isk Compliance Manager - 6 months contract - Remote Our client is a global Pharma company and they are looking for a Risk Compliance Manager to deliver specialised risk and compliance management services related to SOX controls within IT, Finance, or People & Operations. These services will support system security activities and encompass various projects under the Human Capital Management (HCM) program, including integration (T3-11) and Time & Attendance Transformation Analysing and summarizing expected compliance risks in finance, IT, or HR related to the projects and their various go-live dates, ensuring necessary controls are in place before launch. This includes work instruction descriptions, configuring required reports in Workday, obtaining needed approvals, and training personnel on executing the controls. Collecting input from various teams (IT, Security, People & Operations, Finance Reporting & Analytics, Finance Controls & Compliance) to provide a comprehensive understanding of project risk and compliance issues. Reporting and following up on newly discovered project compliance issues until resolution. Supporting updates of SOX IT step-out documents to reflect program needs on an ad hoc basis.
26/06/2024
Project-based
isk Compliance Manager - 6 months contract - Remote Our client is a global Pharma company and they are looking for a Risk Compliance Manager to deliver specialised risk and compliance management services related to SOX controls within IT, Finance, or People & Operations. These services will support system security activities and encompass various projects under the Human Capital Management (HCM) program, including integration (T3-11) and Time & Attendance Transformation Analysing and summarizing expected compliance risks in finance, IT, or HR related to the projects and their various go-live dates, ensuring necessary controls are in place before launch. This includes work instruction descriptions, configuring required reports in Workday, obtaining needed approvals, and training personnel on executing the controls. Collecting input from various teams (IT, Security, People & Operations, Finance Reporting & Analytics, Finance Controls & Compliance) to provide a comprehensive understanding of project risk and compliance issues. Reporting and following up on newly discovered project compliance issues until resolution. Supporting updates of SOX IT step-out documents to reflect program needs on an ad hoc basis.
Job Description We are seeking a highly skilled DevOps Engineer with extensive knowledge in Identity and Access Management (IAM). Your primary role will be to streamline and automate the software development life cycle, fostering seamless collaboration, and delivering high-quality software products. You excel in complex environments, possess a keen problem-solving mindset, and are quick to adapt to new challenges. Your ability to bridge the gap between business and technology-driven queries makes you an indispensable asset to our team. Key Responsibilities Develop and deploy applications and services using Azure Pipelines on both Windows and Linux platforms. Utilize your programming expertise in HTML5, JavaScript, CSS, C#, and PowerShell. Leverage your in-depth knowledge of authentication technologies such as Kerberos, OIDC, SAML, ADFS, Azure, Multi-Factor Authentication, FIDO2, Security Keys, Passkeys, Single Sign-On, and Entra ID. Work with Azure DevOps, Entra Application Proxy, and manage a mixed on-premise and cloud-based environment. Experience with Identity Governance and Administration systems like (Quest) One Identity and/or Microsoft Identity Manager is a plus. Manage LDAP directories such as Active Directory, Red Hat Directory Server, and/or OpenLDAP is a plus. Core Duties Solution Development : Translate business requirements into effective solutions, leading to tangible improvements and enhanced user satisfaction. Continuous Improvement : Collaborate with team members to consistently enhance our authentication tools and processes. End-to-End Management : Oversee the entire development cycle from initial concept to testing, implementation, and ongoing support. Qualifications and Skills Educational Background : Bachelor's or Master's degree in a relevant field. Technical Proficiency : Senior-level experience with IAM technologies and tools mentioned above. Communication Skills : Excellent verbal and written communication skills in English. Competencies : Judgement & Decision Making Agility Complex Problem Solving Why Join Us? You will be part of a dedicated team that supports secure and user-friendly IAM solutions for a large user base. Your contributions will be crucial in maintaining and advancing our authentication services, ensuring that employees and partners have the right access to resources at the right time. We believe in the power of diverse perspectives and are eager to see what unique strengths you can bring to our team. Join us in our mission to innovate and enhance our IAM capabilities, making a meaningful impact on our organization's operations and risk management.
26/06/2024
Project-based
Job Description We are seeking a highly skilled DevOps Engineer with extensive knowledge in Identity and Access Management (IAM). Your primary role will be to streamline and automate the software development life cycle, fostering seamless collaboration, and delivering high-quality software products. You excel in complex environments, possess a keen problem-solving mindset, and are quick to adapt to new challenges. Your ability to bridge the gap between business and technology-driven queries makes you an indispensable asset to our team. Key Responsibilities Develop and deploy applications and services using Azure Pipelines on both Windows and Linux platforms. Utilize your programming expertise in HTML5, JavaScript, CSS, C#, and PowerShell. Leverage your in-depth knowledge of authentication technologies such as Kerberos, OIDC, SAML, ADFS, Azure, Multi-Factor Authentication, FIDO2, Security Keys, Passkeys, Single Sign-On, and Entra ID. Work with Azure DevOps, Entra Application Proxy, and manage a mixed on-premise and cloud-based environment. Experience with Identity Governance and Administration systems like (Quest) One Identity and/or Microsoft Identity Manager is a plus. Manage LDAP directories such as Active Directory, Red Hat Directory Server, and/or OpenLDAP is a plus. Core Duties Solution Development : Translate business requirements into effective solutions, leading to tangible improvements and enhanced user satisfaction. Continuous Improvement : Collaborate with team members to consistently enhance our authentication tools and processes. End-to-End Management : Oversee the entire development cycle from initial concept to testing, implementation, and ongoing support. Qualifications and Skills Educational Background : Bachelor's or Master's degree in a relevant field. Technical Proficiency : Senior-level experience with IAM technologies and tools mentioned above. Communication Skills : Excellent verbal and written communication skills in English. Competencies : Judgement & Decision Making Agility Complex Problem Solving Why Join Us? You will be part of a dedicated team that supports secure and user-friendly IAM solutions for a large user base. Your contributions will be crucial in maintaining and advancing our authentication services, ensuring that employees and partners have the right access to resources at the right time. We believe in the power of diverse perspectives and are eager to see what unique strengths you can bring to our team. Join us in our mission to innovate and enhance our IAM capabilities, making a meaningful impact on our organization's operations and risk management.
Quantity Surveyor (£55-60k plus benefits) - London based. TEKsystems are currently recruiting for a Quantity Surveyor to join a non-for-profit Utilities and Energy customer of ours based in London. Exciting and growing customer, backed by all the big players in the Energy and Governmant space. Description: Site Evaluation and Assessment: Conduct thorough evaluations of cost proposals. Ensure that the costs being proposed are suitable and proportionate in line with the approved design. This will mainly be a desktop exercise, however there may be a requirement to attend site from time to time. Design Optimization: Work closely with the Design Manager to ensure the design offers the most efficient layout that maximize available space, streamline equipment placement, and adhere to safety regulations. Provide input on design modifications based on your expertise in spatial planning. Procurement Management: Assist in the procurement process by validating material schedules, evaluating quotes from 3rd party suppliers, and ensuring the most appropriate selection of cost-effective and quality materials is being used. Budget Control: Monitor project expenditures against established budgets, identifying potential cost overruns or savings opportunities. Take proactive measures to manage costs while maintaining project quality and integrity. Risk Management: Identify potential risks associated with project execution and propose mitigation strategies to ensure successful outcomes. Ensure compliance with relevant codes, standards, and safety protocols. Documentation and Reporting: Maintain accurate and up-to-date project documentation, including progress reports, cost tracking, change orders, and relevant correspondence. Prepare regular status reports for project stakeholders. Collaboration and Communication: Foster effective communication and collaboration among project team members, contractors, regulatory authorities, and Energy Suppliers to ensure smooth project execution and timely issue resolution. Continuous Improvement: Stay updated on industry trends, technological advancements, and best practices related to meter room design and utility infrastructure. Identify opportunities for process improvement and contribute to the development of standardized procedures. Skills Cost analysis Cost estimate budget control continuous improvement health & safety management contract management vendor management spatial planning autocad Employee Value Proposition: Have the chance to work within a fascinating and developing organisation within the smart energy space and be at the forefront of the climate/green energy challenge. Work and learn from a group of highly professional and capable people, with a very positive and growing reputation. Have a wonderful opportunity to enhance your knowledge and experience within a growing business, learning new skills and overcoming challenges that you would not normally get an opportunity to be part of. Have access and be visible to Senior Management and a range of internal and external stakeholders including highly established Consultancies and the Managing Director If you are a Quantity Surveyor in this opportunity then please do apply within. Altnernatively you can email me directly. Quantity Surveyor (£55-60k plus benefits) - London based. Job Title: Quantity Surveyor Location: Holborn, UK Rate/Salary: .00 GBP Yearly Job Type: Permanent Trading as TEKsystems. Allegis Group Limited, Bracknell, RG12 1RT, United Kingdom. No Allegis Group Limited operates as an Employment Business and Employment Agency as set out in the Conduct of Employment Agencies and Employment Businesses Regulations 2003. TEKsystems is a company within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Aston Carter, EASi, Talentis Solutions, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands. If you apply, your personal data will be processed as described in the Allegis Group Online Privacy Notice available at our website. To access our Online Privacy Notice, which explains what information we may collect, use, share, and store about you, and describes your rights and choices about this, please go our website. We are part of a global network of companies and as a result, the personal data you provide will be shared within Allegis Group and transferred and processed outside the UK, Switzerland and European Economic Area subject to the protections described in the Allegis Group Online Privacy Notice. We store personal data in the UK, EEA, Switzerland and the USA. If you would like to exercise your privacy rights, please visit the "Contacting Us" section of our Online Privacy Notice on our website for details on how to contact us. To protect your privacy and security, we may take steps to verify your identity, such as a password and user ID if there is an account associated with your request, or identifying information such as your address or date of birth, before proceeding with your request. commitments under the UK Data Protection Act, EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield.
