Vallum
Reading, Berkshire
Job: Security Architect Location: Reading, UK, Hybrid Job Type: Permanent Job Description We are seeking a highly skilled and experienced Security Architect to join our team who will be responsible for development of the Security Architecture that ensures the appropriate protection of all aspects of security, (people, process, electronic, data, physical) in Spring Fibre. You will be a subject matter expert and provide security guidance and recommendations to technology/business teams and contribute toSpring's security policies, standards, and guidelines related to information and Network security. This is a technical role and suitable for someone who has hands on experience in Cybersecurity. Responsibilities Help develop an Enterprise Security Architecture Framework, including patterns for identity & authentication, authorization and access control, cryptographic key and certificate management, auditing and security monitoring, data leakage prevention, privacy enhancement & protection and other standards in alignment with Enterprise Architect platforms. Establish metrics and monitoring to report the effectiveness and efficiency of the Security Architecture function. Identify, register and maintain security risks throughout their lifetimes, including agreeing treatment of risks with their owners, and reporting &escalating to Internal Audit and the CIO, when necessary. Develop, review and update security & privacy policies & standards and provide awareness guidelines, implementation and exceptions advice. Engage with owners & custodians of BAU IT systems to understand the architecture, data flow and security controls in their systems. Conduct periodic security compliance assessments and ISO 27001/2 reviews of BAU IT applications, infrastructures & ISMS. Review the security posture of potential M&A acquisition targets. Requirement Mapping long term business requirements to security architecture frameworks such as NIST, CIS etc. Experience delivering Hybrid Cloud and Internet facing applications with a strong focus on cyber security. Broad hands-on knowledge of Firewalls, intrusion detection systems, data encryption, and other industry-standard techniques and practices. Strong knowledge of IT infrastructure, IP Networking, security best practices, and automation technologies. Application security: including but not limited to: authentication, identity and access management, auditing, use of cryptography, data security, privacy enhancing technologies, web services security, OWASP, threat & vulnerability management and secure code development methodologies. Infrastructure security: including but not limited to: network security, host security, database security, device security, VPNs & SSLs, secure file transfers, security event monitoring, malware security and cyber security. Operational security: including but not limited to: incident management, change & patch management, data centre & physical security, backups, DR & BCP, outsourcing, managed services, cloud computing, asset management, cryptographic keys & certificate management, PCI DSS and DPA compliance and ISO 27001/2. Analysing network security controls, including Firewall and Router security configuration. Preferred Delivering the security review processes and frameworks, with full audit trail. Managing multiple security assessments and changing priorities, simultaneously Ensuring Security Architecture Review is built into group wide and business specific processes for acquiring and developing new technology,including developing any needed processes. Aligning business requirements to complex security architecture frameworks. Skills Required: In depth knowledge of: Firewall: Juniper/Cisco/PaloAlto. Onion Security, Splunk, Suricata, Kali. Application Security. Identity and Access Management. Data Protection. Endpoint Security. Cyber Security Operations. Experienced with Threat Modelling. Pen testing and basic incident response. Scripting languages ( python, or PowerShell/building dashboards/au-tomating common tasks) Preferred: Experience in designing systems against a zero-trust architecture. Experience with designing SOC architectures (ie SIEM, SOAR and vulnerability management solutions). Expert-level certification in either AWS or Azure, with a Security specialization. Experience in working within regulated environments, such as PCI-DSS Experience in defining secure development life cycles. Qualifications Bachelor's Degree in either Computer Science, Computer Engineering, Software Engineering, Electrical Engineering, Math, Physics. CISSP, Certified Information Systems Security Professional, International Information Systems Security Certification Consortium (ISC2) Certification, Microsoft Azure Solutions Architect, or AWS Solutions Architect.
