Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
17/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
17/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
Our client is looking for a skilled and enthusiastic network engineer to join their team based around Glasgow. The ideal candidate will have a strong grasp of the requirements below. If you feel that you are capable, I would love to hear from you and discuss the position in full. Duties and Responsibilities Design, implement, configure and manage the organisation's network infrastructure, including LANs, WANs, VPNs, Routers, Switches, Firewalls, and wireless access points. Identify and address issues to ensure high availability, reliability, and optimal performance. Deploy and maintain the systems' infrastructure, including Servers, storage solutions, operating systems, virtualisation platforms and cloud services. Manage network and systems capacity planning to accommodate growth and changing computing requirements. Collaborate with IT teams worldwide to develop integrated network and systems solutions aligned with business objectives and technology standards. Perform regular security assessments and audits to identify vulnerabilities and implement necessary patches, updates, and security protocols. Design, implement and maintain disaster recovery and business continuity plans. Provide technical support to end-users and other IT teams, addressing network and systems-related incidents and challenges. Document network and systems configurations, procedures, and troubleshooting guides to facilitate knowledge sharing and training. Stay informed about emerging technologies, industry trends, and best practices in networking and systems engineering. Automate network and systems tasks using Scripting languages and configuration management tools. Work with vendors and service providers for procurement, maintenance, and support of network and systems equipment and software. Install hardware for systems and users, as required. Packaging and deployment of applications and software updates. Identify, propose, contribute and manage IT projects for continuous improvement. Qualifications, Knowledge & Skills Bachelor's degree in Computer Science, Information Technology, or related field; or relevant work experience for a minimum of five years. Proven experience as a Network Engineer/Administrator, Systems Engineer/Administrator, or similar role, demonstrating proficiency in both networking and systems administration. Strong understanding of network protocols, routing, switching, and network security practices. Familiarity with various operating systems, including Windows and VMWare ESXi and experience in system administration. Proficiency in configuring and managing virtualisation platforms such as VMware. Scripting skills (eg, PowerShell) for network and systems automation and optimisation. Knowledge of hardware components, server architecture, and storage systems (SANs). Familiarity with security tools, encryption, certificates, PKI, authentication, and patch management for both networks and systems. Excellent communication skills to collaborate effectively with technical and non-technical teams. Strong problem-solving abilities for diagnosing and resolving complex network and systems issues. Ability to manage multiple tasks, projects, and priorities while adhering to deadlines. Main benefits: Salary Life Assurance x 4 times annual salary Critical Illness x 2 times annual salary Westfield Health Cover - CashPlan and Hospital Plan Personal Private Pension (currently Scottish Widows). Salary Exchange. 5% company contribution 34 day holiday (includes public holidays) Contribution to fitness club or classes Please send a copy of your CV for more information and to discuss your suitability. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
17/05/2024
Full time
Our client is looking for a skilled and enthusiastic network engineer to join their team based around Glasgow. The ideal candidate will have a strong grasp of the requirements below. If you feel that you are capable, I would love to hear from you and discuss the position in full. Duties and Responsibilities Design, implement, configure and manage the organisation's network infrastructure, including LANs, WANs, VPNs, Routers, Switches, Firewalls, and wireless access points. Identify and address issues to ensure high availability, reliability, and optimal performance. Deploy and maintain the systems' infrastructure, including Servers, storage solutions, operating systems, virtualisation platforms and cloud services. Manage network and systems capacity planning to accommodate growth and changing computing requirements. Collaborate with IT teams worldwide to develop integrated network and systems solutions aligned with business objectives and technology standards. Perform regular security assessments and audits to identify vulnerabilities and implement necessary patches, updates, and security protocols. Design, implement and maintain disaster recovery and business continuity plans. Provide technical support to end-users and other IT teams, addressing network and systems-related incidents and challenges. Document network and systems configurations, procedures, and troubleshooting guides to facilitate knowledge sharing and training. Stay informed about emerging technologies, industry trends, and best practices in networking and systems engineering. Automate network and systems tasks using Scripting languages and configuration management tools. Work with vendors and service providers for procurement, maintenance, and support of network and systems equipment and software. Install hardware for systems and users, as required. Packaging and deployment of applications and software updates. Identify, propose, contribute and manage IT projects for continuous improvement. Qualifications, Knowledge & Skills Bachelor's degree in Computer Science, Information Technology, or related field; or relevant work experience for a minimum of five years. Proven experience as a Network Engineer/Administrator, Systems Engineer/Administrator, or similar role, demonstrating proficiency in both networking and systems administration. Strong understanding of network protocols, routing, switching, and network security practices. Familiarity with various operating systems, including Windows and VMWare ESXi and experience in system administration. Proficiency in configuring and managing virtualisation platforms such as VMware. Scripting skills (eg, PowerShell) for network and systems automation and optimisation. Knowledge of hardware components, server architecture, and storage systems (SANs). Familiarity with security tools, encryption, certificates, PKI, authentication, and patch management for both networks and systems. Excellent communication skills to collaborate effectively with technical and non-technical teams. Strong problem-solving abilities for diagnosing and resolving complex network and systems issues. Ability to manage multiple tasks, projects, and priorities while adhering to deadlines. Main benefits: Salary Life Assurance x 4 times annual salary Critical Illness x 2 times annual salary Westfield Health Cover - CashPlan and Hospital Plan Personal Private Pension (currently Scottish Widows). Salary Exchange. 5% company contribution 34 day holiday (includes public holidays) Contribution to fitness club or classes Please send a copy of your CV for more information and to discuss your suitability. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
Role - SPECIALIST - DATACENTRE SERVICES Job type - Full Time Work location - London, UK Job Description: Windows Active Directory SME -L3 Experience: 10+ years Primary responsibilities include Architecture, Planning, Build, Implement and support troubleshooting issues by analysing infrastructure and application alerts and Root Cause Analysis. Create and develop patterns/templates, reference architectures and automation runbooks/scripts enabling remote execution of tasks and auto-remediation. Perform vulnerability assessment and patch management activities for system reliability, performance, compliance and business continuity. Develop process and scripts for automating post-change security/environment/quality assurance testing for production release. Address P1/P2/P3 incidents and lead/coordinate scheduled changes in a 24/7/365 service environment. Technical Skills Must have excellent communication and problem-solving skills Hands-on experience to perform system installation and troubleshooting to normalize the impacted services. Systematic problem-solving approach coupled with a strong sense of ownership and drive. Experience to design, lead and participate in Business Continuity & Disaster Recovery activities. Sound experience in troubleshooting infrastructure, Identity and access related incidents. Previous working experience as a Windows SME of at least 8 years in a mid-to-large-scale multi-geo organization Experience in designing, analysing and troubleshooting large-scale distributed systems. Experience of Domain Migration, Transformation and consolidation. In-depth knowledge of Microsoft Windows Operating system and Services; like Active Directory, Azure AD/Entra ID, ADFS, RODC, AD Integrated DNS, DHCP, IIS, RADIUS, Terminal Services, Bitlocker, Multifactor Authentication, Performance Monitoring, etc. Demonstrable ability in managing windows server 2012/2016/2019. Strong knowledge of Active Directory architecture, including domains, forests, trusts, group policies, and LDAP. Must have experience with AD Group Policies, Fine Grain Password, Security and Distribution Groups, FSMO roles, Site Links & Replication, etc. Sound knowledge and experience of networking protocols and services eg TCP/IP, UDP, ICMP, etc., MAC addresses, IP packets, DNS, SDN, OSI layers and load balancing. Sound knowledge on DNS, HTTP, LDAP, SMTP and SNMP services/protocols. Good knowledge/Experience with E-mail and Collaboration technologies such as Exchange 2012, O365/M365, SharePoint online is an advantage.
