NO SPONSORSHIP Principal, Software Engineering Enterprise Monitoring - Splunk SALARY: $200k- $215k base w/up to 30% bonus LOCATION: Chicago, IL 3 days onsite, 2 days remote Looking for a technical team lead over the enterprise splunk monitoring system. You will be the SME in Splunk Monitoring, Cloud Native Applications running on Kubernetes within AWS. Responsibilities Translate middle and senior management strategic directives into workable technical directives Monitor project status and take remedial action on projects behind schedule and/or over budget Provide subject matter expertise for ongoing support of third-party tools like Splunk Provide expert-level technical mentoring to more junior members of the team Resolve complex support issues in non-production and production environments. Have an understanding of Cloud Native applications running on Kubernetes within AWS and how exposed APIs may be used to monitor them Assist production support and development staff in debugging environment defects using logging monitors and/or APM-related profiling data Create procedural and troubleshooting documentation related to enterprise monitoring systems and the applications they are monitoring Write complex automation scripts using common automation tools, such as Jenkins, Ansible, and Terraform for the installation, configuration, and/or upgrade of monitoring systems Qualifications Systems administration and change management practices Enterprise monitoring and reporting tools Experience Scripting and/or coding against APIs In-depth knowledge of common used management and monitoring tech Internet/Web based technologies ITLT Best Practices Experience with tech used to support microservices Network technologies AWS log collection such as CloudTrail, CloudWatch, VPC Flow Logs Monitoring and reporting using SNMP CI/CD tools such as Artifactory, Jenkins, and GIT Cloud native applications, including Terraform experience Technologies used to support microservices Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies Bachelor's degree 10+ years of related experience Minimum 10 years experience working in a distributed multi-platform environment. Minimum 3 years experience working with cloud native applications Minimum 3 years experience managing technical projects
07/05/2024
Full time
NO SPONSORSHIP Principal, Software Engineering Enterprise Monitoring - Splunk SALARY: $200k- $215k base w/up to 30% bonus LOCATION: Chicago, IL 3 days onsite, 2 days remote Looking for a technical team lead over the enterprise splunk monitoring system. You will be the SME in Splunk Monitoring, Cloud Native Applications running on Kubernetes within AWS. Responsibilities Translate middle and senior management strategic directives into workable technical directives Monitor project status and take remedial action on projects behind schedule and/or over budget Provide subject matter expertise for ongoing support of third-party tools like Splunk Provide expert-level technical mentoring to more junior members of the team Resolve complex support issues in non-production and production environments. Have an understanding of Cloud Native applications running on Kubernetes within AWS and how exposed APIs may be used to monitor them Assist production support and development staff in debugging environment defects using logging monitors and/or APM-related profiling data Create procedural and troubleshooting documentation related to enterprise monitoring systems and the applications they are monitoring Write complex automation scripts using common automation tools, such as Jenkins, Ansible, and Terraform for the installation, configuration, and/or upgrade of monitoring systems Qualifications Systems administration and change management practices Enterprise monitoring and reporting tools Experience Scripting and/or coding against APIs In-depth knowledge of common used management and monitoring tech Internet/Web based technologies ITLT Best Practices Experience with tech used to support microservices Network technologies AWS log collection such as CloudTrail, CloudWatch, VPC Flow Logs Monitoring and reporting using SNMP CI/CD tools such as Artifactory, Jenkins, and GIT Cloud native applications, including Terraform experience Technologies used to support microservices Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies Bachelor's degree 10+ years of related experience Minimum 10 years experience working in a distributed multi-platform environment. Minimum 3 years experience working with cloud native applications Minimum 3 years experience managing technical projects
Job Title: SOC Manager Company Overview: Our client, a leading organization in the financial services sector, is seeking a dedicated and experienced SOC Manager to join their team. This pivotal role will contribute to safeguarding the organization's digital assets and infrastructure from cybersecurity threats, ensuring a robust security posture and effective incident response. Starting ASAP, paying up to £90,000 per annum. Role Overview: As the SOC Manager, you will be responsible for providing strategic leadership, technical expertise, and operational oversight to the Security Operations Center (SOC) team. Your role will involve managing both external and internal SOC personnel, overseeing security monitoring and analysis, incident response, threat intelligence, and vulnerability management activities. Key Responsibilities: Act as the subject matter expert on SOC matters for the organization. Manage the external SOC team and a small internal team, ensuring alignment with organizational security objectives. Review output from the external SOC team and ensure compliance with requirements. Set clear goals and objectives for the SOC team, providing guidance, support, and training as needed. Oversee detection, analysis, and response to security incidents and breaches, coordinating incident response efforts. Conduct post-incident reviews and implement corrective actions to prevent recurrence. Stay abreast of cybersecurity threats, vulnerabilities, and trends, implementing and maintaining threat intelligence feeds and tools. Develop and refine SOC procedures and playbooks based on emerging threats and attack patterns. Evaluate new security solutions and technologies to enhance threat detection and response capabilities. Collaborate with IT and security teams to integrate security controls and automate workflow processes. Prepare and deliver regular reports on security incidents, trends, and metrics to senior management. Ensure compliance with regulatory requirements and industry standards for incident reporting and documentation. Identify opportunities to enhance SOC operations through process improvements and technology enhancements. Foster a culture of innovation and knowledge sharing within the SOC team and across the organization. Flexibility for out-of-hours work as required. Qualifications and Experience: Bachelor's degree in Cybersecurity, Computer Science, or related field. Relevant professional certifications such as CISSP, CISM, GIAC, or equivalent are preferred. Strong working experience with Sentinel. Familiarity with industry frameworks and standards such as NIST, ISO 27001, and CIS Controls. Experience with writing and socializing SOC policies, standards, and procedures. Strong understanding of information security concepts such as security architecture and design, Information security standards, and information security risk assessment. Excellent analytical, problem-solving, and communication skills.
