The Company is a leading financial services firm. The technology is being transformed to a Cloud-First, Cloud-Native architectural model, utilizing DevSecOps processes and adoption of systems-thinking concepts to enhance productivity. The Cloud Engineers are responsible for delivering Cloud-native solutions that are fully automated through code, ensuring scalability and optimize availability and reliability 24/7. Responsibilities: - Have broad responsibilities to engineer and secure core platform services across the global footprint. - Ensure compute infrastructure is continually optimized to match business demands. - Design and operate storage strategy to optimize data storage based on latency, redundancy, and cost. - Collaborate with Cloud Security Engineering to automate vulnerability patching processes. - Optimize global network to ensure latency and performance meet business expectations. - Automate operational aspects of the infrastructure and systems life cycle. - Maintain Azure tagging/naming taxonomies across all Cloud assets. - Respond to incidents and ensure availability across the global infrastructure, providing support for service analysts on customer incidents. - Build and infrastructure with automation tools like PowerShell, Ansible, Terraform, Azure DevOps CI/CD, and Kubernetes. - Document actions to turn findings into repeatable and automated processes. - Design, build, and maintain core infrastructure to enable scaling and support business growth. - Debug production issues across services and levels of the stack. Qualifications: - Strong knowledge of virtualization, containerization technologies on Azure. - Proficiency in object-oriented programming and developing automated solutions through code. - Passion for secure network design and protecting organizations from evolving cyber threats. - Continual learning and advancement of Microsoft Azure technologies like Compute, Storage, Networking. - Interest in Open-Source development and industry innovation. - Knowledge of configuration management systems like Ansible. - Collaborative and able to communicate effectively and asynchronously.
21/05/2024
Full time
The Company is a leading financial services firm. The technology is being transformed to a Cloud-First, Cloud-Native architectural model, utilizing DevSecOps processes and adoption of systems-thinking concepts to enhance productivity. The Cloud Engineers are responsible for delivering Cloud-native solutions that are fully automated through code, ensuring scalability and optimize availability and reliability 24/7. Responsibilities: - Have broad responsibilities to engineer and secure core platform services across the global footprint. - Ensure compute infrastructure is continually optimized to match business demands. - Design and operate storage strategy to optimize data storage based on latency, redundancy, and cost. - Collaborate with Cloud Security Engineering to automate vulnerability patching processes. - Optimize global network to ensure latency and performance meet business expectations. - Automate operational aspects of the infrastructure and systems life cycle. - Maintain Azure tagging/naming taxonomies across all Cloud assets. - Respond to incidents and ensure availability across the global infrastructure, providing support for service analysts on customer incidents. - Build and infrastructure with automation tools like PowerShell, Ansible, Terraform, Azure DevOps CI/CD, and Kubernetes. - Document actions to turn findings into repeatable and automated processes. - Design, build, and maintain core infrastructure to enable scaling and support business growth. - Debug production issues across services and levels of the stack. Qualifications: - Strong knowledge of virtualization, containerization technologies on Azure. - Proficiency in object-oriented programming and developing automated solutions through code. - Passion for secure network design and protecting organizations from evolving cyber threats. - Continual learning and advancement of Microsoft Azure technologies like Compute, Storage, Networking. - Interest in Open-Source development and industry innovation. - Knowledge of configuration management systems like Ansible. - Collaborative and able to communicate effectively and asynchronously.