17/05/2024
Full time
Role - SPECIALIST - DATACENTRE SERVICES Job type - Full Time Work location - London, UK Job Description: Windows Active Directory SME -L3 Experience: 10+ years Primary responsibilities include Architecture, Planning, Build, Implement and support troubleshooting issues by analysing infrastructure and application alerts and Root Cause Analysis. Create and develop patterns/templates, reference architectures and automation runbooks/scripts enabling remote execution of tasks and auto-remediation. Perform vulnerability assessment and patch management activities for system reliability, performance, compliance and business continuity. Develop process and scripts for automating post-change security/environment/quality assurance testing for production release. Address P1/P2/P3 incidents and lead/coordinate scheduled changes in a 24/7/365 service environment. Technical Skills Must have excellent communication and problem-solving skills Hands-on experience to perform system installation and troubleshooting to normalize the impacted services. Systematic problem-solving approach coupled with a strong sense of ownership and drive. Experience to design, lead and participate in Business Continuity & Disaster Recovery activities. Sound experience in troubleshooting infrastructure, Identity and access related incidents. Previous working experience as a Windows SME of at least 8 years in a mid-to-large-scale multi-geo organization Experience in designing, analysing and troubleshooting large-scale distributed systems. Experience of Domain Migration, Transformation and consolidation. In-depth knowledge of Microsoft Windows Operating system and Services; like Active Directory, Azure AD/Entra ID, ADFS, RODC, AD Integrated DNS, DHCP, IIS, RADIUS, Terminal Services, Bitlocker, Multifactor Authentication, Performance Monitoring, etc. Demonstrable ability in managing windows server 2012/2016/2019. Strong knowledge of Active Directory architecture, including domains, forests, trusts, group policies, and LDAP. Must have experience with AD Group Policies, Fine Grain Password, Security and Distribution Groups, FSMO roles, Site Links & Replication, etc. Sound knowledge and experience of networking protocols and services eg TCP/IP, UDP, ICMP, etc., MAC addresses, IP packets, DNS, SDN, OSI layers and load balancing. Sound knowledge on DNS, HTTP, LDAP, SMTP and SNMP services/protocols. Good knowledge/Experience with E-mail and Collaboration technologies such as Exchange 2012, O365/M365, SharePoint online is an advantage.
Role- Network Security Engineer Location- London, UK Job type- Full time Mandatory skills- AZURE NETWORK SPECIALIST Job Description: Experience: 7+ Years Primary responsibilities include Architecture, Planning, Build, Implement and support troubleshooting issues by analysing infrastructure and application alerts and Root Cause Analysis. Perform vulnerability assessment and management ensuring reliability, performance, compliance and business continuity. Develop process and scripts for automating post-change security/environment/quality assurance testing for production release. Address P1/P2/P3 incidents and lead/coordinate scheduled changes in a 24/7/365 service environment. Job Description: Experience and good knowledge in the design, development and Implementation of large-scale Network and Security solutions; comprised of Routing & Switching, Firewalls & VPNs, Load balancers, Network Virtualization & Software Defined Networking( IPV4/IPV6), etc. across On-premise and Cloud Infrastructure. Working experience and sound knowledge on Data Centre & Cloud Infrastructure Networking- Tools and Technologies Hands-on experience and ability to troubleshoot and support critical issues/escalations. Experience with load balancers such as F5, Array, Fortinet, etc. Experience with cloud service providers (AWS, GCP, Azure, etc.) Proven Experience in leading a Network Integration and transformation, in the capacity of Solution Architect/Sr. Engineer Experience in providing in-depth knowledge on network platforms and services, defining and documenting best practices and strategies. Experience or knowledge of Network & Security modelling Tools, NetDevOps, and Network Automation, towards Network as a Code will be an added advantage. Initiate, demonstrate and assume ownership of the opportunities and improvement areas, ensuring completeness of the technical requirements to support business needs. Stay up to date with emerging tools, technologies and trends in the enterprise domain comprising of Network& Security infrastructure and cloud services, leading to innovative solutions addressing the current and future needs Educational Qualification: Graduate- BE/BTech or Postgraduate - Electronics/Communications/Computer Science Certification: ITIL, CCNA/CCNP/JCNA, CCDP/CCIE, Azure/MCSE/RHCE or equivalent technical certifications
17/05/2024
Full time
Role- Network Security Engineer Location- London, UK Job type- Full time Mandatory skills- AZURE NETWORK SPECIALIST Job Description: Experience: 7+ Years Primary responsibilities include Architecture, Planning, Build, Implement and support troubleshooting issues by analysing infrastructure and application alerts and Root Cause Analysis. Perform vulnerability assessment and management ensuring reliability, performance, compliance and business continuity. Develop process and scripts for automating post-change security/environment/quality assurance testing for production release. Address P1/P2/P3 incidents and lead/coordinate scheduled changes in a 24/7/365 service environment. Job Description: Experience and good knowledge in the design, development and Implementation of large-scale Network and Security solutions; comprised of Routing & Switching, Firewalls & VPNs, Load balancers, Network Virtualization & Software Defined Networking( IPV4/IPV6), etc. across On-premise and Cloud Infrastructure. Working experience and sound knowledge on Data Centre & Cloud Infrastructure Networking- Tools and Technologies Hands-on experience and ability to troubleshoot and support critical issues/escalations. Experience with load balancers such as F5, Array, Fortinet, etc. Experience with cloud service providers (AWS, GCP, Azure, etc.) Proven Experience in leading