We are Global IT Recruitment specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME (Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months Role Description: Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
17/05/2024
Project-based
We are Global IT Recruitment specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME (Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months Role Description: Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
Global Technology Solutions Ltd
Edinburgh, Midlothian
Job Title: Infrastructure Support Engineer III Contract length: 3-months Day rate: £340 inside ir35 through umbrella Location: Edinburgh *Must be holding SC Clearance* Site hours are: 07:00 - 16:30 Mon-Thurs and 07:00 - 13:30 Fri - hours to be agreed ROLE OVERVIEW: We are looking for customer-focused and enthusiastic 3rd line infrastructure Support Engineer with a genuine interest in solving peoples IT issues to backfill our Business As Usual services while some of our key staff support a critical project. The applicant should be technically competent, possess good written and verbal communication skills and be willing to collaborate with the wider IT support teams. The 3rd line team members are expected to be specialists at solving a variety of software issues, while minimizing disruption to our users. A successful candidate will be someone who can blend first rate customer service with first rate technical skills. Previous experience resolving 2nd and 3rd line issues in an enterprise environment is essential. DETAILED JOB DESCRIPTION: * To manage a range of technologies such as Domain Central Services (Active Directory), SCCM - to include optimisation, interoperability, and availability * Hands on experience of day to day administration of Microsoft Active Directory including creation of users, security groups, GPO's and roaming profiles * Able to identify, define and resolve complex issues with Microsoft Windows and Office applications * Coach and educate the 2nd Line Engineers, in developing their skills to improve first time fix and overall team performance * Demonstrate resilience and the resourcefulness to work effectively under pressure and to tight deadlines * Ability to author documents such as reports, policies, procedures and workflows ESSENTIALS SKILLS/QUALIFICATIONS: * Active Directory * SCCM management & operation (or similar network management system) * Microsoft WSUS (Windows Server Update Services) * Ivanti Security Controls * Ivanti Device and Application Control * Avecto Defendpoint DESIRABLE SKILLS/QUALIFICATIONS: * Citrix based VDI Infrastructure * Administering Licence Servers * Administering Managed Print Servers * ITIL Foundation * MCP/MCSE If you have the skills required, please "In applying for this position, you consent to your personal data being shared with the specified employer and for your details to remain with GTS for as long as is necessary to process your application. See our Privacy Notice for full information Global Technology Solutions is acting as an Employment Business in relation to this vacancy.
16/05/2024
Project-based
Job Title: Infrastructure Support Engineer III Contract length: 3-months Day rate: £340 inside ir35 through umbrella Location: Edinburgh *Must be holding SC Clearance* Site hours are: 07:00 - 16:30 Mon-Thurs and 07:00 - 13:30 Fri - hours to be agreed ROLE OVERVIEW: We are looking for customer-focused and enthusiastic 3rd line infrastructure Support Engineer with a genuine interest in solving peoples IT issues to backfill our Business As Usual services while some of our key staff support a critical project. The applicant should be technically competent, possess good written and verbal communication skills and be willing to collaborate with the wider IT support teams. The 3rd line team members are expected to be specialists at solving a variety of software issues, while minimizing disruption to our users. A successful candidate will be someone who can blend first rate customer service with first rate technical skills. Previous experience resolving 2nd and 3rd line issues in an enterprise environment is essential. DETAILED JOB DESCRIPTION: * To manage a range of technologies such as Domain Central Services (Active Directory), SCCM - to include optimisation, interoperability, and availability * Hands on experience of day to day administration of Microsoft Active Directory including creation of users, security groups, GPO's and roaming profiles * Able to identify, define and resolve complex issues with Microsoft Windows and Office applications * Coach and educate the 2nd Line Engineers, in developing their skills to improve first time fix and overall team performance * Demonstrate resilience and the resourcefulness to work effectively under pressure and to tight deadlines * Ability to author documents such as reports, policies, procedures and workflows ESSENTIALS SKILLS/QUALIFICATIONS: * Active Directory * SCCM management & operation (or similar network management system) * Microsoft WSUS (Windows Server Update Services) * Ivanti Security Controls * Ivanti Device and Application Control * Avecto Defendpoint DESIRABLE SKILLS/QUALIFICATIONS: * Citrix based VDI Infrastructure * Administering Licence Servers * Administering Managed Print Servers * ITIL Foundation * MCP/MCSE If you have the skills required, please "In applying for this position, you consent to your personal data being shared with the specified employer and for your details to remain with GTS for as long as is necessary to process your application. See our Privacy Notice for full information Global Technology Solutions is acting as an Employment Business in relation to this vacancy.
