Cyber Security Lead - Bristol - Hybrid working - £85,000 - £95,000 pa - Not-for-profit organisation Cyber Security/Lead/Cloud/SIEM/Strategy We have a fantastic opportunity for a Cyber Security Lead to work for a superb company in Bristol. Our client is looking for a Cyber Security Lead who will be responsible for defining the overarching security posture for the company. They are looking for someone that can be strategic as well as hands on. Key Responsibilities: You will be responsible for defining, developing and maintaining the cyber security strategy across the organisation. You will monitor threats from vulnerability managements tools and support the design, implementation and management of any SIEM tools. You will promote a level of cyber security culture and awareness across the organisation Provide leadership and insights into security threats You will lead any investigations into Cyber security breaches or suspected breaches You will provide regular reporting to Senior stakeholders on security progress and issues Experience required: CISM, CISSP, CISA or similar professional qualification Strong understanding of best practice in relation to Cyber Security Around 7+ years of experience working in Security Engineering Strong knowledge of security tooling and technologies including SIEM, vulnerability management, DLP etc Experience of working in environments using ISO27001 or Cyber Essentials Plus Good knowledge of cloud platforms - AWS and Azure Good understanding of the current threat landscape Excellent communication skills Ability to build and manage relationships with stakeholders at all levels across the organisation. If this role sounds of interest and you think your skills match the requirements, please send me your CV and I will call you to discuss in more detail. Cyber Security/Lead/Cloud/SIEM/Strategy
20/05/2024
Full time
Cyber Security Lead - Bristol - Hybrid working - £85,000 - £95,000 pa - Not-for-profit organisation Cyber Security/Lead/Cloud/SIEM/Strategy We have a fantastic opportunity for a Cyber Security Lead to work for a superb company in Bristol. Our client is looking for a Cyber Security Lead who will be responsible for defining the overarching security posture for the company. They are looking for someone that can be strategic as well as hands on. Key Responsibilities: You will be responsible for defining, developing and maintaining the cyber security strategy across the organisation. You will monitor threats from vulnerability managements tools and support the design, implementation and management of any SIEM tools. You will promote a level of cyber security culture and awareness across the organisation Provide leadership and insights into security threats You will lead any investigations into Cyber security breaches or suspected breaches You will provide regular reporting to Senior stakeholders on security progress and issues Experience required: CISM, CISSP, CISA or similar professional qualification Strong understanding of best practice in relation to Cyber Security Around 7+ years of experience working in Security Engineering Strong knowledge of security tooling and technologies including SIEM, vulnerability management, DLP etc Experience of working in environments using ISO27001 or Cyber Essentials Plus Good knowledge of cloud platforms - AWS and Azure Good understanding of the current threat landscape Excellent communication skills Ability to build and manage relationships with stakeholders at all levels across the organisation. If this role sounds of interest and you think your skills match the requirements, please send me your CV and I will call you to discuss in more detail. Cyber Security/Lead/Cloud/SIEM/Strategy
IAM Engineer Contract length: 12 months (extensions available) Status: Inside IR35 Location: Hybrid (up to one day a week in office) Start date: ASAP Industry: Public Sector Interview Process: 2 stage, MS Teams A renowned consultancy is looking for a SC cleared IAM engineer to join their end client within the public sector. This security expert will be working with highly sensitive data, learning new technologies and solving complex technical problems for their identity governance and access management on a Sailpoint application modernisation project. Responsibilities: Technical design & implementation of enterprise IAM solutions Software deployment Change management Hands on software development Delivering against deployment delivery model Working in an agile environment Required Active HO SC clearance Expert in IAM - with a focus on identity governance Strong background using Sailpoint Desired Sailpoint IDN CyberArk Microsoft Entra ID Microsoft AD ServiceNow Access management module
20/05/2024
Project-based
IAM Engineer Contract length: 12 months (extensions available) Status: Inside IR35 Location: Hybrid (up to one day a week in office) Start date: ASAP Industry: Public Sector Interview Process: 2 stage, MS Teams A renowned consultancy is looking for a SC cleared IAM engineer to join their end client within the public sector. This security expert will be working with highly sensitive data, learning new technologies and solving complex technical problems for their identity governance and access management on a Sailpoint application modernisation project. Responsibilities: Technical design & implementation of enterprise IAM solutions Software deployment Change management Hands on software development Delivering against deployment delivery model Working in an agile environment Required Active HO SC clearance Expert in IAM - with a focus on identity governance Strong background using Sailpoint Desired Sailpoint IDN CyberArk Microsoft Entra ID Microsoft AD ServiceNow Access management module
IAM Engineer Contract length: 12 months (extensions available) Status: Inside IR35 Location: Hybrid (up to one day a week in office) Start date: ASAP Industry: Public Sector Interview Process: 2 stage, MS Teams A renowned consultancy is looking for a SC cleared IAM engineer to join their end client within the public sector. This security expert will be working with highly sensitive data, learning new technologies and solving complex technical problems for their identity governance and access management on a Sailpoint application modernisation project. Responsibilities: Technical design & implementation of enterprise IAM solutions Software deployment Change management Hands on software development Delivering against deployment delivery model Working in an agile environment Required Active HO SC clearance Expert in IAM - with a focus on identity governance Strong background using Sailpoint Desired Sailpoint IDN CyberArk Microsoft Entra ID Microsoft AD ServiceNow Access management module
20/05/2024
Project-based
IAM Engineer Contract length: 12 months (extensions available) Status: Inside IR35 Location: Hybrid (up to one day a week in office) Start date: ASAP Industry: Public Sector Interview Process: 2 stage, MS Teams A renowned consultancy is looking for a SC cleared IAM engineer to join their end client within the public sector. This security expert will be working with highly sensitive data, learning new technologies and solving complex technical problems for their identity governance and access management on a Sailpoint application modernisation project. Responsibilities: Technical design & implementation of enterprise IAM solutions Software deployment Change management Hands on software development Delivering against deployment delivery model Working in an agile environment Required Active HO SC clearance Expert in IAM - with a focus on identity governance Strong background using Sailpoint Desired Sailpoint IDN CyberArk Microsoft Entra ID Microsoft AD ServiceNow Access management module
We are currently looking on behalf of one of our important clients for an IAM Systems Engineer. This role is permanent position based in Zürich Canton & comes with good home office allowance. Your Role: As an Identity Access Management Systems Engineer; hold responsibility for the planning, implementation & operation of IAM solutions. Support an IAM Product Owner in the strategic development of an IAM product & hold responsibility for the identity life cycle management process. Develop IAM solutions based on product backlog requirements. Integrate IAM solutions into an existing application landscape & implement the necessary technical security solutions. Ensure smooth functionality & comply with security guidelines & legal requirements. Create & update technical documentation of IAM solutions & processes. Carry out topic-specific projects if necessary. Your Skills: At least 3 years of professional experience in IT System Engineering in IAM environments. A very good knowledge of IAM Concepts, Architectures & Technologies. A good understanding in the field of Identity Management (SSO, identity encouragement, role-based access control, etc.). Experienced in IAM tools such as Identity Management, Access Management, Directory Services & Federations. Your Profile: Completed University Degree in the area of Computer Science or similar, ideally with focus on Cyber Security/IAM. High self-motivated, analytical, methodical, structured & quality, solution & goal-oriented. Fluent in English & very good German language skills (to at least B2 Level) are mandatory requirements.
