Group GRC Lead Permanent Salary: Between £75,000 - £85,000 per annum Location: Leeds Working Arrangement: Hybrid - 2 days in office per week Your new company I'm currently looking for a GRC Lead to report into the CISO of an international law firm. This role can be completed on a hybrid basis from offices in Leeds, Birmingham or Cardiff. The ideal candidate will have experience of 3rd party Governance Risk and Compliance management (clients, suppliers, vendors), people management experience, and a go-getter, enthusiastic and engaging personality. Your new role will involve Reporting to the CISO (and C-suite in general) on the current state of the firm's Cyber Security from a Governance Risk and Compliance perspective Assisting in the identification and support of 3rd party compliance requirements Managing a small team of IT compliance analysts Spearheading an international Cyber Security Awareness programme Implementing NIST and maintaining ISO27001 certification Maintaining a contemporary knowledge of current threats and cyber trends 3rd party and internal risk management Fostering a risk aware culture among stakeholders and across the firm Providing strategic advice and input on the firm's cyber security strategy What you'll need to succeed Proven experience of 3rd party GRC leadership work, ideally in legal or professional services, but large-scale complex organisations will work too Line management experience A go-getter, engaging and enthusiastic personality Experience implementing NIST would be useful Strong Governance Risk and Compliance (GRC) knowledge, understanding and skill set Excellent leadership ability and communication skills Strong stakeholder engagement and management ability What you'll get in return Between £75,000 - £85,000 per annum Discretionary bonus 26 days annual leave - Buy and Sell Scheme Private health care More great benefits What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
09/01/2025
Full time
Group GRC Lead Permanent Salary: Between £75,000 - £85,000 per annum Location: Leeds Working Arrangement: Hybrid - 2 days in office per week Your new company I'm currently looking for a GRC Lead to report into the CISO of an international law firm. This role can be completed on a hybrid basis from offices in Leeds, Birmingham or Cardiff. The ideal candidate will have experience of 3rd party Governance Risk and Compliance management (clients, suppliers, vendors), people management experience, and a go-getter, enthusiastic and engaging personality. Your new role will involve Reporting to the CISO (and C-suite in general) on the current state of the firm's Cyber Security from a Governance Risk and Compliance perspective Assisting in the identification and support of 3rd party compliance requirements Managing a small team of IT compliance analysts Spearheading an international Cyber Security Awareness programme Implementing NIST and maintaining ISO27001 certification Maintaining a contemporary knowledge of current threats and cyber trends 3rd party and internal risk management Fostering a risk aware culture among stakeholders and across the firm Providing strategic advice and input on the firm's cyber security strategy What you'll need to succeed Proven experience of 3rd party GRC leadership work, ideally in legal or professional services, but large-scale complex organisations will work too Line management experience A go-getter, engaging and enthusiastic personality Experience implementing NIST would be useful Strong Governance Risk and Compliance (GRC) knowledge, understanding and skill set Excellent leadership ability and communication skills Strong stakeholder engagement and management ability What you'll get in return Between £75,000 - £85,000 per annum Discretionary bonus 26 days annual leave - Buy and Sell Scheme Private health care More great benefits What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
IT Support Analyst We are recruiting for an IT Support Analyst to join the IT team at a reputable educational organisation based in Caterham. This role is an exciting opportunity to provide first and second-line IT support, ensuring seamless technology operations for staff, students, and other members of the community. The role involves resolving technical issues, maintaining IT hardware, and supporting hosted systems such as the organisation's MIS and telephony platforms. Excellent technical knowledge and exceptional customer service skills are essential, along with the ability to assist users both remotely and face-to-face. Key Responsibilities Provide first and second-line support for all IT hardware and services. Escalate third-line issues to the IT Manager when necessary. Support and maintain hosted systems, including the organisation's MIS and telephony services. Ensure all users have access to the necessary technology to support their roles. Deliver prompt, high-quality support to resolve issues efficiently. Keep users informed throughout the resolution process and update the ticketing system at every stage. Resolve issues with minimal disruption to services, including occasional out-of-hours work as required. Monitor the IT Helpdesk system, ensuring tickets are assigned and progressed promptly. Assist the IT Manager in managing user access rights for both local and hosted services. Liaise with third-party providers to maintain and troubleshoot IT services. Maintain comprehensive technical documentation and provide one-on-one training to users