a Network Integration and transformation, in the capacity of Solution Architect/Sr. Engineer Experience in providing in-depth knowledge on network platforms and services, defining and documenting best practices and strategies. Experience or knowledge of Network & Security modelling Tools, NetDevOps, and Network Automation, towards Network as a Code will be an added advantage. Initiate, demonstrate and assume ownership of the opportunities and improvement areas, ensuring completeness of the technical requirements to support business needs. Stay up to date with emerging tools, technologies and trends in the enterprise domain comprising of Network& Security infrastructure and cloud services, leading to innovative solutions addressing the current and future needs Educational Qualification: Graduate- BE/BTech or Postgraduate - Electronics/Communications/Computer Science Certification: ITIL, CCNA/CCNP/JCNA, CCDP/CCIE, Azure/MCSE/RHCE or equivalent technical certifications
We are currently looking on behalf of one of our important clients for an IT Quality Assurance & CSV Manager (German Speaking). The role is a permanent position based in Solothurn Canton & comes with some home office allowance. Your Role: Carry out personnel, technical & people life cycle management of a IT QA & CSV team. Act as a key contact person & all-rounder in the field of IT Quality Assurance & Computer Systems Validation. Advise & support system owners, project managers or suppliers in the validation of computer systems according to internal & external GxP/GAMP specifications (eg in the field of production systems SW, SW development, MES or database systems). Independently prepare the necessary documentation & execution of tests. Support the continuous development of IT processes (eg further development of internal CSV processes or certification of IT service areas according to ISO 27001: Information Security). Act as a key contact person as a CSV expert for customers & audits. Review & approval CSV & system documentation. Your Skills: At least 5 years of relevant professional experience including experience in IT Quality Assurance, Computer Systems Validation & Computer Software Assurance. A sound knowledge of IT Security, GDPR & IT Systems & Infrastructure. Experienced with Q-Systems (eg EU: Annex 11/FDA: 21CFR Part 11). Ideally experienced in the Medical Technology Sector. A knowledge of important IT Standards & Methods (eg ISO27001, ISO 80002-2, ITIL) or ISO 13485:2016 QMS for Medical Devices. Your Profile: Completed relevant Scientific or Technical University Degree. Strong communication skills, assertive & highly quality-oriented. Fluent English & good German language skills (to at least B2 Level) are a mandatory requirement.
17/05/2024
Full time
We are currently looking on behalf of one of our important clients for an IT Quality Assurance & CSV Manager (German Speaking). The role is a permanent position based in Solothurn Canton & comes with some home office allowance. Your Role: Carry out personnel, technical & people life cycle management of a IT QA & CSV team. Act as a key contact person & all-rounder in the field of IT Quality Assurance & Computer Systems Validation. Advise & support system owners, project managers or suppliers in the validation of computer systems according to internal & external GxP/GAMP specifications (eg in the field of production systems SW, SW development, MES or database systems). Independently prepare the necessary documentation & execution of tests. Support the continuous development of IT processes (eg further development of internal CSV processes or certification of IT service areas according to ISO 27001: Information Security). Act as a key contact person as a CSV expert for customers & audits. Review & approval CSV & system documentation. Your Skills: At least 5 years of relevant professional experience including experience in IT Quality Assurance, Computer Systems Validation & Computer Software Assurance. A sound knowledge of IT Security, GDPR & IT Systems & Infrastructure. Experienced with Q-Systems (eg EU: Annex 11/FDA: 21CFR Part 11). Ideally experienced in the Medical Technology Sector. A knowledge of important IT Standards & Methods (eg ISO27001, ISO 80002-2, ITIL) or ISO 13485:2016 QMS for Medical Devices. Your Profile: Completed relevant Scientific or Technical University Degree. Strong communication skills, assertive & highly quality-oriented. Fluent English & good German language skills (to at least B2 Level) are a mandatory requirement.
Cyber Security Engineer Manchester City Centre Hybrid Cybersecurity Engineer Are you a skilled cybersecurity professional looking to take your career to the next level? We're seeking a Mid-Level Cybersecurity Engineer to join our team and contribute to our organisation's security posture. If you're passionate about protecting systems, networks, and data, this role is for you! Responsibilities: Evaluate ongoing security needs: Continuously assess the organization's security requirements and establish standard operating procedures to respond to inbound security issues. Develop and implement threat models: Stay informed about new threats and attack vectors, and proactively address them. Perform routine security assessments/audits: Evaluate networks, systems, code, controls, and applications to identify vulnerabilities. Investigate intrusion attempts: Conduct in-depth analysis of exploits and security incidents. Stay educated: Keep up-to-date with the latest cybersecurity trends and best practices. Qualifications: Education: Relevant degree (eg, Bachelor's in Engineering, Information Security, Information Assurance, Computer Science). Certifications (preferred): CISSP (Certified Information Systems Security Professional) CEH (Certified Ethical Hacker) CompTIA Security+ Other relevant certifications (eg, GIAC, TIA, IAM) Experience: At least 3 years of experience in incident detection, response, and forensics. Technical Skills: Familiarity with NIST SP 800-53 and RMF implementation. Knowledge of PKI infrastructure tools. Understanding of Firewalls, proxies, and encryption. Proficiency in programming languages (Python, C++, Java, etc.). If you're interested, please apply below to have your application processed TODAY!