20/05/2024
Full time
We are currently looking on behalf of one of our important clients for an IAM Systems Engineer. This role is permanent position based in Zürich Canton & comes with good home office allowance. Your Role: As an Identity Access Management Systems Engineer; hold responsibility for the planning, implementation & operation of IAM solutions. Support an IAM Product Owner in the strategic development of an IAM product & hold responsibility for the identity life cycle management process. Develop IAM solutions based on product backlog requirements. Integrate IAM solutions into an existing application landscape & implement the necessary technical security solutions. Ensure smooth functionality & comply with security guidelines & legal requirements. Create & update technical documentation of IAM solutions & processes. Carry out topic-specific projects if necessary. Your Skills: At least 3 years of professional experience in IT System Engineering in IAM environments. A very good knowledge of IAM Concepts, Architectures & Technologies. A good understanding in the field of Identity Management (SSO, identity encouragement, role-based access control, etc.). Experienced in IAM tools such as Identity Management, Access Management, Directory Services & Federations. Your Profile: Completed University Degree in the area of Computer Science or similar, ideally with focus on Cyber Security/IAM. High self-motivated, analytical, methodical, structured & quality, solution & goal-oriented. Fluent in English & very good German language skills (to at least B2 Level) are mandatory requirements.
Compliance Manager - EdTech Schools shape young minds and build foundations for the future. Yet the education sector faces immense pressures. Overworked teachers, endless administrative tasks, and the constant need to do more with less. As Compliance Manager for this EdTech company, you'll play a crucial part in alleviating these pressures for schools. You'll help develop tools that free teachers and school staff to focus on what truly matters - fostering a learning environment that achieves great outcomes for all students. About the Job: Working alongside ex-teachers and EdTech engineers, you'll be part of a team that truly cares about improving education standards for everyone. As the first person to step into this role, you'll have total ownership and the full backing of senior leadership. You'll be given full autonomy to build the compliance framework from scratch. This includes creating and implementing policies/procedures, leading audits (ISO27001, ISO9001, PCI-DSS, Cyber Essentials Plus), and developing company-wide standards. Collaborating across product and engineering teams - you'll ensure the platform and product security is robust, and staff are suitably trained. You'll also handle due diligence for seamless integration as the company moves into an exciting new phase. About You: You're an experienced compliance professional with deep expertise in relevant frameworks. With excellent leadership, analytical, decision-making, and communication abilities, you thrive in fast-paced environments and can prioritise effectively. In particular, you'll need: Proven track record in compliance or infosec management roles In-depth mastery of ISO27001, ISO9001, PCI-DSS, Cyber Essentials Plus Prior experience with compliance tooling like SecureFrame is a plus In return, you'll get: 32 days of annual holiday (25 days leave + 7 company-wide days off) Enhanced parental leave - 20 weeks full pay for maternity/adoption, 6 weeks paternity A dedicated wellbeing team championing mindfulness, training, mental health, and more Flexible working arrangements tailored to you Social events, celebrations, community-building, and dog-friendly offices Professional development budget for training courses, memberships, financial coaching, and more Paid time to volunteer with charities of your choice Above all, your work will positively impact students and educators across the nation - paving the way to a better future for all. If you're ready to transform education for good, apply now. Everyone will get a response.
20/05/2024
Full time
Compliance Manager - EdTech Schools shape young minds and build foundations for the future. Yet the education sector faces immense pressures. Overworked teachers, endless administrative tasks, and the constant need to do more with less. As Compliance Manager for this EdTech company, you'll play a crucial part in alleviating these pressures for schools. You'll help develop tools that free teachers and school staff to focus on what truly matters - fostering a learning environment that achieves great outcomes for all students. About the Job: Working alongside ex-teachers and EdTech engineers, you'll be part of a team that truly cares about improving education standards for everyone. As the first person to step into this role, you'll have total ownership and the full backing of senior leadership. You'll be given full autonomy to build the compliance framework from scratch. This includes creating and implementing policies/procedures, leading audits (ISO27001, ISO9001, PCI-DSS, Cyber Essentials Plus), and developing company-wide standards. Collaborating across product and engineering teams - you'll ensure the platform and product security is robust, and staff are suitably trained. You'll also handle due diligence for seamless integration as the company moves into an exciting new phase. About You: You're an experienced compliance professional with deep expertise in relevant frameworks. With excellent leadership, analytical, decision-making, and communication abilities, you thrive in fast-paced environments and can prioritise effectively. In particular, you'll need: Proven track record in compliance or infosec management roles In-depth mastery of ISO27001, ISO9001, PCI-DSS, Cyber Essentials Plus Prior experience with compliance tooling like SecureFrame is a plus In return, you'll get: 32 days of annual holiday (25 days leave + 7 company-wide days off) Enhanced parental leave - 20 weeks full pay for maternity/adoption, 6 weeks paternity A dedicated wellbeing team championing mindfulness, training, mental health, and more Flexible working arrangements tailored to you Social events, celebrations, community-building, and dog-friendly offices Professional development budget for training courses, memberships, financial coaching, and more Paid time to volunteer with charities of your choice Above all, your work will positively impact students and educators across the nation - paving the way to a better future for all. If you're ready to transform education for good, apply now. Everyone will get a response.