as needed. Ensure clear communication with users, the IT team, and senior staff during support or project tasks. Provide technical guidance and mentorship to the Apprentice IT Technician, supporting their skill development. Assist with maintaining the availability of printing and copying devices and services. Essential Skills & Experience Proficient in Microsoft 365 user administration and classroom applications (Teams, SharePoint). Knowledge of MS Windows desktop operating systems and Adobe Creative Suite. Hands-on experience supporting IT hardware (desktops, laptops, tablets, and classroom display screens). Exceptional customer service and interpersonal skills. Ability to communicate effectively and deliver user-focused solutions. Skilled in creating and maintaining high-quality technical and user documentation. Knowledge of data and cyber security best practices. Fluent, accurate written and spoken English. Awareness of policies, technical trends, and requirements in an educational environment. Desirable Skills & Experience Experience working within an educational setting, including familiarity with school MIS systems (eg, iSAMS). Knowledge of Microsoft Active Directory (Azure/on-prem), Group Policies, and AD Federation Services. Familiarity with: Remote user support. VOIP telephony. Cisco Meraki network management and configuration. Managed secure release network printing. Mobile device management tools (eg, JAMF) and Apple hardware/software integration. IT Support Analyst Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
09/01/2025
Full time
IT Support Analyst We are recruiting for an IT Support Analyst to join the IT team at a reputable educational organisation based in Caterham. This role is an exciting opportunity to provide first and second-line IT support, ensuring seamless technology operations for staff, students, and other members of the community. The role involves resolving technical issues, maintaining IT hardware, and supporting hosted systems such as the organisation's MIS and telephony platforms. Excellent technical knowledge and exceptional customer service skills are essential, along with the ability to assist users both remotely and face-to-face. Key Responsibilities Provide first and second-line support for all IT hardware and services. Escalate third-line issues to the IT Manager when necessary. Support and maintain hosted systems, including the organisation's MIS and telephony services. Ensure all users have access to the necessary technology to support their roles. Deliver prompt, high-quality support to resolve issues efficiently. Keep users informed throughout the resolution process and update the ticketing system at every stage. Resolve issues with minimal disruption to services, including occasional out-of-hours work as required. Monitor the IT Helpdesk system, ensuring tickets are assigned and progressed promptly. Assist the IT Manager in managing user access rights for both local and hosted services. Liaise with third-party providers to maintain and troubleshoot IT services. Maintain comprehensive technical documentation and provide one-on-one training to users as needed. Ensure clear communication with users, the IT team, and senior staff during support or project tasks. Provide technical guidance and mentorship to the Apprentice IT Technician, supporting their skill development. Assist with maintaining the availability of printing and copying devices and services. Essential Skills & Experience Proficient in Microsoft 365 user administration and classroom applications (Teams, SharePoint). Knowledge of MS Windows desktop operating systems and Adobe Creative Suite. Hands-on experience supporting IT hardware (desktops, laptops, tablets, and classroom display screens). Exceptional customer service and interpersonal skills. Ability to communicate effectively and deliver user-focused solutions. Skilled in creating and maintaining high-quality technical and user documentation. Knowledge of data and cyber security best practices. Fluent, accurate written and spoken English. Awareness of policies, technical trends, and requirements in an educational environment. Desirable Skills & Experience Experience working within an educational setting, including familiarity with school MIS systems (eg, iSAMS). Knowledge of Microsoft Active Directory (Azure/on-prem), Group Policies, and AD Federation Services. Familiarity with: Remote user support. VOIP telephony. Cisco Meraki network management and configuration. Managed secure release network printing. Mobile device management tools (eg, JAMF) and Apple hardware/software integration. IT Support Analyst Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
DV Cleared - Security Analyst (ArcSight) - 6 months+ - £600-£650 pd Inside IR35 - Full time on site Hampshire Looking for a number of DV Cleared Security Analysts who have a strong experience with creating and maintaining design, installation and support documentation. All applicants must hold an active DV clearance Skills and Responsibilities: Design and automate the installation of COTS software products on RHEL and Windows Operating systems. Configure, maintain and support ArcSight SIEM toolset (ESM, SmartConnectors, Logger and ArcMC) Investigating/Resolving issues with ArcSight SIEM toolset Experience of creating bespoke custom (Flex/Regx) Connectors Knowledge of PowerShell Creating and maintaining design, installation and support documentation Design and automate the installation of COTS software products on RHEL and Windows Operating systems Configure, maintain and support ArcSight SIEM toolset (ESM, SmartConnectors, Logger and ArcMC) Investigating/Resolving issues with ArcSight SIEM toolset DV Cleared - ArcSight SME/Cyber Security Consultant - 6 months+ - £600-£650 pd Inside IR35 - Full time on site Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