26/06/2024
Full time
Quantity Surveyor (£55-60k plus benefits) - London based. TEKsystems are currently recruiting for a Quantity Surveyor to join a non-for-profit Utilities and Energy customer of ours based in London. Exciting and growing customer, backed by all the big players in the Energy and Governmant space. Description: Site Evaluation and Assessment: Conduct thorough evaluations of cost proposals. Ensure that the costs being proposed are suitable and proportionate in line with the approved design. This will mainly be a desktop exercise, however there may be a requirement to attend site from time to time. Design Optimization: Work closely with the Design Manager to ensure the design offers the most efficient layout that maximize available space, streamline equipment placement, and adhere to safety regulations. Provide input on design modifications based on your expertise in spatial planning. Procurement Management: Assist in the procurement process by validating material schedules, evaluating quotes from 3rd party suppliers, and ensuring the most appropriate selection of cost-effective and quality materials is being used. Budget Control: Monitor project expenditures against established budgets, identifying potential cost overruns or savings opportunities. Take proactive measures to manage costs while maintaining project quality and integrity. Risk Management: Identify potential risks associated with project execution and propose mitigation strategies to ensure successful outcomes. Ensure compliance with relevant codes, standards, and safety protocols. Documentation and Reporting: Maintain accurate and up-to-date project documentation, including progress reports, cost tracking, change orders, and relevant correspondence. Prepare regular status reports for project stakeholders. Collaboration and Communication: Foster effective communication and collaboration among project team members, contractors, regulatory authorities, and Energy Suppliers to ensure smooth project execution and timely issue resolution. Continuous Improvement: Stay updated on industry trends, technological advancements, and best practices related to meter room design and utility infrastructure. Identify opportunities for process improvement and contribute to the development of standardized procedures. Skills Cost analysis Cost estimate budget control continuous improvement health & safety management contract management vendor management spatial planning autocad Employee Value Proposition: Have the chance to work within a fascinating and developing organisation within the smart energy space and be at the forefront of the climate/green energy challenge. Work and learn from a group of highly professional and capable people, with a very positive and growing reputation. Have a wonderful opportunity to enhance your knowledge and experience within a growing business, learning new skills and overcoming challenges that you would not normally get an opportunity to be part of. Have access and be visible to Senior Management and a range of internal and external stakeholders including highly established Consultancies and the Managing Director If you are a Quantity Surveyor in this opportunity then please do apply within. Altnernatively you can email me directly. Quantity Surveyor (£55-60k plus benefits) - London based. Job Title: Quantity Surveyor Location: Holborn, UK Rate/Salary: .00 GBP Yearly Job Type: Permanent Trading as TEKsystems. Allegis Group Limited, Bracknell, RG12 1RT, United Kingdom. No Allegis Group Limited operates as an Employment Business and Employment Agency as set out in the Conduct of Employment Agencies and Employment Businesses Regulations 2003. TEKsystems is a company within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Aston Carter, EASi, Talentis Solutions, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands. If you apply, your personal data will be processed as described in the Allegis Group Online Privacy Notice available at our website. To access our Online Privacy Notice, which explains what information we may collect, use, share, and store about you, and describes your rights and choices about this, please go our website. We are part of a global network of companies and as a result, the personal data you provide will be shared within Allegis Group and transferred and processed outside the UK, Switzerland and European Economic Area subject to the protections described in the Allegis Group Online Privacy Notice. We store personal data in the UK, EEA, Switzerland and the USA. If you would like to exercise your privacy rights, please visit the "Contacting Us" section of our Online Privacy Notice on our website for details on how to contact us. To protect your privacy and security, we may take steps to verify your identity, such as a password and user ID if there is an account associated with your request, or identifying information such as your address or date of birth, before proceeding with your request. commitments under the UK Data Protection Act, EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield.
Senior IT Infrastructure Manager (UK & North America) One of Europe leading food manufacturing and distributions companies with a global presence requires a Senior IT Infrastructure and Operations Manager to based out of its UK hub within Greater Bath area. This company has remained family owned and have significant operations in the UK, Europe and North America with ambitions growth plans. They have developed a range of products designed to 'enhance health and well-being' and support British food and farming and focus on using the best 'ethical and sustainably' sourced produce. The I&O Manager is a key member of the IT leadership team and contributes to the development and execution of the enterprise-wide IT strategy and is responsible for ensuring I&O strategy is fully aligned, positioning I&O to deliver compelling business value. This is the most senior role in the infrastructure and operations (I&O) function within IT, accountable for IT I&O throughout the organisation. The Senior Infrastructure Manager is responsible for the delivery of all IT infrastructure and related IT operations used to enable business capabilities and services across the enterprise including manufacturing and logistics technologies. This role reports to the VP, Information Technology and has line management responsibilities for a team of 10. Key responsibilities Sets the mission, vision, and strategy of the I&O organisation to maximise the success of business and IT enterprise initiatives. Introduces innovative, differentiating infrastructure and operations capabilities that enhance our overall competitive capabilities and enhance employee productivity. Works with the IT senior leadership team on the service portfolio and governance required to prioritise resources, including budget. Works with key stakeholders to measure and prioritise technical debt remediation. Builds successful stakeholder relationships with other IT and business key stakeholders by developing a clear understanding of business needs, acting as a trusted advisor, and ensuring cost-effective delivery of IT services to meet those needs. Creates and aligns an I&O value map by linking targeted business outcomes with the future- state business capabilities required to achieve them. Drives alignment of I&O strategies to the organization's environmental, social and governance Develops and controls the annual I&O budget to ensure that it's consistent with the overall strategic objectives of IT and the enterprise and is within Creates a culture of continuous cost optimisation. Defines, develops, and manages a comprehensive and integrated IT Service Management (ITSM) landscape, based on best-practice processes, disciplines, and related This includes delivery of a comprehensive IT asset management program. Collaborates with the Chief Information Security Officer (CISO) to ensure I&O contributes to, embraces, and applies security strategy. Operates a formal governance mechanism to establish and monitor effective controls for the processes and functions performed by I&O Supports periodic reviews by audit teams, compliance teams and other risk-related functions as required. Required skills Extensive IT Infrastructure experience, ideally within a multi-site/multi-branch environment with a Head Office (Manufacturing, Retail, Distribution, etc) A least 2 years of previous experience managing the day-to-day IT Operations of a medium to large customer-facing organisation. A proactive, hands-on all rounder who combines a highly technical skill set with the ability to lead technical teams. Significant experience of leading enterprise scale infrastructure transformation, including planning, designing and building solutions that are aligned to strategic objectives. Experience as a key contributor to a large-scale IT improvement program and knowledge of the associated challenges, is essential Exceptional leadership skills, with the ability to develop and communicate an I&O vision that inspires and motivates staff and aligns with the IT and business strategy Effective influencing and negotiation skills in complex environments where resources required for success may not be in direct control of this role Evangelising and implementing transformational initiatives where the target state included agile, DevOps, SRE, cloud adoption at scale. Consolidating operations capabilities in large, complex enterprise organisations to deliver improved efficiency, while balancing customer preferences for agility. Excellent analytical, strategic conceptual thinking, strategic planning, and execution skills Ability to build consensus, make decisions based on many variables, and gain support for major Self-starter who self-assesses and solicits feedback from others to improve their performance. Experience developing strategies to leverage fusion teams that embrace business technologists Strong business acumen, including industry, domain-specific knowledge of the enterprise and its business units Delivery of hybrid working excellence to improve customer and user experiences Developing staff including coaching, mentoring and performance management. Maximizing effectiveness of nearshore/offshore resource models This role offers a basic salary up to £90K with an additional car allowance/car, bonus, pension. Hybrid role: 3 days onsite in Greater Bath office. This is a fantastic opportunity to join a true industry leader in a position of real influence.
26/06/2024
Full time
Senior IT Infrastructure Manager (UK & North America) One of Europe leading food manufacturing and distributions companies with a global presence requires a Senior IT Infrastructure and Operations Manager to based out of its UK hub within Greater Bath area. This company has remained family owned and have significant operations in the UK, Europe and North America with ambitions growth plans. They have developed a range of products designed to 'enhance health and well-being' and support British food and farming and focus on using the best 'ethical and sustainably' sourced produce. The I&O Manager is a key member of the IT leadership team and contributes to the development and execution of the enterprise-wide IT strategy and is responsible for ensuring I&O strategy is fully aligned, positioning I&O to deliver compelling business value. This is the most senior role in the infrastructure and operations (I&O) function within IT, accountable for IT I&O throughout the organisation. The Senior Infrastructure Manager is responsible for the delivery of all IT infrastructure and related IT operations used to enable business capabilities and services across the enterprise including manufacturing and logistics technologies. This role reports to the VP, Information Technology and has line management responsibilities for a team of 10. Key responsibilities Sets the mission, vision, and strategy of the I&O organisation to maximise the success of business and IT enterprise initiatives. Introduces innovative, differentiating infrastructure and operations capabilities that enhance our overall competitive capabilities and enhance employee productivity. Works with the IT senior leadership team on the service portfolio and governance required to prioritise resources, including budget. Works with key stakeholders to measure and prioritise technical debt remediation. Builds successful stakeholder relationships with other IT and business key stakeholders by developing a clear understanding of business needs, acting as a trusted advisor, and ensuring cost-effective delivery of IT services to meet those needs. Creates and aligns an I&O value map by linking targeted business outcomes with the future- state business capabilities required to achieve them. Drives alignment of I&O strategies to the organization's environmental, social and governance Develops and controls the annual I&O budget to ensure that it's consistent with the overall strategic objectives of IT and the enterprise and is within Creates a culture of continuous cost optimisation. Defines, develops, and manages a comprehensive and integrated IT Service Management (ITSM) landscape, based on best-practice processes, disciplines, and related This includes delivery of a comprehensive IT asset management program. Collaborates with the Chief Information Security Officer (CISO) to ensure I&O contributes to, embraces, and applies security strategy. Operates a formal governance mechanism to establish and monitor effective controls for the processes and functions performed by I&O Supports periodic reviews by audit teams, compliance teams and other risk-related functions as required. Required skills Extensive IT Infrastructure experience, ideally within a multi-site/multi-branch environment with a Head Office (Manufacturing, Retail, Distribution, etc) A least 2 years of previous experience managing the day-to-day IT Operations of a medium to large customer-facing organisation. A proactive, hands-on all rounder who combines a highly technical skill set with the ability to lead technical teams. Significant experience of leading enterprise scale infrastructure transformation, including planning, designing and building solutions that are aligned to strategic objectives. Experience as a key contributor to a large-scale IT improvement program and knowledge of the associated challenges, is essential Exceptional leadership skills, with the ability to develop and communicate an I&O vision that inspires and motivates staff and aligns with the IT and business strategy Effective influencing and negotiation skills in complex environments where resources required for success may not be in direct control of this role Evangelising and implementing transformational initiatives where the target state included agile, DevOps, SRE, cloud adoption at scale. Consolidating operations capabilities in large, complex enterprise organisations to deliver improved efficiency, while balancing customer preferences for agility. Excellent analytical, strategic conceptual thinking, strategic planning, and execution skills Ability to build consensus, make decisions based on many variables, and gain support for major Self-starter who self-assesses and solicits feedback from others to improve their performance. Experience developing strategies to leverage fusion teams that embrace business technologists Strong business acumen, including industry, domain-specific knowledge of the enterprise and its business units Delivery of hybrid working excellence to improve customer and user experiences Developing staff including coaching, mentoring and performance management. Maximizing effectiveness of nearshore/offshore resource models This role offers a basic salary up to £90K with an additional car allowance/car, bonus, pension. Hybrid role: 3 days onsite in Greater Bath office. This is a fantastic opportunity to join a true industry leader in a position of real influence.
