Infrastructure Security Engineer - HYBRID WORKING We are working in partnership with one of our newest clients. They are a well respected company and one of the biggest players in their commercial sector. Job Description We're looking for an experienced Infrastructure security specialist to join our cybersecurity team in London. In this role, you'll play a key part in safeguarding our critical infrastructure, customer data, and network services from cyber threats including ransomware, DDoS attacks, supply chain risks, and more. The successful candidate will be a hands-on technical expert in all areas of Infrastructure security, best practice, VAPT and remediation. Key Responsibilities Responsible for VAPT reporting and remediation Hardware,OS and Application hardening and patching Monitoring and maintaining SIEM Managing Zero trust privilege management 365 Security and best practice Assisting with endpoint security ISO 27001/CE+ Audits Requirements : The ideal candidate will have experience in a similar role with strong technical, analytical, interpersonal, problem solving and communication skills. Minimum technical skills required: Windows, Linux, Vmware hardening and patching Nessus reporting ISO 27001/CE+ audits Email security Endpoint security SIEM management 365 administration/best practice Desirable Hardware Firewalls HPE/Lenovo Servers and Sans Network design and configuration AWS/IBM cloud/Azure Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
04/04/2025
Full time
Infrastructure Security Engineer - HYBRID WORKING We are working in partnership with one of our newest clients. They are a well respected company and one of the biggest players in their commercial sector. Job Description We're looking for an experienced Infrastructure security specialist to join our cybersecurity team in London. In this role, you'll play a key part in safeguarding our critical infrastructure, customer data, and network services from cyber threats including ransomware, DDoS attacks, supply chain risks, and more. The successful candidate will be a hands-on technical expert in all areas of Infrastructure security, best practice, VAPT and remediation. Key Responsibilities Responsible for VAPT reporting and remediation Hardware,OS and Application hardening and patching Monitoring and maintaining SIEM Managing Zero trust privilege management 365 Security and best practice Assisting with endpoint security ISO 27001/CE+ Audits Requirements : The ideal candidate will have experience in a similar role with strong technical, analytical, interpersonal, problem solving and communication skills. Minimum technical skills required: Windows, Linux, Vmware hardening and patching Nessus reporting ISO 27001/CE+ audits Email security Endpoint security SIEM management 365 administration/best practice Desirable Hardware Firewalls HPE/Lenovo Servers and Sans Network design and configuration AWS/IBM cloud/Azure Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
Expert Cybersecurity Engineer Salary: Open + Bonus Location: Remote Not available in the following states: AK, ND, NE, HI, OK, VT, ME, WY, NH, Puerto Rico, Washington DC *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree. Relevant experience within the military is acceptable in lieu of a degree. 8+ years of experience in the following areas: cybersecurity engineering, detection engineering, incident response, threat and vulnerability management, forensic investigations, network monitoring. Significant experience using Python for task automation, procedure orchestration, capability development, UI Front End development Proficient in Azure security engineering Hands-on experience deploying and configuring security platforms, such as SIEM, SOAR, EDR, NGFW, and network monitoring tools. Experience integrating cyber defense tools and utilizing APIs for process orchestration and task automation. Experience building and deploying threat defense (SIEM) analytics using a detection engineering pipeline. Strong analytical skills with a keen attention to detail. Strong technical writing skills including documentation development, process mapping, and visualization, with the ability to translate complex technical concepts for a variety of technical audiences. Proven ability to work autonomously, lead projects from conception to implementation, and overcome roadblocks in a highly collaborative environment. Responsibilities Solution Engineering: design, develop, and deploy cyber defense tools, platforms, and capabilities that support threat detection, incident response, and forensic investigations. Technical Leadership: serve as a subject matter expert on cyber defense engineering, providing guidance and technical insights to our customers, your peers, and the cyber engineering strategy. Threat Analysis: collaborate with cyber defense operations to analyze emerging threats and current gaps in technical capabilities, implementing measures to strengthen defense mechanisms. Develop and refine threat defense analytics to effectively detect cyber-attacks against DDC. Build task automation and procedure orchestration to support cyber defense operations. Problem Solving: capable of working, both independently and in teams, to troubleshoot and resolve complex cyber engineering challenges, identify the root cause of capability outages and errors, and develop sustainable solutions. Innovation & Continuous Improvement: stay abreast of the latest trends and technologies in cybersecurity, applying best practices to continuously enhance our defense strategies and capabilities. Documentation: maintain accurate procedures and documentation for all capabilities and services in scope for the Platforms & Automation team. On-Call: support cyber defense capability availability incidents and support the cyber defense operations team while hands-on experience with our investigation process to identify automation opportunities.