Job: Security Architect Location: Reading, UK, Hybrid Job Type: Permanent Job Description We are seeking a highly skilled and experienced Security Architect to join our team who will be responsible for development of the Security Architecture that ensures the appropriate protection of all aspects of security, (people, process, electronic, data, physical) in Spring Fibre. You will be a subject matter expert and provide security guidance and recommendations to technology/business teams and contribute toSpring's security policies, standards, and guidelines related to information and Network security. This is a technical role and suitable for someone who has hands on experience in Cybersecurity. Responsibilities Help develop an Enterprise Security Architecture Framework, including patterns for identity & authentication, authorization and access control, cryptographic key and certificate management, auditing and security monitoring, data leakage prevention, privacy enhancement & protection and other standards in alignment with Enterprise Architect platforms. Establish metrics and monitoring to report the effectiveness and efficiency of the Security Architecture function. Identify, register and maintain security risks throughout their lifetimes, including agreeing treatment of risks with their owners, and reporting &escalating to Internal Audit and the CIO, when necessary. Develop, review and update security & privacy policies & standards and provide awareness guidelines, implementation and exceptions advice. Engage with owners & custodians of BAU IT systems to understand the architecture, data flow and security controls in their systems. Conduct periodic security compliance assessments and ISO 27001/2 reviews of BAU IT applications, infrastructures & ISMS. Review the security posture of potential M&A acquisition targets. Requirement Mapping long term business requirements to security architecture frameworks such as NIST, CIS etc. Experience delivering Hybrid Cloud and Internet facing applications with a strong focus on cyber security. Broad hands-on knowledge of Firewalls, intrusion detection systems, data encryption, and other industry-standard techniques and practices. Strong knowledge of IT infrastructure, IP Networking, security best practices, and automation technologies. Application security: including but not limited to: authentication, identity and access management, auditing, use of cryptography, data security, privacy enhancing technologies, web services security, OWASP, threat & vulnerability management and secure code development methodologies. Infrastructure security: including but not limited to: network security, host security, database security, device security, VPNs & SSLs, secure file transfers, security event monitoring, malware security and cyber security. Operational security: including but not limited to: incident management, change & patch management, data centre & physical security, backups, DR & BCP, outsourcing, managed services, cloud computing, asset management, cryptographic keys & certificate management, PCI DSS and DPA compliance and ISO 27001/2. Analysing network security controls, including Firewall and Router security configuration. Preferred Delivering the security review processes and frameworks, with full audit trail. Managing multiple security assessments and changing priorities, simultaneously Ensuring Security Architecture Review is built into group wide and business specific processes for acquiring and developing new technology,including developing any needed processes. Aligning business requirements to complex security architecture frameworks. Skills Required: In depth knowledge of: Firewall: Juniper/Cisco/PaloAlto. Onion Security, Splunk, Suricata, Kali. Application Security. Identity and Access Management. Data Protection. Endpoint Security. Cyber Security Operations. Experienced with Threat Modelling. Pen testing and basic incident response. Scripting languages ( python, or PowerShell/building dashboards/au-tomating common tasks) Preferred: Experience in designing systems against a zero-trust architecture. Experience with designing SOC architectures (ie SIEM, SOAR and vulnerability management solutions). Expert-level certification in either AWS or Azure, with a Security specialization. Experience in working within regulated environments, such as PCI-DSS Experience in defining secure development life cycles. Qualifications Bachelor's Degree in either Computer Science, Computer Engineering, Software Engineering, Electrical Engineering, Math, Physics. CISSP, Certified Information Systems Security Professional, International Information Systems Security Certification Consortium (ISC2) Certification, Microsoft Azure Solutions Architect, or AWS Solutions Architect.
ARM (Advanced Resource Managers)
Lead IT Security Manager Permanent Birmingham - 2 Days per week on site £48,900 - £61,140 per annum My client in the Rail industry are looking for a Lead IT Security Manager to join their fast-paced Operations team on a permanent basis. The Lead IT Security Manager is responsible for is the effective management of the Security Operations pillar within the IT Security, Compliance & Identity function. This includes Security technology and Security Operations Centre management. Key focus areas for this role, the ideal candidate will have experience in each of the below; Threat & Vulnerability Management Security Operations Centre - 24/7 Outsourced Web & Content Filtering - ProofPoint, Zscaler, etc. Endpoint Security Infrastructure Security Accountabilities * Lead the Security Operations pillar, determining and delivering requirements, methods, and tools to provide value and reduce risk across proactive monitoring, incident response, threat management and vulnerability management (among other activity) . * Lead the creation and maintenance of Security Operations policy, standards procedures, and documentation (including playbooks and guidance). * Manage the application and compliance of security operations procedures, reviewing actual and potential security breaches, and ensuring their investigation. * Lead the Security Operations team's response to incidents, recommending actions and appropriate control improvements. * Monitor the external environment to gather intelligence on emerging technologies, documenting impacts, threats, and opportunities to IT. * Provide expert advice on threat intelligence activities, identifying which threat categories are most dangerous to the organization and how to defend against them. * Manage