Infrastructure Manager - Onsite We are delighted to partner with a global organisation based in the Ellesmere Port area to join their team on a permanent basis with an initial requirement to help guide their Infrastructure team throughout a period of change. You will be managing the day to day onsite operational support engineering team which has around 10 team members, spread across 3 sites in the UK. Travel to all 3 sites will be required. Role responsibilities: Manage and maintain IT security policies and procedures. Review weekly performance, analyse and identify trends and record/monitor improvements and risks. Assist in the supervision of the correct use of the IT systems in the sites and cooperate in the creation of user and best practice guides. Supervise the maintenance and upgrading of operating systems, commercial and proprietary software. Together with the Group Head of IT Infrastructure maintain hardware, software, networks, IT communication and cybersecurity policies. Resolve and coordinate incidents affecting the systems. Assist the Group's Head of IT infrastructures in planning and coordinating the activities, technical and material resources and supporting staff regarding operating systems, database management systems, ERP, standard office and mail software and communications. Manage supplier relations and support contracts. Design training and development plans for the infrastructure team and perform personnel appraisals. Manage Infrastructure IT Projects Proactively deal with internal customer queries. Skills required: Experience in people management Experience in managing IT Projects Experience in IT infrastructure support and end user's support IT Security Communications and networks experience Excellent communication skills Infrastructure Manager - Onsite Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
26/06/2024
Full time
Infrastructure Manager - Onsite We are delighted to partner with a global organisation based in the Ellesmere Port area to join their team on a permanent basis with an initial requirement to help guide their Infrastructure team throughout a period of change. You will be managing the day to day onsite operational support engineering team which has around 10 team members, spread across 3 sites in the UK. Travel to all 3 sites will be required. Role responsibilities: Manage and maintain IT security policies and procedures. Review weekly performance, analyse and identify trends and record/monitor improvements and risks. Assist in the supervision of the correct use of the IT systems in the sites and cooperate in the creation of user and best practice guides. Supervise the maintenance and upgrading of operating systems, commercial and proprietary software. Together with the Group Head of IT Infrastructure maintain hardware, software, networks, IT communication and cybersecurity policies. Resolve and coordinate incidents affecting the systems. Assist the Group's Head of IT infrastructures in planning and coordinating the activities, technical and material resources and supporting staff regarding operating systems, database management systems, ERP, standard office and mail software and communications. Manage supplier relations and support contracts. Design training and development plans for the infrastructure team and perform personnel appraisals. Manage Infrastructure IT Projects Proactively deal with internal customer queries. Skills required: Experience in people management Experience in managing IT Projects Experience in IT infrastructure support and end user's support IT Security Communications and networks experience Excellent communication skills Infrastructure Manager - Onsite Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Manager. Candidate will be responsible for leading the Governance, Risk Compliance (GRC) team and the programs within the group. The position is hands-on personnel and program manager role and performs key risk management functions within the Security Governance department. Primary functions include management of client responses, Policy & Standards, Security Vendor Risk program management, Security Awareness, Controls Assurance, Compliance Management, and GRC tool management. Responsibilities: Program management: Lead the GRC program roadmap, status reporting on initiatives, metrics, and delivery of the program services. Policy management: Lead in the creation and maintenance of security policies, standards, processes, and guidelines. Evaluate exception requests and make approval recommendations to management. Security training and awareness: Lead and mature the security awareness and phishing program. This includes roadmap development, plan, coordinate, measure, and evaluate cyber training/education courses, methods, and techniques based on instructional needs. Program assessments: Manage and support the 3rd Party Security Vendor Risk Management program, management of SOC2 reporting and ISO27001 certification, and assessments or security requests from clients. Risk management: Manage control testing, issues management (findings, remediation plans, and exception requests), risk register and reporting. Governance: Analyze and stay current with regulations that impact information security/privacy program. Qualifications: Bachelor's degree is highly preferred Seven (7) + years of direct experience (Information Security/Governance) is required. Four (4) + years of Information Security experience required. Candidates containing hands on technical experience are preferred. Four (4) + years of management experience required. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC2, SIG are required. Strong knowledge of risk management principles and practices is required. Technical writing experience is required. Business Intelligence/Analytics (Qlik, Tableau, PowerBI) is preferred. Prior IT Security experience in the legal industry experience is preferred. Experience with instructional content, educational writing, and technical writing strongly preferred. Three (3) + years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Ability to perform as primary Security Subject Matter Expert (SSME) in a senior or lead capacity. Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm's security program and controls. Ability to communicate an effective security awareness message throughout the organization. Demonstrate ability to create and maintain security policy, standard, guideline, and procedure documents. Demonstrate ability to effectively communicate deeply technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users Additional skills mapped to Knowledge, Skills, and Abilities (KSAs) based on NIST SP 800-181. Technologies/Software Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Strong knowledge of Access/Identity Management technologies. Strong knowledge of BI/Analytics tools. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
25/06/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Manager. Candidate will be responsible for leading the Governance, Risk Compliance (GRC) team and the programs within the group. The position is hands-on personnel and program manager role and performs key risk management functions within the Security Governance department. Primary functions include management of client responses, Policy & Standards, Security Vendor Risk program management, Security Awareness, Controls Assurance, Compliance Management, and GRC tool management. Responsibilities: Program management: Lead the GRC program roadmap, status reporting on initiatives, metrics, and delivery of the program services. Policy management: Lead in the creation and maintenance of security policies, standards, processes, and guidelines. Evaluate exception requests and make approval recommendations to management. Security training and awareness: Lead and mature the security awareness and phishing program. This includes roadmap development, plan, coordinate, measure, and evaluate cyber training/education courses, methods, and techniques based on instructional needs. Program assessments: Manage and support the 3rd Party Security Vendor Risk Management program, management of SOC2 reporting and ISO27001 certification, and assessments or security requests from clients. Risk management: Manage control testing, issues management (findings, remediation plans, and exception requests), risk register and reporting. Governance: Analyze and stay current with regulations that impact information security/privacy program. Qualifications: Bachelor's degree is highly preferred Seven (7) + years of direct experience (Information Security/Governance) is required. Four (4) + years of Information Security experience required. Candidates containing hands on technical experience are preferred. Four (4) + years of management experience required. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC2, SIG are required. Strong knowledge of risk management principles and practices is required. Technical writing experience is required. Business Intelligence/Analytics (Qlik, Tableau, PowerBI) is preferred. Prior IT Security experience in the legal industry experience is preferred. Experience with instructional content, educational writing, and technical writing strongly preferred. Three (3) + years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Ability to perform as primary Security Subject Matter Expert (SSME) in a senior or lead capacity. Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm's security program and controls. Ability to communicate an effective security awareness message throughout the organization. Demonstrate ability to create and maintain security policy, standard, guideline, and procedure documents. Demonstrate ability to effectively communicate deeply technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users Additional skills mapped to Knowledge, Skills, and Abilities (KSAs) based on NIST SP 800-181. Technologies/Software Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Strong knowledge of Access/Identity Management technologies. Strong knowledge of BI/Analytics tools. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for an IT Security/GRC Manager. This manager will be a hands-on manager in enterprise GRC for applications, Infrastructure, 3rd party security, vendor risk management, and program management. This manager will manage a team of 2-4 individuals. This role will require experience with SOC2 reporting, ISO27001, NIST, technical writing, etc. Responsibilities: Lead the GRC program roadmap, status reporting on initiatives, metrics, and delivery of the program services. Lead in the creation and maintenance of security policies, standards, processes, and guidelines. Evaluate exception requests and make approval recommendations to management. Lead and mature the security awareness and phishing program. This includes roadmap development, plan, coordinate, measure, and evaluate cyber training/education courses, methods, and techniques based on instructional needs. Manage and support the 3rd Party Security Vendor Risk Management program, management of SOC2 reporting and ISO27001 certification, and assessments or security requests from clients. Manage control testing, issues management (findings, remediation plans, and exception requests), risk register and reporting. Analyze and stay current with regulations that impact information security/privacy program. Qualifications Bachelor's degree Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Seven (7) + years of direct experience (Information Security/Governance) Four (4) + years of Information Security experience required. Candidates containing hands on technical experience. Four (4) + years of management experience required. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC2, SIG are required. Strong knowledge of risk management principles and practices is required. Technical writing experience is required. Business Intelligence/Analytics (Qlik, Tableau, PowerBI) is preferred. Experience with instructional content, educational writing, and technical writing strongly preferred. Governance, Risk, and Compliance (GRC) tool management is preferred. Ability to perform as primary Security Subject Matter Expert (SSME) in a senior or lead capacity. Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Demonstrate ability to effectively communicate deeply technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users Additional skills mapped to Knowledge, Skills, and Abilities (KSAs) based on NIST SP 800-181. Technologies/Software Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Strong knowledge of Access/Identity Management technologies. Strong knowledge of BI/Analytics tools. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions.
