrid/Corsham, Portsmouth or Northallerton - 2/3 days per week at ONE site Rate: £700/d - Umbrella only PLEASE NOTE: Applicants must hold active DV Clearance to be considered for this role Would you like to join a global leader in consulting, technology services and digital transformation? Our client is at the forefront of innovation to address the entire breadth of opportunities in the evolving world of cloud, digital and platforms. Role purpose/summary The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Key Skills/requirements Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications : Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent) All profiles will be reviewed against the required skills and experience. Due to the high number of applications, we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!
Source Group are currently working with an Internaitonal Bank who are looking to hire a Freelance Vulnerability and Compliance Engineer to join the team. This role is an initial contract but has a high chance of extending long term. Please only apply if you are based or looking to relocate to Switzerland. The perfect candidate will be able to script in both Python and Powershell and understands modern development practices such as version control and CI/CD pipelines, and has a background in Cyber security. They will have a passion for clean code and be passionate about improving customer's "day to day" through automation and customer driven requirements. Responsibilities: Implement python code to enrich alerts prior to being ingested into the Bank's alert management system/queue. Implement python code to create "responders" in the Bank's alert/case management system to perform repetitive tasks. Integrate the alert/case management system with additional corporate and security systems. Implement queries (SQL or similar) to extract relevant data for reporting and alerting. Perform application patching of the Bank's cyber applications (alert/case management, vulnerability management platforms, etc). Assist with Scripting to enable custom reporting and querying of systems like Active Directory, the Bank's SIEM, etc. Must Haves : Excellent python skills and ideally experience with Powershell as well; experience with integration work, processing structured data such as Jason or CSV. Experience as a Developer ideally in Cybersecurity, IT automation or experience as business application developer could also be considered. Experience working with version control systems (eg git) and pipelines (eg Azure DevOps and Github). Understanding of and experience working with modern development practices such as version control and CI/CD pipelines Ability to digest and understand user requirements and implement them "properly" in an existing tech stack. Please get in touch for more info/relocating to Switzerland.
20/05/2024
Project-based
Source Group are currently working with an Internaitonal Bank who are looking to hire a Freelance Vulnerability and Compliance Engineer to join the team. This role is an initial contract but has a high chance of extending long term. Please only apply if you are based or looking to relocate to Switzerland. The perfect candidate will be able to script in both Python and Powershell and understands modern development practices such as version control and CI/CD pipelines, and has a background in Cyber security. They will have a passion for clean code and be passionate about improving customer's "day to day" through automation and customer driven requirements. Responsibilities: Implement python code to enrich alerts prior to being ingested into the Bank's alert management system/queue. Implement python code to create "responders" in the Bank's alert/case management system to perform repetitive tasks. Integrate the alert/case management system with additional corporate and security systems. Implement queries (SQL or similar) to extract relevant data for reporting and alerting. Perform application patching of the Bank's cyber applications (alert/case management, vulnerability management platforms, etc). Assist with Scripting to enable custom reporting and querying of systems like Active Directory, the Bank's SIEM, etc. Must Haves : Excellent python skills and ideally experience with Powershell as well; experience with integration work, processing structured data such as Jason or CSV. Experience as a Developer ideally in Cybersecurity, IT automation or experience as business application developer could also be considered. Experience working with version control systems (eg git) and pipelines (eg Azure DevOps and Github). Understanding of and experience working with modern development practices such as version control and CI/CD pipelines Ability to digest and understand user requirements and implement them "properly" in an existing tech stack. Please get in touch for more info/relocating to Switzerland.
Source Group are working with a Leading Bank in Switzerland who are looking to hire a Security Specialist - Cyber Automation and Engineering. The perfect candidate will be able to script in both Python and Powershell and understands modern development practices such as version control and CI/CD pipelines, and has a background in Cyber security. They will have a passion for clean code and be passionate about improving customer's "day to day" through automation and customer driven requirements. The successful candidate for this role must be based in Switzerland or be able to relocate full time. We are looking for a Security Specialist - Cyber Automation and Engineering who will assist the team with the following tasks: Tasks: Improving the alert and case management workflows, improving enrichment, "responders" and other automation. Assisting as required with advanced detections and filtering. Providing platform support when required (patching applications, etc). Other duties as required, as the team works with changing priorities and in response to internal customer demands. Responsibilities: Implement python code to enrich alerts prior to being ingested into the Bank's alert management system/queue. Implement python code to create "responders" in the Bank's alert/case management system to perform repetitive tasks. Integrate the alert/case management system with additional corporate and security systems. Implement queries (SQL or similar) to extract relevant data for reporting and alerting. Perform application patching of the Bank's cyber applications (alert/case management, vulnerability management platforms, etc). Assist with Scripting to enable custom reporting and querying of systems like Active Directory, the Bank's SIEM, etc. Must Haves: Excellent python skills and ideally experience with Powershell as well; experience with integration work, processing structured data such as Jason or CSV. Experience as a Developer ideally in Cybersecurity, IT automation or experience as business application developer could also be considered. Experience working with version control systems (eg git) and pipelines (eg Azure DevOps and Github). Understanding of and experience working with modern development practices such as version control and CI/CD pipelines Ability to digest and understand user requirements and implement them "properly" in an existing tech stack.