08/01/2025
Project-based
DV Cleared - Security Analyst (ArcSight) - 6 months+ - £600-£650 pd Inside IR35 - Full time on site Hampshire Looking for a number of DV Cleared Security Analysts who have a strong experience with creating and maintaining design, installation and support documentation. All applicants must hold an active DV clearance Skills and Responsibilities: Design and automate the installation of COTS software products on RHEL and Windows Operating systems. Configure, maintain and support ArcSight SIEM toolset (ESM, SmartConnectors, Logger and ArcMC) Investigating/Resolving issues with ArcSight SIEM toolset Experience of creating bespoke custom (Flex/Regx) Connectors Knowledge of PowerShell Creating and maintaining design, installation and support documentation Design and automate the installation of COTS software products on RHEL and Windows Operating systems Configure, maintain and support ArcSight SIEM toolset (ESM, SmartConnectors, Logger and ArcMC) Investigating/Resolving issues with ArcSight SIEM toolset DV Cleared - ArcSight SME/Cyber Security Consultant - 6 months+ - £600-£650 pd Inside IR35 - Full time on site Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
Security Engineer Salary: $140k-$150k + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 3+ years of related experience Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Responsibilities Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned.
07/01/2025
Full time
Security Engineer Salary: $140k-$150k + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 3+ years of related experience Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Responsibilities Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned.
Security Engineer Salary: $140k-$150k + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 3+ years of related experience Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Responsibilities Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned.
07/01/2025
Full time
Security Engineer Salary: $140k-$150k + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 3+ years of related experience Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Responsibilities Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Engineer. Candidate will be responsible for the in-depth analysis and response to security incidents escalated from Tier 1 analysts. This role involves investigating complex security events, identifying potential threats, and implementing measures to mitigate risks. The Tier 2 analyst plays a critical role in maintaining the security posture of the organization by leveraging advanced threat intelligence and incident response techniques. Responsibilities: Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned. Work closely with threat intelligence team to enhance detection and response capabilities. Collaborate with other security team members and IT staff to address security incidents. Provide guidance and support to Tier 1 analysts on complex security issues. Communicate effectively with stakeholders regarding security incidents and mitigation efforts. Participate in post-incident reviews to identify areas for improvement. Stay current with the latest cybersecurity trends, threats, and technologies. Contribute to the development and enhancement of SOC processes and procedures. Qualifications: Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Knowledge and experience implementing controls based on security regulation (eg, NIST Cyber Security Framework) is a plus. Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. Log analysis and security content development in SIEM solutions (Splunk, IBM QRadar, LogRhythm, etc.). SOAR products such as Splunk SOAR, Cortex XSOAR, FortiSOAR, etc. SOAR playbook development experience is a plus. Endpoint detection and response tools, eg CrowdStrike, SentinelOne, Microsoft Defender, etc. Incident Response playbook development, managing security incident analysis and remediation. Network-based preventative and detective technologies (IDS/IPS, Firewalls, Proxy Servers) Standard technical writing tools including MS Word, Excel, Project and Visio Vulnerability assessment tools (Qualys, Nessus, nmap, etc.). Directory services, LDAP, and their inherent security (Active Directory, CA Directory, Entra ID). Client Server platforms including Sun Solaris, Windows, Linux. Operating system hardening procedures (Solaris, Linux, Windows, etc.) Web Application Firewalls. Cloud based security tools and techniques (AWS, Azure, GCP, etc.) Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices. Education and Experience: Bachelor's degree in cybersecurity, computer science, or another related field. Minimum three years of information security experience, preferably in the financial services industry. Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Industry knowledge of leading-edge security technologies and methods. Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities. Previous people/project management experience is a plus. Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CASP+.