25/06/2024
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for an IT Security/GRC Manager. This manager will be a hands-on manager in enterprise GRC for applications, Infrastructure, 3rd party security, vendor risk management, and program management. This manager will manage a team of 2-4 individuals. This role will require experience with SOC2 reporting, ISO27001, NIST, technical writing, etc. Responsibilities: Lead the GRC program roadmap, status reporting on initiatives, metrics, and delivery of the program services. Lead in the creation and maintenance of security policies, standards, processes, and guidelines. Evaluate exception requests and make approval recommendations to management. Lead and mature the security awareness and phishing program. This includes roadmap development, plan, coordinate, measure, and evaluate cyber training/education courses, methods, and techniques based on instructional needs. Manage and support the 3rd Party Security Vendor Risk Management program, management of SOC2 reporting and ISO27001 certification, and assessments or security requests from clients. Manage control testing, issues management (findings, remediation plans, and exception requests), risk register and reporting. Analyze and stay current with regulations that impact information security/privacy program. Qualifications Bachelor's degree Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Seven (7) + years of direct experience (Information Security/Governance) Four (4) + years of Information Security experience required. Candidates containing hands on technical experience. Four (4) + years of management experience required. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC2, SIG are required. Strong knowledge of risk management principles and practices is required. Technical writing experience is required. Business Intelligence/Analytics (Qlik, Tableau, PowerBI) is preferred. Experience with instructional content, educational writing, and technical writing strongly preferred. Governance, Risk, and Compliance (GRC) tool management is preferred. Ability to perform as primary Security Subject Matter Expert (SSME) in a senior or lead capacity. Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Demonstrate ability to effectively communicate deeply technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users Additional skills mapped to Knowledge, Skills, and Abilities (KSAs) based on NIST SP 800-181. Technologies/Software Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Strong knowledge of Access/Identity Management technologies. Strong knowledge of BI/Analytics tools. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions.
Office 365 Infrastructure Security Engineer - Azure, Security, O365, McAfee EPO My client are a Global Manufacturing company who are looking for a Office 365 Security Infrastructure Engineer. This role you will work closely with the European Network and Security Manager working on O365 and Azure. The company is looking for someone looking to progress from day to day 1st/2nd line support into the security side of the business and build on an existing information security program as well as ongoing security projects that address information security risks and compliance requirements. Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information. You will need to have ideally worked within a global business and dealt with dealing with Infrastructure Security on a 5000+ users scale. This is a hybird role onsite 2-3 days a week onsite in London and Harlow. Key Skills MS Azure Security MS Office 365 Security McAFee EPO experience Security Firewalls Active Directory
25/06/2024
Full time
Office 365 Infrastructure Security Engineer - Azure, Security, O365, McAfee EPO My client are a Global Manufacturing company who are looking for a Office 365 Security Infrastructure Engineer. This role you will work closely with the European Network and Security Manager working on O365 and Azure. The company is looking for someone looking to progress from day to day 1st/2nd line support into the security side of the business and build on an existing information security program as well as ongoing security projects that address information security risks and compliance requirements. Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information. You will need to have ideally worked within a global business and dealt with dealing with Infrastructure Security on a 5000+ users scale. This is a hybird role onsite 2-3 days a week onsite in London and Harlow. Key Skills MS Azure Security MS Office 365 Security McAFee EPO experience Security Firewalls Active Directory
ARM (Advanced Resource Managers)
Reading, Berkshire
Senior Information Systems Security Specialist Reading Salary between £60,000 - £80,000 (DOE) ARM has partnered with a client who is looking for an experienced Senior Information Systems Security Specialist to be based out of their site in Reading. As the Senior Information Systems Security Specialist, you'll be responsible for providing specialist information security oversight, advice, and guidance to projects and functions on all aspects of information security. Please Note - Due to the nature of the work/project candidates must be eligible to obtain SC-level Security clearance, please only apply if suitable. Responsibilities: * Provide the lead for maintaining awareness of HMG, MoD, and industry best practices in Information Assurance and Information Risk Management. * Provide expert subject matter advice to CISO and other elements of the IS management chain. * Develop and apply the overall security architecture of the organization and the place within in it of key security controls. * Oversee IT Health Checks and Vulnerability Assessments by approving the scope of tests and overall testing programme. * Review high- and low-level solution designs for compliance with overall security architecture, achievement of security requirements and the overall efficacy of the security features and tools. * Providing technical risk assessment analysis. * Advising managers on the appropriate level of risk tolerance. * Develop the professionalism of Information Risk Management. * Attending project Security Working Groups and managing them when appropriate Experience required: * Certified Information Systems Security Professional (CISSP) or equivalent. * CESG Certified Professional (CCP) SIRA, Accreditor or IA Architect or equivalent certification. * Previous experience using appropriate methodologies to identify, assess, and manage information risk. * Have experience as an ISO 27001 Lead Auditor or Lead Implementer or similar - desirable * Hold MInstISP or equivalent certification- Desirable. To apply please send a copy of your CV to Matthew Brindley Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
25/06/2024
Full time
Senior Information Systems Security Specialist Reading Salary between £60,000 - £80,000 (DOE) ARM has partnered with a client who is looking for an experienced Senior Information Systems Security Specialist to be based out of their site in Reading. As the Senior Information Systems Security Specialist, you'll be responsible for providing specialist information security oversight, advice, and guidance to projects and functions on all aspects of information security. Please Note - Due to the nature of the work/project candidates must be eligible to obtain SC-level Security clearance, please only apply if suitable. Responsibilities: * Provide the lead for maintaining awareness of HMG, MoD, and industry best practices in Information Assurance and Information Risk Management. * Provide expert subject matter advice to CISO and other elements of the IS management chain. * Develop and apply the overall security architecture of the organization and the place within in it of key security controls. * Oversee IT Health Checks and Vulnerability Assessments by approving the scope of tests and overall testing programme. * Review high- and low-level solution designs for compliance with overall security architecture, achievement of security requirements and the overall efficacy of the security features and tools. * Providing technical risk assessment analysis. * Advising managers on the appropriate level of risk tolerance. * Develop the professionalism of Information Risk Management. * Attending project Security Working Groups and managing them when appropriate Experience required: * Certified Information Systems Security Professional (CISSP) or equivalent. * CESG Certified Professional (CCP) SIRA, Accreditor or IA Architect or equivalent certification. * Previous experience using appropriate methodologies to identify, assess, and manage information risk. * Have experience as an ISO 27001 Lead Auditor or Lead Implementer or similar - desirable * Hold MInstISP or equivalent certification- Desirable. To apply please send a copy of your CV to Matthew Brindley Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
Vulnerability Assessment Manager VA Manager/Attack Surface Reduction Manager is required for this financial based in Buckinghamshire x2 days a week in office, x3 remote. You will be experienced in vulnerability management tools and their implementation, vulnerability risk management as well as an eye for detail and structure. You will play a critical role in proactively identifying and mitigating potential unauthorized access, data breaches, and other security incidents. £80 - 95,000 Hybrid working. Buckinghamshire based x2 days a week, x3 remote working available. You will have an Infrastructure background, which might include Sys Admin, Service Desk, Infra Engineering then moved in to the Vulnerability Management arena. This role requires solid communication skills, where you could be liaising at all levels, including the CISO. You will: Manage Deliverables which are closely coordinated with and integrated across all UK CISO functions for strategy development, continuous learning and awareness, reporting, innovation, service development and business/3rd party engagement. Delivering solutions to reduce the attach surface of UK assets from analysis of cyber metrics. Reporting of detailed findings, exploitation procedures and mitigation techniques and to effectively communicate with stakeholders. Ensuring continuous operations for core capabilities: threat identification and monitoring, vulnerability life cycle, critical vulnerability triage, risk reporting, and consultation on mitigation. Analysing cyber metrics to identify, prioritise and remediate root cause to reduce attach surface. You will bring: Experience in application vulnerability assessment and management, able to accurately assess the potential impacts of security flaws and involve technical teams accordingly. Understanding vulnerability analysis in the context of the most common infrastructure models (on-prem DC infrastructure & DMZ, cloud IaaS/PaaS, Enterprise SaaS.) Knowledge of common vulnerabilities and exposures (CVEs), common attack vectors, and security best practices. Ability to design and execute scenario-based tests tailored to the firm's infrastructure and practices. Project management (technical) experience preferably within cyber security.
25/06/2024
Full time
Vulnerability Assessment Manager VA Manager/Attack Surface Reduction Manager is required for this financial based in Buckinghamshire x2 days a week in office, x3 remote. You will be experienced in vulnerability management tools and their implementation, vulnerability risk management as well as an eye for detail and structure. You will play a critical role in proactively identifying and mitigating potential unauthorized access, data breaches, and other security incidents. £80 - 95,000 Hybrid working. Buckinghamshire based x2 days a week, x3 remote working available. You will have an Infrastructure background, which might include Sys Admin, Service Desk, Infra Engineering then moved in to the Vulnerability Management arena. This role requires solid communication skills, where you could be liaising at all levels, including the CISO. You will: Manage Deliverables which are closely coordinated with and integrated across all UK CISO functions for strategy development, continuous learning and awareness, reporting, innovation, service development and business/3rd party engagement. Delivering solutions to reduce the attach surface of UK assets from analysis of cyber metrics. Reporting of detailed findings, exploitation procedures and mitigation techniques and to effectively communicate with stakeholders. Ensuring continuous operations for core capabilities: threat identification and monitoring, vulnerability life cycle, critical vulnerability triage, risk reporting, and consultation on mitigation. Analysing cyber metrics to identify, prioritise and remediate root cause to reduce attach surface. You will bring: Experience in application vulnerability assessment and management, able to accurately assess the potential impacts of security flaws and involve technical teams accordingly. Understanding vulnerability analysis in the context of the most common infrastructure models (on-prem DC infrastructure & DMZ, cloud IaaS/PaaS, Enterprise SaaS.) Knowledge of common vulnerabilities and exposures (CVEs), common attack vectors, and security best practices. Ability to design and execute scenario-based tests tailored to the firm's infrastructure and practices. Project management (technical) experience preferably within cyber security.