Role Title: SIEM/Incident SME Duration: 6 months Location: Hybrid/Corsham, Portsmouth or Northallerton - 2/3 days per week at ONE site Rate: £700/d - Umbrella only PLEASE NOTE: Applicants must hold active DV Clearance to be considered for this role Would you like to join a global leader in consulting, technology services and digital transformation? Our client is at the forefront of innovation to address the entire breadth of opportunities in the evolving world of cloud, digital and platforms. Role purpose/summary The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Key Skills/requirements Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications : Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent) All profiles will be reviewed against the required skills and experience. Due to the high number of applications, we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!
20/05/2024
Project-based
Role Title: SIEM/Incident SME Duration: 6 months Location: Hybrid/Corsham, Portsmouth or Northallerton - 2/3 days per week at ONE site Rate: £700/d - Umbrella only PLEASE NOTE: Applicants must hold active DV Clearance to be considered for this role Would you like to join a global leader in consulting, technology services and digital transformation? Our client is at the forefront of innovation to address the entire breadth of opportunities in the evolving world of cloud, digital and platforms. Role purpose/summary The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Key Skills/requirements Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications : Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent) All profiles will be reviewed against the required skills and experience. Due to the high number of applications, we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!
Software Engineer (Contract) Duration: 9 Months Location: Dorset/Hybrid Per Hour Negotiable on experience - Outside IR35 Avanti Recruitment are currently recruiting for an experienced Software Engineer to join our client for a contract assignment. You will be part of a team, alongside skilled talent who will be delivering support in the landscape of Cyber Security. You will be working on products, applications and high-speed PCIe devices. For this role you'll need: 5+ Years of C/C++ development 5+ Years of Linux Experience Proven Experience of software design and principles Write and Design with Languages UML, SDL Etc Frameworks like DPDK Engineering or Computer Science degree SC Cleared or Eligible for SC Clearance If you are interested please apply online today
20/05/2024
Project-based
Software Engineer (Contract) Duration: 9 Months Location: Dorset/Hybrid Per Hour Negotiable on experience - Outside IR35 Avanti Recruitment are currently recruiting for an experienced Software Engineer to join our client for a contract assignment. You will be part of a team, alongside skilled talent who will be delivering support in the landscape of Cyber Security. You will be working on products, applications and high-speed PCIe devices. For this role you'll need: 5+ Years of C/C++ development 5+ Years of Linux Experience Proven Experience of software design and principles Write and Design with Languages UML, SDL Etc Frameworks like DPDK Engineering or Computer Science degree SC Cleared or Eligible for SC Clearance If you are interested please apply online today
Source Group are currently working with an Internaitonal Bank who are looking to hire a Freelance Vulnerability and Compliance Engineer to join the team. This role is an initial contract but has a high chance of extending long term. Please only apply if you are based or looking to relocate to Switzerland. The perfect candidate will be able to script in both Python and Powershell and understands modern development practices such as version control and CI/CD pipelines, and has a background in Cyber security. They will have a passion for clean code and be passionate about improving customer's "day to day" through automation and customer driven requirements. Responsibilities: Implement python code to enrich alerts prior to being ingested into the Bank's alert management system/queue. Implement python code to create "responders" in the Bank's alert/case management system to perform repetitive tasks. Integrate the alert/case management system with additional corporate and security systems. Implement queries (SQL or similar) to extract relevant data for reporting and alerting. Perform application patching of the Bank's cyber applications (alert/case management, vulnerability management platforms, etc). Assist with Scripting to enable custom reporting and querying of systems like Active Directory, the Bank's SIEM, etc. Must Haves : Excellent python skills and ideally experience with Powershell as well; experience with integration work, processing structured data such as Jason or CSV. Experience as a Developer ideally in Cybersecurity, IT automation or experience as business application developer could also be considered. Experience working with version control systems (eg git) and pipelines (eg Azure DevOps and Github). Understanding of and experience working with modern development practices such as version control and CI/CD pipelines Ability to digest and understand user requirements and implement them "properly" in an existing tech stack. Please get in touch for more info/relocating to Switzerland.
20/05/2024
Project-based
Source Group are currently working with an Internaitonal Bank who are looking to hire a Freelance Vulnerability and Compliance Engineer to join the team. This role is an initial contract but has a high chance of extending long term. Please only apply if you are based or looking to relocate to Switzerland. The perfect candidate will be able to script in both Python and Powershell and understands modern development practices such as version control and CI/CD pipelines, and has a background in Cyber security. They will have a passion for clean code and be passionate about improving customer's "day to day" through automation and customer driven requirements. Responsibilities: Implement python code to enrich alerts prior to being ingested into the Bank's alert management system/queue. Implement python code to create "responders" in the Bank's alert/case management system to perform repetitive tasks. Integrate the alert/case management system with additional corporate and security systems. Implement queries (SQL or similar) to extract relevant data for reporting and alerting. Perform application patching of the Bank's cyber applications (alert/case management, vulnerability management platforms, etc). Assist with Scripting to enable custom reporting and querying of systems like Active Directory, the Bank's SIEM, etc. Must Haves : Excellent python skills and ideally experience with Powershell as well; experience with integration work, processing structured data such as Jason or CSV. Experience as a Developer ideally in Cybersecurity, IT automation or experience as business application developer could also be considered. Experience working with version control systems (eg git) and pipelines (eg Azure DevOps and Github). Understanding of and experience working with modern development practices such as version control and CI/CD pipelines Ability to digest and understand user requirements and implement them "properly" in an existing tech stack. Please get in touch for more info/relocating to Switzerland.