07/05/2024
Full time
Job Title: SOC Manager Company Overview: Our client, a leading organization in the financial services sector, is seeking a dedicated and experienced SOC Manager to join their team. This pivotal role will contribute to safeguarding the organization's digital assets and infrastructure from cybersecurity threats, ensuring a robust security posture and effective incident response. Starting ASAP, paying up to £90,000 per annum. Role Overview: As the SOC Manager, you will be responsible for providing strategic leadership, technical expertise, and operational oversight to the Security Operations Center (SOC) team. Your role will involve managing both external and internal SOC personnel, overseeing security monitoring and analysis, incident response, threat intelligence, and vulnerability management activities. Key Responsibilities: Act as the subject matter expert on SOC matters for the organization. Manage the external SOC team and a small internal team, ensuring alignment with organizational security objectives. Review output from the external SOC team and ensure compliance with requirements. Set clear goals and objectives for the SOC team, providing guidance, support, and training as needed. Oversee detection, analysis, and response to security incidents and breaches, coordinating incident response efforts. Conduct post-incident reviews and implement corrective actions to prevent recurrence. Stay abreast of cybersecurity threats, vulnerabilities, and trends, implementing and maintaining threat intelligence feeds and tools. Develop and refine SOC procedures and playbooks based on emerging threats and attack patterns. Evaluate new security solutions and technologies to enhance threat detection and response capabilities. Collaborate with IT and security teams to integrate security controls and automate workflow processes. Prepare and deliver regular reports on security incidents, trends, and metrics to senior management. Ensure compliance with regulatory requirements and industry standards for incident reporting and documentation. Identify opportunities to enhance SOC operations through process improvements and technology enhancements. Foster a culture of innovation and knowledge sharing within the SOC team and across the organization. Flexibility for out-of-hours work as required. Qualifications and Experience: Bachelor's degree in Cybersecurity, Computer Science, or related field. Relevant professional certifications such as CISSP, CISM, GIAC, or equivalent are preferred. Strong working experience with Sentinel. Familiarity with industry frameworks and standards such as NIST, ISO 27001, and CIS Controls. Experience with writing and socializing SOC policies, standards, and procedures. Strong understanding of information security concepts such as security architecture and design, Information security standards, and information security risk assessment. Excellent analytical, problem-solving, and communication skills.
LA International Computer Consultants Ltd
Chippenham, Wiltshire
You'll have the following responsibilities * Capture detailed customer technical requirements and translation to detailed solution design in accordance with design methodologies. * Manage and recommend on the technical direction and helps determine the optimum solution design for customers. * Manage the review and validation processes for both new developments and in-life products and services, ensuring full integration across all aspects, considering the broad impact of solutions on the product roadmap. * Drive the improvement of design and delivery capabilities for end-to-end technical solutions. * Manage customer solution design engagement and statement of work creation, including any 3rd party deliverables. * Facilitate the development of strong customer relationships at the senior level through providing specialist service design expertise and influencing the customer's service strategy and operational decisions. Drive consistency in architecture and technical processes, with the aim of reducing costs and increasing productivity. * Undertake customer migration planning and implementation. * Coordinate impact assessments and design documentation updates. * Resolve complex solution and service issues, leads root cause analysis, troubleshooting and escalation. * Pursue the identification of potential risks and the implementation of controls and mitigations, ensuring compliance with relevant industry and company policies. * Ensure the delivery of thought leadership in complex bids and agreeing strategic approach as part of customer solution design. * Mentor other customer solution designers, helping to improve the team's abilities by acting as a technical resource. * Champion, continuously develop and share with team knowledge on emerging trends and changes in customer solution design. You'll have the following skills & experience * Hold UKSV Developed Vetting clearance. * Comprehensive knowledge and experience of on premise and cloud unified communication technology architecture disciplines: o Fixed voice telecommunications (PBX, carrier class VoIP/IPT and SIP) o Video conferencing o Enterprise mobility (4-5G, EMM, MDM) o PaaS, SaaS Unified and telecommunications solutions * Comprehensive knowledge and experience of telecommunication vendor technologies, solutions, and products (ie, Cisco, Juniper, Ericsson, Nokia, F5 and Palo Alto). * Comprehensive knowledge and hands on experience in designing, configuring, testing, and commissioning complex unified communication technologies. * Preferably have the following professional training and/or accreditations o Cisco technologies (CCNP Collaboration) o Ribbon technologies (SBC-ISP) o Blackberry technologies (BSIP) o VMware technologies (VCP-EUC) * and any one of these: o Avaya technologies (ACIS) o Atos technologies (STI) o VMware technologies (VCTA) o Any other industry COTS unified communication technologies * Proven commercial awareness to ensure CAPEX/OPEX costings of a proposed changed meets customer requirements. * Experience of identifying risks, impact, mitigation, and problem-solving in complex unified communication solutions. * Experienced in communicating complex unified communication technologies to key stakeholders with varying technical knowledge DV Clearance Please send in latest CV Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 18 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
07/05/2024
Project-based