04/04/2025
Full time
Expert Cybersecurity Engineer Salary: Open + Bonus Location: Remote Not available in the following states: AK, ND, NE, HI, OK, VT, ME, WY, NH, Puerto Rico, Washington DC *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree. Relevant experience within the military is acceptable in lieu of a degree. 8+ years of experience in the following areas: cybersecurity engineering, detection engineering, incident response, threat and vulnerability management, forensic investigations, network monitoring. Significant experience using Python for task automation, procedure orchestration, capability development, UI Front End development Proficient in Azure security engineering Hands-on experience deploying and configuring security platforms, such as SIEM, SOAR, EDR, NGFW, and network monitoring tools. Experience integrating cyber defense tools and utilizing APIs for process orchestration and task automation. Experience building and deploying threat defense (SIEM) analytics using a detection engineering pipeline. Strong analytical skills with a keen attention to detail. Strong technical writing skills including documentation development, process mapping, and visualization, with the ability to translate complex technical concepts for a variety of technical audiences. Proven ability to work autonomously, lead projects from conception to implementation, and overcome roadblocks in a highly collaborative environment. Responsibilities Solution Engineering: design, develop, and deploy cyber defense tools, platforms, and capabilities that support threat detection, incident response, and forensic investigations. Technical Leadership: serve as a subject matter expert on cyber defense engineering, providing guidance and technical insights to our customers, your peers, and the cyber engineering strategy. Threat Analysis: collaborate with cyber defense operations to analyze emerging threats and current gaps in technical capabilities, implementing measures to strengthen defense mechanisms. Develop and refine threat defense analytics to effectively detect cyber-attacks against DDC. Build task automation and procedure orchestration to support cyber defense operations. Problem Solving: capable of working, both independently and in teams, to troubleshoot and resolve complex cyber engineering challenges, identify the root cause of capability outages and errors, and develop sustainable solutions. Innovation & Continuous Improvement: stay abreast of the latest trends and technologies in cybersecurity, applying best practices to continuously enhance our defense strategies and capabilities. Documentation: maintain accurate procedures and documentation for all capabilities and services in scope for the Platforms & Automation team. On-Call: support cyber defense capability availability incidents and support the cyber defense operations team while hands-on experience with our investigation process to identify automation opportunities.
Request Technology - Craig Johnson
Oakland, California
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Principal Cyber Defense Security Engineer with strong Python development and Scripting experience. Candidate will architect, develop, and implement advanced technical solutions that empower our cyber defense investigations and incident response teams. You will work independently and in teams to design and implement effective and sustainable capabilities to detect and prevent cyber-attacks, optimize our incident response processes, and enhance the effectiveness of mitigation, containment, and recovery. You must be comfortable with failing quickly and creating value through iteration and experimentation. You will not be alone in your efforts; you will be part of a supportive and energetic team of doers who will be there to lend a hand, brainstorm solutions, and encourage you when you hit roadblocks. Responsibilities: Solution Engineering: design develop, and deploy cyber defense tools, platforms, and capabilities that support threat detection, incident response, and forensic investigations. Technical Leadership: serve as a subject matter expert on cyber defense engineering, providing guidance and technical insights to our customers, your peers, and the cyber engineering strategy. Threat Analysis: collaborate with cyber defense operations to analyze emerging threats and current gaps in technical capabilities, implementing measures to strengthen defense mechanisms. Develop and refine threat defense analytics to effectively detect cyber-attacks against DDC. Build task automation and procedure orchestration to support cyber defense operations. Problem Solving: capable of working, both independently and in teams, to troubleshoot and resolve complex cyber engineering challenges, identify the root cause of capability outages and errors, and develop sustainable solutions. Innovation & Continuous Improvement: stay abreast of the latest trends and technologies in cybersecurity, applying best practices to continuously enhance our defense strategies and capabilities. Documentation: maintain accurate procedures and documentation for all capabilities and services in scope for the Platforms & Automation team. On-Call: support cyber defense capability availability incidents and support the cyber defense operations team while hands-on experience with our investigation process to identify automation opportunities. Qualifications: Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field. Relevant experience and relevant experience within the military is acceptable in lieu of a degree. 8+ years of experience in one or more of the following areas: cybersecurity engineering, detection engineering, incident response, or a similar role, with a proven track record of independent problem solving in high-stakes environments. Significant experience using Python for task automation, procedure orchestration, and capability development. Hands-on experience deploying and configuring security platforms, such as SIEM, SOAR, EDR, NGFW, and network monitoring tools. Experience integrating cyber defense tools and utilizing APIs for process orchestration and task automation. Experience building and deploying threat defense (SIEM) analytics using a detection engineering pipeline. Strong analytical skills with a keen attention to detail. Strong technical writing skills including documentation development, process mapping, and visualization, with the ability to translate complex technical concepts for a variety of technical audiences. Proven ability to work autonomously, lead projects from conception to implementation, and overcome roadblocks in a highly collaborative environment. Cloud engineering experience. Experience implementing LLMs, ML, or other advanced analytic and decision-making support capabilities into enterprise cybersecurity services and workflows.