Source Group are currently working with an International Bank in Switzerland who are looking to hire a Freelance Logging Specialist to join the Security Engineering and Architecture team. This role is only suitable to candidates based or looking to relocate to Switzerland. The perfect candidate will be an experienced Security Specialist - Logging Specialist who has extensive real-world experience with log management and SIEM solutions. This would include tools such as QRadar, Sentinel, rsyslog, Windows Event Forwarding, logstash, fluentd, etc. You would also need to be familiar with typical enterprise logging sources and log source management. The successful candidates will understand priorities and deliver tasks with minimal supervision, but also suggest improvements and nominate tasks themselves. Daily Tasks: Create parsers in QRadar. Assist with rule generation in QRadar and Sentinel. Validate log sources are logging correctly. Work with the SOC (and business areas) to ensure key devices are producing logs in compliance with policy and standards. Assist with improving the Bank's overall logging strategy. Assisting with maintenance and upgrades. Other duties as required Must Haves: Experience with log management and SIEM solutions in an enterprise environment, such as ideally with QRadar, Azure Sentinel and Windows Event Forwarding, or similar tools (Splunk, Elasticsearch, Logstash, Fluentd, Rsyslog, Syslog-ng). Experience in Cybersecurity would be ideal or System/Infrastructure loggin background could be considered. Knowledge with Linux/Unix logging (eg, syslog, journalctl, auditd). Ability to digest and understand user requirements and implement them "properly" in an existing tech stack.
20/05/2024
Project-based
Source Group are currently working with an International Bank in Switzerland who are looking to hire a Freelance Logging Specialist to join the Security Engineering and Architecture team. This role is only suitable to candidates based or looking to relocate to Switzerland. The perfect candidate will be an experienced Security Specialist - Logging Specialist who has extensive real-world experience with log management and SIEM solutions. This would include tools such as QRadar, Sentinel, rsyslog, Windows Event Forwarding, logstash, fluentd, etc. You would also need to be familiar with typical enterprise logging sources and log source management. The successful candidates will understand priorities and deliver tasks with minimal supervision, but also suggest improvements and nominate tasks themselves. Daily Tasks: Create parsers in QRadar. Assist with rule generation in QRadar and Sentinel. Validate log sources are logging correctly. Work with the SOC (and business areas) to ensure key devices are producing logs in compliance with policy and standards. Assist with improving the Bank's overall logging strategy. Assisting with maintenance and upgrades. Other duties as required Must Haves: Experience with log management and SIEM solutions in an enterprise environment, such as ideally with QRadar, Azure Sentinel and Windows Event Forwarding, or similar tools (Splunk, Elasticsearch, Logstash, Fluentd, Rsyslog, Syslog-ng). Experience in Cybersecurity would be ideal or System/Infrastructure loggin background could be considered. Knowledge with Linux/Unix logging (eg, syslog, journalctl, auditd). Ability to digest and understand user requirements and implement them "properly" in an existing tech stack.
Source Group are working with a Leading Bank in Switzerland who are looking to hire a Security Specialist - Cyber Automation and Engineering. The perfect candidate will be able to script in both Python and Powershell and understands modern development practices such as version control and CI/CD pipelines, and has a background in Cyber security. They will have a passion for clean code and be passionate about improving customer's "day to day" through automation and customer driven requirements. The successful candidate for this role must be based in Switzerland or be able to relocate full time. We are looking for a Security Specialist - Cyber Automation and Engineering who will assist the team with the following tasks: Tasks: Improving the alert and case management workflows, improving enrichment, "responders" and other automation. Assisting as required with advanced detections and filtering. Providing platform support when required (patching applications, etc). Other duties as required, as the team works with changing priorities and in response to internal customer demands. Responsibilities: Implement python code to enrich alerts prior to being ingested into the Bank's alert management system/queue. Implement python code to create "responders" in the Bank's alert/case management system to perform repetitive tasks. Integrate the alert/case management system with additional corporate and security systems. Implement queries (SQL or similar) to extract relevant data for reporting and alerting. Perform application patching of the Bank's cyber applications (alert/case management, vulnerability management platforms, etc). Assist with Scripting to enable custom reporting and querying of systems like Active Directory, the Bank's SIEM, etc. Must Haves: Excellent python skills and ideally experience with Powershell as well; experience with integration work, processing structured data such as Jason or CSV. Experience as a Developer ideally in Cybersecurity, IT automation or experience as business application developer could also be considered. Experience working with version control systems (eg git) and pipelines (eg Azure DevOps and Github). Understanding of and experience working with modern development practices such as version control and CI/CD pipelines Ability to digest and understand user requirements and implement them "properly" in an existing tech stack.
