We are Global IT Recruitment specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME (Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months Role Description: Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
17/05/2024
Project-based
We are Global IT Recruitment specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME (Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months Role Description: Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
Our client is a European leader in Telecoms Network Automation technologies. We are looking for a highly motivated, passionate, and innovative technologist to join their team as an Elasticsearch consultant within their Telecoms practice. The client is pioneering cutting-edge AI/ML technologies and working with Telecom Service Providers to transform their network operations and replace Legacy OSS software and processes We are looking for candidates who can play a crucial role in the scaling and the deployment of Elasticsearch within its Tier 1 customer. You would need to have extensive experience of managing this product within a similar organisation and the role is remote to enable the contractor to work effectively. The company A clear leader in Telco Network Automation solutions What do you need: At least 5 years demonstrable experience with ELK stack Experience of Elastic cloud deployment (GCP non-managed) as well as onPrem Working for Elastic engineering (dev, devops) would be an advantage Troubleshooting performance and scaling issues across Elastic and Kibana Experience of working on large Elastic clusters in excess of 200TB storage and > 25 elastic nodes Experience of performance tuning (Elasticsearch, Elasticsearch API, Kibana In-depth knowledge of ILM configuration, dashboard performance, API performance Please let me know if this role is of interest and let's have a quick chat.
13/05/2024
Project-based
Our client is a European leader in Telecoms Network Automation technologies. We are looking for a highly motivated, passionate, and innovative technologist to join their team as an Elasticsearch consultant within their Telecoms practice. The client is pioneering cutting-edge AI/ML technologies and working with Telecom Service Providers to transform their network operations and replace Legacy OSS software and processes We are looking for candidates who can play a crucial role in the scaling and the deployment of Elasticsearch within its Tier 1 customer. You would need to have extensive experience of managing this product within a similar organisation and the role is remote to enable the contractor to work effectively. The company A clear leader in Telco Network Automation solutions What do you need: At least 5 years demonstrable experience with ELK stack Experience of Elastic cloud deployment (GCP non-managed) as well as onPrem Working for Elastic engineering (dev, devops) would be an advantage Troubleshooting performance and scaling issues across Elastic and Kibana Experience of working on large Elastic clusters in excess of 200TB storage and > 25 elastic nodes Experience of performance tuning (Elasticsearch, Elasticsearch API, Kibana In-depth knowledge of ILM configuration, dashboard performance, API performance Please let me know if this role is of interest and let's have a quick chat.
DevSecOps Senior & Team Lead (Public Transport) 50% remote, 50% on-site in Brussels Do you want to lead a high-performing DevSecOps team and make a real impact in the public transport sector? We are looking for a talented and experienced DevSecOps Senior & Team Lead to join my client's team. In this role, you will be responsible for leading a team of technical professionals and driving innovation in our DevSecOps practices. About the role Lead and motivate a team of 6-10 engineers (junior, mid-level, and senior) Foster a collaborative and positive work environment Ensure efficient and timely delivery of projects Manage budgets and resources effectively Possess excellent communication and interpersonal skills Be able to work effectively under pressure and prioritize tasks Work with a customer-centric approach and maintain confidentiality Technical Skills and Experience Master's degree in engineering or computer science (or equivalent experience) Proven experience leading a technical team Experience with Agile methodologies Strong understanding of Linux operating systems (Red Hat) and Scripting (Bash, Python) Fluency in Dutch, French, and English Solid experience with cybersecurity for OT infrastructure Experience working in a production environment Basic knowledge of Javascript and Java Basic understanding of network administration (Routers, Switches, VPNs, Firewalls) A plus: Certifications: CISSP, CISM, ISO 27001 Experience with DevSecOps tools: Puppet (open source), Ansible Monitoring tools: Zabbix, Nagios Logging and analytics: Elastic Stack (including Kibana) Database technologies: MySQL, PostgreSQL Atlassian suite (Jira, Confluence, Git) VMWare (vCenter) Git version control Configuration Management Databases (CMDBs) like GLPI For immediate consideration, please forward your latest CV.
13/05/2024
Project-based
DevSecOps Senior & Team Lead (Public Transport) 50% remote, 50% on-site in Brussels Do you want to lead a high-performing DevSecOps team and make a real impact in the public transport sector? We are looking for a talented and experienced DevSecOps Senior & Team Lead to join my client's team. In this role, you will be responsible for leading a team of technical professionals and driving innovation in our DevSecOps practices. About the role Lead and motivate a team of 6-10 engineers (junior, mid-level, and senior) Foster a collaborative and positive work environment Ensure efficient and timely delivery of projects Manage budgets and resources effectively Possess excellent communication and interpersonal skills Be able to work effectively under pressure and prioritize tasks Work with a customer-centric approach and maintain confidentiality Technical Skills and Experience Master's degree in engineering or computer science (or equivalent experience) Proven experience leading a technical team Experience with Agile methodologies Strong understanding of Linux operating systems (Red Hat) and Scripting (Bash, Python) Fluency in Dutch, French, and English Solid experience with cybersecurity for OT infrastructure Experience working in a production environment Basic knowledge of Javascript and Java Basic understanding of network administration (Routers, Switches, VPNs, Firewalls) A plus: Certifications: CISSP, CISM, ISO 27001 Experience with DevSecOps tools: Puppet (open source), Ansible Monitoring tools: Zabbix, Nagios Logging and analytics: Elastic Stack (including Kibana) Database technologies: MySQL, PostgreSQL Atlassian suite (Jira, Confluence, Git) VMWare (vCenter) Git version control Configuration Management Databases (CMDBs) like GLPI For immediate consideration, please forward your latest CV.