17/05/2024
Full time
Cyber Security Engineer Manchester City Centre Hybrid Cybersecurity Engineer Are you a skilled cybersecurity professional looking to take your career to the next level? We're seeking a Mid-Level Cybersecurity Engineer to join our team and contribute to our organisation's security posture. If you're passionate about protecting systems, networks, and data, this role is for you! Responsibilities: Evaluate ongoing security needs: Continuously assess the organization's security requirements and establish standard operating procedures to respond to inbound security issues. Develop and implement threat models: Stay informed about new threats and attack vectors, and proactively address them. Perform routine security assessments/audits: Evaluate networks, systems, code, controls, and applications to identify vulnerabilities. Investigate intrusion attempts: Conduct in-depth analysis of exploits and security incidents. Stay educated: Keep up-to-date with the latest cybersecurity trends and best practices. Qualifications: Education: Relevant degree (eg, Bachelor's in Engineering, Information Security, Information Assurance, Computer Science). Certifications (preferred): CISSP (Certified Information Systems Security Professional) CEH (Certified Ethical Hacker) CompTIA Security+ Other relevant certifications (eg, GIAC, TIA, IAM) Experience: At least 3 years of experience in incident detection, response, and forensics. Technical Skills: Familiarity with NIST SP 800-53 and RMF implementation. Knowledge of PKI infrastructure tools. Understanding of Firewalls, proxies, and encryption. Proficiency in programming languages (Python, C++, Java, etc.). If you're interested, please apply below to have your application processed TODAY!
Cloud Security Architect £45,000-85,000 Must be flexible for hybrid working London, Manchester, Bristol Currently working with a mammoth consultancy who provide audit, assurance, consulting and risk advisory services internationally who are currently looking for a Cyber Security SME to be at the heart of some of the biggest programmes undertaken to keep the United Kingdom safe. Requirements - Proven track record in leading multi-disciplinary Experience architecting secure, cloud-based (AWS) applications, inc. CI/CD Experience with Zero Trust Architecture, SBD, OWASP, NIST, CIS, NCSC baselines Strong foundation across the cybersecurity technology stack *Candidates must hold an active DV clearance* If this opportunity aligns with your expertise and aspirations, please connect with me at (see below) or call. Ref JD017
17/05/2024
Full time
Cloud Security Architect £45,000-85,000 Must be flexible for hybrid working London, Manchester, Bristol Currently working with a mammoth consultancy who provide audit, assurance, consulting and risk advisory services internationally who are currently looking for a Cyber Security SME to be at the heart of some of the biggest programmes undertaken to keep the United Kingdom safe. Requirements - Proven track record in leading multi-disciplinary Experience architecting secure, cloud-based (AWS) applications, inc. CI/CD Experience with Zero Trust Architecture, SBD, OWASP, NIST, CIS, NCSC baselines Strong foundation across the cybersecurity technology stack *Candidates must hold an active DV clearance* If this opportunity aligns with your expertise and aspirations, please connect with me at (see below) or call. Ref JD017
Security Architect (Cloud & Network) Permanent - £58k-£65k - 2 days per week from West London office, the rest working from home Our London based Public Sector client have an upcoming requirement for a Security Architect to join on a permanent basis. The purpose of the Security Architect is to be responsible for the architecture design, implementation of cloud, O365 and network security solutions across the organisation, while acting as the subject matter expert on Microsoft Azure Cloud (IaaS, PaaS) and Office365 Key duties for the Security Architect (Cloud & Network) Complete thorough risk assessments, identifying vulnerabilities within cloud and Office 365 environments, networks and creating security controls or configuring systems to enhance existing security features Architecture design and implementation of Azure cloud, Office 365 and network security solutions across the Council, including cloud native and third-party solutions, to secure network and cloud environments in accordance to best practice; Engage third-party vendors and tooling to complete Azure cloud, Office 365 and network security testing and assurance - implementing new products, configuration or improvements as required Design and build a secure 3rd party access environment to enable 3rd parties including Contractors, outsourced providers secure access to Cloud, Office 365 and network environment. Solution must include defined policies, process and deployment of technology including operational support - based on the principle of least-privilege access and designed to prevent lateral-movement of threat Recommend, configure, implement, and maintain all security platforms and any other related software. Plan and appraise ongoing assessment of antivirus, application control, Firewall, SIEM, VPN, SSL, intrusion detection or intrusion prevention and other cloud and network component policies Ensure cloud and network security best practices are executed through assurance of network configuration(s) including ingress/egress Routers, Switches, Firewall configurations, access controls (RBAC), least privilege and monitoring Responsible for periodic cloud and network vulnerability testing, and lead remediation projects Respond to security-related events and support in remediation efforts Key experience required for the Security Architect (Cloud & Network) Proven track record of successfully defining and architecting solutions based on Microsoft 365 and Microsoft Azure Knowledge of core Microsoft technologies such as SharePoint, MS Teams & Azure with the capability of designing and implementing solutions that integrate these. Technical know-how of security network devices (Switches, antivirus, Firewalls, cryptography, SIEM) and any other security networking hardware or software tools Minimum, two years' experience identifying threats and developing appropriate protection measures Demonstrable experience reviewing system changes for security implications and recommending improvements Knowledge of cross-government procurement frameworks and processes
17/05/2024
Full time