20/05/2024
Project-based
Source Group are working with a Leading Bank in Switzerland who are looking to hire a Security Specialist - Cyber Automation and Engineering. The perfect candidate will be able to script in both Python and Powershell and understands modern development practices such as version control and CI/CD pipelines, and has a background in Cyber security. They will have a passion for clean code and be passionate about improving customer's "day to day" through automation and customer driven requirements. The successful candidate for this role must be based in Switzerland or be able to relocate full time. We are looking for a Security Specialist - Cyber Automation and Engineering who will assist the team with the following tasks: Tasks: Improving the alert and case management workflows, improving enrichment, "responders" and other automation. Assisting as required with advanced detections and filtering. Providing platform support when required (patching applications, etc). Other duties as required, as the team works with changing priorities and in response to internal customer demands. Responsibilities: Implement python code to enrich alerts prior to being ingested into the Bank's alert management system/queue. Implement python code to create "responders" in the Bank's alert/case management system to perform repetitive tasks. Integrate the alert/case management system with additional corporate and security systems. Implement queries (SQL or similar) to extract relevant data for reporting and alerting. Perform application patching of the Bank's cyber applications (alert/case management, vulnerability management platforms, etc). Assist with Scripting to enable custom reporting and querying of systems like Active Directory, the Bank's SIEM, etc. Must Haves: Excellent python skills and ideally experience with Powershell as well; experience with integration work, processing structured data such as Jason or CSV. Experience as a Developer ideally in Cybersecurity, IT automation or experience as business application developer could also be considered. Experience working with version control systems (eg git) and pipelines (eg Azure DevOps and Github). Understanding of and experience working with modern development practices such as version control and CI/CD pipelines Ability to digest and understand user requirements and implement them "properly" in an existing tech stack.
SIEM/Incident SME CONTRACTOR MUST HOLD DV CLEARANCE Role Title: SIEM/Incident SME Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months Role Description: Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role: . Develop and integrate security event monitoring and incident management services. . Respond to security incidents as they occur as part of an incident response team. . Implement metrics and dashboards to give visibility of the Enterprise infrastructure. . Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. . Produce documentation to ensure the repeatability and standardisation of security operating procedures. . Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. . Maintain a baseline of system security according to latest threat intelligence and evolving trends. . Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. . Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. . Offer strategic and tactical security guidance including valuation requirement of technical controls. . Be part of the CRM process . Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. . Document, validate and create operational processes and procedures to help develop the SOC. . Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. . Build, install, configure, and test dedicated cyber defence hardware. . Support Junior Analysts to manage SOC systems. . Previous experience of Enterprise ICS/network architectures and technologies . Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. . Experience as a mentor/coach to Junior Analysts Your profile: . Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks . Skilled in maintaining Microsoft directory services. . Skilled in using virtualisation software. . Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) . Excellent communication skills . Experience of writing Defence/Government documentation Desirable Qualifications: . Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) . SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) . Advanced Analyst Course (SANS SEC503 or equivalent) If this role is of interest to you, and you hold an active DV clearance - please apply now! Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.
20/05/2024
Project-based
SIEM/Incident SME CONTRACTOR MUST HOLD DV CLEARANCE Role Title: SIEM/Incident SME Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months Role Description: Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role: . Develop and integrate security event monitoring and incident management services. . Respond to security incidents as they occur as part of an incident response team. . Implement metrics and dashboards to give visibility of the Enterprise infrastructure. . Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. . Produce documentation to ensure the repeatability and standardisation of security operating procedures. . Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. . Maintain a baseline of system security according to latest threat intelligence and evolving trends. . Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. . Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. . Offer strategic and tactical security guidance including valuation requirement of technical controls. . Be part of the CRM process . Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. . Document, validate and create operational processes and procedures to help develop the SOC. . Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. . Build, install, configure, and test dedicated cyber defence hardware. . Support Junior Analysts to manage SOC systems. . Previous experience of Enterprise ICS/network architectures and technologies . Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. . Experience as a mentor/coach to Junior Analysts Your profile: . Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks . Skilled in maintaining Microsoft directory services. . Skilled in using virtualisation software. . Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) . Excellent communication skills . Experience of writing Defence/Government documentation Desirable Qualifications: . Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) . SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) . Advanced Analyst Course (SANS SEC503 or equivalent) If this role is of interest to you, and you hold an active DV clearance - please apply now! Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.
Vulnerability Security Engineer - This is a long term contract vacancy requiring profound Python, Powershell and InsightVM knowledge for our Basel based client in the financial sector . Your tasks: Tuning and troubleshooting the company's VM and compliance platforms Implementing custom scripts to ensure technical settings comply with company policies and standards Developing custom logic to prioritize vulnerabilities and compliance issues Integrating compliance tool output into the company's big data platform for compliance purposes Executing queries to extract data for reporting and alerting Performing application patching for the company's vulnerability and compliance applications Your experience/knowledge: Proficient in Python with experience in PowerShell, integration work, and processing structured data such as JSON and CSV for data importing and exporting Strong background in cybersecurity, with a focus on vulnerability and compliance management Experienced with data pipelines, workflows, and modern development practices including version control and CI/CD pipelines Ability to understand user requirements and implement them effectively within an existing tech stack Knowledge of integration and processing of structured data for seamless data platform operations Familiarity with tools such as Dataiku DSS, Tableau, and the Azure security ecosystem, especially Defender suite, is a strong advantage Your soft skills: Self-starter, able to work independently and suggest solutions to problems in relation to existing systems and tools Strong drive and willingness to deliver Location: Basel, Switzerland Sector: Financial Start: ASAP or 07/2024 Duration: 08MM+ Ref .Nr.: BH21677 Take the next step and send us your resume along with a daytime phone number where we can reach you. Due to Swiss work permit restrictions, we can only consider applications from Swiss nationals, EU citizens as well as current work-permit holders for Switzerland. Ukrainian refugees are warmly welcomed, we will support you all the way. We welcome applications from individuals of all genders, age groups, sexual orientations, personal expressions, ethnic backgrounds, and religious beliefs. Therefore, there is no requirement to provide gender information or a photo in your application. As per client requirements, we need information about your marital status, nationality, date of birth, and a valid Swiss work permit. For applicants with disabilities, we are happy to explore potential solutions with our end client.