Key Responsibilities: Define Penetration Test Strategy Support the development of security testing within the Hardware in The Loop, (HiLs), test rigs supporting Product Engineering to develop further capability in this area Governance and Assurance of the 1LoD Pen Testing Squad within DPP in line with Regulations and Vehicle Type Approval Build and Run a Certified Forensic Pen Test Lab Develop cutting edge Vulnerability and Pen Test Techniques which can be flowed into the 1LoD Pen Test Service and HiLS and ViLS functional testing Work with Management to ensure information security risk findings are reviewed and solutions are implemented, and risks are properly managed Monitor and measure company compliance with its Security Penetration Policies and Procedures as well as worldwide standards and laws to ensure organizational compliance Lead and build an Automotive Certified Forensic Pen Test Lab Development of common attacks and vulnerabilities to develop Penetration Testing scopes for ECUs, Vehicle and Connected Offboard Systems Uses threat intelligence such as updated rules and Indicators of Compromise (IOCs) to pinpoint affected systems and revision of Penetration Testing scope Your Profile Key skills/knowledge/experience: Proven Penetration Testing experience and track record of delivery in a field relevant to the role, eg In-Vehicle Network, (CAN, FLexray etc.), Embedded systems security, threats and attacks within Infotainment, Telematics, Power Train etc. Good experience in EMBEDDED AUTOMOTIVE SECURITY PEN TESTING Experience of security assessment and Penetration Testing Tools within Vehicle Electrical Architecture and external interfaces such as Bluetooth, WiFi, Mobile Communications, etc. Technical understanding of Automotive cyber security controls at both ECU and Vehicle level Previous experience of Autosar Architecture, RTE integration and SecOC Knowledge of ASpice, ISO21434, R155, R156, R157 Good understanding of automotive communication busses (CAN and Ethernet mandatory, Flexray and LIN desirable) Git experience required
25/06/2024
Full time
Key Responsibilities: Define Penetration Test Strategy Support the development of security testing within the Hardware in The Loop, (HiLs), test rigs supporting Product Engineering to develop further capability in this area Governance and Assurance of the 1LoD Pen Testing Squad within DPP in line with Regulations and Vehicle Type Approval Build and Run a Certified Forensic Pen Test Lab Develop cutting edge Vulnerability and Pen Test Techniques which can be flowed into the 1LoD Pen Test Service and HiLS and ViLS functional testing Work with Management to ensure information security risk findings are reviewed and solutions are implemented, and risks are properly managed Monitor and measure company compliance with its Security Penetration Policies and Procedures as well as worldwide standards and laws to ensure organizational compliance Lead and build an Automotive Certified Forensic Pen Test Lab Development of common attacks and vulnerabilities to develop Penetration Testing scopes for ECUs, Vehicle and Connected Offboard Systems Uses threat intelligence such as updated rules and Indicators of Compromise (IOCs) to pinpoint affected systems and revision of Penetration Testing scope Your Profile Key skills/knowledge/experience: Proven Penetration Testing experience and track record of delivery in a field relevant to the role, eg In-Vehicle Network, (CAN, FLexray etc.), Embedded systems security, threats and attacks within Infotainment, Telematics, Power Train etc. Good experience in EMBEDDED AUTOMOTIVE SECURITY PEN TESTING Experience of security assessment and Penetration Testing Tools within Vehicle Electrical Architecture and external interfaces such as Bluetooth, WiFi, Mobile Communications, etc. Technical understanding of Automotive cyber security controls at both ECU and Vehicle level Previous experience of Autosar Architecture, RTE integration and SecOC Knowledge of ASpice, ISO21434, R155, R156, R157 Good understanding of automotive communication busses (CAN and Ethernet mandatory, Flexray and LIN desirable) Git experience required
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for an IT Security/GRC Manager. This manager will be a hands-on manager in enterprise GRC for applications, Infrastructure, 3rd party security, vendor risk management, and program management. This manager will manage a team of 2-4 individuals. This role will require experience with SOC2 reporting, ISO27001, NIST, technical writing, etc. Responsibilities: Lead the GRC program roadmap, status reporting on initiatives, metrics, and delivery of the program services. Lead in the creation and maintenance of security policies, standards, processes, and guidelines. Evaluate exception requests and make approval recommendations to management. Lead and mature the security awareness and phishing program. This includes roadmap development, plan, coordinate, measure, and evaluate cyber training/education courses, methods, and techniques based on instructional needs. Manage and support the 3rd Party Security Vendor Risk Management program, management of SOC2 reporting and ISO27001 certification, and assessments or security requests from clients. Manage control testing, issues management (findings, remediation plans, and exception requests), risk register and reporting. Analyze and stay current with regulations that impact information security/privacy program. Qualifications Bachelor's degree Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Seven (7) + years of direct experience (Information Security/Governance) Four (4) + years of Information Security experience required. Candidates containing hands on technical experience. Four (4) + years of management experience required. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC2, SIG are required. Strong knowledge of risk management principles and practices is required. Technical writing experience is required. Business Intelligence/Analytics (Qlik, Tableau, PowerBI) is preferred. Experience with instructional content, educational writing, and technical writing strongly preferred. Governance, Risk, and Compliance (GRC) tool management is preferred. Ability to perform as primary Security Subject Matter Expert (SSME) in a senior or lead capacity. Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Demonstrate ability to effectively communicate deeply technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users Additional skills mapped to Knowledge, Skills, and Abilities (KSAs) based on NIST SP 800-181. Technologies/Software Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Strong knowledge of Access/Identity Management technologies. Strong knowledge of BI/Analytics tools. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions.
24/06/2024
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for an IT Security/GRC Manager. This manager will be a hands-on manager in enterprise GRC for applications, Infrastructure, 3rd party security, vendor risk management, and program management. This manager will manage a team of 2-4 individuals. This role will require experience with SOC2 reporting, ISO27001, NIST, technical writing, etc. Responsibilities: Lead the GRC program roadmap, status reporting on initiatives, metrics, and delivery of the program services. Lead in the creation and maintenance of security policies, standards, processes, and guidelines. Evaluate exception requests and make approval recommendations to management. Lead and mature the security awareness and phishing program. This includes roadmap development, plan, coordinate, measure, and evaluate cyber training/education courses, methods, and techniques based on instructional needs. Manage and support the 3rd Party Security Vendor Risk Management program, management of SOC2 reporting and ISO27001 certification, and assessments or security requests from clients. Manage control testing, issues management (findings, remediation plans, and exception requests), risk register and reporting. Analyze and stay current with regulations that impact information security/privacy program. Qualifications Bachelor's degree Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Seven (7) + years of direct experience (Information Security/Governance) Four (4) + years of Information Security experience required. Candidates containing hands on technical experience. Four (4) + years of management experience required. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC2, SIG are required. Strong knowledge of risk management principles and practices is required. Technical writing experience is required. Business Intelligence/Analytics (Qlik, Tableau, PowerBI) is preferred. Experience with instructional content, educational writing, and technical writing strongly preferred. Governance, Risk, and Compliance (GRC) tool management is preferred. Ability to perform as primary Security Subject Matter Expert (SSME) in a senior or lead capacity. Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Demonstrate ability to effectively communicate deeply technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users Additional skills mapped to Knowledge, Skills, and Abilities (KSAs) based on NIST SP 800-181. Technologies/Software Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Strong knowledge of Access/Identity Management technologies. Strong knowledge of BI/Analytics tools. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions.
Position: Senior Security Manager Location: Hybrid + UK Travel Are you a dynamic leader with a passion for security? We're seeking a Senior Security Manager to oversee and elevate our security operations across multiple UK sites. Key Responsibilities: Lead and manage a security team ensuring compliance with HMG Security Policy Framework. Oversee personnel security management, vetting, and visitor protocols. Conduct and manage security risk assessments, threat detection, and vulnerability management. Develop and maintain a robust security culture with regular reports and metrics. Implement an effective incident management system and lead investigations. Ensure compliance with cryptography account management and security policies. Collaborate with commercial and supply chain teams for comprehensive security audits. Candidate Requirements: Proven leadership in matrixed environments with strong influencing skills. Extensive experience in UK Defence sector compliance and security management. Proficiency in HMG Security Policy Framework, FSC, IPSA, and IVCO procedures. Strong analytical skills and ability to develop performance metrics. Degree in Business Management or equivalent, SC security clearance eligible. Standard Benefits: 25 days of annual leave (rising to 27 days) plus public holidays Company contributes up to 10.5% to your pension 6 times salary 'Life Assurance' Flexible Benefits package Performance-based Bonus scheme Enhanced policies for family support Standard 37-hour workweek with early finish on Fridays and a Hybrid Working Model Ready to make a significant impact? Apply now and safeguard our future!
24/06/2024
Full time
Position: Senior Security Manager Location: Hybrid + UK Travel Are you a dynamic leader with a passion for security? We're seeking a Senior Security Manager to oversee and elevate our security operations across multiple UK sites. Key Responsibilities: Lead and manage a security team ensuring compliance with HMG Security Policy Framework. Oversee personnel security management, vetting, and visitor protocols. Conduct and manage security risk assessments, threat detection, and vulnerability management. Develop and maintain a robust security culture with regular reports and metrics. Implement an effective incident management system and lead investigations. Ensure compliance with cryptography account management and security policies. Collaborate with commercial and supply chain teams for comprehensive security audits. Candidate Requirements: Proven leadership in matrixed environments with strong influencing skills. Extensive experience in UK Defence sector compliance and security management. Proficiency in HMG Security Policy Framework, FSC, IPSA, and IVCO procedures. Strong analytical skills and ability to develop performance metrics. Degree in Business Management or equivalent, SC security clearance eligible. Standard Benefits: 25 days of annual leave (rising to 27 days) plus public holidays Company contributes up to 10.5% to your pension 6 times salary 'Life Assurance' Flexible Benefits package Performance-based Bonus scheme Enhanced policies for family support Standard 37-hour workweek with early finish on Fridays and a Hybrid Working Model Ready to make a significant impact? Apply now and safeguard our future!