You'll have the following responsibilities * Capture detailed customer technical requirements and translation to detailed solution design in accordance with design methodologies. * Manage and recommend on the technical direction and helps determine the optimum solution design for customers. * Manage the review and validation processes for both new developments and in-life products and services, ensuring full integration across all aspects, considering the broad impact of solutions on the product roadmap. * Drive the improvement of design and delivery capabilities for end-to-end technical solutions. * Manage customer solution design engagement and statement of work creation, including any 3rd party deliverables. * Facilitate the development of strong customer relationships at the senior level through providing specialist service design expertise and influencing the customer's service strategy and operational decisions. Drive consistency in architecture and technical processes, with the aim of reducing costs and increasing productivity. * Undertake customer migration planning and implementation. * Coordinate impact assessments and design documentation updates. * Resolve complex solution and service issues, leads root cause analysis, troubleshooting and escalation. * Pursue the identification of potential risks and the implementation of controls and mitigations, ensuring compliance with relevant industry and company policies. * Ensure the delivery of thought leadership in complex bids and agreeing strategic approach as part of customer solution design. * Mentor other customer solution designers, helping to improve the team's abilities by acting as a technical resource. * Champion, continuously develop and share with team knowledge on emerging trends and changes in customer solution design. You'll have the following skills & experience * Hold UKSV Developed Vetting clearance. * Comprehensive knowledge and experience of on premise and cloud unified communication technology architecture disciplines: o Fixed voice telecommunications (PBX, carrier class VoIP/IPT and SIP) o Video conferencing o Enterprise mobility (4-5G, EMM, MDM) o PaaS, SaaS Unified and telecommunications solutions * Comprehensive knowledge and experience of telecommunication vendor technologies, solutions, and products (ie, Cisco, Juniper, Ericsson, Nokia, F5 and Palo Alto). * Comprehensive knowledge and hands on experience in designing, configuring, testing, and commissioning complex unified communication technologies. * Preferably have the following professional training and/or accreditations o Cisco technologies (CCNP Collaboration) o Ribbon technologies (SBC-ISP) o Blackberry technologies (BSIP) o VMware technologies (VCP-EUC) * and any one of these: o Avaya technologies (ACIS) o Atos technologies (STI) o VMware technologies (VCTA) o Any other industry COTS unified communication technologies * Proven commercial awareness to ensure CAPEX/OPEX costings of a proposed changed meets customer requirements. * Experience of identifying risks, impact, mitigation, and problem-solving in complex unified communication solutions. * Experienced in communicating complex unified communication technologies to key stakeholders with varying technical knowledge DV Clearance Please send in latest CV Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 18 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
Security Risk Assessment Specialist - Permanent - Basel/Barcelona Robson Bale are looking for a Security Risk Assessment Specialist to come on board for a permanent opportunity in either Basel or Barcelona Permanent role, excellent salary 1-2 days per week on site in Basel or Barcelona German language skills would be useful but not mandatory Role: Proficient in conducting Security Business Impact Assessments, Threat and Vulnerability Assessments, and security controls assessments. Capable of assisting with policy and procedure design, with a focus on conducting assessments post-approval of Security BIA and Risk Management SOPs. Permanent role, excellent salary 1-2 days per week on site in Basel or Barcelona German language skills would be useful but not mandatory Security Risk Assessment Specialist - Permanent - Basel/Barcelona
07/05/2024
Full time
Security Risk Assessment Specialist - Permanent - Basel/Barcelona Robson Bale are looking for a Security Risk Assessment Specialist to come on board for a permanent opportunity in either Basel or Barcelona Permanent role, excellent salary 1-2 days per week on site in Basel or Barcelona German language skills would be useful but not mandatory Role: Proficient in conducting Security Business Impact Assessments, Threat and Vulnerability Assessments, and security controls assessments. Capable of assisting with policy and procedure design, with a focus on conducting assessments post-approval of Security BIA and Risk Management SOPs. Permanent role, excellent salary 1-2 days per week on site in Basel or Barcelona German language skills would be useful but not mandatory Security Risk Assessment Specialist - Permanent - Basel/Barcelona
Request Technology - Craig Johnson
Chicago, Illinois
*Position is bonus eligible* Prestigious Financial Company is currently seeking an Information Data Governance and Protection Analyst. Candidate will be responsible for supporting the development and implementation of the information governance, data protection, and privacy program. This includes supporting the development of strategies, policies, procedures, and controls related to the governance and protection of information throughout its life cycle. In addition, the role will work with stakeholders to define the information governance, data protection, and privacy requirements; will facilitate compliance with the identified requirements to control risk; will represent the program to internal and external stakeholders; and will support the development and implementation of training and awareness programs. This role will focus on compliance with applicable regulatory and legal rules and requirements (ie SEC-Regulation SCI, CFTC-System Safeguards, etc.) as they relate to information including support of regulatory exam and Internal Audit remediation planning, tracking, and mitigation. Responsibilities: Work with appropriate stakeholders and across the organization to create a culture that manages information as an enterprise asset Implementation of the information governance, data protection, and privacy program including the development of policies, procedures, and job aids Identification, implementation, and use of technologies to support program objectives and classification standards Execution of controls and risk assessments (eg, third-party risk, privacy, data protection) Responsible in performing the privacy