vulnerability assessment activities within company IT, providing expert advice where necessary in the review of vulnerability assessment tools and techniques. * Develop, maintain, and test Security Operations' incident management procedures, investigating escalated incidents and facilitating recovery post-incident resolution. * Lead Security Operations risk management activities, leading on the identification of risks and vulnerabilities and assessment of their impacts. * Manage and oversee the day-to-day activity of the SOC supplier who will deliver security capabilities, communicating their activity to relevant teams. * Manage the design, delivery, maintenance, and continuous improvement of the IT Security Ops capabilities in line with business needs. * Manage the Security Operations Centre (SOC) capability, ensuring effective protection, defence, and response to IT security risks. * Promote the Security, Compliance & Identity function to develop and enhance the team profile to develop enduring relationships with stakeholders and teams. * Implement a multi-year Security roadmap that provides proactive capabilities which enable business objectives. * Actively promote and embed Equality Diversity and Inclusion (EDI) in all your work, and support and comply with all organisational initiatives, policies and procedures on EDI. Skills: * Relationship Building. Ability to develop and maintain strong relationships with internal and external stakeholders. * Security Operations. Ability provide leadership for live security incidents and helping conduct robust investigations in order to identify corrective actions and see them through to completion. * Threat Intelligence. Ability to provide guidance on proactive threat identification, analysis, and mitigation. Skilled in actionable intelligence, industry sources, and general awareness of threat landscape. * Vulnerability Assessment. Ability to identify and classify security vulnerabilities in networks, systems and applications and mitigating or eliminating their impact. * Risk Management. Ability to identify IT security operations risks and the delivery of audit remediation activities. * Emerging technology monitoring. Ability to identify and assess new and emerging technologies, products, services, methods and techniques. Knowledge: * Knowledge of IT Service Frameworks, methodologies, and best practice such as ITIL v4 and Agile. * Knowledge of day-to-day activities and best practice within a SOC. * Knowledge of technical security such as Firewalls, network security groups, and access controls. Type of Experience: * Experience of leading a team through the full IT service life cycle, enhancing security posture, and evolving capabilities via continual service improvement. * Experience of leading live cyber incidents and the remediation actions. * Experience of partnering with supplier teams for managed services delivery of improvements. * Experience across the full IT security spectrum (software, Servers, infrastructure, and networks). * Experience designing and implementing secure systems, leading review where necessary of complex security issues. * Experience of enabling and informing risk-based decisions. * Experience dealing with the security implications of transformation and day-to-day product changes. * Experience working with system architectures, displaying a strong understanding of the impact of vulnerabilities on varied systems Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
Lead IT Security Manager Permanent Birmingham - 2 Days per week on site £48,900 - £61,140 per annum My client in the Rail industry are looking for a Lead IT Security Manager to join their fast-paced Operations team on a permanent basis. The Lead IT Security Manager is responsible for is the effective management of the Security Operations pillar within the IT Security, Compliance & Identity function. This includes Security technology and Security Operations Centre management. Key focus areas for this role, the ideal candidate will have experience in each of the below; Threat & Vulnerability Management Security Operations Centre - 24/7 Outsourced Web & Content Filtering - ProofPoint, Zscaler, etc. Endpoint Security Infrastructure Security Accountabilities * Lead the Security Operations pillar, determining and delivering requirements, methods, and tools to provide value and reduce risk across proactive monitoring, incident response, threat management and vulnerability management (among other activity) . * Lead the creation and maintenance of Security Operations policy, standards procedures, and documentation (including playbooks and guidance). * Manage the application and compliance of security operations procedures, reviewing actual and potential security breaches, and ensuring their investigation. * Lead the Security Operations team's response to incidents, recommending actions and appropriate control improvements. * Monitor the external environment to gather intelligence on emerging technologies, documenting impacts, threats, and opportunities to IT. * Provide expert advice on threat intelligence activities, identifying which threat categories are most dangerous to the organization and how to defend against them. * Manage vulnerability assessment activities within company IT, providing expert advice where necessary in the review of vulnerability assessment tools and techniques. * Develop, maintain, and test Security Operations' incident management procedures, investigating escalated incidents and facilitating recovery post-incident resolution. * Lead Security Operations risk management activities, leading on the identification of risks and vulnerabilities and assessment of their impacts. * Manage and oversee the day-to-day activity of the SOC supplier who will deliver security capabilities, communicating their activity to relevant teams. * Manage the design, delivery, maintenance, and continuous improvement of the IT Security Ops capabilities in line with business needs. * Manage the Security Operations Centre (SOC) capability, ensuring effective protection, defence, and response to IT security risks. * Promote the Security, Compliance & Identity function to develop and enhance the team profile to develop enduring relationships with stakeholders and teams. * Implement a multi-year Security roadmap that provides proactive capabilities which enable business objectives. * Actively promote and embed Equality Diversity and Inclusion (EDI) in all your work, and support and comply with all organisational initiatives, policies and procedures