03/01/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Engineer. Candidate will be responsible for the in-depth analysis and response to security incidents escalated from Tier 1 analysts. This role involves investigating complex security events, identifying potential threats, and implementing measures to mitigate risks. The Tier 2 analyst plays a critical role in maintaining the security posture of the organization by leveraging advanced threat intelligence and incident response techniques. Responsibilities: Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned. Work closely with threat intelligence team to enhance detection and response capabilities. Collaborate with other security team members and IT staff to address security incidents. Provide guidance and support to Tier 1 analysts on complex security issues. Communicate effectively with stakeholders regarding security incidents and mitigation efforts. Participate in post-incident reviews to identify areas for improvement. Stay current with the latest cybersecurity trends, threats, and technologies. Contribute to the development and enhancement of SOC processes and procedures. Qualifications: Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Knowledge and experience implementing controls based on security regulation (eg, NIST Cyber Security Framework) is a plus. Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. Log analysis and security content development in SIEM solutions (Splunk, IBM QRadar, LogRhythm, etc.). SOAR products such as Splunk SOAR, Cortex XSOAR, FortiSOAR, etc. SOAR playbook development experience is a plus. Endpoint detection and response tools, eg CrowdStrike, SentinelOne, Microsoft Defender, etc. Incident Response playbook development, managing security incident analysis and remediation. Network-based preventative and detective technologies (IDS/IPS, Firewalls, Proxy Servers) Standard technical writing tools including MS Word, Excel, Project and Visio Vulnerability assessment tools (Qualys, Nessus, nmap, etc.). Directory services, LDAP, and their inherent security (Active Directory, CA Directory, Entra ID). Client Server platforms including Sun Solaris, Windows, Linux. Operating system hardening procedures (Solaris, Linux, Windows, etc.) Web Application Firewalls. Cloud based security tools and techniques (AWS, Azure, GCP, etc.) Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices. Education and Experience: Bachelor's degree in cybersecurity, computer science, or another related field. Minimum three years of information security experience, preferably in the financial services industry. Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Industry knowledge of leading-edge security technologies and methods. Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities. Previous people/project management experience is a plus. Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CASP+.
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Engineer. Candidate will be responsible for the in-depth analysis and response to security incidents escalated from Tier 1 analysts. This role involves investigating complex security events, identifying potential threats, and implementing measures to mitigate risks. The Tier 2 analyst plays a critical role in maintaining the security posture of the organization by leveraging advanced threat intelligence and incident response techniques. Responsibilities: Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned. Work closely with threat intelligence team to enhance detection and response capabilities. Collaborate with other security team members and IT staff to address security incidents. Provide guidance and support to Tier 1 analysts on complex security issues. Communicate effectively with stakeholders regarding security incidents and mitigation efforts. Participate in post-incident reviews to identify areas for improvement. Stay current with the latest cybersecurity trends, threats, and technologies. Contribute to the development and enhancement of SOC processes and procedures. Qualifications: Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Knowledge and experience implementing controls based on security regulation (eg, NIST Cyber Security Framework) is a plus. Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. Log analysis and security content development in SIEM solutions (Splunk, IBM QRadar, LogRhythm, etc.). SOAR products such as Splunk SOAR, Cortex XSOAR, FortiSOAR, etc. SOAR playbook development experience is a plus. Endpoint detection and response tools, eg CrowdStrike, SentinelOne, Microsoft Defender, etc. Incident Response playbook development, managing security incident analysis and remediation. Network-based preventative and detective technologies (IDS/IPS, Firewalls, Proxy Servers) Standard technical writing tools including MS Word, Excel, Project and Visio Vulnerability assessment tools (Qualys, Nessus, nmap, etc.). Directory services, LDAP, and their inherent security (Active Directory, CA Directory, Entra ID). Client Server platforms including Sun Solaris, Windows, Linux. Operating system hardening procedures (Solaris, Linux, Windows, etc.) Web Application Firewalls. Cloud based security tools and techniques (AWS, Azure, GCP, etc.) Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices. Education and Experience: Bachelor's degree in cybersecurity, computer science, or another related field. Minimum three years of information security experience, preferably in the financial services industry. Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Industry knowledge of leading-edge security technologies and methods. Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities. Previous people/project management experience is a plus. Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CASP+.