impact assessment on data incidents and working with relevant stakeholders like Security Services and Legal to help closing the incident. Creation and execution of strategies to identify information across the organization and throughout its life cycle Preparation of program for regulatory and internal audits/examinations and timely remediation of any findings Use of technology/tools to track projects, manage deliverables and create reporting that support the program and its objectives Support of compliance assessments for information governance, data protection, and privacy including development of controls to measure risk Development and maintenance of the organization's Records and Information Management (RIM) program, ensuring information across all media and formats is properly retained and disposed including remediation of Legacy information Ensure retention, disposition, protection, and classification are addressed in new applications, platforms, and systems Collaborate with internal and external stakeholders to implement information governance, data protection, and privacy policies and requirements Support and develop training and awareness programs for information governance, data protection, and privacy. Identify trends in privacy and regulatory requirements, compliance enforcement, and action the necessary changes in the program. Qualifications: Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings Experience with Privacy requirements and work with personal information and its protection Strong strategic thinking, problem solving, and analytic skills Utilize metrics as means to improve performance Ability to adapt to change in emerging environments and work across multiple areas Experience in developing policies and procedures Experience in project management, project execution, and managing multiple priorities in a timeline driven environment Experience working in a highly regulated environment including an understanding of audit and compliance requirements Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Bachelor's degree or higher in information management, information systems, law, computer science or BA/BS in another discipline with equivalent experience Experience in the financial services industry Certifications Preferred: Certifications in Information, Data, Privacy Records or Security such as: Certified Information Privacy Professional (CIPP), Certified Information Privacy Management (CIPM), Certified Records Manager (CRM), and/or Certified Information Privacy Technologist (CIPT), Certified Information Systems Security Professional (CISSP), Information Governance Professional (IGP), Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA)
06/05/2024
Full time
*Position is bonus eligible* Prestigious Financial Company is currently seeking an Information Data Governance and Protection Analyst. Candidate will be responsible for supporting the development and implementation of the information governance, data protection, and privacy program. This includes supporting the development of strategies, policies, procedures, and controls related to the governance and protection of information throughout its life cycle. In addition, the role will work with stakeholders to define the information governance, data protection, and privacy requirements; will facilitate compliance with the identified requirements to control risk; will represent the program to internal and external stakeholders; and will support the development and implementation of training and awareness programs. This role will focus on compliance with applicable regulatory and legal rules and requirements (ie SEC-Regulation SCI, CFTC-System Safeguards, etc.) as they relate to information including support of regulatory exam and Internal Audit remediation planning, tracking, and mitigation. Responsibilities: Work with appropriate stakeholders and across the organization to create a culture that manages information as an enterprise asset Implementation of the information governance, data protection, and privacy program including the development of policies, procedures, and job aids Identification, implementation, and use of technologies to support program objectives and classification standards Execution of controls and risk assessments (eg, third-party risk, privacy, data protection) Responsible in performing the privacy impact assessment on data incidents and working with relevant stakeholders like Security Services and Legal to help closing the incident. Creation and execution of strategies to identify information across the organization and throughout its life cycle Preparation of program for regulatory and internal audits/examinations and timely remediation of any findings Use of technology/tools to track projects, manage deliverables and create reporting that support the program and its objectives Support of compliance assessments for information governance, data protection, and privacy including development of controls to measure risk Development and maintenance of the organization's Records and Information Management (RIM) program, ensuring information across all media and formats is properly retained and disposed including remediation of Legacy information Ensure retention, disposition, protection, and classification are addressed in new applications, platforms, and systems Collaborate with internal and external stakeholders to implement information governance, data protection, and privacy policies and requirements Support and develop training and awareness programs for information governance, data protection, and privacy. Identify trends in privacy and regulatory requirements, compliance enforcement, and action the necessary changes in the program. Qualifications: Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings Experience with Privacy requirements and work with personal information and its protection Strong strategic thinking, problem solving, and analytic skills Utilize metrics as means to improve performance Ability to adapt to change in emerging environments and work across multiple areas Experience in developing policies and procedures Experience in project management, project execution, and managing multiple priorities in a timeline driven environment Experience working in a highly regulated environment including an understanding of audit and compliance requirements Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Bachelor's degree or higher in information management, information systems, law, computer science or BA/BS in another discipline with equivalent experience Experience in the financial services industry Certifications Preferred: Certifications in Information, Data, Privacy Records or Security such as: Certified Information Privacy Professional (CIPP), Certified Information Privacy Management (CIPM), Certified Records Manager (CRM), and/or Certified Information Privacy Technologist (CIPT), Certified Information Systems Security Professional (CISSP), Information Governance Professional (IGP), Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA)