04/04/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Principal Cyber Defense Security Engineer with strong Python development and Scripting experience. Candidate will architect, develop, and implement advanced technical solutions that empower our cyber defense investigations and incident response teams. You will work independently and in teams to design and implement effective and sustainable capabilities to detect and prevent cyber-attacks, optimize our incident response processes, and enhance the effectiveness of mitigation, containment, and recovery. You must be comfortable with failing quickly and creating value through iteration and experimentation. You will not be alone in your efforts; you will be part of a supportive and energetic team of doers who will be there to lend a hand, brainstorm solutions, and encourage you when you hit roadblocks. Responsibilities: Solution Engineering: design develop, and deploy cyber defense tools, platforms, and capabilities that support threat detection, incident response, and forensic investigations. Technical Leadership: serve as a subject matter expert on cyber defense engineering, providing guidance and technical insights to our customers, your peers, and the cyber engineering strategy. Threat Analysis: collaborate with cyber defense operations to analyze emerging threats and current gaps in technical capabilities, implementing measures to strengthen defense mechanisms. Develop and refine threat defense analytics to effectively detect cyber-attacks against DDC. Build task automation and procedure orchestration to support cyber defense operations. Problem Solving: capable of working, both independently and in teams, to troubleshoot and resolve complex cyber engineering challenges, identify the root cause of capability outages and errors, and develop sustainable solutions. Innovation & Continuous Improvement: stay abreast of the latest trends and technologies in cybersecurity, applying best practices to continuously enhance our defense strategies and capabilities. Documentation: maintain accurate procedures and documentation for all capabilities and services in scope for the Platforms & Automation team. On-Call: support cyber defense capability availability incidents and support the cyber defense operations team while hands-on experience with our investigation process to identify automation opportunities. Qualifications: Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field. Relevant experience and relevant experience within the military is acceptable in lieu of a degree. 8+ years of experience in one or more of the following areas: cybersecurity engineering, detection engineering, incident response, or a similar role, with a proven track record of independent problem solving in high-stakes environments. Significant experience using Python for task automation, procedure orchestration, and capability development. Hands-on experience deploying and configuring security platforms, such as SIEM, SOAR, EDR, NGFW, and network monitoring tools. Experience integrating cyber defense tools and utilizing APIs for process orchestration and task automation. Experience building and deploying threat defense (SIEM) analytics using a detection engineering pipeline. Strong analytical skills with a keen attention to detail. Strong technical writing skills including documentation development, process mapping, and visualization, with the ability to translate complex technical concepts for a variety of technical audiences. Proven ability to work autonomously, lead projects from conception to implementation, and overcome roadblocks in a highly collaborative environment. Cloud engineering experience. Experience implementing LLMs, ML, or other advanced analytic and decision-making support capabilities into enterprise cybersecurity services and workflows.
Contract - SailPoint Engineer Rate: open Location: Remote Duration: 6months + *USC or GC holders only* Qualifications Bachelor's degree Minimum 3+ years of hands-on experience with implementing and managing SailPoint Identity IQ environments. Minimum 3+ years of experience with Scripting languages (Java, BeanShell, XML, JavaScript, etc.) Minimum 3+ years of experience or training in Identity systems security fundamentals design, implementation and troubleshooting across all computer/server platforms. Experience in designing and standing up a new SailPoint Identity IQ environment. Strong understanding of the SailPoint object model, rules, and policies. Experience supporting a distributed hybrid cloud/on-premises environment. Hands-on experience with a major cloud platform, such as AWS or Azure Strong understanding of IAM principles and how to implement them in an Enterprise. Has a strong understanding of how to integrate with HR systems, including the leaver, joiner, and mover workflows. Understand and has implemented Role Bases Access Controls within SailPoint. Strong working knowledge of SailPoint, including features, integration, and architecture. Excellent written and verbal communication skills Identity Now SAAS is a plus CyberArk is a plus Responsibilities Support the Identity and Access Management service, which seeks to create a delightful access experience that optimizes usability, accountability, and cyber risk exposure. Responsible for the administration, implementation and management of SailPoint Identity IQ. Including upgrading and patching of the environment. Designs, Develops Debugs, and Implements built-in and custom SailPoint connectors. Ability to communicate about SailPoint implementation at both the functional and technical level. Will participate in peer code and design reviews. Works with technical and business users to gather and implement requirements.
03/04/2025
Project-based
Contract - SailPoint Engineer Rate: open Location: Remote Duration: 6months + *USC or GC holders only* Qualifications Bachelor's degree Minimum 3+ years of hands-on experience with implementing and managing SailPoint Identity IQ environments. Minimum 3+ years of experience with Scripting languages (Java, BeanShell, XML, JavaScript, etc.) Minimum 3+ years of experience or training in Identity systems security fundamentals design, implementation and troubleshooting across all computer/server platforms. Experience in designing and standing up a new SailPoint Identity IQ environment. Strong understanding of the SailPoint object model, rules, and policies. Experience supporting a distributed hybrid cloud/on-premises environment. Hands-on experience with a major cloud platform, such as AWS or Azure Strong understanding of IAM principles and how to implement them in an Enterprise. Has a strong understanding of how to integrate with HR systems, including the leaver, joiner, and mover workflows. Understand and has implemented Role Bases Access Controls within SailPoint. Strong working knowledge of SailPoint, including features, integration, and architecture. Excellent written and verbal communication skills Identity Now SAAS is a plus CyberArk is a plus Responsibilities Support the Identity and Access Management service, which seeks to create a delightful access experience that optimizes usability, accountability, and cyber risk exposure. Responsible for the administration, implementation and management of SailPoint Identity IQ. Including upgrading and patching of the environment. Designs, Develops Debugs, and Implements built-in and custom SailPoint connectors. Ability to communicate about SailPoint implementation at both the functional and technical level. Will participate in peer code and design reviews. Works with technical and business users to gather and implement requirements.