on EDI. Skills: * Relationship Building. Ability to develop and maintain strong relationships with internal and external stakeholders. * Security Operations. Ability provide leadership for live security incidents and helping conduct robust investigations in order to identify corrective actions and see them through to completion. * Threat Intelligence. Ability to provide guidance on proactive threat identification, analysis, and mitigation. Skilled in actionable intelligence, industry sources, and general awareness of threat landscape. * Vulnerability Assessment. Ability to identify and classify security vulnerabilities in networks, systems and applications and mitigating or eliminating their impact. * Risk Management. Ability to identify IT security operations risks and the delivery of audit remediation activities. * Emerging technology monitoring. Ability to identify and assess new and emerging technologies, products, services, methods and techniques. Knowledge: * Knowledge of IT Service Frameworks, methodologies, and best practice such as ITIL v4 and Agile. * Knowledge of day-to-day activities and best practice within a SOC. * Knowledge of technical security such as Firewalls, network security groups, and access controls. Type of Experience: * Experience of leading a team through the full IT service life cycle, enhancing security posture, and evolving capabilities via continual service improvement. * Experience of leading live cyber incidents and the remediation actions. * Experience of partnering with supplier teams for managed services delivery of improvements. * Experience across the full IT security spectrum (software, Servers, infrastructure, and networks). * Experience designing and implementing secure systems, leading review where necessary of complex security issues. * Experience of enabling and informing risk-based decisions. * Experience dealing with the security implications of transformation and day-to-day product changes. * Experience working with system architectures, displaying a strong understanding of the impact of vulnerabilities on varied systems Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
PLYMOUTH MARINE LABORATORY
Plymouth, Devon
Digital Research Infrastructure Engineer - Linux Specialist PML operations grade 4 £30000 - £45000 DOE Full Time Open Ended Appointment The Role We have an exciting opportunity at PML for an individual with skills in Linux system administration to join the PML s Digital Innovation and Marine Autonomy (DIMA) group. The role provides a business critical link between scientists, PML Applications (commercial work) and our IT Group to support the Linux computing infrastructure as it continues to evolve, underpinning PML science in multiple areas and across all levels. This ranges from data generation, (storage technologies and data management), processing and analysis (high performance computing and technologies such as JupyterHub), to making visual outputs for end users (web technologies and virtualisation) to increase the reach and impact of PML science. About You You will enjoy working with others to help deliver a modern and reliable digital infrastructure to underpin the world leading research carried out at PML. You will understand the importance of stability from existing infrastructure but will also be keen to learn and try new technologies. You will have experience of administering Linux systems, ideally using Ubuntu, and will be able to make use of scripts and common tools such as ansible to manage this. You will understand the importance of taking a proactive approach to identify and resolve and problems and will be able to make use of monitoring software (e.g., Nagios, Grafana) to accomplish this. You will understand best practices in cybersecurity and be able to apply these. Skills Required Linux systems administration and monitoring Linux scripting (e.g., bash and Python) Experience in management of data at the Terrabyte to Petabyte scale and storage technologies such as NFS and S3. Cybersecurity (Understand and apply best practices) Container technologies (Docker and Kubernetes) High performance Computing (Slurm) Virtualisation (VMWare) Key Deliverables Maintain our storage infrastructure to ensure data is distributed across servers based on existing capacity and projected changes in data volumes. This includes regular data moves and liaising with stakeholders to ensure data is backed up and archiving projects are completes as needed. Monitor high performance computing infrastructure to identify and resolve problems either on their own or by working with IT (depending on the nature of the problem). Act of a point of contact between scientists and IT to answer questions, help identify solutions and provide training. Work with the data architect to maintain and develop web infrastructure used to provide existing and planned data search and visualisation services. Manage the NEODAAS GPU cluster (MAGEO), including liaising with IT, vendors and system users. About PML As a marine-focused charity we develop and apply innovative science with a view to ensuring ocean sustainability. With over 40 years of experience, we offer evidence-based solutions to societal challenges. Our impact spans from research publications to informing policies and training future scientists. The science undertaken at PML contributes to UN Sustainable Development Goals by promoting healthy, productive and resilient oceans and seas. To support PML s science it operates in house Linux infrastructure used for processing satellite data, running models and making outputs accessible through web visualisation tools. This infrastructure includes a large amount of storage (6 PB), a High-Performance Computing cluster with over 1500 cores, a 40 GPU cluster (the MAssive GPU cluster for Earth Observation; MAGEO) and a virtual machine cluster. The role will be part of the Digital Innovation and Marine Autonomy (DIMA) group within PML. DIMA is a pioneering digital science group dedicated to advancing PML s world-class and cutting-edge environmental research through the utilisation of state-of-the-art digital and autonomous technologies. The team comprises research software engineers, research infrastructure engineers, marine technologists and scientists who work on a variety of projects using autonomous vessels, satellite data, drones, Artificial Intelligence, High Performance Computing and data visualisation tools to help deliver PML s goals. The team have an enthusiasm for solving problems through collaboration and shared learning.