Finance Systems Specialist 100% remote available Our client, a global organisation are searching for an experience Finance Systems specialist to join their business on a 6 month Fixed Term Contract. This role will support the global finance teams with the finance software. Responsible for installations and upgrades and support the implementation of their bill to cash software. Role responsibilities: Installation and technical maintenance of the Bill to Cash Software (primarily Credit Control and Cash Allocation) Schedule and perform regular upgrades of the Bill to Cash Software Support the Bill to Cash Process by technically deploying, implementing, and migrating Bill to Cash Software globally following the standardised strategy Support other Financial Software used within the global Finance Teams (eg Dynamics NAV, Business Central, Alloc8, C-Series.) Provide technical and functional training to the business (End users, Application support Teams) Document technical process flows Deploy recommendations and improvements to the software and technical processes to achieve business and process improvements Provide ongoing support on incidents Support the local teams with changes to processes and system setups Ensure compatibility with other systems while maintaining integrity of the data and data transfers Support Major Incident Review (MIR) and Problem Management meetings and actively contribute sharing solutions Enforce "best practice sharing" across countries and regions Essential skills: Technical knowledge of operating system, windows server, IIS (Internet Information Service), other technical tools (eg Powershell) Knowledge of Credit Management and Cash Allocation Software (preferably OnGuard) Knowledge of Active Directory and Citrix Willing to sometimes travel internationally Training skills Effective communicator [written and verbal]. Ready to support and develop members of the team. High integrity Good emphatic skills to understand the needs of the internal customer Proactive skill set to keep up with new technical trends Capable of working under pressure and managing a diverse workload. Experience of working within delivery teams for projects of varying sizes and timescales Understanding of data protection issues Problem-solving capabilities Desirable skills: Knowledge of Finance (especially Credit Management and Cash Allocation ) Processes Experience of Dynamic NAV and/or Business Central implementations Knowledge of SQL database and reporting Experience of working in a complex, multi-priority organisation. Knowledge of other finance business processes (eg Accountancy) Previous experience of finance related project Finance Systems Specialist Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
16/05/2024
Finance Systems Specialist 100% remote available Our client, a global organisation are searching for an experience Finance Systems specialist to join their business on a 6 month Fixed Term Contract. This role will support the global finance teams with the finance software. Responsible for installations and upgrades and support the implementation of their bill to cash software. Role responsibilities: Installation and technical maintenance of the Bill to Cash Software (primarily Credit Control and Cash Allocation) Schedule and perform regular upgrades of the Bill to Cash Software Support the Bill to Cash Process by technically deploying, implementing, and migrating Bill to Cash Software globally following the standardised strategy Support other Financial Software used within the global Finance Teams (eg Dynamics NAV, Business Central, Alloc8, C-Series.) Provide technical and functional training to the business (End users, Application support Teams) Document technical process flows Deploy recommendations and improvements to the software and technical processes to achieve business and process improvements Provide ongoing support on incidents Support the local teams with changes to processes and system setups Ensure compatibility with other systems while maintaining integrity of the data and data transfers Support Major Incident Review (MIR) and Problem Management meetings and actively contribute sharing solutions Enforce "best practice sharing" across countries and regions Essential skills: Technical knowledge of operating system, windows server, IIS (Internet Information Service), other technical tools (eg Powershell) Knowledge of Credit Management and Cash Allocation Software (preferably OnGuard) Knowledge of Active Directory and Citrix Willing to sometimes travel internationally Training skills Effective communicator [written and verbal]. Ready to support and develop members of the team. High integrity Good emphatic skills to understand the needs of the internal customer Proactive skill set to keep up with new technical trends Capable of working under pressure and managing a diverse workload. Experience of working within delivery teams for projects of varying sizes and timescales Understanding of data protection issues Problem-solving capabilities Desirable skills: Knowledge of Finance (especially Credit Management and Cash Allocation ) Processes Experience of Dynamic NAV and/or Business Central implementations Knowledge of SQL database and reporting Experience of working in a complex, multi-priority organisation. Knowledge of other finance business processes (eg Accountancy) Previous experience of finance related project Finance Systems Specialist Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
16/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
16/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
Senior GRC Specialist Salary: $120k-$135k + 10% bonus Location: Chicago, IL or Austin, TX Hybrid: 3 days in-office, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC Technical writing experience 4+ years of Information Security experience Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of Privileged Access Management technologies Responsibilities Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards, and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and life cycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes roadmap development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards.