Security Architect (Cloud & Network) Permanent - £58k-£65k - 2 days per week from West London office, the rest working from home Our London based Public Sector client have an upcoming requirement for a Security Architect to join on a permanent basis. The purpose of the Security Architect is to be responsible for the architecture design, implementation of cloud, O365 and network security solutions across the organisation, while acting as the subject matter expert on Microsoft Azure Cloud (IaaS, PaaS) and Office365 Key duties for the Security Architect (Cloud & Network) Complete thorough risk assessments, identifying vulnerabilities within cloud and Office 365 environments, networks and creating security controls or configuring systems to enhance existing security features Architecture design and implementation of Azure cloud, Office 365 and network security solutions across the Council, including cloud native and third-party solutions, to secure network and cloud environments in accordance to best practice; Engage third-party vendors and tooling to complete Azure cloud, Office 365 and network security testing and assurance - implementing new products, configuration or improvements as required Design and build a secure 3rd party access environment to enable 3rd parties including Contractors, outsourced providers secure access to Cloud, Office 365 and network environment. Solution must include defined policies, process and deployment of technology including operational support - based on the principle of least-privilege access and designed to prevent lateral-movement of threat Recommend, configure, implement, and maintain all security platforms and any other related software. Plan and appraise ongoing assessment of antivirus, application control, Firewall, SIEM, VPN, SSL, intrusion detection or intrusion prevention and other cloud and network component policies Ensure cloud and network security best practices are executed through assurance of network configuration(s) including ingress/egress Routers, Switches, Firewall configurations, access controls (RBAC), least privilege and monitoring Responsible for periodic cloud and network vulnerability testing, and lead remediation projects Respond to security-related events and support in remediation efforts Key experience required for the Security Architect (Cloud & Network) Proven track record of successfully defining and architecting solutions based on Microsoft 365 and Microsoft Azure Knowledge of core Microsoft technologies such as SharePoint, MS Teams & Azure with the capability of designing and implementing solutions that integrate these. Technical know-how of security network devices (Switches, antivirus, Firewalls, cryptography, SIEM) and any other security networking hardware or software tools Minimum, two years' experience identifying threats and developing appropriate protection measures Demonstrable experience reviewing system changes for security implications and recommending improvements Knowledge of cross-government procurement frameworks and processes
Java Developer Position einhergehend mit Kenntnissen in Spring Boot bei unserem Kunden aus dem Finanzbereich in Zürich zu besetzen. Ihre Aufgaben: Erarbeiten einer Software Engineering Vision und eines Ziel Frameworks inklusive Roadmap Agieren als Verbindungsglied zwischen Architektur und Software Engineering Team Mitarbeiten am PoC die Internal Developer Plattform betreffend sowie Unterstützen bei der Aufarbeitung der Resultate und Erkenntnisse Partizipieren in der Konzeption und Umsetzung der ArgoCD Einführung Kooperieren mit dem Plattformteam bei der Operationalisierung der Quality Gates und Standards Ausarbeiten, Präsentieren und Dokumentieren zukünftiger Verantwortungen des Plattformteams bezüglich der IDP und der Software Engineering Vision Ihre Kenntnisse: Expertise im Umgang mit Java, JavaScript und JavaREST Umfangreiche Fertigkeiten in der Arbeit mit Spring Boot, Kubernetes und Docker Vertraut mit CI/CD Pipelines und Jenkins sowie mit Security und Quality Assurance Solide Kenntnisse in Microservice Architektur Sprachen: Deutsch und Englisch, fliessend in Wort und Schrift Ihre Soft Skills: Proaktiver Teamplayer mit exzellenten Kommunikationsfertigkeiten Ausgeprägte analytische Skills und eine lösungsorientierte Arbeitsweise Ort: Zürich, Schweiz Sektor: Finanzen Start: Per sofort Projektdauer: 04MM+ Ref .Nr.: BH21661 Machen Sie den nächsten Schritt und senden Sie uns Ihren Lebenslauf sowie eine Telefonnummer, unter der wir Sie tagsüber erreichen können. Aufgrund der schweizerischen Arbeitsgesetzgebung können wir nur Bewerbungen von Schweizer Staatsbürgern, EU-Bürgern und Personen mit einer Arbeitserlaubnis in Betracht ziehen. Ukrainische Flüchtlinge sind herzlich willkommen, und wir werden Sie auf Ihrem Weg unterstützen. Wir begrüssen Bewerbungen von Personen aller Geschlechter, Altersgruppen im erwerbsfähigen Alter, sexuellen Orientierungen, persönlichen Ausdrucksformen, ethnischen Zugehörigkeiten und religiösen Überzeugungen. Daher sind Angaben zum Geschlecht oder ein Foto in Ihrer Bewerbung nicht erforderlich. Aufgrund von Kundenanforderungen benötigen wir Informationen zu Ihrem Familienstand, Ihrer Staatsangehörigkeit, Ihrem Geburtsdatum sowie einer gültigen Schweizer Arbeitsbewilligung. Bei Bewerbern mit Behinderungen sind wir gerne bereit, gemeinsam mit unserem Endkunden mögliche Lösungen zu prüfen.
17/05/2024
Project-based
Java Developer Position einhergehend mit Kenntnissen in Spring Boot bei unserem Kunden aus dem Finanzbereich in Zürich zu besetzen. Ihre Aufgaben: Erarbeiten einer Software Engineering Vision und eines Ziel Frameworks inklusive Roadmap Agieren als Verbindungsglied zwischen Architektur und Software Engineering Team Mitarbeiten am PoC die Internal Developer Plattform betreffend sowie Unterstützen bei der Aufarbeitung der Resultate und Erkenntnisse Partizipieren in der Konzeption und Umsetzung der ArgoCD Einführung Kooperieren mit dem Plattformteam bei der Operationalisierung der Quality Gates und Standards Ausarbeiten, Präsentieren und Dokumentieren zukünftiger Verantwortungen des Plattformteams bezüglich der IDP und der Software Engineering Vision Ihre Kenntnisse: Expertise im Umgang mit Java, JavaScript und JavaREST Umfangreiche Fertigkeiten in der Arbeit mit Spring Boot, Kubernetes und Docker Vertraut mit CI/CD Pipelines und Jenkins sowie mit Security und Quality Assurance Solide Kenntnisse in Microservice Architektur Sprachen: Deutsch und Englisch, fliessend in Wort und Schrift Ihre Soft Skills: Proaktiver Teamplayer mit exzellenten Kommunikationsfertigkeiten Ausgeprägte analytische Skills und eine lösungsorientierte Arbeitsweise Ort: Zürich, Schweiz Sektor: Finanzen Start: Per sofort Projektdauer: 04MM+ Ref .Nr.: BH21661 Machen Sie den nächsten Schritt und senden Sie uns Ihren Lebenslauf sowie eine Telefonnummer, unter der wir Sie tagsüber erreichen können. Aufgrund der schweizerischen Arbeitsgesetzgebung können wir nur Bewerbungen von Schweizer Staatsbürgern, EU-Bürgern und Personen mit einer Arbeitserlaubnis in Betracht ziehen. Ukrainische Flüchtlinge sind herzlich willkommen, und wir werden Sie auf Ihrem Weg unterstützen. Wir begrüssen Bewerbungen von Personen aller Geschlechter, Altersgruppen im erwerbsfähigen Alter, sexuellen Orientierungen, persönlichen Ausdrucksformen, ethnischen Zugehörigkeiten und religiösen Überzeugungen. Daher sind Angaben zum Geschlecht oder ein Foto in Ihrer Bewerbung nicht erforderlich. Aufgrund von Kundenanforderungen benötigen wir Informationen zu Ihrem Familienstand, Ihrer Staatsangehörigkeit, Ihrem Geburtsdatum sowie einer gültigen Schweizer Arbeitsbewilligung. Bei Bewerbern mit Behinderungen sind wir gerne bereit, gemeinsam mit unserem Endkunden mögliche Lösungen zu prüfen.