*Hybrid, 3 days onsite, 2 days remote* A prestigious company is looking for an Associate Principal, Information Governance (Data Protection). This individual will help support the development and implementation of information governance data protection privacy program. This position will focus on strategies, policies, procedures, controls, compliance, etc. This person will need to have experience working on risk, audit, support of applications, network, databases, and other technical domains. Responsibilities: Implementation of the information governance, data protection, and privacy program including the development of policies, procedures, and job aids Identification, implementation, and use of technologies to support program objectives and classification standards Execution of controls and risk assessments (eg, third-party risk, privacy, data protection) Responsible in performing the privacy impact assessment on data incidents and working with relevant stakeholders like Security Services and Legal to help closing the incident. Creation and execution of strategies to identify information across the organization and throughout its life cycle Preparation of program for regulatory and internal audits/examinations and timely remediation of any findings Use of technology/tools to track projects, manage deliverables and create reporting that support the program and its objectives Support of compliance assessments for information governance, data protection, and privacy including development of controls to measure risk Development and maintenance of the organization's Records and Information Management (RIM) program, ensuring information across all media and formats is properly retained and disposed including remediation of Legacy information Ensure retention, disposition, protection, and classification are addressed in new applications, platforms, and systems Support and develop training and awareness programs for information governance, data protection, and privacy. Identify trends in privacy and regulatory requirements, compliance enforcement, and action the necessary changes in the program Qualifications: Bachelor's degree or higher in information management, information systems, law, computer science or BA/BS in another discipline with equivalent experience Previous work with information or data governance control activities in the financial services industry. Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings Experience with Privacy requirements and work with personal information and its protection Experience working in a highly regulated environment including an understanding of audit and compliance requirements Understanding of and interest in technology selection and implementation Experience in Information Security related policy, procedure and control writing
06/05/2024
Full time
*Hybrid, 3 days onsite, 2 days remote* A prestigious company is looking for an Associate Principal, Information Governance (Data Protection). This individual will help support the development and implementation of information governance data protection privacy program. This position will focus on strategies, policies, procedures, controls, compliance, etc. This person will need to have experience working on risk, audit, support of applications, network, databases, and other technical domains. Responsibilities: Implementation of the information governance, data protection, and privacy program including the development of policies, procedures, and job aids Identification, implementation, and use of technologies to support program objectives and classification standards Execution of controls and risk assessments (eg, third-party risk, privacy, data protection) Responsible in performing the privacy impact assessment on data incidents and working with relevant stakeholders like Security Services and Legal to help closing the incident. Creation and execution of strategies to identify information across the organization and throughout its life cycle Preparation of program for regulatory and internal audits/examinations and timely remediation of any findings Use of technology/tools to track projects, manage deliverables and create reporting that support the program and its objectives Support of compliance assessments for information governance, data protection, and privacy including development of controls to measure risk Development and maintenance of the organization's Records and Information Management (RIM) program, ensuring information across all media and formats is properly retained and disposed including remediation of Legacy information Ensure retention, disposition, protection, and classification are addressed in new applications, platforms, and systems Support and develop training and awareness programs for information governance, data protection, and privacy. Identify trends in privacy and regulatory requirements, compliance enforcement, and action the necessary changes in the program Qualifications: Bachelor's degree or higher in information management, information systems, law, computer science or BA/BS in another discipline with equivalent experience Previous work with information or data governance control activities in the financial services industry. Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings Experience with Privacy requirements and work with personal information and its protection Experience working in a highly regulated environment including an understanding of audit and compliance requirements Understanding of and interest in technology selection and implementation Experience in Information Security related policy, procedure and control writing
Manager, Internal Audit - IT/Security Salary: open + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 5+ years of experience in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software. Security tools such as: CyberArk, Splunk, SailPoint Change management tools such as: ServiceNow, Jira, Confluence, GitHub Preferred Databases such as: Oracle, DB2, SQL Cloud-based solutions: AWS, Azure, Oracle Cloud, Workday Relevant Certifications Responsibilities Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality, and auditee experience.