15/05/2024
Full time
Senior GRC Specialist Salary: $120k-$135k + 10% bonus Location: Chicago, IL or Austin, TX Hybrid: 3 days in-office, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC Technical writing experience 4+ years of Information Security experience Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of Privileged Access Management technologies Responsibilities Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards, and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and life cycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes roadmap development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards.
Senior GRC Specialist Salary: $120k-$135k + 10% bonus Location: Chicago, IL or Austin, TX Hybrid: 3 days in-office, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC Technical writing experience 4+ years of Information Security experience Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of Privileged Access Management technologies Responsibilities Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards, and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and life cycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes roadmap development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards.
15/05/2024
Full time
Senior GRC Specialist Salary: $120k-$135k + 10% bonus Location: Chicago, IL or Austin, TX Hybrid: 3 days in-office, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC Technical writing experience 4+ years of Information Security experience Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of Privileged Access Management technologies Responsibilities Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards, and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and life cycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes roadmap development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards.
Global Technology Solutions Ltd
Reading, Berkshire
Job Title: SC Cleared On Prem AD/Azure support specialist Location: Aldermaston, Reading. Potential hybrid agreements Salary: £56,525p/a Working hours: standard office hours British national only, this is due to the nature of the work and the clearances required. We are looking for customer-focused and enthusiastic Azure and Active Directory Specialist to join the company. You should have a genuine interest in solving IT issues and empathetic to customer needs and requirements. Day to day tasks include expert management and troubleshooting of Azure, Dev environments and Active Directory services and issues within a complex locked down System structure. You should possess good written and verbal communication skills, be willing to collaborate with the wider IT support teams and help us develop a strong partnership with our customers' IT Leadership. The successful candidate will be responsible in supporting a strategic change to the service model and implementing design documents and processes along with new statements of work. This will require working closely with the Operations Manager and Account Project Lead to define and implement a more agile and collaborative structure which is capable of blending BAU support with short term projects and ad-hoc requests, where scoped and agreed. This will be achieved by following Agile and ITIL Continuous Service Improvement methodologies. ESSENTIALS SKILLS/QUALIFICATIONS: * 5 years plus Azure Active Directory experience (Essential) * Working Knowledge and implementation experience of Azure Dev Ops and Dev Test Labs * Azure Virtual Desktop knowledge and implementation experience (Nerdio) * Azure Cloud Infrastructure Knowledge * Infrastructure as a Code (knowledge and implementation experience) (IaC) * CI/CD pipelines knowledge and understanding * ARM templates/Bicep (knowledge and implementation experience) * Microsoft Tiered Model Knowledge and how this impacts different tiered environments * Azure Role & Functional based Security Delegation and Layers and Role Based Access Control * Azure Networking Experience * Azure Firewalls Experience * Azure Security including Conditional Access Policies and Multi Factor Authentication and Privileged Identity Management * Azure Virtual Machine Management * Azure Storage Experience * Azure Monitoring and log analytics * Azure Enterprise and ADFS Application Provisioning * Active Directory Connect/sync and Active Directory Federation Services * Azure PowerShell Scripting * Microsoft Windows Server 2016, 2019 and 2022 experience * Comfortable working with a Hybrid Joined Active Directory environment * Group Policy Management and Conditional Access Policy Management Experience * DNS, DHCP Experience * Working knowledge and understand of PKI Services * Scripting experience using BAT, PowerShell, C# and VB Scripts * Awareness of Change and Release Management * Strong communication skills both written and verbal * Self-motivated with a positive attitude and comfortable working with ambiguity * Create Operational guides and High-Level/Low-Level Designs * Good knowledge of MS Endpoint Management * Good knowledge of Office 365 and Exchange Online DESIRABLE SKILLS/QUALIFICATIONS: * Infrastructure Support experience/background inc patching, backups and restores, Windows/Linux * AD Sync and AD Connect Experience beneficial * Azure Containers * Azure Kubernetes * Azure Endpoint Management/Intune * Good knowledge across SCCM; WSUS; SCOM 2019; AGPM; Lumensions. * ITIL Foundation certified with a broad experience across Service Management disciplines and Agile delivery Benefits: * Development through Training/Certification * Put through DV clearance (including tax allowance) * potential hybrid working (home and onsite) * Joining a strong team with a wealth of knowledge and experience If you have the skill required, apply now! "In applying for this position, you consent to your personal data being shared with the specified employer and for your details to remain with GTS for as long as is necessary to process your application. See our Privacy Notice for full information Global Technology Solutions is acting as an Employment Agency in relation to this vacancy.