The ideal candidate will be someone with experience of delivering large scale Identity and access management capabilities preferably in secure public sector environments. Experience and skills: Effective decision making and the ability to understand, solve and resolve technical challenges across varying levels of complexity and risk Takes responsible for leading the technical design of systems and services, justify and communicate design decisions Has experience of the identity and access management domain, including authentication protocols (OAuth, OpenID Connect and SAML) and account life cycle Comfortable with Java application stacks, REST API, Linux virtual server environments, cloud hosting (eg AWS or Azure), IP Networking, configuration of ports and Firewalls, DNS, certificates Provide technical leadership to the build teams and drive the value delivery in iterative dev/test cycles. Undertake structured analysis of technical issues and translating this analysis into technical designs that describe the required solution Identify opportunities to collaborate and reuse components, communicating with both technical and non-technical stakeholders Excellent communication and presentation skills and the ability to collaborate with senior stakeholders and 3rd parties providing technical direction and establishing agreements Able to provide technical leadership, guide and mentor the development team to build solutions according to the design Able to assimilate vendor product integration requirements and make design and technical decisions for optimal use of off-the-shelf and custom Java components, ensuring high performant systems, scalability and maintainability. Technical governance and the assurance of required digital identity services ensuring best practices are followed Good working knowledge of open source and Java technologies, including APIs and microservices Able to interact with and guide a skilled DevSecOps team Agile development methods - Scrum, Kanban, TDD, BDD, etc.
17/05/2024
Full time
The ideal candidate will be someone with experience of delivering large scale Identity and access management capabilities preferably in secure public sector environments. Experience and skills: Effective decision making and the ability to understand, solve and resolve technical challenges across varying levels of complexity and risk Takes responsible for leading the technical design of systems and services, justify and communicate design decisions Has experience of the identity and access management domain, including authentication protocols (OAuth, OpenID Connect and SAML) and account life cycle Comfortable with Java application stacks, REST API, Linux virtual server environments, cloud hosting (eg AWS or Azure), IP Networking, configuration of ports and Firewalls, DNS, certificates Provide technical leadership to the build teams and drive the value delivery in iterative dev/test cycles. Undertake structured analysis of technical issues and translating this analysis into technical designs that describe the required solution Identify opportunities to collaborate and reuse components, communicating with both technical and non-technical stakeholders Excellent communication and presentation skills and the ability to collaborate with senior stakeholders and 3rd parties providing technical direction and establishing agreements Able to provide technical leadership, guide and mentor the development team to build solutions according to the design Able to assimilate vendor product integration requirements and make design and technical decisions for optimal use of off-the-shelf and custom Java components, ensuring high performant systems, scalability and maintainability. Technical governance and the assurance of required digital identity services ensuring best practices are followed Good working knowledge of open source and Java technologies, including APIs and microservices Able to interact with and guide a skilled DevSecOps team Agile development methods - Scrum, Kanban, TDD, BDD, etc.
IT Security Officer NCSC, ISO27001, CIPT, CISSP, CISM, CISA Up to 50k depending on skills and experience. Hybrid will need to be onsite when required. You need to live within commutable distance of Salisbury and due to the clients location, own transport is essential You must be eligible for SC clearance (lived and worked in UK for the last 5 years minimum) What does the company do: Our client provides infrastructure and support services to the armed forces. What You'll Be Doing: With a strong emphasis on Information Security and compliance, this role is fundamental in ensuring our client complies with its ongoing information security obligations, including but not limited to: MOD Accreditation, ISO27001 and Cyber Essentials Plus. This is a new opportunity which will give you scope to make the role your own and advance your career in the longer term. What You'll Need To Know: Minimum of 3 years of hands-on experience of delivering information security best practice Experience of owning and delivering information security initiatives, including awareness programmes, phishing simulations and training. Experience/understanding of National Cyber Security Centre (NCSC) best practices and guidance Experience of leading and conducting audits (especially ISO27001) is essential in this role. Familiar with principles of good data governance, cyber security and data protection. Ability to work across multiple technical projects simultaneously as required, delivering to deadlines Nice To Have: Experience of working in a MoD restricted environment and familiarity with MoD security standards A recognised information security certification (such as CIPT, CISSP, CISM, CISA, Lead Auditor for ISO27001 What You'll Get to mention a few: 25 days holiday plus bank holidays Holiday purchase to up to 35 days leave in one year 1-2 volunteering days Pension scheme Life assurance x 4 - SmartSourcing are a Disability Confident Employer and we promote, celebrate and value diversity, we are committed to promoting equality and inclusion for all.