*We are unable to sponsor as this is a permanent Full time role* *Hybrid 3 days onsite 2 days remote* A prestigious company is looking for an IT Security GRC Specialist. This specialist will be the SME for information security GRC and will perform key risk management functions within the security governance department. They will do 3rd party vendor risk management and internal risk management. Experience with frameworks ISO 27001, NIST, SOC, SIG is required. Responsibilities: Management of process improvement, control maturity, and communication of risk throughout assigned GRC service activities. Level II responsibilities include incorporating ISO 27001 principles for continuous improvement throughout all services and support activities. Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. This service also provides contract review for security requirements. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Exception management, processing and tracking requests for exception to security controls. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Ensures security awareness training is aligned, defined, and executed. Evaluation of cyber training/education courses and methods based on instructional needs. Administration of the GRC technology platforms. Qualifications Bachelor's degree or five (5) years of work experience in IT Security is required. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required. Technical writing experience is required. Experience with instructional content educational writing strongly preferred. Strong knowledge of risk management principles and practices are required. Strong knowledge of security administration and role-based security controls are required. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Interview, gather, and understand content from subject-matter experts. Maintain accurate records and manage client security and risk requests. Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm's security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline, and procedure documents. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
21/06/2024
Full time
*We are unable to sponsor as this is a permanent Full time role* *Hybrid 3 days onsite 2 days remote* A prestigious company is looking for an IT Security GRC Specialist. This specialist will be the SME for information security GRC and will perform key risk management functions within the security governance department. They will do 3rd party vendor risk management and internal risk management. Experience with frameworks ISO 27001, NIST, SOC, SIG is required. Responsibilities: Management of process improvement, control maturity, and communication of risk throughout assigned GRC service activities. Level II responsibilities include incorporating ISO 27001 principles for continuous improvement throughout all services and support activities. Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. This service also provides contract review for security requirements. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Exception management, processing and tracking requests for exception to security controls. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Ensures security awareness training is aligned, defined, and executed. Evaluation of cyber training/education courses and methods based on instructional needs. Administration of the GRC technology platforms. Qualifications Bachelor's degree or five (5) years of work experience in IT Security is required. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required. Technical writing experience is required. Experience with instructional content educational writing strongly preferred. Strong knowledge of risk management principles and practices are required. Strong knowledge of security administration and role-based security controls are required. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Interview, gather, and understand content from subject-matter experts. Maintain accurate records and manage client security and risk requests. Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm's security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline, and procedure documents. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
Ops Engineer | Long-Term Project | Financial Enterprise We are seeking an ops engineer to join our dynamic team and environemnt who can play an instrumental role in ensuring the relaibility and efficiency of our applications - your technical skills and financial knowledge will be key in helping us achieve our goal! Whether you start your day in our office garden, fro the comforts of your own home, your contribitions will be significant. Your Daily Responsibilities: Incident and Problem Management : Conduct root cause analysis to identify the underlying cause of failures and implement permanent solutions. This involves direct communication with users (Traders, Credit/Market Risk Managers) across various locations including Amsterdam, London, Brussels, New York, and Singapore. Level-2 Support : Provide second-level support for deploying and operating applications/stacks in production, which includes participating in an on-call rotation. Automation : Identify opportunities to automate testing of features, performance, security, and deployment processes. This is a crucial responsibility for Operations Engineers. Data Improvement : Reconfigure and optimize new and existing products, reports, and processes. Technical Understanding : Comprehend the full technology stack of the application and its role in the overall system. Tooling and Scripting : Develop, improve, and maintain tools and scripts to automate repetitive or error-prone tasks, utilizing appropriate event alerts. Functional Testing and Change Management : Perform functional testing and manage changes to ensure safe transitions from test to acceptance and production environments. Travel : Occasional travel abroad, specifically to Brussels. What You'll Bring to the Team: Experience : Financial knowledge of interest rate and FX derivatives valuation and market risk modelling (eg, Greeks and VaR). Experience in functional incident management for Front Office pricing applications within the Financial Markets domain. Proficiency in supporting end users, enriching Back End databases with new products, reports, and scheduled tasks. Technical Skills and Knowledge: Mandatory : Advanced knowledge of MS SQL Server and Transact-SQL. Deep understanding of interest rate derivatives valuation. Customer-focused with a strong inclination towards identifying and resolving root causes of incidents to enhance customer experience. Familiarity with tools like ServiceNow, Confluence, and Fortify. Strong team player with cross-functional capabilities, comfortable interacting with people at all levels in a multicultural environment. Proactive and responsive to others' needs. Nice to Have : Experience or familiarity with IT risk (SOx, vulnerability management) and security concepts (protocols, certificates, etc.). Proficiency in English (advanced level). Bachelor's or Master's degree with a strong analytical background in Computer Science, Cybernetics, Software Engineering, Financial Engineering, or a related field. About Levy Professionals Since 2000 we provide professional solutions to organizations ranging from tech start-ups to global players. From our offices in Amsterdam and London we have built an international and local network of skilled employed professionals and contractors fuelled by our passion for connecting skills with projects. Over the years we have fulfilled over 1700 requirements and nowadays we consistently have 250+ professionals recruited and relocated from 14 countries allocated to various projects. Our strength is the way that we see and treat people. This will always be a key factor in our strategy for many years to come.
21/06/2024
Project-based
Ops Engineer | Long-Term Project | Financial Enterprise We are seeking an ops engineer to join our dynamic team and environemnt who can play an instrumental role in ensuring the relaibility and efficiency of our applications - your technical skills and financial knowledge will be key in helping us achieve our goal! Whether you start your day in our office garden, fro the comforts of your own home, your contribitions will be significant. Your Daily Responsibilities: Incident and Problem Management : Conduct root cause analysis to identify the underlying cause of failures and implement permanent solutions. This involves direct communication with users (Traders, Credit/Market Risk Managers) across various locations including Amsterdam, London, Brussels, New York, and Singapore. Level-2 Support : Provide second-level support for deploying and operating applications/stacks in production, which includes participating in an on-call rotation. Automation : Identify opportunities to automate testing of features, performance, security, and deployment processes. This is a crucial responsibility for Operations Engineers. Data Improvement : Reconfigure and optimize new and existing products, reports, and processes. Technical Understanding : Comprehend the full technology stack of the application and its role in the overall system. Tooling and Scripting : Develop, improve, and maintain tools and scripts to automate repetitive or error-prone tasks, utilizing appropriate event alerts. Functional Testing and Change Management : Perform functional testing and manage changes to ensure safe transitions from test to acceptance and production environments. Travel : Occasional travel abroad, specifically to Brussels. What You'll Bring to the Team: Experience : Financial knowledge of interest rate and FX derivatives valuation and market risk modelling (eg, Greeks and VaR). Experience in functional incident management for Front Office pricing applications within the Financial Markets domain. Proficiency in supporting end users, enriching Back End databases with new products, reports, and scheduled tasks. Technical Skills and Knowledge: Mandatory : Advanced knowledge of MS SQL Server and Transact-SQL. Deep understanding of interest rate derivatives valuation. Customer-focused with a strong inclination towards identifying and resolving root causes of incidents to enhance customer experience. Familiarity with tools like ServiceNow, Confluence, and Fortify. Strong team player with cross-functional capabilities, comfortable interacting with people at all levels in a multicultural environment. Proactive and responsive to others' needs. Nice to Have : Experience or familiarity with IT risk (SOx, vulnerability management) and security concepts (protocols, certificates, etc.). Proficiency in English (advanced level). Bachelor's or Master's degree with a strong analytical background in Computer Science, Cybernetics, Software Engineering, Financial Engineering, or a related field. About Levy Professionals Since 2000 we provide professional solutions to organizations ranging from tech start-ups to global players. From our offices in Amsterdam and London we have built an international and local network of skilled employed professionals and contractors fuelled by our passion for connecting skills with projects. Over the years we have fulfilled over 1700 requirements and nowadays we consistently have 250+ professionals recruited and relocated from 14 countries allocated to various projects. Our strength is the way that we see and treat people. This will always be a key factor in our strategy for many years to come.