Request Technology - Craig Johnson
Oakland, California
*We are unable to sponsor for this Remote contract role* Prestigious Enterprise Company is currently seeking a Senior SailPoint Development Engineer with SCIM and web services experience. Candidate will support the Identity and Access Management service, which seeks to create a delightful access experience that optimizes usability, accountability, and cyber risk exposure. This role requires a seasoned SailPoint IIQ developer with heavy experience integrating web services to mature the IAM application roadmap. Qualifications: Experience with various Identity and Access management concepts and technologies. Experience must include SailPoint IIQ. CyberArk a plus. Competency with one or more Scripting or programming languages such as Python, Java, PowerShell, Bash, C#, C/C++, etc. Proven history integrating web services Knowledge of professional software engineering practices and best practices for the full software development life cycle, including coding standards, code reviews, source control management, build processes, testing and operations; Agile or Scaled Agile Framework (SAFe) a plus. Hands on experience with a major cloud platform, such as AWS or Azure. Designs, Develops Debugs, and Implements built-in and custom SailPoint connectors. Can develop SailPoint integrations utilizing SCIM and Web Services. Builds, Implements, and executes certification/recertification campaigns. Has understanding and has worked in environments utilizing secure code development strategies. Has a strong understanding of how to integrate with HR systems, including the leaver, joiner, mover workflows. 3+ year of experience with Scripting languages (Java, BeanShell, XML, JavaScript, etc). 3+ years of experience or training in Identity systems security fundamentals design, implementation and troubleshooting across all computer/server platforms. Experience in designing and standing up a new SailPoint Identity IQ environment. Strong understanding of the SailPoint object model, rules, and policies. Experience supporting a distributed hybrid cloud/on-premises environment. Strong understanding of IAM principles and how to implement them in an Enterprise. Experience working with SOX compliance and developing solutions to meet those requirements. Demonstrated understanding of Continuous Improvement thinking. Understanding and experience operating within the NIST Security Framework. Understand and has implemented Role Bases Access Controls within SailPoint.
03/04/2025
Project-based
*We are unable to sponsor for this Remote contract role* Prestigious Enterprise Company is currently seeking a Senior SailPoint Development Engineer with SCIM and web services experience. Candidate will support the Identity and Access Management service, which seeks to create a delightful access experience that optimizes usability, accountability, and cyber risk exposure. This role requires a seasoned SailPoint IIQ developer with heavy experience integrating web services to mature the IAM application roadmap. Qualifications: Experience with various Identity and Access management concepts and technologies. Experience must include SailPoint IIQ. CyberArk a plus. Competency with one or more Scripting or programming languages such as Python, Java, PowerShell, Bash, C#, C/C++, etc. Proven history integrating web services Knowledge of professional software engineering practices and best practices for the full software development life cycle, including coding standards, code reviews, source control management, build processes, testing and operations; Agile or Scaled Agile Framework (SAFe) a plus. Hands on experience with a major cloud platform, such as AWS or Azure. Designs, Develops Debugs, and Implements built-in and custom SailPoint connectors. Can develop SailPoint integrations utilizing SCIM and Web Services. Builds, Implements, and executes certification/recertification campaigns. Has understanding and has worked in environments utilizing secure code development strategies. Has a strong understanding of how to integrate with HR systems, including the leaver, joiner, mover workflows. 3+ year of experience with Scripting languages (Java, BeanShell, XML, JavaScript, etc). 3+ years of experience or training in Identity systems security fundamentals design, implementation and troubleshooting across all computer/server platforms. Experience in designing and standing up a new SailPoint Identity IQ environment. Strong understanding of the SailPoint object model, rules, and policies. Experience supporting a distributed hybrid cloud/on-premises environment. Strong understanding of IAM principles and how to implement them in an Enterprise. Experience working with SOX compliance and developing solutions to meet those requirements. Demonstrated understanding of Continuous Improvement thinking. Understanding and experience operating within the NIST Security Framework. Understand and has implemented Role Bases Access Controls within SailPoint.