16/05/2024
Full time
IT Security Officer NCSC, ISO27001, CIPT, CISSP, CISM, CISA Up to 50k depending on skills and experience. Hybrid will need to be onsite when required. You need to live within commutable distance of Salisbury and due to the clients location, own transport is essential You must be eligible for SC clearance (lived and worked in UK for the last 5 years minimum) What does the company do: Our client provides infrastructure and support services to the armed forces. What You'll Be Doing: With a strong emphasis on Information Security and compliance, this role is fundamental in ensuring our client complies with its ongoing information security obligations, including but not limited to: MOD Accreditation, ISO27001 and Cyber Essentials Plus. This is a new opportunity which will give you scope to make the role your own and advance your career in the longer term. What You'll Need To Know: Minimum of 3 years of hands-on experience of delivering information security best practice Experience of owning and delivering information security initiatives, including awareness programmes, phishing simulations and training. Experience/understanding of National Cyber Security Centre (NCSC) best practices and guidance Experience of leading and conducting audits (especially ISO27001) is essential in this role. Familiar with principles of good data governance, cyber security and data protection. Ability to work across multiple technical projects simultaneously as required, delivering to deadlines Nice To Have: Experience of working in a MoD restricted environment and familiarity with MoD security standards A recognised information security certification (such as CIPT, CISSP, CISM, CISA, Lead Auditor for ISO27001 What You'll Get to mention a few: 25 days holiday plus bank holidays Holiday purchase to up to 35 days leave in one year 1-2 volunteering days Pension scheme Life assurance x 4 - SmartSourcing are a Disability Confident Employer and we promote, celebrate and value diversity, we are committed to promoting equality and inclusion for all.
Job Title - SC Cleared Health and Safety Assurance Improvement Lead Location - Portsmouth OR Salisbury Salary - £55,000- £63,000 Clearance - SC Clearance is highly desirable Benefits - Exceptional Pension, Bonus, Learning & Development support, 25 days holiday, rising to 30, subsidised gym, discounts with retailers, rental deposit support, option to buy & sell holiday The Client - Curo are partnering with an organisation that delivers world class science and technology, and harness deep operational understanding of defence and security needs. Duties: Be accountable for ensuring that the health, safety and environmental protection Assurance Plan is implemented fully, and working with members of the Risk, Assurance and Governance (RAG) Group to ensure that necessary health, safety and environmental protection assurance and investigation activities are: Identified Understood Planned and resourced Undertaken, with outputs managed with actions closed - on time, in full Promote learning across the company supporting the organisation to become a learning organisation alongside the ongoing development of health, safety and environmental protection management systems to drive industry leading application and performance. Provide direction to the health, safety and environmental protection Data Analysts in the development and monitoring of the companies health, safety and environmental protection performance via the QPulse reporting system including collation of monthly performance data and dashboard management. Essential Experience: Safety, Health and Environmental Diploma or equivalent, eg NVQ Level 5 3 years related experience with a proven background in results driven assurance related activity, strategy, learning development and delivery using a project based mind set to develop performance improvement plans. Be familiar with stakeholder requirements including in particular JSP (Joint Services Publications) in relation to company operations and support strategy and management system design and implementation to these requirements. GradIOSH/CMIOSH, AIEMA or equivalent Desirable Experience: SC Clearance is highly Institute of Leadership and Management Level 5 GradIOSH/CMIOSH (preferred) or AIEMA/PIEMA (preferred) or equivalent We are looking to move swiftly on this one, so apply today. We look forward to receiving your application. To apply for this SC Cleared Health and Safety Assurance Improvement Lead permanent job, please click the button below and submit your latest CV. Curo Services endeavours to respond to all applications, however this may not always be possible during periods of high volume. Thank you for your patience. Curo Services is a trading name of Curo Resourcing Ltd and acts as an Employment Business for contract and temporary recruitment as well as an Employment Agency in relation to permanent vacancies.
16/05/2024
Full time
Job Title - SC Cleared Health and Safety Assurance Improvement Lead Location - Portsmouth OR Salisbury Salary - £55,000- £63,000 Clearance - SC Clearance is highly desirable Benefits - Exceptional Pension, Bonus, Learning & Development support, 25 days holiday, rising to 30, subsidised gym, discounts with retailers, rental deposit support, option to buy & sell holiday The Client - Curo are partnering with an organisation that delivers world class science and technology, and harness deep operational understanding of defence and security needs. Duties: Be accountable for ensuring that the health, safety and environmental protection Assurance Plan is implemented fully, and working with members of the Risk, Assurance and Governance (RAG) Group to ensure that necessary health, safety and environmental protection assurance and investigation activities are: Identified Understood Planned and resourced Undertaken, with outputs managed with actions closed - on time, in full Promote learning across the company supporting the organisation to become a learning organisation alongside the ongoing development of health, safety and environmental protection management systems to drive industry leading application and performance. Provide direction to the health, safety and environmental protection Data Analysts in the development and monitoring of the companies health, safety and environmental protection performance via the QPulse reporting system including collation of monthly performance data and dashboard management. Essential Experience: Safety, Health and Environmental Diploma or equivalent, eg NVQ Level 5 3 years related experience with a proven background in results driven assurance related activity, strategy, learning development and delivery using a project based mind set to develop performance improvement plans. Be familiar with stakeholder requirements including in particular JSP (Joint Services Publications) in relation to company operations and support strategy and management system design and implementation to these requirements. GradIOSH/CMIOSH, AIEMA or equivalent Desirable Experience: SC Clearance is highly Institute of Leadership and Management Level 5 GradIOSH/CMIOSH (preferred) or AIEMA/PIEMA (preferred) or equivalent We are looking to move swiftly on this one, so apply today. We look forward to receiving your application. To apply for this SC Cleared Health and Safety Assurance Improvement Lead permanent job, please click the button below and submit your latest CV. Curo Services endeavours to respond to all applications, however this may not always be possible during periods of high volume. Thank you for your patience. Curo Services is a trading name of Curo Resourcing Ltd and acts as an Employment Business for contract and temporary recruitment as well as an Employment Agency in relation to permanent vacancies.
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
16/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
16/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
Senior GRC Specialist Salary: $120k-$135k + 10% bonus Location: Chicago, IL or Austin, TX Hybrid: 3 days in-office, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC Technical writing experience 4+ years of Information Security experience Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of Privileged Access Management technologies Responsibilities Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards, and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and life cycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes roadmap development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards.
15/05/2024
Full time
Senior GRC Specialist Salary: $120k-$135k + 10% bonus Location: Chicago, IL or Austin, TX Hybrid: 3 days in-office, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC Technical writing experience 4+ years of Information Security experience Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of Privileged Access Management technologies Responsibilities Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards, and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and life cycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes roadmap development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards.
Senior GRC Specialist Salary: $120k-$135k + 10% bonus Location: Chicago, IL or Austin, TX Hybrid: 3 days in-office, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC Technical writing experience 4+ years of Information Security experience Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of Privileged Access Management technologies Responsibilities Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards, and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and life cycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes roadmap development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards.