03/01/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Engineer. Candidate will be responsible for the in-depth analysis and response to security incidents escalated from Tier 1 analysts. This role involves investigating complex security events, identifying potential threats, and implementing measures to mitigate risks. The Tier 2 analyst plays a critical role in maintaining the security posture of the organization by leveraging advanced threat intelligence and incident response techniques. Responsibilities: Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned. Work closely with threat intelligence team to enhance detection and response capabilities. Collaborate with other security team members and IT staff to address security incidents. Provide guidance and support to Tier 1 analysts on complex security issues. Communicate effectively with stakeholders regarding security incidents and mitigation efforts. Participate in post-incident reviews to identify areas for improvement. Stay current with the latest cybersecurity trends, threats, and technologies. Contribute to the development and enhancement of SOC processes and procedures. Qualifications: Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Knowledge and experience implementing controls based on security regulation (eg, NIST Cyber Security Framework) is a plus. Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. Log analysis and security content development in SIEM solutions (Splunk, IBM QRadar, LogRhythm, etc.). SOAR products such as Splunk SOAR, Cortex XSOAR, FortiSOAR, etc. SOAR playbook development experience is a plus. Endpoint detection and response tools, eg CrowdStrike, SentinelOne, Microsoft Defender, etc. Incident Response playbook development, managing security incident analysis and remediation. Network-based preventative and detective technologies (IDS/IPS, Firewalls, Proxy Servers) Standard technical writing tools including MS Word, Excel, Project and Visio Vulnerability assessment tools (Qualys, Nessus, nmap, etc.). Directory services, LDAP, and their inherent security (Active Directory, CA Directory, Entra ID). Client Server platforms including Sun Solaris, Windows, Linux. Operating system hardening procedures (Solaris, Linux, Windows, etc.) Web Application Firewalls. Cloud based security tools and techniques (AWS, Azure, GCP, etc.) Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices. Education and Experience: Bachelor's degree in cybersecurity, computer science, or another related field. Minimum three years of information security experience, preferably in the financial services industry. Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Industry knowledge of leading-edge security technologies and methods. Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities. Previous people/project management experience is a plus. Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CASP+.
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for an Associate Principal, Cyber Defense. This role is focused on threat intelligence, incident response, security alerts, events analysis, network traffic, etc. Responsibilities: Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned. Work closely with threat intelligence team to enhance detection and response capabilities. Collaborate with other security team members and IT staff to address security incidents. Provide guidance and support to Tier 1 analysts on complex security issues. Communicate effectively with stakeholders regarding security incidents and mitigation efforts. Qualifications: Bachelor's degree in cybersecurity, computer science, or another related field. Minimum three years of information security experience, preferably in the financial services industry. Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities. Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CASP+. Log analysis and security content development in SIEM solutions (Splunk, IBM QRadar, LogRhythm, etc.). SOAR products such as Splunk SOAR, Cortex XSOAR, FortiSOAR, etc. SOAR playbook development experience is a plus. Endpoint detection and response tools, eg CrowdStrike, SentinelOne, Microsoft Defender, etc. Incident Response playbook development, managing security incident analysis and remediation. Network-based preventative and detective technologies (IDS/IPS, Firewalls, Proxy Servers) Standard technical writing tools including MS Word, Excel, Project and Visio Vulnerability assessment tools (Qualys, Nessus, nmap, etc.). Directory services, LDAP, and their inherent security (Active Directory, CA Directory, Entra ID). Client Server platforms including Sun Solaris, Windows, Linux. Operating system hardening procedures (Solaris, Linux, Windows, etc.) Web Application Firewalls. Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices.
03/01/2025
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for an Associate Principal, Cyber Defense. This role is focused on threat intelligence, incident response, security alerts, events analysis, network traffic, etc. Responsibilities: Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned. Work closely with threat intelligence team to enhance detection and response capabilities. Collaborate with other security team members and IT staff to address security incidents. Provide guidance and support to Tier 1 analysts on complex security issues. Communicate effectively with stakeholders regarding security incidents and mitigation efforts. Qualifications: Bachelor's degree in cybersecurity, computer science, or another related field. Minimum three years of information security experience, preferably in the financial services industry. Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities. Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CASP+. Log analysis and security content development in SIEM solutions (Splunk, IBM QRadar, LogRhythm, etc.). SOAR products such as Splunk SOAR, Cortex XSOAR, FortiSOAR, etc. SOAR playbook development experience is a plus. Endpoint detection and response tools, eg CrowdStrike, SentinelOne, Microsoft Defender, etc. Incident Response playbook development, managing security incident analysis and remediation. Network-based preventative and detective technologies (IDS/IPS, Firewalls, Proxy Servers) Standard technical writing tools including MS Word, Excel, Project and Visio Vulnerability assessment tools (Qualys, Nessus, nmap, etc.). Directory services, LDAP, and their inherent security (Active Directory, CA Directory, Entra ID). Client Server platforms including Sun Solaris, Windows, Linux. Operating system hardening procedures (Solaris, Linux, Windows, etc.) Web Application Firewalls. Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices.