Eames are working with a reputable insurer on the hire of a Senior Security Operations Analyst. Responsibilities: Overseeing the security of the technical infrastructure provided by third-party suppliers, addressing any identified security risks to the organization. Managing the remediation of operational risks to their conclusion and taking ownership of these processes within the team. Leading the development and enhancement of detection engineering and associated technologies. Conducting operational and threat malware analysis for the organization. Offering security insights and maintaining relationships with the Service Management function concerning change management, problem management, and incident management. Handling level 2/3 operational cyber incident response. Promptly escalating any detected incidents and anomalies within the organization, providing expert guidance for operational challenges. Monitoring emerging threat patterns, vulnerabilities, and anomalies, escalating unknown threats to relevant areas within the company. Collecting metrics on the status of technical information security controls across the organization, identifying risk areas, and developing and managing remediation plans as necessary. Collaborating with all CISO teams to report and address operational issues at an architectural level. Participating in a shared, rotational 24/7 on-call requirement, acting as the single point of contact for all security-related response actions and decisions, including managing each incident from a security perspective, interacting with Incident Management/Major Incident Management teams, and recording key security decisions. Qualifications: Proficiency and experience in Firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, Switches, Routers, and Voice Over IP (VoIP), as well as Firewall zoning. Ability to interpret system data, including security event logs, system logs, application logs, and device logs. Knowledge and experience with enterprise-grade technologies, including operating systems, databases, and web applications. Experience in network traffic analysis to identify developing patterns. Capability to mentor and upskill junior team members. Security analysis skills comparable to CompTIA CySA+ certification or similar. Preferred Qualifications: Experience with technologies such as Data Loss Prevention, Intrusion Prevention/Detection Systems, Firewalls, and SIEM. Knowledge of reporting suites such as Power BI. Strong understanding of Microsoft security suites and relevant qualifications. Expertise in threat identification. Security certifications such as CISM, CISSP, M.Inst.ISP, or CISA from a recognized professional body. Technical certifications in network or systems engineering from a recognized professional body. Understanding of fundamental cloud concepts, particularly for AWS. Familiarity with OWASP Top 10 and the API Security Playbook Eames Consulting is acting as an Employment Agency in relation to this vacancy.
21/05/2024
Full time
Eames are working with a reputable insurer on the hire of a Senior Security Operations Analyst. Responsibilities: Overseeing the security of the technical infrastructure provided by third-party suppliers, addressing any identified security risks to the organization. Managing the remediation of operational risks to their conclusion and taking ownership of these processes within the team. Leading the development and enhancement of detection engineering and associated technologies. Conducting operational and threat malware analysis for the organization. Offering security insights and maintaining relationships with the Service Management function concerning change management, problem management, and incident management. Handling level 2/3 operational cyber incident response. Promptly escalating any detected incidents and anomalies within the organization, providing expert guidance for operational challenges. Monitoring emerging threat patterns, vulnerabilities, and anomalies, escalating unknown threats to relevant areas within the company. Collecting metrics on the status of technical information security controls across the organization, identifying risk areas, and developing and managing remediation plans as necessary. Collaborating with all CISO teams to report and address operational issues at an architectural level. Participating in a shared, rotational 24/7 on-call requirement, acting as the single point of contact for all security-related response actions and decisions, including managing each incident from a security perspective, interacting with Incident Management/Major Incident Management teams, and recording key security decisions. Qualifications: Proficiency and experience in Firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, Switches, Routers, and Voice Over IP (VoIP), as well as Firewall zoning. Ability to interpret system data, including security event logs, system logs, application logs, and device logs. Knowledge and experience with enterprise-grade technologies, including operating systems, databases, and web applications. Experience in network traffic analysis to identify developing patterns. Capability to mentor and upskill junior team members. Security analysis skills comparable to CompTIA CySA+ certification or similar. Preferred Qualifications: Experience with technologies such as Data Loss Prevention, Intrusion Prevention/Detection Systems, Firewalls, and SIEM. Knowledge of reporting suites such as Power BI. Strong understanding of Microsoft security suites and relevant qualifications. Expertise in threat identification. Security certifications such as CISM, CISSP, M.Inst.ISP, or CISA from a recognized professional body. Technical certifications in network or systems engineering from a recognized professional body. Understanding of fundamental cloud concepts, particularly for AWS. Familiarity with OWASP Top 10 and the API Security Playbook Eames Consulting is acting as an Employment Agency in relation to this vacancy.
Role Title: SIEM/Incident SME Duration: 6 months Location: Hybrid/Corsham, Portsmouth or Northallerton - 2/3 days per week at ONE site Rate: £700/d - Umbrella only PLEASE NOTE: Applicants must hold active DV Clearance to be considered for this role Would you like to join a global leader in consulting, technology services and digital transformation? Our client is at the forefront of innovation to address the entire breadth of opportunities in the evolving world of cloud, digital and platforms. Role purpose/summary The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Key Skills/requirements Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications : Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent) All profiles will be reviewed against the required skills and experience. Due to the high number of applications, we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!