15/05/2024
Full time
Senior GRC Specialist Salary: $120k-$135k + 10% bonus Location: Chicago, IL or Austin, TX Hybrid: 3 days in-office, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC Technical writing experience 4+ years of Information Security experience Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of Privileged Access Management technologies Responsibilities Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards, and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and life cycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes roadmap development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards.
SC Cleared Software Engineer Salary: up to £74,000 D.O.E Location: West Midlands (Onsite) Our client, a rapidly growing defence company, are looking for a SC Cleared Software Engineer who's with Python and Networking experience to join them on a permanent basis. They offer world class technological and scientific knowledge to provide global security. As a software engineer, you'll be part of a highly motivated, skilled and multi-disciplinary team delivering to enhance national security , in sectors such as crypt-key , cyber assurance and other complex programmes! Key Tech: Python, Linux, Networking What you get: Flexible, adaptive working Health Cash Plan, Private Medical Insurance and Dental Insurance Matched contribution pension scheme, with life assurance Employee discount portal: Personal Accident Insurance, Travel Insurance, Restaurants, Cinema Tickets and much more Holiday Trading is a benefit that allows most employees to buy up to 5 days' additional leave. We are proud to support the Armed Forces community by honouring the Armed Forces Covenant And more! Our client has a 2 stage interview process and for the right candidate will interview as early as this week! If you're interested in this role, or know anyone who would be, then please apply to this advert with your latest CV.
15/05/2024
Full time
SC Cleared Software Engineer Salary: up to £74,000 D.O.E Location: West Midlands (Onsite) Our client, a rapidly growing defence company, are looking for a SC Cleared Software Engineer who's with Python and Networking experience to join them on a permanent basis. They offer world class technological and scientific knowledge to provide global security. As a software engineer, you'll be part of a highly motivated, skilled and multi-disciplinary team delivering to enhance national security , in sectors such as crypt-key , cyber assurance and other complex programmes! Key Tech: Python, Linux, Networking What you get: Flexible, adaptive working Health Cash Plan, Private Medical Insurance and Dental Insurance Matched contribution pension scheme, with life assurance Employee discount portal: Personal Accident Insurance, Travel Insurance, Restaurants, Cinema Tickets and much more Holiday Trading is a benefit that allows most employees to buy up to 5 days' additional leave. We are proud to support the Armed Forces community by honouring the Armed Forces Covenant And more! Our client has a 2 stage interview process and for the right candidate will interview as early as this week! If you're interested in this role, or know anyone who would be, then please apply to this advert with your latest CV.
IT Infrastructure Engineer Derbyshire Permanent to £35,000 (DOE) + Benefits IT Infrastructure Engineer needed for a permanent career opportunity based near Derby. Start ideally in June/July 2024. A chance to join an established and growing business with scope to work remotely from home (WFH) on a part time hybrid basis. Benefits include: 25 days holiday (plus an extra day every 3 years) + Pension + Life Assurance + Medical Insurance + Training & Development + Flexible Benefits Scheme. Key skills, experience + tasks: IT Infrastructure Engineer needed to build, implement + support the live IT Infrastructure environment. Technical Environment: Windows Server 2016/2019, Active Directory (AD), DNS/DHCP, Group Policies, SCCM, O365 + Azure Cloud. Ensuring the smooth running of the IT infrastructure with minimal downtime + preventative maintenance. Delivering IT infrastructure deployment + upgrade projects with the support of the wider team. Liaising with 3rd party IT suppliers + updating IT documentation. Networking: TCP/IP, VLANs, Switches, Routers, Cisco, Meraki, Virtualisation (Nutanix), Microsoft NPS, Duo MFA + Rapid7. Advantageous Skills: Firewalls, Endpoint Backup/Security, Mimecast Email Security, Cloud File Server, Egnyte, Nasuni, Meraki WiFi, SD-WAN infrastructure.
15/05/2024
Full time
IT Infrastructure Engineer Derbyshire Permanent to £35,000 (DOE) + Benefits IT Infrastructure Engineer needed for a permanent career opportunity based near Derby. Start ideally in June/July 2024. A chance to join an established and growing business with scope to work remotely from home (WFH) on a part time hybrid basis. Benefits include: 25 days holiday (plus an extra day every 3 years) + Pension + Life Assurance + Medical Insurance + Training & Development + Flexible Benefits Scheme. Key skills, experience + tasks: IT Infrastructure Engineer needed to build, implement + support the live IT Infrastructure environment. Technical Environment: Windows Server 2016/2019, Active Directory (AD), DNS/DHCP, Group Policies, SCCM, O365 + Azure Cloud. Ensuring the smooth running of the IT infrastructure with minimal downtime + preventative maintenance. Delivering IT infrastructure deployment + upgrade projects with the support of the wider team. Liaising with 3rd party IT suppliers + updating IT documentation. Networking: TCP/IP, VLANs, Switches, Routers, Cisco, Meraki, Virtualisation (Nutanix), Microsoft NPS, Duo MFA + Rapid7. Advantageous Skills: Firewalls, Endpoint Backup/Security, Mimecast Email Security, Cloud File Server, Egnyte, Nasuni, Meraki WiFi, SD-WAN infrastructure.
NO SPONSORSHIP Manager, Internal Audit Information Technology & Security SALARY: $130k - $165k plus 15% bonus LOCATION: Dallas, TX 3 days in office 2 days remote Looking for a Manager of audit of information technology and security. You will manage a staff over Microsoft applications, archer and GRC. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Qualifications Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Familiarity with: CyberArk, Splunk, SailPoint Familiarity with: ServiceNow, Jira, Confluence, GitHub Bachelor's degree 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
14/05/2024
Full time
NO SPONSORSHIP Manager, Internal Audit Information Technology & Security SALARY: $130k - $165k plus 15% bonus LOCATION: Dallas, TX 3 days in office 2 days remote Looking for a Manager of audit of information technology and security. You will manage a staff over Microsoft applications, archer and GRC. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Qualifications Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Familiarity with: CyberArk, Splunk, SailPoint Familiarity with: ServiceNow, Jira, Confluence, GitHub Bachelor's degree 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.