14/05/2024
Full time
Job Title: SC Cleared On Prem AD/Azure support specialist Location: Aldermaston, Reading. Potential hybrid agreements Salary: £56,525p/a Working hours: standard office hours British national only, this is due to the nature of the work and the clearances required. We are looking for customer-focused and enthusiastic Azure and Active Directory Specialist to join the company. You should have a genuine interest in solving IT issues and empathetic to customer needs and requirements. Day to day tasks include expert management and troubleshooting of Azure, Dev environments and Active Directory services and issues within a complex locked down System structure. You should possess good written and verbal communication skills, be willing to collaborate with the wider IT support teams and help us develop a strong partnership with our customers' IT Leadership. The successful candidate will be responsible in supporting a strategic change to the service model and implementing design documents and processes along with new statements of work. This will require working closely with the Operations Manager and Account Project Lead to define and implement a more agile and collaborative structure which is capable of blending BAU support with short term projects and ad-hoc requests, where scoped and agreed. This will be achieved by following Agile and ITIL Continuous Service Improvement methodologies. ESSENTIALS SKILLS/QUALIFICATIONS: * 5 years plus Azure Active Directory experience (Essential) * Working Knowledge and implementation experience of Azure Dev Ops and Dev Test Labs * Azure Virtual Desktop knowledge and implementation experience (Nerdio) * Azure Cloud Infrastructure Knowledge * Infrastructure as a Code (knowledge and implementation experience) (IaC) * CI/CD pipelines knowledge and understanding * ARM templates/Bicep (knowledge and implementation experience) * Microsoft Tiered Model Knowledge and how this impacts different tiered environments * Azure Role & Functional based Security Delegation and Layers and Role Based Access Control * Azure Networking Experience * Azure Firewalls Experience * Azure Security including Conditional Access Policies and Multi Factor Authentication and Privileged Identity Management * Azure Virtual Machine Management * Azure Storage Experience * Azure Monitoring and log analytics * Azure Enterprise and ADFS Application Provisioning * Active Directory Connect/sync and Active Directory Federation Services * Azure PowerShell Scripting * Microsoft Windows Server 2016, 2019 and 2022 experience * Comfortable working with a Hybrid Joined Active Directory environment * Group Policy Management and Conditional Access Policy Management Experience * DNS, DHCP Experience * Working knowledge and understand of PKI Services * Scripting experience using BAT, PowerShell, C# and VB Scripts * Awareness of Change and Release Management * Strong communication skills both written and verbal * Self-motivated with a positive attitude and comfortable working with ambiguity * Create Operational guides and High-Level/Low-Level Designs * Good knowledge of MS Endpoint Management * Good knowledge of Office 365 and Exchange Online DESIRABLE SKILLS/QUALIFICATIONS: * Infrastructure Support experience/background inc patching, backups and restores, Windows/Linux * AD Sync and AD Connect Experience beneficial * Azure Containers * Azure Kubernetes * Azure Endpoint Management/Intune * Good knowledge across SCCM; WSUS; SCOM 2019; AGPM; Lumensions. * ITIL Foundation certified with a broad experience across Service Management disciplines and Agile delivery Benefits: * Development through Training/Certification * Put through DV clearance (including tax allowance) * potential hybrid working (home and onsite) * Joining a strong team with a wealth of knowledge and experience If you have the skill required, apply now! "In applying for this position, you consent to your personal data being shared with the specified employer and for your details to remain with GTS for as long as is necessary to process your application. See our Privacy Notice for full information Global Technology Solutions is acting as an Employment Agency in relation to this vacancy.