20/05/2024
Project-based
Role Title: SIEM/Incident SME Duration: 6 months Location: Hybrid/Corsham, Portsmouth or Northallerton - 2/3 days per week at ONE site Rate: £700/d - Umbrella only PLEASE NOTE: Applicants must hold active DV Clearance to be considered for this role Would you like to join a global leader in consulting, technology services and digital transformation? Our client is at the forefront of innovation to address the entire breadth of opportunities in the evolving world of cloud, digital and platforms. Role purpose/summary The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Key Skills/requirements Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications : Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent) All profiles will be reviewed against the required skills and experience. Due to the high number of applications, we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!
SIEM/Incident SME CONTRACTOR MUST HOLD DV CLEARANCE Role Title: SIEM/Incident SME Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months Role Description: Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role: . Develop and integrate security event monitoring and incident management services. . Respond to security incidents as they occur as part of an incident response team. . Implement metrics and dashboards to give visibility of the Enterprise infrastructure. . Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. . Produce documentation to ensure the repeatability and standardisation of security operating procedures. . Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. . Maintain a baseline of system security according to latest threat intelligence and evolving trends. . Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. . Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. . Offer strategic and tactical security guidance including valuation requirement of technical controls. . Be part of the CRM process . Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. . Document, validate and create operational processes and procedures to help develop the SOC. . Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. . Build, install, configure, and test dedicated cyber defence hardware. . Support Junior Analysts to manage SOC systems. . Previous experience of Enterprise ICS/network architectures and technologies . Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. . Experience as a mentor/coach to Junior Analysts Your profile: . Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks . Skilled in maintaining Microsoft directory services. . Skilled in using virtualisation software. . Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) . Excellent communication skills . Experience of writing Defence/Government documentation Desirable Qualifications: . Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) . SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) . Advanced Analyst Course (SANS SEC503 or equivalent) If this role is of interest to you, and you hold an active DV clearance - please apply now! Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.
20/05/2024
Project-based
SIEM/Incident SME CONTRACTOR MUST HOLD DV CLEARANCE Role Title: SIEM/Incident SME Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months Role Description: Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role: . Develop and integrate security event monitoring and incident management services. . Respond to security incidents as they occur as part of an incident response team. . Implement metrics and dashboards to give visibility of the Enterprise infrastructure. . Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. . Produce documentation to ensure the repeatability and standardisation of security operating procedures. . Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. . Maintain a baseline of system security according to latest threat intelligence and evolving trends. . Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. . Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. . Offer strategic and tactical security guidance including valuation requirement of technical controls. . Be part of the CRM process . Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. . Document, validate and create operational processes and procedures to help develop the SOC. . Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. . Build, install, configure, and test dedicated cyber defence hardware. . Support Junior Analysts to manage SOC systems. . Previous experience of Enterprise ICS/network architectures and technologies . Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. . Experience as a mentor/coach to Junior Analysts Your profile: . Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks . Skilled in maintaining Microsoft directory services. . Skilled in using virtualisation software. . Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) . Excellent communication skills . Experience of writing Defence/Government documentation Desirable Qualifications: . Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) . SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) . Advanced Analyst Course (SANS SEC503 or equivalent) If this role is of interest to you, and you hold an active DV clearance - please apply now! Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.
SIEM/Incident SME Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months MUST BE PAYE THROUGH UMBRELLA We are heading up a recruitment drive for a global consultancy that require a DV Cleared SIEM/Incident SME to join them on a major project that's based onsite 4/5 days in either Warwick, Farnborough or Corsham. Role Description : Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
20/05/2024
Project-based
SIEM/Incident SME Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months MUST BE PAYE THROUGH UMBRELLA We are heading up a recruitment drive for a global consultancy that require a DV Cleared SIEM/Incident SME to join them on a major project that's based onsite 4/5 days in either Warwick, Farnborough or Corsham. Role Description : Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