03/05/2024
Full time
Manager, Internal Audit - IT/Security Salary: open + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 5+ years of experience in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software. Security tools such as: CyberArk, Splunk, SailPoint Change management tools such as: ServiceNow, Jira, Confluence, GitHub Preferred Databases such as: Oracle, DB2, SQL Cloud-based solutions: AWS, Azure, Oracle Cloud, Workday Relevant Certifications Responsibilities Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality, and auditee experience.
Manager, Internal Audit - IT/Security Salary: open + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 5+ years of experience in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software. Security tools such as: CyberArk, Splunk, SailPoint Change management tools such as: ServiceNow, Jira, Confluence, GitHub Preferred Databases such as: Oracle, DB2, SQL Cloud-based solutions: AWS, Azure, Oracle Cloud, Workday Relevant Certifications Responsibilities Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality, and auditee experience.
03/05/2024
Full time
Manager, Internal Audit - IT/Security Salary: open + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 5+ years of experience in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software. Security tools such as: CyberArk, Splunk, SailPoint Change management tools such as: ServiceNow, Jira, Confluence, GitHub Preferred Databases such as: Oracle, DB2, SQL Cloud-based solutions: AWS, Azure, Oracle Cloud, Workday Relevant Certifications Responsibilities Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality, and auditee experience.
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
03/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
03/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
Outstanding opportunity to this fast paced, rapidly growing, PropTech scale up on a permanent basis as an AWS DevSecOps (AWS Security Engineer). This software business provides the world's leading technology platform for property management and estate agency globally and offers the opportunity to shape the direction of a newly formed DevSecOps function regarding security policies, tooling and best practice. We're looking for an experienced engineer, competent in responding and resolving cloud security incidents with deep AWS security expertise and an understanding of engineering cloud platforms on an infrastructure as code basis (IaC). You'll require the following skills and experience: 3+ years' experience as a DevSecOps Engineer or Security Engineer with AWS In depth knowledge of AWS security tools inc. SecurityHub, Inspector, Detective, CloudTrail, GuardDuty and CloudWatch Proficiency in AWS services and features, including IAM, VPC, EC2, S3, RDS, Lambda, and CloudFormation Strong understanding of security best practices, principles, and frameworks, such as ISO 27001 controls and NIST Guidelines Experience in implementing security automation using Scripting languages eg Python and infrastructure-as-code (IaC) tools Ability to perform security threat modelling and risk assessments to identify and prioritize security risks Experience with security incident response and handling, including log analysis and forensics Outstanding business stakeholder engagement and management experience, inc. presenting of solutions to the exec team Certifications such as AWS Certified Security Specialist are a plus £70k-£75k + bonus + benefits. 90% remote, occasional travel the Midlands
02/05/2024
Full time
Outstanding opportunity to this fast paced, rapidly growing, PropTech scale up on a permanent basis as an AWS DevSecOps (AWS Security Engineer). This software business provides the world's leading technology platform for property management and estate agency globally and offers the opportunity to shape the direction of a newly formed DevSecOps function regarding security policies, tooling and best practice. We're looking for an experienced engineer, competent in responding and resolving cloud security incidents with deep AWS security expertise and an understanding of engineering cloud platforms on an infrastructure as code basis (IaC). You'll require the following skills and experience: 3+ years' experience as a DevSecOps Engineer or Security Engineer with AWS In depth knowledge of AWS security tools inc. SecurityHub, Inspector, Detective, CloudTrail, GuardDuty and CloudWatch Proficiency in AWS services and features, including IAM, VPC, EC2, S3, RDS, Lambda, and CloudFormation Strong understanding of security best practices, principles, and frameworks, such as ISO 27001 controls and NIST Guidelines Experience in implementing security automation using Scripting languages eg Python and infrastructure-as-code (IaC) tools Ability to perform security threat modelling and risk assessments to identify and prioritize security risks Experience with security incident response and handling, including log analysis and forensics Outstanding business stakeholder engagement and management experience, inc. presenting of solutions to the exec team Certifications such as AWS Certified Security Specialist are a plus £70k-£75k + bonus + benefits. 90% remote, occasional travel the Midlands
Request Technology - Craig Johnson
San Francisco, California