*Fully remote position* *Long Term Contract* A prestigious company is looking for a SailPoint Engineer Consultant. This consultant will focus on the development and support of SailPoint IIQ and any SailPoint Identity Now SaaS is desired. They will integrate SCIM webservices and any experience with PAM/CyberArk is desired. Responsibilities: Responsible for the administration, implementation and management of SailPoint Identity IQ. Including upgrading and patching of the environment. Designs, Develops Debugs, and Implements built-in and custom SailPoint connectors. Can develop SailPoint integrations utilizing SCIM and Web Services. Builds, Implements, and executes certification/recertification campaigns. Has understanding and has worked in environments utilizing secure code development strategies. Has a strong understanding of how to integrate with HR systems, including the leaver, joiner, mover workflows. Understand and has implemented Role Bases Access Controls within SailPoint. Strong working knowledge of SailPoint, including features, integration, and architecture. Ability to communicate about SailPoint implementation at both the functional and technical level. Will participate in peer code and design reviews. Works with technical and business users to gather and implement requirements. Experience with git branching and understanding of DevOps tools and processes. Qualifications: Bachelor's degree in Cyber Security, Computer Science, Information Systems or equivalent work experience in the IT field Experience with various Identity and Access management concepts and technologies. Experience must include SailPoint IIQ. CyberArk a plus. Competency with one or more Scripting or programming languages such as Python, Java, PowerShell, Bash, C#, C/C++, etc. Proven history integrating web services Knowledge of professional software engineering practices and best practices for the full software development life cycle, including coding standards, code reviews, source control management, build processes, testing and operations; Agile or Scaled Agile Framework (SAFe) a plus. Hands on experience with a major cloud platform, such as AWS or Azure
03/04/2025
Project-based
*Fully remote position* *Long Term Contract* A prestigious company is looking for a SailPoint Engineer Consultant. This consultant will focus on the development and support of SailPoint IIQ and any SailPoint Identity Now SaaS is desired. They will integrate SCIM webservices and any experience with PAM/CyberArk is desired. Responsibilities: Responsible for the administration, implementation and management of SailPoint Identity IQ. Including upgrading and patching of the environment. Designs, Develops Debugs, and Implements built-in and custom SailPoint connectors. Can develop SailPoint integrations utilizing SCIM and Web Services. Builds, Implements, and executes certification/recertification campaigns. Has understanding and has worked in environments utilizing secure code development strategies. Has a strong understanding of how to integrate with HR systems, including the leaver, joiner, mover workflows. Understand and has implemented Role Bases Access Controls within SailPoint. Strong working knowledge of SailPoint, including features, integration, and architecture. Ability to communicate about SailPoint implementation at both the functional and technical level. Will participate in peer code and design reviews. Works with technical and business users to gather and implement requirements. Experience with git branching and understanding of DevOps tools and processes. Qualifications: Bachelor's degree in Cyber Security, Computer Science, Information Systems or equivalent work experience in the IT field Experience with various Identity and Access management concepts and technologies. Experience must include SailPoint IIQ. CyberArk a plus. Competency with one or more Scripting or programming languages such as Python, Java, PowerShell, Bash, C#, C/C++, etc. Proven history integrating web services Knowledge of professional software engineering practices and best practices for the full software development life cycle, including coding standards, code reviews, source control management, build processes, testing and operations; Agile or Scaled Agile Framework (SAFe) a plus. Hands on experience with a major cloud platform, such as AWS or Azure
Security Solutions Engineer in Sint-Niklaas Belgium PERM Role This is a permanent role with a flexible hybrid or onsite. This is more a Security Guy, we are looking for a more solutions and technology agnostic person. One should be conversant with Microsoft Technology, DC Technologies and Cloud Technologies. Profile: You have a degree in a technical field such as computer science, network technology, or security. You have at least two years of experience in implementing and managing IT security solutions. Knowledge as an addon of security solutions such as ManageEngine, Fortinet (Firewalls, VPNs), SentinelOne (endpoint protection), SOC solutions, and other cybersecurity technologies is a strong plus. You are an excellent communicator with strong technical and interpersonal skills. You are proactive, customer-oriented, and possess a problem-solving mindset. Fluent in English and Dutch, French language skills are appreciated.
03/04/2025
Full time
Security Solutions Engineer in Sint-Niklaas Belgium PERM Role This is a permanent role with a flexible hybrid or onsite. This is more a Security Guy, we are looking for a more solutions and technology agnostic person. One should be conversant with Microsoft Technology, DC Technologies and Cloud Technologies. Profile: You have a degree in a technical field such as computer science, network technology, or security. You have at least two years of experience in implementing and managing IT security solutions. Knowledge as an addon of security solutions such as ManageEngine, Fortinet (Firewalls, VPNs), SentinelOne (endpoint protection), SOC solutions, and other cybersecurity technologies is a strong plus. You are an excellent communicator with strong technical and interpersonal skills. You are proactive, customer-oriented, and possess a problem-solving mindset. Fluent in English and Dutch, French language skills are appreciated.
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Senior Associate, Internal Audit IT & Security. This internal auditor will need 2+ years of experience conducting risk-based information technology and security audits. This is a highly regulated financial environment, and these audits will follow AICPA, IIA, IPPF, COBIT, NIST, and CSF standards/frameworks. Responsibilities: Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, change management, security), engagement and alignment of change initiatives to business objectives. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Ability to understand professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and control. Keeping current on best practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Qualifications Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent. Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software
03/04/2025
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Senior Associate, Internal Audit IT & Security. This internal auditor will need 2+ years of experience conducting risk-based information technology and security audits. This is a highly regulated financial environment, and these audits will follow AICPA, IIA, IPPF, COBIT, NIST, and CSF standards/frameworks. Responsibilities: Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, change management, security), engagement and alignment of change initiatives to business objectives. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Ability to understand professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and control. Keeping current on best practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Qualifications Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent. Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software
NO SPONSORSHIP Internal Audit Information Technology & Security SALARY: $80k - $108k - $110 plus 10% bonus LOCATION: Chicago, IL 3 days onsite and 2 days remote Looking for a candidate with a BS Degree, 2 years audit related experience in conducting risk-based information, technology and security audits. Project cyber security review and internal audit standards AICPA, IIA IPPF COBIT NIST CSF This role will support independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for determining the sufficiency of management's controls and activities related to the management of regulatory, operational, and strategic risks and presenting recommendations for improvements to the engagement team. Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations Qualifications: Experience working in a complex, fast paced environment. [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). [Preferred] Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Technical Skills: Microsoft Office applications [Preferred] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Preferred] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Workday [Preferred] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Education and/or Experience: Bachelors degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits.