17/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
17/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
We are Global IT Recruitment specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME (Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months Role Description: Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
17/05/2024
Project-based
We are Global IT Recruitment specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME (Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months Role Description: Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
Technology Resilience Lead - Disaster Recovery - London Salary £60-70k - 2 Day per week office based Bonus Scheme Technology Resilience Lead required for a leading client based in London. My client is currently seeking a suitable candidate to Support the capacity and capability of our clients' collective, including their operational entities and subsidiaries, to prepare for, respond to, and rebound from disruptions to our global technology infrastructure and operational environments. We seek a highly skilled IT professional with expertise in one or more of the following areas: infrastructure, cybersecurity, engineering, testing, and project management. Your dedication lies in ensuring our clients maintain a robust and resilient technological ecosystem, mitigating risks, and enhancing operational readiness. Your commitment extends to ensuring the continuity of critical business functions and technology systems despite disruptions or challenges. Your role entails defining the standards of technology resilience and overseeing the Group-wide Disaster Recovery program. This program emphasizes testing the resilience, continuity, and recoverability of our critical applications and systems. Key skills: -Display unwavering dedication to our clients' core values by adhering to our standards of business conduct, ensuring compliance with Group policies and procedures, and setting a precedent through personal example. -Your duties will encompass delineating the criteria for robust technology resilience and overseeing the Group-wide Disaster Recovery program, concentrating on assessing the resilience, continuity, and recoverability of vital applications and systems. -You'll collaborate with Technology Service Owners and broader Group IT and Operating Business teams to facilitate data restoration exercises and execute backups. This involves maintaining and testing existing backups to uphold data integrity and availability. -Conducting operational assessments of defined Disaster Recovery plans will be part of your responsibilities. This entails utilizing various methods such as checklists, walk-throughs, tabletop exercises, simulations (parallel or full interrupt), and comprehensive exercises, coordinated with related plans like IT DR plans and crisis management plans. -Furthermore, you'll integrate cybersecurity scenarios, analyse test outcomes, implement lessons learned, and incorporate necessary improvements or corrective actions into IT DR and Cyber Resilience plans. -By conducting post-incident reviews and analysing pre-planned testing outcomes, you'll continuously monitor and assess key performance indicators (KPIs) like recovery time objectives (RTOs) and recovery point objectives (RPOs). This process aims to continually enhance the efficiency and effectiveness of the disaster recovery program. -Foster a work environment that emphasizes the significance of employees acting with integrity and ethics, aligning with the Group Code of Conduct. -Serve as a subject matter expert, forging trusted partnerships with the business and staying abreast of the latest advancements and innovations in the field. -Assume responsibility for overseeing the implementation of the clients' disaster recovery plan in the event of a crisis, facilitating swift responses to potential disruptions such as cyberattacks or infrastructure damage. -Possessing one of the following certifications is advantageous: CompTIA Network +, CompTIA Security +, CISM, CISSP, or COBIT 5. -Demonstrate a fundamental understanding of frameworks such as NIST CSF, ISO 27001/27002, and COBIT. -Experience in Operational Technology Security, with the ability to identify and address IT and operational vulnerabilities, is preferred. Interested? Please submit your updated CV to Dean Parkes at Crimson for immediate consideration. Not interested? Do you know someone who might be a perfect fit for this role? Refer a friend and earn £250 worth of vouchers! Crimson is acting as an employment agency regarding this vacancy
16/05/2024
Full time
Technology Resilience Lead - Disaster Recovery - London Salary £60-70k - 2 Day per week office based Bonus Scheme Technology Resilience Lead required for a leading client based in London. My client is currently seeking a suitable candidate to Support the capacity and capability of our clients' collective, including their operational entities and subsidiaries, to prepare for, respond to, and rebound from disruptions to our global technology infrastructure and operational environments. We seek a highly skilled IT professional with expertise in one or more of the following areas: infrastructure, cybersecurity, engineering, testing, and project management. Your dedication lies in ensuring our clients maintain a robust and resilient technological ecosystem, mitigating risks, and enhancing operational readiness. Your commitment extends to ensuring the continuity of critical business functions and technology systems despite disruptions or challenges. Your role entails defining the standards of technology resilience and overseeing the Group-wide Disaster Recovery program. This program emphasizes testing the resilience, continuity, and recoverability of our critical applications and systems. Key skills: -Display unwavering dedication to our clients' core values by adhering to our standards