*We are unable to sponsor for this 6+ Month Contract role* Prestigious Fortune 500 Company is currently seeking a Security Red Team Operator. Candidate will take a structured approach to Red Team operations (ie, testing in lab environments, creating and operating according to runbooks and SOPs, writing detailed after-action reports, participating in daily operation syncs). This is currently a two-person team. As such, the candidate will need to be a highly motivated, self-sufficient, and capable of collaborating on a small team where consensus is a must for operations to be successful. This role will also be involved in our Tabletop Exercise planning and execution, and therefore, will need excellent written and oral communication skills when dealing with all levels of the organization, from executives to individual contributors. The Red team is responsible for testing the overall strength of our organizations defenses (the technology, the processes, and the people) by simulating the objectives and actions of an attacker. Responsibilities: Perform internal and external penetration testing of network infrastructure and applications Perform Red team assessments including physical, social engineering, and network exploitation Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases Perform network reconnaissance, OSINT, social engineering, and physical security reviews Participate in regular exercises and perform adversary simulations to test defense controls Assist with scoping prospective engagements, leading engagements from kickoff through remediation Work closely with Blue team to test efficacy of existing alerts and help create new detection. Create findings reports and communicate to stakeholders Contribute to enhancing the teams toolkit Write custom scripts to automate tasks related to finding new vulnerabilities Maintain runbooks to continually improve penetration testing methodologies and threat modelling. Qualifications : 5+ years of experience in Penetration testing, Red Team and Purple Team Bachelor of Science in Engineering, Computer Science, Information Technology, or equivalent work experience Advanced knowledge in common penetration testing tools (Metasploit, Burp Suite, Cobalt Strike, Empire, KALI Linux etc.) Must have a demonstrable understanding of voice and data networks, major operating systems, Active Directory, cloud technologies Must demonstrate knowledge of MITREs ATT&CK framework, execute and chain TTPs Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms. Ability to optimally code in a Scripting language (Python, Bash, PowerShell, Perl, etc.) OSCP
01/05/2024
Project-based
*We are unable to sponsor for this 6+ Month Contract role* Prestigious Fortune 500 Company is currently seeking a Security Red Team Operator. Candidate will take a structured approach to Red Team operations (ie, testing in lab environments, creating and operating according to runbooks and SOPs, writing detailed after-action reports, participating in daily operation syncs). This is currently a two-person team. As such, the candidate will need to be a highly motivated, self-sufficient, and capable of collaborating on a small team where consensus is a must for operations to be successful. This role will also be involved in our Tabletop Exercise planning and execution, and therefore, will need excellent written and oral communication skills when dealing with all levels of the organization, from executives to individual contributors. The Red team is responsible for testing the overall strength of our organizations defenses (the technology, the processes, and the people) by simulating the objectives and actions of an attacker. Responsibilities: Perform internal and external penetration testing of network infrastructure and applications Perform Red team assessments including physical, social engineering, and network exploitation Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases Perform network reconnaissance, OSINT, social engineering, and physical security reviews Participate in regular exercises and perform adversary simulations to test defense controls Assist with scoping prospective engagements, leading engagements from kickoff through remediation Work closely with Blue team to test efficacy of existing alerts and help create new detection. Create findings reports and communicate to stakeholders Contribute to enhancing the teams toolkit Write custom scripts to automate tasks related to finding new vulnerabilities Maintain runbooks to continually improve penetration testing methodologies and threat modelling. Qualifications : 5+ years of experience in Penetration testing, Red Team and Purple Team Bachelor of Science in Engineering, Computer Science, Information Technology, or equivalent work experience Advanced knowledge in common penetration testing tools (Metasploit, Burp Suite, Cobalt Strike, Empire, KALI Linux etc.) Must have a demonstrable understanding of voice and data networks, major operating systems, Active Directory, cloud technologies Must demonstrate knowledge of MITREs ATT&CK framework, execute and chain TTPs Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms. Ability to optimally code in a Scripting language (Python, Bash, PowerShell, Perl, etc.) OSCP
Information & Operational Risk Manager | Long Term Project | Financial Enterprise Our client, a leading global financial institution, is currently looking for an experienced Information & Operational Risk Manager to join their team. The company is known for being a reliable partner in offering consumer loans. Therefore, they need to make sure that they monitor all types of risks when handing out loans. In this position, you will responsible for the operational and Information risks, and you will make the translation to the necessary process controls. Your responsibilities: Writing the 2LoD risk advice for the team Coordinating and writing a 2LoD risk assessment for product reviews Evaluating the existing risk control framework and testing controls Validating risk events and resolved issues. Requirements: Fluency in Dutch Minimum 5 years' experience in a non-financial risk management/IT risk management Experience working in a banking environment is a plus Excellent stakeholder management skills About Levy: Since 2000 Levy provides professional Solutions to organizations ranging from tech start-ups to global players. From our offices in the UK and Amsterdam we have built an international local network of skilled employed professionals and contractors fueled by our passion for connecting skills with projects. Over the years we have fulfilled over 1700 requirements and nowadays we consistently have 250+ professionals recruited and relocated from 14 countries allocated to various projects. Our strength is the way that we see and treat people. This will always be a key factor in our strategy for many years to come multiplying by unity!