20/05/2024
Project-based
Vulnerability Security Engineer - This is a long term contract vacancy requiring profound Python, Powershell and InsightVM knowledge for our Basel based client in the financial sector . Your tasks: Tuning and troubleshooting the company's VM and compliance platforms Implementing custom scripts to ensure technical settings comply with company policies and standards Developing custom logic to prioritize vulnerabilities and compliance issues Integrating compliance tool output into the company's big data platform for compliance purposes Executing queries to extract data for reporting and alerting Performing application patching for the company's vulnerability and compliance applications Your experience/knowledge: Proficient in Python with experience in PowerShell, integration work, and processing structured data such as JSON and CSV for data importing and exporting Strong background in cybersecurity, with a focus on vulnerability and compliance management Experienced with data pipelines, workflows, and modern development practices including version control and CI/CD pipelines Ability to understand user requirements and implement them effectively within an existing tech stack Knowledge of integration and processing of structured data for seamless data platform operations Familiarity with tools such as Dataiku DSS, Tableau, and the Azure security ecosystem, especially Defender suite, is a strong advantage Your soft skills: Self-starter, able to work independently and suggest solutions to problems in relation to existing systems and tools Strong drive and willingness to deliver Location: Basel, Switzerland Sector: Financial Start: ASAP or 07/2024 Duration: 08MM+ Ref .Nr.: BH21677 Take the next step and send us your resume along with a daytime phone number where we can reach you. Due to Swiss work permit restrictions, we can only consider applications from Swiss nationals, EU citizens as well as current work-permit holders for Switzerland. Ukrainian refugees are warmly welcomed, we will support you all the way. We welcome applications from individuals of all genders, age groups, sexual orientations, personal expressions, ethnic backgrounds, and religious beliefs. Therefore, there is no requirement to provide gender information or a photo in your application. As per client requirements, we need information about your marital status, nationality, date of birth, and a valid Swiss work permit. For applicants with disabilities, we are happy to explore potential solutions with our end client.
SIEM/Incident SME Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months MUST BE PAYE THROUGH UMBRELLA We are heading up a recruitment drive for a global consultancy that require a DV Cleared SIEM/Incident SME to join them on a major project that's based onsite 4/5 days in either Warwick, Farnborough or Corsham. Role Description : Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
20/05/2024
Project-based
SIEM/Incident SME Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months MUST BE PAYE THROUGH UMBRELLA We are heading up a recruitment drive for a global consultancy that require a DV Cleared SIEM/Incident SME to join them on a major project that's based onsite 4/5 days in either Warwick, Farnborough or Corsham. Role Description : Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
Process Engineer £33 per hour. Umbrella. Certain Advantage is hiring for a Process Engineer based in Filton. This role is on a 6-month contract basis and is office based. We're working with a business that's currently working on the embodiment of providing ME support to a wide range of projects that could include A400M, A350, Additive Manufacturing and R&T Programs. Does this sound like your next career move? If you're ambitious to grow, this may be your next role. The role: This role is for a dynamic Process Engineer who has awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company's success, reputation, and sustainable growth. Wing integration through work order planning, from design through to operations Lineside support for failures with MFT (Multi-functional team) Support wider team with respect to Capex projects. Technical and Balancing Critical path and station. Identify and share best practices across stations/CDTs/BME (Business Methods Engineer to Plants/FALs) to improve efficiency. Manage performance: Propose improvement based on analysis of manufacturing performance and disruptions PARETO and Improve Process and Serial Allocated time via VA/NVA analysis and shop floor process observation. The individual We are looking for people who can show: Understanding of aircraft product design, assembly and procedural processes Good Written, verbal and communication skills Good level of computer skills, preferably Google "G Suite", SAP etc. Good level of SAP experience. Experience in application of Export Control, Cyber Security and Health/Safety legislation into manufacture. Does this sound like your next career move? Apply today! (Reference: 72955) Working with Certain Advantage We go the extra mile to find the best people for the job. If you're hunting for a role where you can make an impact and grow your career, we'll work with you to find it. We work with businesses across the UK to find the best people in Finance, Marketing, IT and Engineering.
20/05/2024
Project-based
Process Engineer £33 per hour. Umbrella. Certain Advantage is hiring for a Process Engineer based in Filton. This role is on a 6-month contract basis and is office based. We're working with a business that's currently working on the embodiment of providing ME support to a wide range of projects that could include A400M, A350, Additive Manufacturing and R&T Programs. Does this sound like your next career move? If you're ambitious to grow, this may be your next role. The role: This role is for a dynamic Process Engineer who has awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company's success, reputation, and sustainable growth. Wing integration through work order planning, from design through to operations Lineside support for failures with MFT (Multi-functional team) Support wider team with respect to Capex projects. Technical and Balancing Critical path and station. Identify and share best practices across stations/CDTs/BME (Business Methods Engineer to Plants/FALs) to improve efficiency. Manage performance: Propose improvement based on analysis of manufacturing performance and disruptions PARETO and Improve Process and Serial Allocated time via VA/NVA analysis and shop floor process observation. The individual We are looking for people who can show: Understanding of aircraft product design, assembly and procedural processes Good Written, verbal and communication skills Good level of computer skills, preferably Google "G Suite", SAP etc. Good level of SAP experience. Experience in application of Export Control, Cyber Security and Health/Safety legislation into manufacture. Does this sound like your next career move? Apply today! (Reference: 72955) Working with Certain Advantage We go the extra mile to find the best people for the job. If you're hunting for a role where you can make an impact and grow your career, we'll work with you to find it. We work with businesses across the UK to find the best people in Finance, Marketing, IT and Engineering.