of business conduct, ensuring compliance with Group policies and procedures, and setting a precedent through personal example. -Your duties will encompass delineating the criteria for robust technology resilience and overseeing the Group-wide Disaster Recovery program, concentrating on assessing the resilience, continuity, and recoverability of vital applications and systems. -You'll collaborate with Technology Service Owners and broader Group IT and Operating Business teams to facilitate data restoration exercises and execute backups. This involves maintaining and testing existing backups to uphold data integrity and availability. -Conducting operational assessments of defined Disaster Recovery plans will be part of your responsibilities. This entails utilizing various methods such as checklists, walk-throughs, tabletop exercises, simulations (parallel or full interrupt), and comprehensive exercises, coordinated with related plans like IT DR plans and crisis management plans. -Furthermore, you'll integrate cybersecurity scenarios, analyse test outcomes, implement lessons learned, and incorporate necessary improvements or corrective actions into IT DR and Cyber Resilience plans. -By conducting post-incident reviews and analysing pre-planned testing outcomes, you'll continuously monitor and assess key performance indicators (KPIs) like recovery time objectives (RTOs) and recovery point objectives (RPOs). This process aims to continually enhance the efficiency and effectiveness of the disaster recovery program. -Foster a work environment that emphasizes the significance of employees acting with integrity and ethics, aligning with the Group Code of Conduct. -Serve as a subject matter expert, forging trusted partnerships with the business and staying abreast of the latest advancements and innovations in the field. -Assume responsibility for overseeing the implementation of the clients' disaster recovery plan in the event of a crisis, facilitating swift responses to potential disruptions such as cyberattacks or infrastructure damage. -Possessing one of the following certifications is advantageous: CompTIA Network +, CompTIA Security +, CISM, CISSP, or COBIT 5. -Demonstrate a fundamental understanding of frameworks such as NIST CSF, ISO 27001/27002, and COBIT. -Experience in Operational Technology Security, with the ability to identify and address IT and operational vulnerabilities, is preferred. Interested? Please submit your updated CV to Dean Parkes at Crimson for immediate consideration. Not interested? Do you know someone who might be a perfect fit for this role? Refer a friend and earn £250 worth of vouchers! Crimson is acting as an employment agency regarding this vacancy
Senior Cloud Network Engineer Permanent, 3 days in office in London Overview: The Company is a leading financial services firm. The technology is being transformed to a Cloud-First, Cloud-Native architectural model, utilizing DevSecOps processes and adoption of systems-thinking concepts to enhance productivity. The Cloud Network Engineer are responsible for delivering modern end user solutions that are fully automated through code, ensuring scalability and optimize availability and reliability 24/7. Responsibilities: Engineer and secure core Azure platform services across global footprint. Go deep on Cloud Network Engineer, adopting Zero Trust Architecture principles. Engineer and maintain Cloud Secure Web Gateways, Next-Gen CASB solutions Advance branch/SD-WAN solution to optimise network performance and connectivity. Colloborate with other areas of engineering and Service operations to ensure the successful integration of SSE/SASE Automate every operational aspect of infrastructure and systems life cycle Respond to incidents. Run Infrastructure with Python/PowerShell, Ansible, Terraform, Azure DevOps, CI/CD, Kubernetes. Design, build and maintain core infrastructure. Debub production issues Requirements: Strong experience in Windows Servers, Virtulisation, Containerisation tech on Azure Proficiency in Object Oriented programming and developing automated solutions through code. Experience in configuration management systems like Ansible Passion for network security and desire to protect organisations from cyber threats. Keen on Open Source development. Collaborative and able to communicate effectively and asynchronously.
16/05/2024
Full time
Senior Cloud Network Engineer Permanent, 3 days in office in London Overview: The Company is a leading financial services firm. The technology is being transformed to a Cloud-First, Cloud-Native architectural model, utilizing DevSecOps processes and adoption of systems-thinking concepts to enhance productivity. The Cloud Network Engineer are responsible for delivering modern end user solutions that are fully automated through code, ensuring scalability and optimize availability and reliability 24/7. Responsibilities: Engineer and secure core Azure platform services across global footprint. Go deep on Cloud Network Engineer, adopting Zero Trust Architecture principles. Engineer and maintain Cloud Secure Web Gateways, Next-Gen CASB solutions Advance branch/SD-WAN solution to optimise network performance and connectivity. Colloborate with other areas of engineering and Service operations to ensure the successful integration of SSE/SASE Automate every operational aspect of infrastructure and systems life cycle Respond to incidents. Run Infrastructure with Python/PowerShell, Ansible, Terraform, Azure DevOps, CI/CD, Kubernetes. Design, build and maintain core infrastructure. Debub production issues Requirements: Strong experience in Windows Servers, Virtulisation, Containerisation tech on Azure Proficiency in Object Oriented programming and developing automated solutions through code. Experience in configuration management systems like Ansible Passion for network security and desire to protect organisations from cyber threats. Keen on Open Source development. Collaborative and able to communicate effectively and asynchronously.