02/04/2025
Full time
NO SPONSORSHIP Internal Audit Information Technology & Security SALARY: $80k - $108k - $110 plus 10% bonus LOCATION: Chicago, IL 3 days onsite and 2 days remote Looking for a candidate with a BS Degree, 2 years audit related experience in conducting risk-based information, technology and security audits. Project cyber security review and internal audit standards AICPA, IIA IPPF COBIT NIST CSF This role will support independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for determining the sufficiency of management's controls and activities related to the management of regulatory, operational, and strategic risks and presenting recommendations for improvements to the engagement team. Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations Qualifications: Experience working in a complex, fast paced environment. [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). [Preferred] Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Technical Skills: Microsoft Office applications [Preferred] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Preferred] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Workday [Preferred] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Education and/or Experience: Bachelors degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits.
About the Role Scrumconnect Consulting is looking for a Security Testing Engineer to ensure the security, resilience, and compliance. This role involves identifying vulnerabilities, mitigating security risks, and ensuring adherence to government security policies and DDAT frameworks . You will work closely with developers, security architects, and business stakeholders to embed security testing into Agile development workflows and DevSecOps pipelines. As a Security Testing Engineer , you will conduct static and dynamic security assessments, penetration testing, and vulnerability analysis , ensuring that applications meet the highest security standards. Key Responsibilities 1. Security Test Planning & Execution ? Develop, implement, and execute comprehensive security test plans for GOV.UK digital services. ? Identify security vulnerabilities through static and dynamic application security testing (SAST & DAST) . ? Ensure security testing is seamlessly integrated into CI/CD pipelines and DevSecOps processes. ? Define security requirements and best practices, aligning with government security policies . 2. Functional & Non-Functional Security Testing ? Conduct penetration testing, API security testing, and infrastructure security assessments . ? Perform risk-based security testing to identify and mitigate OWASP Top Ten vulnerabilities . ? Validate the effectiveness of security controls such as RBAC (Role-Based Access Control), MFA (Multi-Factor Authentication), and API security mechanisms . ? Ensure compliance with GDPR, ISO 27001, and NCSC Cyber Essentials security standards. 3. Vulnerability Management & Defect Tracking ? Identify, document, and track security defects, working closely with development teams to resolve vulnerabilities . ? Provide detailed security test reports , including risk assessments and mitigation strategies. ? Collaborate with stakeholders to prioritize and remediate security findings . 4. Collaboration & Security Awareness ? Work closely with security architects, developers, and product teams to embed security in software development. ? Provide security awareness training and advocate secure coding practices across teams. ? Engage with GOV.UK security and compliance frameworks , ensuring security best practices are followed. 5. Test Reporting & Documentation ? Produce detailed security test reports , highlighting risks, vulnerabilities, and recommendations. ? Communicate security findings effectively to both technical and non-technical stakeholders . ? Maintain comprehensive documentation of security test cases, methodologies, and tools used . Required Skills & Experience ? Proven experience in security testing for web applications, APIs, and cloud environments. ? Strong knowledge of OWASP Top Ten, CVE vulnerabilities, and threat modelling techniques . ? Hands-on experience with security testing tools such as OWASP ZAP, Burp Suite, Nessus, Metasploit, Nikto, or equivalent . ? Experience in API security testing using Postman, SoapUI, or REST-Assured . ? Strong understanding of CI/CD security, DevSecOps, and cloud security best practices (Azure, AWS, GCP) . ? Ability to simulate attack scenarios and conduct penetration testing on applications and infrastructure. ? Knowledge of database security testing , including writing security-focused SQL queries. ? Familiarity with identity and access management (IAM), RBAC, MFA, JWT authentication, and OAuth 2.0 security mechanisms . ? Strong risk assessment, problem-solving, and communication skills . ? Awareness of UK government security frameworks , including Cyber Essentials and NCSC guidelines . Nice to Have Skills ? Experience working in UK public sector engagements . ? Knowledge of User-Centric Design and GDS design system . ? Familiarity with security analytics and data visualization tools like PowerBI . ? Certified Agile Tester (CAT) or ISTQB Agile Tester Extension (CTFL-AT) . ? Strong understanding of cloud security posture management (CSPM) and SIEM tools (Splunk, ELK, Microsoft Sentinel) . ? Experience with security validation techniques for microservices and containerized applications (Kubernetes, Docker security hardening) .