DevSecOps Senior & Team Lead (Public Transport) 50% remote, 50% on-site in Brussels Do you want to lead a high-performing DevSecOps team and make a real impact in the public transport sector? We are looking for a talented and experienced DevSecOps Senior & Team Lead to join my client's team. In this role, you will be responsible for leading a team of technical professionals and driving innovation in our DevSecOps practices. About the role Lead and motivate a team of 6-10 engineers (junior, mid-level, and senior) Foster a collaborative and positive work environment Ensure efficient and timely delivery of projects Manage budgets and resources effectively Possess excellent communication and interpersonal skills Be able to work effectively under pressure and prioritize tasks Work with a customer-centric approach and maintain confidentiality Technical Skills and Experience Master's degree in engineering or computer science (or equivalent experience) Proven experience leading a technical team Experience with Agile methodologies Strong understanding of Linux operating systems (Red Hat) and Scripting (Bash, Python) Fluency in Dutch, French, and English Solid experience with cybersecurity for OT infrastructure Experience working in a production environment Basic knowledge of Javascript and Java Basic understanding of network administration (Routers, Switches, VPNs, Firewalls) A plus: Certifications: CISSP, CISM, ISO 27001 Experience with DevSecOps tools: Puppet (open source), Ansible Monitoring tools: Zabbix, Nagios Logging and analytics: Elastic Stack (including Kibana) Database technologies: MySQL, PostgreSQL Atlassian suite (Jira, Confluence, Git) VMWare (vCenter) Git version control Configuration Management Databases (CMDBs) like GLPI For immediate consideration, please forward your latest CV.
20/05/2024
Project-based
DevSecOps Senior & Team Lead (Public Transport) 50% remote, 50% on-site in Brussels Do you want to lead a high-performing DevSecOps team and make a real impact in the public transport sector? We are looking for a talented and experienced DevSecOps Senior & Team Lead to join my client's team. In this role, you will be responsible for leading a team of technical professionals and driving innovation in our DevSecOps practices. About the role Lead and motivate a team of 6-10 engineers (junior, mid-level, and senior) Foster a collaborative and positive work environment Ensure efficient and timely delivery of projects Manage budgets and resources effectively Possess excellent communication and interpersonal skills Be able to work effectively under pressure and prioritize tasks Work with a customer-centric approach and maintain confidentiality Technical Skills and Experience Master's degree in engineering or computer science (or equivalent experience) Proven experience leading a technical team Experience with Agile methodologies Strong understanding of Linux operating systems (Red Hat) and Scripting (Bash, Python) Fluency in Dutch, French, and English Solid experience with cybersecurity for OT infrastructure Experience working in a production environment Basic knowledge of Javascript and Java Basic understanding of network administration (Routers, Switches, VPNs, Firewalls) A plus: Certifications: CISSP, CISM, ISO 27001 Experience with DevSecOps tools: Puppet (open source), Ansible Monitoring tools: Zabbix, Nagios Logging and analytics: Elastic Stack (including Kibana) Database technologies: MySQL, PostgreSQL Atlassian suite (Jira, Confluence, Git) VMWare (vCenter) Git version control Configuration Management Databases (CMDBs) like GLPI For immediate consideration, please forward your latest CV.
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
17/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
17/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
We are Global IT Recruitment specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME (Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months Role Description: Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
17/05/2024
Project-based
We are Global IT Recruitment specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME (Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months Role Description: Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
Technology Resilience Lead - Disaster Recovery - London Salary £60-70k - 2 Day per week office based Bonus Scheme Technology Resilience Lead required for a leading client based in London. My client is currently seeking a suitable candidate to Support the capacity and capability of our clients' collective, including their operational entities and subsidiaries, to prepare for, respond to, and rebound from disruptions to our global technology infrastructure and operational environments. We seek a highly skilled IT professional with expertise in one or more of the following areas: infrastructure, cybersecurity, engineering, testing, and project management. Your dedication lies in ensuring our clients maintain a robust and resilient technological ecosystem, mitigating risks, and enhancing operational readiness. Your commitment extends to ensuring the continuity of critical business functions and technology systems despite disruptions or challenges. Your role entails defining the standards of technology resilience and overseeing the Group-wide Disaster Recovery program. This program emphasizes testing the resilience, continuity, and recoverability of our critical applications and systems. Key skills: -Display unwavering dedication to our clients' core values by adhering to our standards of business conduct, ensuring compliance with Group policies and procedures, and setting a precedent through personal example. -Your duties will encompass delineating the criteria for robust technology resilience and overseeing the Group-wide Disaster Recovery program, concentrating on assessing the resilience, continuity, and recoverability of vital applications and systems. -You'll collaborate with Technology Service Owners and broader Group IT and Operating Business teams to facilitate data restoration exercises and execute backups. This involves maintaining and testing existing backups to uphold data integrity and availability. -Conducting operational assessments of defined Disaster Recovery plans will be part of your responsibilities. This entails utilizing various methods such as checklists, walk-throughs, tabletop exercises, simulations (parallel or full interrupt), and comprehensive exercises, coordinated with related plans like IT DR plans and crisis management plans. -Furthermore, you'll integrate cybersecurity scenarios, analyse test outcomes, implement lessons learned, and incorporate necessary improvements or corrective actions into IT DR and Cyber Resilience plans. -By conducting post-incident reviews and analysing pre-planned testing outcomes, you'll continuously monitor and assess key performance indicators (KPIs) like recovery time objectives (RTOs) and recovery point objectives (RPOs). This process aims to continually enhance the efficiency and effectiveness of the disaster recovery program. -Foster a work environment that emphasizes the significance of employees acting with integrity and ethics, aligning with the Group Code of Conduct. -Serve as a subject matter expert, forging trusted partnerships with the business and staying abreast of the latest advancements and innovations in the field. -Assume responsibility for overseeing the implementation of the clients' disaster recovery plan in the event of a crisis, facilitating swift responses to potential disruptions such as cyberattacks or infrastructure damage. -Possessing one of the following certifications is advantageous: CompTIA Network +, CompTIA Security +, CISM, CISSP, or COBIT 5. -Demonstrate a fundamental understanding of frameworks such as NIST CSF, ISO 27001/27002, and COBIT. -Experience in Operational Technology Security, with the ability to identify and address IT and operational vulnerabilities, is preferred. Interested? Please submit your updated CV to Dean Parkes at Crimson for immediate consideration. Not interested? Do you know someone who might be a perfect fit for this role? Refer a friend and earn £250 worth of vouchers! Crimson is acting as an employment agency regarding this vacancy