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for an Associate Principal, Cyber Defense. This role is focused on threat intelligence, incident response, security alerts, events analysis, network traffic, etc. Responsibilities: Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned. Work closely with threat intelligence team to enhance detection and response capabilities. Collaborate with other security team members and IT staff to address security incidents. Provide guidance and support to Tier 1 analysts on complex security issues. Communicate effectively with stakeholders regarding security incidents and mitigation efforts. Qualifications: Bachelor's degree in cybersecurity, computer science, or another related field. Minimum three years of information security experience, preferably in the financial services industry. Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities. Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CASP+. Log analysis and security content development in SIEM solutions (Splunk, IBM QRadar, LogRhythm, etc.). SOAR products such as Splunk SOAR, Cortex XSOAR, FortiSOAR, etc. SOAR playbook development experience is a plus. Endpoint detection and response tools, eg CrowdStrike, SentinelOne, Microsoft Defender, etc. Incident Response playbook development, managing security incident analysis and remediation. Network-based preventative and detective technologies (IDS/IPS, Firewalls, Proxy Servers) Standard technical writing tools including MS Word, Excel, Project and Visio Vulnerability assessment tools (Qualys, Nessus, nmap, etc.). Directory services, LDAP, and their inherent security (Active Directory, CA Directory, Entra ID). Client Server platforms including Sun Solaris, Windows, Linux. Operating system hardening procedures (Solaris, Linux, Windows, etc.) Web Application Firewalls. Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices.
03/01/2025
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for an Associate Principal, Cyber Defense. This role is focused on threat intelligence, incident response, security alerts, events analysis, network traffic, etc. Responsibilities: Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned. Work closely with threat intelligence team to enhance detection and response capabilities. Collaborate with other security team members and IT staff to address security incidents. Provide guidance and support to Tier 1 analysts on complex security issues. Communicate effectively with stakeholders regarding security incidents and mitigation efforts. Qualifications: Bachelor's degree in cybersecurity, computer science, or another related field. Minimum three years of information security experience, preferably in the financial services industry. Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities. Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CASP+. Log analysis and security content development in SIEM solutions (Splunk, IBM QRadar, LogRhythm, etc.). SOAR products such as Splunk SOAR, Cortex XSOAR, FortiSOAR, etc. SOAR playbook development experience is a plus. Endpoint detection and response tools, eg CrowdStrike, SentinelOne, Microsoft Defender, etc. Incident Response playbook development, managing security incident analysis and remediation. Network-based preventative and detective technologies (IDS/IPS, Firewalls, Proxy Servers) Standard technical writing tools including MS Word, Excel, Project and Visio Vulnerability assessment tools (Qualys, Nessus, nmap, etc.). Directory services, LDAP, and their inherent security (Active Directory, CA Directory, Entra ID). Client Server platforms including Sun Solaris, Windows, Linux. Operating system hardening procedures (Solaris, Linux, Windows, etc.) Web Application Firewalls. Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices.