02/04/2025
Full time
About the Role Scrumconnect Consulting is looking for a Security Testing Engineer to ensure the security, resilience, and compliance. This role involves identifying vulnerabilities, mitigating security risks, and ensuring adherence to government security policies and DDAT frameworks . You will work closely with developers, security architects, and business stakeholders to embed security testing into Agile development workflows and DevSecOps pipelines. As a Security Testing Engineer , you will conduct static and dynamic security assessments, penetration testing, and vulnerability analysis , ensuring that applications meet the highest security standards. Key Responsibilities 1. Security Test Planning & Execution ? Develop, implement, and execute comprehensive security test plans for GOV.UK digital services. ? Identify security vulnerabilities through static and dynamic application security testing (SAST & DAST) . ? Ensure security testing is seamlessly integrated into CI/CD pipelines and DevSecOps processes. ? Define security requirements and best practices, aligning with government security policies . 2. Functional & Non-Functional Security Testing ? Conduct penetration testing, API security testing, and infrastructure security assessments . ? Perform risk-based security testing to identify and mitigate OWASP Top Ten vulnerabilities . ? Validate the effectiveness of security controls such as RBAC (Role-Based Access Control), MFA (Multi-Factor Authentication), and API security mechanisms . ? Ensure compliance with GDPR, ISO 27001, and NCSC Cyber Essentials security standards. 3. Vulnerability Management & Defect Tracking ? Identify, document, and track security defects, working closely with development teams to resolve vulnerabilities . ? Provide detailed security test reports , including risk assessments and mitigation strategies. ? Collaborate with stakeholders to prioritize and remediate security findings . 4. Collaboration & Security Awareness ? Work closely with security architects, developers, and product teams to embed security in software development. ? Provide security awareness training and advocate secure coding practices across teams. ? Engage with GOV.UK security and compliance frameworks , ensuring security best practices are followed. 5. Test Reporting & Documentation ? Produce detailed security test reports , highlighting risks, vulnerabilities, and recommendations. ? Communicate security findings effectively to both technical and non-technical stakeholders . ? Maintain comprehensive documentation of security test cases, methodologies, and tools used . Required Skills & Experience ? Proven experience in security testing for web applications, APIs, and cloud environments. ? Strong knowledge of OWASP Top Ten, CVE vulnerabilities, and threat modelling techniques . ? Hands-on experience with security testing tools such as OWASP ZAP, Burp Suite, Nessus, Metasploit, Nikto, or equivalent . ? Experience in API security testing using Postman, SoapUI, or REST-Assured . ? Strong understanding of CI/CD security, DevSecOps, and cloud security best practices (Azure, AWS, GCP) . ? Ability to simulate attack scenarios and conduct penetration testing on applications and infrastructure. ? Knowledge of database security testing , including writing security-focused SQL queries. ? Familiarity with identity and access management (IAM), RBAC, MFA, JWT authentication, and OAuth 2.0 security mechanisms . ? Strong risk assessment, problem-solving, and communication skills . ? Awareness of UK government security frameworks , including Cyber Essentials and NCSC guidelines . Nice to Have Skills ? Experience working in UK public sector engagements . ? Knowledge of User-Centric Design and GDS design system . ? Familiarity with security analytics and data visualization tools like PowerBI . ? Certified Agile Tester (CAT) or ISTQB Agile Tester Extension (CTFL-AT) . ? Strong understanding of cloud security posture management (CSPM) and SIEM tools (Splunk, ELK, Microsoft Sentinel) . ? Experience with security validation techniques for microservices and containerized applications (Kubernetes, Docker security hardening) .
An Industrial Internet of Things (IIoT) Architect is required for our client based in Coventry. Our client is transforming the way they operate by integrating cutting-edge Industrial Internet of Things (IIoT) technologies into their distribution network. They are on a mission to create a connected, data-driven infrastructure that enhances efficiency, resilience, and sustainability. As an IIoT Systems Architect, you will be at the forefront of digital innovation, designing and deploying next-generation sensor, data, and automation solutions that revolutionise gas network management. You will work closely with engineering, OT, and IT teams to create scalable and secure IIoT architectures, enabling Real Time insights and predictive analytics. Imagine shaping the future of network connectivity with a national infrastructure leader. You'll work on cutting-edge network technologies and pioneering security innovations. You'll be part of a passionate team, collaborating with industry experts who share your drive for excellence. IIoT Strategy & Architecture - Define and implement a robust IIoT architecture that integrates seamlessly with.*OT, SCADA, and cloud platforms*. Technology Deployment - Lead the design and rollout of IIoT sensors, edge computing solutions, and data acquisition systems across critical infrastructure. Data-Driven Decision Making - Enable Real Time monitoring, predictive maintenance, and AI-driven insights to enhance operational efficiency. Cybersecurity & Compliance - Ensure all IIoT deployments adhere to NCSC CAF, NIS, and IEC 62443 cybersecurity standards. Stakeholder Collaboration - Work with operations, IT, and digital security teams to align IIoT solutions with business goals. Experience required Deep expertise in IIoT technologies , including sensor networks, edge computing, and cloud integration. Experience in SCADA, telemetry, and OT systems within industrial environments. Knowledge of IIoT communication protocols (MQTT, OPC UA, Modbus, LoRaWAN, NB-IoT, 5G). Strong understanding of cybersecurity, network segmentation, and Zero Trust architectures for IIoT. Proven ability to design and deliver scalable, secure, and high-availability IIoT solutions. Benefits Private Medical Insurance for you, your partner and your family available through our flexible benefits programme, with access to a 24 hour Bupa HealthLine 25 days' holiday, plus 8 statutory days and an option to buy or sell holiday days An Annual Performance Bonus of up to 15% of your salary A generous pension scheme where the company double matches your contributions up to 12% ie if you contribute 6% a month, the company will contribute 12% A competitive salary that's reviewed each year against the market median salary for your role, skills, knowledge and experience Generous family policies and flexible benefits Support to help you cover the cost of professional membership subscriptions, course fees, books, examination fees and time off for study leave - so long as it's relevant to your role Plus many more benefits that help you join the dots between your work and home life! Our client supports a healthy work-life balance and are open to flexible working options.