01/05/2024
Project-based
Information & Operational Risk Manager | Long Term Project | Financial Enterprise Our client, a leading global financial institution, is currently looking for an experienced Information & Operational Risk Manager to join their team. The company is known for being a reliable partner in offering consumer loans. Therefore, they need to make sure that they monitor all types of risks when handing out loans. In this position, you will responsible for the operational and Information risks, and you will make the translation to the necessary process controls. Your responsibilities: Writing the 2LoD risk advice for the team Coordinating and writing a 2LoD risk assessment for product reviews Evaluating the existing risk control framework and testing controls Validating risk events and resolved issues. Requirements: Fluency in Dutch Minimum 5 years' experience in a non-financial risk management/IT risk management Experience working in a banking environment is a plus Excellent stakeholder management skills About Levy: Since 2000 Levy provides professional Solutions to organizations ranging from tech start-ups to global players. From our offices in the UK and Amsterdam we have built an international local network of skilled employed professionals and contractors fueled by our passion for connecting skills with projects. Over the years we have fulfilled over 1700 requirements and nowadays we consistently have 250+ professionals recruited and relocated from 14 countries allocated to various projects. Our strength is the way that we see and treat people. This will always be a key factor in our strategy for many years to come multiplying by unity!
Role: This position's prime responsibilities are for the development of new (to blank deposition technologies, new materials systems and new deposition products, the latter including coating challenges that blank may undertake for customers. The position improves the efficiency and throughput of the existing equipment and processes. The position is also responsible for any external Coating research collaborations that blank undertakes. Monitor global developments in thin film technology that might impact blank and to provide technical assessments of developing areas of application that might provide new business opportunities. Deliver business transformation through disruptive technology innovation. Review customer and market feedback to maximize impact of development and innovation efforts. Develop technology and innovation roadmaps that are aligned with our customers existing and emerging needs. Ensure the site has access to all sources of manufacturing and process best practice so that we gain and sustain a competitive advantage over our competitors. Assists the business development, sales, and marketing functions to maximise the competitiveness and responsiveness of our products and processes. Enable manufacturable results from development and innovation efforts. Leverage risks and opportunities- pursue and adopt new technologies and drive implementation across product lines Participate in proposal development and champion estimates and technical statements of work whilst serving as a technical spokesperson for blank Infrared. Serve as a key interface with customers and takes their needs and requirements as inputs to create high-value solutions. Implementation of optimal, cost-effective manufacturing processes and methods in accordance with product specifications and quality standards; recommends and implements improvements to production processes, methods, and controls; coordinates manufacturing launch for new or revised products An Engineering Degree in a STEM subject Preferred: Physics or Chemistry Proven Knowledge of Thin Film Coating Deposition Design and Control 5+ years of experience in high technology manufacturing or research labs Competent in Project Management Essential: Microsoft Office, Coating Design Software Possess strong problem-solving skills with an attention to detail Highly analytical mindset - Capability to travel internationally to support customer visits SmartSourcing are a Disability Confident Employer and we promote, celebrate and value diversity, we are committed to promoting equality and inclusion for all
01/05/2024
Full time
Role: This position's prime responsibilities are for the development of new (to blank deposition technologies, new materials systems and new deposition products, the latter including coating challenges that blank may undertake for customers. The position improves the efficiency and throughput of the existing equipment and processes. The position is also responsible for any external Coating research collaborations that blank undertakes. Monitor global developments in thin film technology that might impact blank and to provide technical assessments of developing areas of application that might provide new business opportunities. Deliver business transformation through disruptive technology innovation. Review customer and market feedback to maximize impact of development and innovation efforts. Develop technology and innovation roadmaps that are aligned with our customers existing and emerging needs. Ensure the site has access to all sources of manufacturing and process best practice so that we gain and sustain a competitive advantage over our competitors. Assists the business development, sales, and marketing functions to maximise the competitiveness and responsiveness of our products and processes. Enable manufacturable results from development and innovation efforts. Leverage risks and opportunities- pursue and adopt new technologies and drive implementation across product lines Participate in proposal development and champion estimates and technical statements of work whilst serving as a technical spokesperson for blank Infrared. Serve as a key interface with customers and takes their needs and requirements as inputs to create high-value solutions. Implementation of optimal, cost-effective manufacturing processes and methods in accordance with product specifications and quality standards; recommends and implements improvements to production processes, methods, and controls; coordinates manufacturing launch for new or revised products An Engineering Degree in a STEM subject Preferred: Physics or Chemistry Proven Knowledge of Thin Film Coating Deposition Design and Control 5+ years of experience in high technology manufacturing or research labs Competent in Project Management Essential: Microsoft Office, Coating Design Software Possess strong problem-solving skills with an attention to detail Highly analytical mindset - Capability to travel internationally to support customer visits SmartSourcing are a Disability Confident Employer and we promote, celebrate and value diversity, we are committed to promoting equality and inclusion for all