Role: Cyber Security Analyst Location: Remote (Very Rare Meetup with Team in Bristol or London) Salary: Up to £50,000 (plus £1,000 Remote Setup Allowance) We are seeking an enthusiastic Cyber Security Analyst to join a forward-thinking and dynamic team at an organization with an exceptionally modern IT estate. This role offers significant opportunities for personal and professional growth, including training, certification building, and support from an experienced Cyber Security leader. Overview Our client is a significant player in their industry, with a modern IT estate that currently isn't being used to its full potential. The successful candidate will be coming in to support their Head of Cyber Security in the numerous projects that will both overhaul various elements of their environment. Example of upcoming projects include: Consolidation of their cloud suppliers. Significant expansion of their AWS and Azure estates. Increase analytical utilisation of their cutting-edge Cyber Security product portfolio, including Datadog, Cloudflare, M365 E3, Jira, Microsoft Defender. This organisation uses a "security by design" approach, putting Cyber Security at the forefront of everything they do in close collaboration with the wider IT function to ensure governance and compliance with numerous Cyber Security frameworks (ISO 27001, NIST, PCI-DSS). Ultimately, the company aims to grow by 300% over the next three years, and you will have the exciting opportunity to play a central role in shaping the environment to achieve that goal. Role Reporting to the Head of Cyber Security, you will become part of a small, close-knit security team, supporting the charge to improve their cybersecurity initiative. This role will require you to become a Cyber Security generalist, actively engaging at all levels of Cyber Security and contributing across a broad range of responsibilities, such as: Threat Management Endpoint Detection Security Assurance (Security by Design Controls) Framework Governance and Compliance (ISO 27001, NIST, PCI-DSS) Vulnerability Scanning Risk Analysis Cybersecurity Awareness Campaigns Phishing Campaigns Experience The ideal candidate will bring hands-on experience in the above Cyber Security responsibilities, coupled with a strong analytical mindset. The successful candidate will be driven by a curiosity to analyse data and reports, identifying trends and their impact to guide strategic decisions. We're looking for someone with a thirst for continuous learning, who has the drive to explore new areas, and is committed to professional development and staying ahead with the latest industry developments, who may already have some relevant industry certifications and will be supported by an experienced, Cyber Security professional. This role is ideal for someone eager to expand their expertise across all areas of Cyber Security. If you have solid experience as a SOC Analyst and are eager to continue their development in that space, while exploring the engineering side of Cyber Security, this opportunity is for you.
23/12/2024
Full time
Role: Cyber Security Analyst Location: Remote (Very Rare Meetup with Team in Bristol or London) Salary: Up to £50,000 (plus £1,000 Remote Setup Allowance) We are seeking an enthusiastic Cyber Security Analyst to join a forward-thinking and dynamic team at an organization with an exceptionally modern IT estate. This role offers significant opportunities for personal and professional growth, including training, certification building, and support from an experienced Cyber Security leader. Overview Our client is a significant player in their industry, with a modern IT estate that currently isn't being used to its full potential. The successful candidate will be coming in to support their Head of Cyber Security in the numerous projects that will both overhaul various elements of their environment. Example of upcoming projects include: Consolidation of their cloud suppliers. Significant expansion of their AWS and Azure estates. Increase analytical utilisation of their cutting-edge Cyber Security product portfolio, including Datadog, Cloudflare, M365 E3, Jira, Microsoft Defender. This organisation uses a "security by design" approach, putting Cyber Security at the forefront of everything they do in close collaboration with the wider IT function to ensure governance and compliance with numerous Cyber Security frameworks (ISO 27001, NIST, PCI-DSS). Ultimately, the company aims to grow by 300% over the next three years, and you will have the exciting opportunity to play a central role in shaping the environment to achieve that goal. Role Reporting to the Head of Cyber Security, you will become part of a small, close-knit security team, supporting the charge to improve their cybersecurity initiative. This role will require you to become a Cyber Security generalist, actively engaging at all levels of Cyber Security and contributing across a broad range of responsibilities, such as: Threat Management Endpoint Detection Security Assurance (Security by Design Controls) Framework Governance and Compliance (ISO 27001, NIST, PCI-DSS) Vulnerability Scanning Risk Analysis Cybersecurity Awareness Campaigns Phishing Campaigns Experience The ideal candidate will bring hands-on experience in the above Cyber Security responsibilities, coupled with a strong analytical mindset. The successful candidate will be driven by a curiosity to analyse data and reports, identifying trends and their impact to guide strategic decisions. We're looking for someone with a thirst for continuous learning, who has the drive to explore new areas, and is committed to professional development and staying ahead with the latest industry developments, who may already have some relevant industry certifications and will be supported by an experienced, Cyber Security professional. This role is ideal for someone eager to expand their expertise across all areas of Cyber Security. If you have solid experience as a SOC Analyst and are eager to continue their development in that space, while exploring the engineering side of Cyber Security, this opportunity is for you.