20/05/2024
Project-based
Source Group are working with a Leading Bank in Switzerland who are looking to hire a Security Specialist - Cyber Automation and Engineering. The perfect candidate will be able to script in both Python and Powershell and understands modern development practices such as version control and CI/CD pipelines, and has a background in Cyber security. They will have a passion for clean code and be passionate about improving customer's "day to day" through automation and customer driven requirements. The successful candidate for this role must be based in Switzerland or be able to relocate full time. We are looking for a Security Specialist - Cyber Automation and Engineering who will assist the team with the following tasks: Tasks: Improving the alert and case management workflows, improving enrichment, "responders" and other automation. Assisting as required with advanced detections and filtering. Providing platform support when required (patching applications, etc). Other duties as required, as the team works with changing priorities and in response to internal customer demands. Responsibilities: Implement python code to enrich alerts prior to being ingested into the Bank's alert management system/queue. Implement python code to create "responders" in the Bank's alert/case management system to perform repetitive tasks. Integrate the alert/case management system with additional corporate and security systems. Implement queries (SQL or similar) to extract relevant data for reporting and alerting. Perform application patching of the Bank's cyber applications (alert/case management, vulnerability management platforms, etc). Assist with Scripting to enable custom reporting and querying of systems like Active Directory, the Bank's SIEM, etc. Must Haves: Excellent python skills and ideally experience with Powershell as well; experience with integration work, processing structured data such as Jason or CSV. Experience as a Developer ideally in Cybersecurity, IT automation or experience as business application developer could also be considered. Experience working with version control systems (eg git) and pipelines (eg Azure DevOps and Github). Understanding of and experience working with modern development practices such as version control and CI/CD pipelines Ability to digest and understand user requirements and implement them "properly" in an existing tech stack.
Vulnerability Security Engineer - This is a long term contract vacancy requiring profound Python, Powershell and InsightVM knowledge for our Basel based client in the financial sector . Your tasks: Tuning and troubleshooting the company's VM and compliance platforms Implementing custom scripts to ensure technical settings comply with company policies and standards Developing custom logic to prioritize vulnerabilities and compliance issues Integrating compliance tool output into the company's big data platform for compliance purposes Executing queries to extract data for reporting and alerting Performing application patching for the company's vulnerability and compliance applications Your experience/knowledge: Proficient in Python with experience in PowerShell, integration work, and processing structured data such as JSON and CSV for data importing and exporting Strong background in cybersecurity, with a focus on vulnerability and compliance management Experienced with data pipelines, workflows, and modern development practices including version control and CI/CD pipelines Ability to understand user requirements and implement them effectively within an existing tech stack Knowledge of integration and processing of structured data for seamless data platform operations Familiarity with tools such as Dataiku DSS, Tableau, and the Azure security ecosystem, especially Defender suite, is a strong advantage Your soft skills: Self-starter, able to work independently and suggest solutions to problems in relation to existing systems and tools Strong drive and willingness to deliver Location: Basel, Switzerland Sector: Financial Start: ASAP or 07/2024 Duration: 08MM+ Ref .Nr.: BH21677 Take the next step and send us your resume along with a daytime phone number where we can reach you. Due to Swiss work permit restrictions, we can only consider applications from Swiss nationals, EU citizens as well as current work-permit holders for Switzerland. Ukrainian refugees are warmly welcomed, we will support you all the way. We welcome applications from individuals of all genders, age groups, sexual orientations, personal expressions, ethnic backgrounds, and religious beliefs. Therefore, there is no requirement to provide gender information or a photo in your application. As per client requirements, we need information about your marital status, nationality, date of birth, and a valid Swiss work permit. For applicants with disabilities, we are happy to explore potential solutions with our end client.
20/05/2024
Project-based
Vulnerability Security Engineer - This is a long term contract vacancy requiring profound Python, Powershell and InsightVM knowledge for our Basel based client in the financial sector . Your tasks: Tuning and troubleshooting the company's VM and compliance platforms Implementing custom scripts to ensure technical settings comply with company policies and standards Developing custom logic to prioritize vulnerabilities and compliance issues Integrating compliance tool output into the company's big data platform for compliance purposes Executing queries to extract data for reporting and alerting Performing application patching for the company's vulnerability and compliance applications Your experience/knowledge: Proficient in Python with experience in PowerShell, integration work, and processing structured data such as JSON and CSV for data importing and exporting Strong background in cybersecurity, with a focus on vulnerability and compliance management Experienced with data pipelines, workflows, and modern development practices including version control and CI/CD pipelines Ability to understand user requirements and implement them effectively within an existing tech stack Knowledge of integration and processing of structured data for seamless data platform operations Familiarity with tools such as Dataiku DSS, Tableau, and the Azure security ecosystem, especially Defender suite, is a strong advantage Your soft skills: Self-starter, able to work independently and suggest solutions to problems in relation to existing systems and tools Strong drive and willingness to deliver Location: Basel, Switzerland Sector: Financial Start: ASAP or 07/2024 Duration: 08MM+ Ref .Nr.: BH21677 Take the next step and send us your resume along with a daytime phone number where we can reach you. Due to Swiss work permit restrictions, we can only consider applications from Swiss nationals, EU citizens as well as current work-permit holders for Switzerland. Ukrainian refugees are warmly welcomed, we will support you all the way. We welcome applications from individuals of all genders, age groups, sexual orientations, personal expressions, ethnic backgrounds, and religious beliefs. Therefore, there is no requirement to provide gender information or a photo in your application. As per client requirements, we need information about your marital status, nationality, date of birth, and a valid Swiss work permit. For applicants with disabilities, we are happy to explore potential solutions with our end client.