16/05/2024
Full time
Technology Resilience Lead - Disaster Recovery - London Salary £60-70k - 2 Day per week office based Bonus Scheme Technology Resilience Lead required for a leading client based in London. My client is currently seeking a suitable candidate to Support the capacity and capability of our clients' collective, including their operational entities and subsidiaries, to prepare for, respond to, and rebound from disruptions to our global technology infrastructure and operational environments. We seek a highly skilled IT professional with expertise in one or more of the following areas: infrastructure, cybersecurity, engineering, testing, and project management. Your dedication lies in ensuring our clients maintain a robust and resilient technological ecosystem, mitigating risks, and enhancing operational readiness. Your commitment extends to ensuring the continuity of critical business functions and technology systems despite disruptions or challenges. Your role entails defining the standards of technology resilience and overseeing the Group-wide Disaster Recovery program. This program emphasizes testing the resilience, continuity, and recoverability of our critical applications and systems. Key skills: -Display unwavering dedication to our clients' core values by adhering to our standards of business conduct, ensuring compliance with Group policies and procedures, and setting a precedent through personal example. -Your duties will encompass delineating the criteria for robust technology resilience and overseeing the Group-wide Disaster Recovery program, concentrating on assessing the resilience, continuity, and recoverability of vital applications and systems. -You'll collaborate with Technology Service Owners and broader Group IT and Operating Business teams to facilitate data restoration exercises and execute backups. This involves maintaining and testing existing backups to uphold data integrity and availability. -Conducting operational assessments of defined Disaster Recovery plans will be part of your responsibilities. This entails utilizing various methods such as checklists, walk-throughs, tabletop exercises, simulations (parallel or full interrupt), and comprehensive exercises, coordinated with related plans like IT DR plans and crisis management plans. -Furthermore, you'll integrate cybersecurity scenarios, analyse test outcomes, implement lessons learned, and incorporate necessary improvements or corrective actions into IT DR and Cyber Resilience plans. -By conducting post-incident reviews and analysing pre-planned testing outcomes, you'll continuously monitor and assess key performance indicators (KPIs) like recovery time objectives (RTOs) and recovery point objectives (RPOs). This process aims to continually enhance the efficiency and effectiveness of the disaster recovery program. -Foster a work environment that emphasizes the significance of employees acting with integrity and ethics, aligning with the Group Code of Conduct. -Serve as a subject matter expert, forging trusted partnerships with the business and staying abreast of the latest advancements and innovations in the field. -Assume responsibility for overseeing the implementation of the clients' disaster recovery plan in the event of a crisis, facilitating swift responses to potential disruptions such as cyberattacks or infrastructure damage. -Possessing one of the following certifications is advantageous: CompTIA Network +, CompTIA Security +, CISM, CISSP, or COBIT 5. -Demonstrate a fundamental understanding of frameworks such as NIST CSF, ISO 27001/27002, and COBIT. -Experience in Operational Technology Security, with the ability to identify and address IT and operational vulnerabilities, is preferred. Interested? Please submit your updated CV to Dean Parkes at Crimson for immediate consideration. Not interested? Do you know someone who might be a perfect fit for this role? Refer a friend and earn £250 worth of vouchers! Crimson is acting as an employment agency regarding this vacancy
Senior Cloud Network Engineer Permanent, 3 days in office in London Overview: The Company is a leading financial services firm. The technology is being transformed to a Cloud-First, Cloud-Native architectural model, utilizing DevSecOps processes and adoption of systems-thinking concepts to enhance productivity. The Cloud Network Engineer are responsible for delivering modern end user solutions that are fully automated through code, ensuring scalability and optimize availability and reliability 24/7. Responsibilities: Engineer and secure core Azure platform services across global footprint. Go deep on Cloud Network Engineer, adopting Zero Trust Architecture principles. Engineer and maintain Cloud Secure Web Gateways, Next-Gen CASB solutions Advance branch/SD-WAN solution to optimise network performance and connectivity. Colloborate with other areas of engineering and Service operations to ensure the successful integration of SSE/SASE Automate every operational aspect of infrastructure and systems life cycle Respond to incidents. Run Infrastructure with Python/PowerShell, Ansible, Terraform, Azure DevOps, CI/CD, Kubernetes. Design, build and maintain core infrastructure. Debub production issues Requirements: Strong experience in Windows Servers, Virtulisation, Containerisation tech on Azure Proficiency in Object Oriented programming and developing automated solutions through code. Experience in configuration management systems like Ansible Passion for network security and desire to protect organisations from cyber threats. Keen on Open Source development. Collaborative and able to communicate effectively and asynchronously.
16/05/2024
Full time
Senior Cloud Network Engineer Permanent, 3 days in office in London Overview: The Company is a leading financial services firm. The technology is being transformed to a Cloud-First, Cloud-Native architectural model, utilizing DevSecOps processes and adoption of systems-thinking concepts to enhance productivity. The Cloud Network Engineer are responsible for delivering modern end user solutions that are fully automated through code, ensuring scalability and optimize availability and reliability 24/7. Responsibilities: Engineer and secure core Azure platform services across global footprint. Go deep on Cloud Network Engineer, adopting Zero Trust Architecture principles. Engineer and maintain Cloud Secure Web Gateways, Next-Gen CASB solutions Advance branch/SD-WAN solution to optimise network performance and connectivity. Colloborate with other areas of engineering and Service operations to ensure the successful integration of SSE/SASE Automate every operational aspect of infrastructure and systems life cycle Respond to incidents. Run Infrastructure with Python/PowerShell, Ansible, Terraform, Azure DevOps, CI/CD, Kubernetes. Design, build and maintain core infrastructure. Debub production issues Requirements: Strong experience in Windows Servers, Virtulisation, Containerisation tech on Azure Proficiency in Object Oriented programming and developing automated solutions through code. Experience in configuration management systems like Ansible Passion for network security and desire to protect organisations from cyber threats. Keen on Open Source development. Collaborative and able to communicate effectively and asynchronously.