Digital Research Infrastructure Engineer - Linux Specialist PML operations grade 4 £30000 - £45000 DOE Full Time Open Ended Appointment The Role We have an exciting opportunity at PML for an individual with skills in Linux system administration to join the PML s Digital Innovation and Marine Autonomy (DIMA) group. The role provides a business critical link between scientists, PML Applications (commercial work) and our IT Group to support the Linux computing infrastructure as it continues to evolve, underpinning PML science in multiple areas and across all levels. This ranges from data generation, (storage technologies and data management), processing and analysis (high performance computing and technologies such as JupyterHub), to making visual outputs for end users (web technologies and virtualisation) to increase the reach and impact of PML science. About You You will enjoy working with others to help deliver a modern and reliable digital infrastructure to underpin the world leading research carried out at PML. You will understand the importance of stability from existing infrastructure but will also be keen to learn and try new technologies. You will have experience of administering Linux systems, ideally using Ubuntu, and will be able to make use of scripts and common tools such as ansible to manage this. You will understand the importance of taking a proactive approach to identify and resolve and problems and will be able to make use of monitoring software (e.g., Nagios, Grafana) to accomplish this. You will understand best practices in cybersecurity and be able to apply these. Skills Required Linux systems administration and monitoring Linux scripting (e.g., bash and Python) Experience in management of data at the Terrabyte to Petabyte scale and storage technologies such as NFS and S3. Cybersecurity (Understand and apply best practices) Container technologies (Docker and Kubernetes) High performance Computing (Slurm) Virtualisation (VMWare) Key Deliverables Maintain our storage infrastructure to ensure data is distributed across servers based on existing capacity and projected changes in data volumes. This includes regular data moves and liaising with stakeholders to ensure data is backed up and archiving projects are completes as needed. Monitor high performance computing infrastructure to identify and resolve problems either on their own or by working with IT (depending on the nature of the problem). Act of a point of contact between scientists and IT to answer questions, help identify solutions and provide training. Work with the data architect to maintain and develop web infrastructure used to provide existing and planned data search and visualisation services. Manage the NEODAAS GPU cluster (MAGEO), including liaising with IT, vendors and system users. About PML As a marine-focused charity we develop and apply innovative science with a view to ensuring ocean sustainability. With over 40 years of experience, we offer evidence-based solutions to societal challenges. Our impact spans from research publications to informing policies and training future scientists. The science undertaken at PML contributes to UN Sustainable Development Goals by promoting healthy, productive and resilient oceans and seas. To support PML s science it operates in house Linux infrastructure used for processing satellite data, running models and making outputs accessible through web visualisation tools. This infrastructure includes a large amount of storage (6 PB), a High-Performance Computing cluster with over 1500 cores, a 40 GPU cluster (the MAssive GPU cluster for Earth Observation; MAGEO) and a virtual machine cluster. The role will be part of the Digital Innovation and Marine Autonomy (DIMA) group within PML. DIMA is a pioneering digital science group dedicated to advancing PML s world-class and cutting-edge environmental research through the utilisation of state-of-the-art digital and autonomous technologies. The team comprises research software engineers, research infrastructure engineers, marine technologists and scientists who work on a variety of projects using autonomous vessels, satellite data, drones, Artificial Intelligence, High Performance Computing and data visualisation tools to help deliver PML s goals. The team have an enthusiasm for solving problems through collaboration and shared learning.