D365 Functional Lead - Power Platform/Pages - Remote/Birmingham D365 Functional Lead will provide Dynamics 365 CE expertise as part of large customer engagements. They should be experienced in leading an engagement from estimation stage all the way through to the handover to Support whilst working alongside other practices and third-party organisations. They will be able to guide a team of people to achieve an end product as detailed in customer requirements. They will play a vital role in balancing risk, commercial-focus and customer expectations by working closely with the Project Manager. As part of the role of leading on engagement they will also help develop other team members through on-the-project coaching. This role will be maily remote, with the occasional visit to Birmingham office. Key duties and responsibilities Play a lead role in solution delivery. Dependent on the size of the project you will be expected to lead a team of functional (and technical) consultants ensuring smooth delivery and a unified approach. Participate in every aspect of the solution implementation from: leading workshops and analysing the customer's requirements to configuring the D365 CE applications and environment/release management. Collaborate with stakeholders throughout the customer organisation to ensure a comprehensive set of requirements, aligned to business objectives, gaining full understanding of current business processes. Provide in-depth knowledge of the D365 CE applications and evaluate the customer's business processes against the standard D365 CE functionality. Provide Project Management for smaller D365 CE Implementations including Budget, Resource, Milestones reporting supported by Crimson's PMO function. Responsible for documenting the business requirements which express what actions a solution must take and what outcome is expected. Pre-sales support including demonstrations and estimations supporting Crimson Sales and Consultancy teams as required. If modifications/customisations are required, either to processes or to the Dynamics 365 CE applications, the Functional Lead should facilitate the customer's decision-making process and develop the functional design document that will drive the development process. Responsible for conducting acceptance testing and training customer resources to successfully adopt and maintain the D365 CE solution. Have industry experience and understand challenges and risks when implementing vertically aligned applications. Technical Skills: Design, create and configure Dynamics 365 CE/Power Platform. solutions implementing Crimsons 'low code, no code' approach. Dynamics 365 CE/CRM product experience on the following: Sales - (Lead/Opportunity/Quote/Order/Invoice) Marketing and campaigns Including Add-ons eg, Click Dimensions/MailChimp/Microsoft Dynamics Marketing). Service and Case management including SLAs and Entitlements. Custom ISV/xRM solutions using Dynamics 365 CE & Power Platform. Dynamics 365 CE/CRM Customisation and configuration including but not limited to: Entity Design & Entity Relationship modelling implementing multiple relationship types. Model Driven App Form Design. Business Process Flows spanning multiple entities and implementing branching logic. Classic Dynamics 365 CE Workflows, including various trigger events and complex conditional logic. Dynamics 365 CE Dashboards including a combination of charts and list views. Reporting using both the Dynamics 365 CE report wizard and custom SQL Server Reporting Services (SSRS) reports. Model Driven Apps containing multiple system components. Ribbon Customisation. Where appropriate can implement complex field types (Rollup/Calculated/Customer). Understands the Dynamics 365 CE security model and which components of the system that can be restricted by security. Where necessary, can write and interpret JavaScript within the context of Dynamics 365 CE. Ability to extend solutions using complimentary Office 365/Power Platform technologies such as: Power Platform Power Automate - Create and maintain complex Power Automate flows implementing different trigger events, trigger filtering and multiple actions. Power Bi - Including standalone and Embedded. Canvas Apps with multiple screens. Power App Portals. Modern Workplace SharePoint. Teams. Microsoft Exchange Interested? Please submit your updated CV to Olivia Yafai at Crimson for immediate consideration. Not interested? Do you know someone who might be a perfect fit for this role? Refer a friend and earn £250 worth of vouchers! Crimson is acting as an employment agency regarding this vacancy
21/06/2024
Full time
D365 Functional Lead - Power Platform/Pages - Remote/Birmingham D365 Functional Lead will provide Dynamics 365 CE expertise as part of large customer engagements. They should be experienced in leading an engagement from estimation stage all the way through to the handover to Support whilst working alongside other practices and third-party organisations. They will be able to guide a team of people to achieve an end product as detailed in customer requirements. They will play a vital role in balancing risk, commercial-focus and customer expectations by working closely with the Project Manager. As part of the role of leading on engagement they will also help develop other team members through on-the-project coaching. This role will be maily remote, with the occasional visit to Birmingham office. Key duties and responsibilities Play a lead role in solution delivery. Dependent on the size of the project you will be expected to lead a team of functional (and technical) consultants ensuring smooth delivery and a unified approach. Participate in every aspect of the solution implementation from: leading workshops and analysing the customer's requirements to configuring the D365 CE applications and environment/release management. Collaborate with stakeholders throughout the customer organisation to ensure a comprehensive set of requirements, aligned to business objectives, gaining full understanding of current business processes. Provide in-depth knowledge of the D365 CE applications and evaluate the customer's business processes against the standard D365 CE functionality. Provide Project Management for smaller D365 CE Implementations including Budget, Resource, Milestones reporting supported by Crimson's PMO function. Responsible for documenting the business requirements which express what actions a solution must take and what outcome is expected. Pre-sales support including demonstrations and estimations supporting Crimson Sales and Consultancy teams as required. If modifications/customisations are required, either to processes or to the Dynamics 365 CE applications, the Functional Lead should facilitate the customer's decision-making process and develop the functional design document that will drive the development process. Responsible for conducting acceptance testing and training customer resources to successfully adopt and maintain the D365 CE solution. Have industry experience and understand challenges and risks when implementing vertically aligned applications. Technical Skills: Design, create and configure Dynamics 365 CE/Power Platform. solutions implementing Crimsons 'low code, no code' approach. Dynamics 365 CE/CRM product experience on the following: Sales - (Lead/Opportunity/Quote/Order/Invoice) Marketing and campaigns Including Add-ons eg, Click Dimensions/MailChimp/Microsoft Dynamics Marketing). Service and Case management including SLAs and Entitlements. Custom ISV/xRM solutions using Dynamics 365 CE & Power Platform. Dynamics 365 CE/CRM Customisation and configuration including but not limited to: Entity Design & Entity Relationship modelling implementing multiple relationship types. Model Driven App Form Design. Business Process Flows spanning multiple entities and implementing branching logic. Classic Dynamics 365 CE Workflows, including various trigger events and complex conditional logic. Dynamics 365 CE Dashboards including a combination of charts and list views. Reporting using both the Dynamics 365 CE report wizard and custom SQL Server Reporting Services (SSRS) reports. Model Driven Apps containing multiple system components. Ribbon Customisation. Where appropriate can implement complex field types (Rollup/Calculated/Customer). Understands the Dynamics 365 CE security model and which components of the system that can be restricted by security. Where necessary, can write and interpret JavaScript within the context of Dynamics 365 CE. Ability to extend solutions using complimentary Office 365/Power Platform technologies such as: Power Platform Power Automate - Create and maintain complex Power Automate flows implementing different trigger events, trigger filtering and multiple actions. Power Bi - Including standalone and Embedded. Canvas Apps with multiple screens. Power App Portals. Modern Workplace SharePoint. Teams. Microsoft Exchange Interested? Please submit your updated CV to Olivia Yafai at Crimson for immediate consideration. Not interested? Do you know someone who might be a perfect fit for this role? Refer a friend and earn £250 worth of vouchers! Crimson is acting as an employment agency regarding this vacancy
We are IT Recruitment Specialists partnered with a prestigious Global Consultancy who required a IBM Z Storage Specialist for a remote based role IR35: This role is inside of IR35 Initial duration: 6 months Role and tasks IBM Z Storage Specialist IBM Z Storage Manager 1. IBM zSeries Storage Management skills 2. Strong Technical Project management skills 3. Experience of working in a large enterprise scale and complexity Personal Experience - zSeries Storage Management/Engineering background preferred and/or experience to equivalent level - Working and partnering with vendors (eg IBM, DELL, Broadcom) - Supporting and/or leading technical management of large infrastructure deployment projects - Experience supporting large-scale enterprise IT environment and the Embedded controls within change, incident, and problem management processes - Experience working with Agile working practices and tooling - Experience and awareness of security, audit, risk and compliance within enterprise IT environment Personal Skills - Ability to work under pressure to deadlines - Strong work ethic - Collaborating with others and building a network - Strong interpersonal skills - Ability to pitch communications to a variety of stakeholders Hardware Technical Skills - IBM DS8K disk hardware installation design, upgrade and support skills including DSCLI Scripting and familiarity with HMC GUI - DELL DLM virtual tape (VTE with Data Domain) hardware installation design, upgrade and support skills with knowledge of GUI, NFS and Linux - Broadcom (Brocade) DCX hardware skills and FICON/FIBRE concepts and configuration. Set-up and utilising SanNav and Maps Software Technical Skills - IBM core knowledge: z/OS, TSO, SDSF, JCL, IDCAMS, IWS - IBM storage knowledge: DFHSM, DFDSS, ICKDSF, DFSMS (inc OAM), TDMF, GDPS, CSM - Broadcom (CA): CA1, CA Vantage, CA Disk, CA Allocate, CA View, Endeavor - Dino Software: T-rex, Terradon - Rocket: CR+ - Interchip: RTD Additional skills (optional) - Knowledge of zSeries Systems Programming concepts and technologies - Awareness of Network technologies and Dark Fibre concepts - Awareness of newer or emerging technologies - Awareness of IBM Virtual tape solutions (TS7700's) - Experience of data centre migrations - Knowledge of: GKLM, Spectrum Control and Storage insights and API exploitation - Knowledge of Ansible Automation Platform (AAP), GitHub, Jenkins - Programing/Scripting languages: Rexx, Python, YAML If you are interested in this position and would like to learn more, please send through your CV and we will get in touch with you as soon as possible. Please note, candidates are often Shortlisted within 48 hours.
21/06/2024
Project-based
We are IT Recruitment Specialists partnered with a prestigious Global Consultancy who required a IBM Z Storage Specialist for a remote based role IR35: This role is inside of IR35 Initial duration: 6 months Role and tasks IBM Z Storage Specialist IBM Z Storage Manager 1. IBM zSeries Storage Management skills 2. Strong Technical Project management skills 3. Experience of working in a large enterprise scale and complexity Personal Experience - zSeries Storage Management/Engineering background preferred and/or experience to equivalent level - Working and partnering with vendors (eg IBM, DELL, Broadcom) - Supporting and/or leading technical management of large infrastructure deployment projects - Experience supporting large-scale enterprise IT environment and the Embedded controls within change, incident, and problem management processes - Experience working with Agile working practices and tooling - Experience and awareness of security, audit, risk and compliance within enterprise IT environment Personal Skills - Ability to work under pressure to deadlines - Strong work ethic - Collaborating with others and building a network - Strong interpersonal skills - Ability to pitch communications to a variety of stakeholders Hardware Technical Skills - IBM DS8K disk hardware installation design, upgrade and support skills including DSCLI Scripting and familiarity with HMC GUI - DELL DLM virtual tape (VTE with Data Domain) hardware installation design, upgrade and support skills with knowledge of GUI, NFS and Linux - Broadcom (Brocade) DCX hardware skills and FICON/FIBRE concepts and configuration. Set-up and utilising SanNav and Maps Software Technical Skills - IBM core knowledge: z/OS, TSO, SDSF, JCL, IDCAMS, IWS - IBM storage knowledge: DFHSM, DFDSS, ICKDSF, DFSMS (inc OAM), TDMF, GDPS, CSM - Broadcom (CA): CA1, CA Vantage, CA Disk, CA Allocate, CA View, Endeavor - Dino Software: T-rex, Terradon - Rocket: CR+ - Interchip: RTD Additional skills (optional) - Knowledge of zSeries Systems Programming concepts and technologies - Awareness of Network technologies and Dark Fibre concepts - Awareness of newer or emerging technologies - Awareness of IBM Virtual tape solutions (TS7700's) - Experience of data centre migrations - Knowledge of: GKLM, Spectrum Control and Storage insights and API exploitation - Knowledge of Ansible Automation Platform (AAP), GitHub, Jenkins - Programing/Scripting languages: Rexx, Python, YAML If you are interested in this position and would like to learn more, please send through your CV and we will get in touch with you as soon as possible. Please note, candidates are often Shortlisted within 48 hours.
Public Sector - Hybrid - GDS Salary aligned with experience. Willing to consider more junior level candidates. Knowledge/experience Analysis and design of multiple digital solutions ensuring that projects align to the overall digital blueprint. Set the direction of travel during discovery phases and provide solution oversight during subsequent delivery phases; Liaise with various internal stakeholders and subject matter experts, such as CTO and security architects and digital architects within other digital centres Recognise emerging risks and issues during solution definition and identify mitigating actions; Have the ability to develop strong working relationships in high pressure agile environment. As a Technical Architect you will have: Significant experience in a Digital Solution Architect/Lead Developer/Development Manager or similar role with leadership and management Practical experience of designing end to end application solutions within a digital environment, including multichannel, mobile and social media Demonstrable experience of agile practices and techniques; Strong experience in designing and building digital and web solutions, preferably on large transactional projects. A solid background in software development and solutions architecture within Open Source technologies and languages such as Scala, Java, RESTful APIs JSON, NoSQL, MongoDB, Play, Ruby Jenkins, Selenium, Jira, Confluence, Linux, HTML5, Cucumber, Django, Spring, Python, Chef and Puppet technologies ie. Knowledge of relational and non-relational databases and experience of handling very large data sets. Strong business analysis skills with a proven track record of working with a diverse range of business stakeholders; Strong software development and architecture background within open source technologies and languages. Understand a wide range of integration methods and techniques; Knowledge of a broad set of technologies across areas such as system platforms, web, databases, software development languages and tools; Experience of developing and using web based APIs and Micro services; Experience with open source solutions, using and deploying on cloud based platforms; Understanding of web security best practice and security application design; Experience in developing digital services on brownfield estates with Legacy systems. *Applicants must have the right to work in the UK and the ability to pass BPSS vetting
21/06/2024
Full time
Public Sector - Hybrid - GDS Salary aligned with experience. Willing to consider more junior level candidates. Knowledge/experience Analysis and design of multiple digital solutions ensuring that projects align to the overall digital blueprint. Set the direction of travel during discovery phases and provide solution oversight during subsequent delivery phases; Liaise with various internal stakeholders and subject matter experts, such as CTO and security architects and digital architects within other digital centres Recognise emerging risks and issues during solution definition and identify mitigating actions; Have the ability to develop strong working relationships in high pressure agile environment. As a Technical Architect you will have: Significant experience in a Digital Solution Architect/Lead Developer/Development Manager or similar role with leadership and management Practical experience of designing end to end application solutions within a digital environment, including multichannel, mobile and social media Demonstrable experience of agile practices and techniques; Strong experience in designing and building digital and web solutions, preferably on large transactional projects. A solid background in software development and solutions architecture within Open Source technologies and languages such as Scala, Java, RESTful APIs JSON, NoSQL, MongoDB, Play, Ruby Jenkins, Selenium, Jira, Confluence, Linux, HTML5, Cucumber, Django, Spring, Python, Chef and Puppet technologies ie. Knowledge of relational and non-relational databases and experience of handling very large data sets. Strong business analysis skills with a proven track record of working with a diverse range of business stakeholders; Strong software development and architecture background within open source technologies and languages. Understand a wide range of integration methods and techniques; Knowledge of a broad set of technologies across areas such as system platforms, web, databases, software development languages and tools; Experience of developing and using web based APIs and Micro services; Experience with open source solutions, using and deploying on cloud based platforms; Understanding of web security best practice and security application design; Experience in developing digital services on brownfield estates with Legacy systems. *Applicants must have the right to work in the UK and the ability to pass BPSS vetting
*We are unable to sponsor as this is a permanent Full time role* *Hybrid 3 days onsite 2 days remote* A prestigious company is looking for an IT Security GRC Specialist. This specialist will be the SME for information security GRC and will perform key risk management functions within the security governance department. They will do 3rd party vendor risk management and internal risk management. Experience with frameworks ISO 27001, NIST, SOC, SIG is required. Responsibilities: Management of process improvement, control maturity, and communication of risk throughout assigned GRC service activities. Level II responsibilities include incorporating ISO 27001 principles for continuous improvement throughout all services and support activities. Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. This service also provides contract review for security requirements. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Exception management, processing and tracking requests for exception to security controls. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Ensures security awareness training is aligned, defined, and executed. Evaluation of cyber training/education courses and methods based on instructional needs. Administration of the GRC technology platforms. Qualifications Bachelor's degree or five (5) years of work experience in IT Security is required. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required. Technical writing experience is required. Experience with instructional content educational writing strongly preferred. Strong knowledge of risk management principles and practices are required. Strong knowledge of security administration and role-based security controls are required. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Interview, gather, and understand content from subject-matter experts. Maintain accurate records and manage client security and risk requests. Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm's security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline, and procedure documents. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
20/06/2024
Full time
*We are unable to sponsor as this is a permanent Full time role* *Hybrid 3 days onsite 2 days remote* A prestigious company is looking for an IT Security GRC Specialist. This specialist will be the SME for information security GRC and will perform key risk management functions within the security governance department. They will do 3rd party vendor risk management and internal risk management. Experience with frameworks ISO 27001, NIST, SOC, SIG is required. Responsibilities: Management of process improvement, control maturity, and communication of risk throughout assigned GRC service activities. Level II responsibilities include incorporating ISO 27001 principles for continuous improvement throughout all services and support activities. Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. This service also provides contract review for security requirements. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Exception management, processing and tracking requests for exception to security controls. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Ensures security awareness training is aligned, defined, and executed. Evaluation of cyber training/education courses and methods based on instructional needs. Administration of the GRC technology platforms. Qualifications Bachelor's degree or five (5) years of work experience in IT Security is required. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required. Technical writing experience is required. Experience with instructional content educational writing strongly preferred. Strong knowledge of risk management principles and practices are required. Strong knowledge of security administration and role-based security controls are required. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Interview, gather, and understand content from subject-matter experts. Maintain accurate records and manage client security and risk requests. Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm's security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline, and procedure documents. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
We have a fantastic permanent opportunity for a Technology Services Security Manager to lead our Security Operations function within the IT department. This pivotal role involves managing both internal and external specialist 3rd party support to deliver security operations activities across our diverse digital estate. The successful candidate will be responsible for ensuring the security and performance of our enterprise/IT and OT estates, which include a wide range of endpoints, appliances, and systems. Required Skills & Qualifications: CISSP (or equivalent) qualification and Azure Certification. SAFE leadership or other Agile qualification (such as Kanban or Scrum). Considerable experience operating ITIL and CSIRT processes and standards. Detailed understanding of IT/OT technologies, market trends, products, and services. Extensive working knowledge of available technologies and defining strategies for efficient and effective solutions and services. Considerable experience in an IT managerial position with responsibilities for operations, planning, people, and relationship management. Broad IT Management/Contracts experience, including infrastructure development, delivery, and operational management. Managing Successful Programmes (MSP)/APMP qualification is desirable. Day to Day of the role: Improve the performance and security of the digital estate through proactive continuous service improvement. Manage the security operations of the Technology estates, ensuring availability 24/7/365 where applicable. Collaborate with the wider Technology Services and Information Security teams to provide SME capability and align development activity with operational and strategic requirements. Own the Incident Management process for cyber-related incidents. Plan and deliver resources to create an effective Security Operations function that addresses risk and aligns with business plans. Contribute security expertise to support other leaders in Technology Services in making informed decisions. Provide technical security/cyber information to optimise commercial arrangements. Identify security trends, assess risks and opportunities, and prioritise activities to minimise risks and add value. Manage third-party contracts that underpin the security operations function, ensuring support levels meet business requirements. Benefits: Competitive salary package. Opportunities for professional development and certifications. Engaging and collaborative work environment. Comprehensive benefits package. To apply for the Technology Services Security Manager position, please submit your CV and cover letter detailing your relevant experience and qualifications.
20/06/2024
Full time
We have a fantastic permanent opportunity for a Technology Services Security Manager to lead our Security Operations function within the IT department. This pivotal role involves managing both internal and external specialist 3rd party support to deliver security operations activities across our diverse digital estate. The successful candidate will be responsible for ensuring the security and performance of our enterprise/IT and OT estates, which include a wide range of endpoints, appliances, and systems. Required Skills & Qualifications: CISSP (or equivalent) qualification and Azure Certification. SAFE leadership or other Agile qualification (such as Kanban or Scrum). Considerable experience operating ITIL and CSIRT processes and standards. Detailed understanding of IT/OT technologies, market trends, products, and services. Extensive working knowledge of available technologies and defining strategies for efficient and effective solutions and services. Considerable experience in an IT managerial position with responsibilities for operations, planning, people, and relationship management. Broad IT Management/Contracts experience, including infrastructure development, delivery, and operational management. Managing Successful Programmes (MSP)/APMP qualification is desirable. Day to Day of the role: Improve the performance and security of the digital estate through proactive continuous service improvement. Manage the security operations of the Technology estates, ensuring availability 24/7/365 where applicable. Collaborate with the wider Technology Services and Information Security teams to provide SME capability and align development activity with operational and strategic requirements. Own the Incident Management process for cyber-related incidents. Plan and deliver resources to create an effective Security Operations function that addresses risk and aligns with business plans. Contribute security expertise to support other leaders in Technology Services in making informed decisions. Provide technical security/cyber information to optimise commercial arrangements. Identify security trends, assess risks and opportunities, and prioritise activities to minimise risks and add value. Manage third-party contracts that underpin the security operations function, ensuring support levels meet business requirements. Benefits: Competitive salary package. Opportunities for professional development and certifications. Engaging and collaborative work environment. Comprehensive benefits package. To apply for the Technology Services Security Manager position, please submit your CV and cover letter detailing your relevant experience and qualifications.