02/04/2025
Full time
An Industrial Internet of Things (IIoT) Architect is required for our client based in Coventry. Our client is transforming the way they operate by integrating cutting-edge Industrial Internet of Things (IIoT) technologies into their distribution network. They are on a mission to create a connected, data-driven infrastructure that enhances efficiency, resilience, and sustainability. As an IIoT Systems Architect, you will be at the forefront of digital innovation, designing and deploying next-generation sensor, data, and automation solutions that revolutionise gas network management. You will work closely with engineering, OT, and IT teams to create scalable and secure IIoT architectures, enabling Real Time insights and predictive analytics. Imagine shaping the future of network connectivity with a national infrastructure leader. You'll work on cutting-edge network technologies and pioneering security innovations. You'll be part of a passionate team, collaborating with industry experts who share your drive for excellence. IIoT Strategy & Architecture - Define and implement a robust IIoT architecture that integrates seamlessly with.*OT, SCADA, and cloud platforms*. Technology Deployment - Lead the design and rollout of IIoT sensors, edge computing solutions, and data acquisition systems across critical infrastructure. Data-Driven Decision Making - Enable Real Time monitoring, predictive maintenance, and AI-driven insights to enhance operational efficiency. Cybersecurity & Compliance - Ensure all IIoT deployments adhere to NCSC CAF, NIS, and IEC 62443 cybersecurity standards. Stakeholder Collaboration - Work with operations, IT, and digital security teams to align IIoT solutions with business goals. Experience required Deep expertise in IIoT technologies , including sensor networks, edge computing, and cloud integration. Experience in SCADA, telemetry, and OT systems within industrial environments. Knowledge of IIoT communication protocols (MQTT, OPC UA, Modbus, LoRaWAN, NB-IoT, 5G). Strong understanding of cybersecurity, network segmentation, and Zero Trust architectures for IIoT. Proven ability to design and deliver scalable, secure, and high-availability IIoT solutions. Benefits Private Medical Insurance for you, your partner and your family available through our flexible benefits programme, with access to a 24 hour Bupa HealthLine 25 days' holiday, plus 8 statutory days and an option to buy or sell holiday days An Annual Performance Bonus of up to 15% of your salary A generous pension scheme where the company double matches your contributions up to 12% ie if you contribute 6% a month, the company will contribute 12% A competitive salary that's reviewed each year against the market median salary for your role, skills, knowledge and experience Generous family policies and flexible benefits Support to help you cover the cost of professional membership subscriptions, course fees, books, examination fees and time off for study leave - so long as it's relevant to your role Plus many more benefits that help you join the dots between your work and home life! Our client supports a healthy work-life balance and are open to flexible working options.
We are a Global Recruitment specialist that provides support to the clients across EMEA, APAC, US and Canada. We have an excellent job opportunity for you. Description: Role Title: Security Engineer-Forgerock Location: Hybrid 2-3 day from office - Knutsford Duration: 26/09/2025 Pay rate: 492 GBP inside IR35 Role Description: 5+ years' experience in Hands-on configuration, deployment and running ForgeRock COTS based IAM solutions (PingGateway, PingAM, PingIDM, PingDS) with Embedded security gates, HTTP Header Signing, Access Token encryption, and Data at rest encryption approaches.Hands-on configuration and integration with HSM and CSM tools, and certificate life cycle management, eg rotation, revocation, etc. Automating security workflows using GitLab CI/CD pipelines, AWS CLI and Chef. 10+ years experience in executing penetration testing, hands-on coding in at least one of the following: JavaScript, Java, Python. PKI based self-sovereign Identity experience is a plus Primary Skills Expertise in CIAM, ForgeRock stack (PingGateway, PingAM, PingIDM, PingDS) with certification or proof of completion of ForgeRock Deep-Dive 4xx training courses. Identifying, mitigating, and communicating security risks to executive leadership. Partnering with engineering, product, and CISO teams to embed security by design to the DevSecOps life cycle. Proactively defending against evolving cyber threats. Secondary Skills Cloud Security: deep knowledge of AWS security controls, policies, and automation, CLI tools. Role-based and attribute-based access control approaches, protocols and tools, PKI; HSMs; cryptographic protocols; and secure key life cycle management. Advanced threat modelling, SOC operations, and forensic analysis. Securing microservices, APIs, and DevSecOps integrations. Vulnerability scanning, tools, approaches, vulnerability patching, and vendor management for security. Penetration testing approaches and tools, preparing, supporting, and managing penetration testing. If you are interested in this position and would like to learn more, please send through your CV and we will get in touch with you as soon as possible. Please note, candidates are often Shortlisted within 48 hours.
02/04/2025
Project-based
We are a Global Recruitment specialist that provides support to the clients across EMEA, APAC, US and Canada. We have an excellent job opportunity for you. Description: Role Title: Security Engineer-Forgerock Location: Hybrid 2-3 day from office - Knutsford Duration: 26/09/2025 Pay rate: 492 GBP inside IR35 Role Description: 5+ years' experience in Hands-on configuration, deployment and running ForgeRock COTS based IAM solutions (PingGateway, PingAM, PingIDM, PingDS) with Embedded security gates, HTTP Header Signing, Access Token encryption, and Data at rest encryption approaches.Hands-on configuration and integration with HSM and CSM tools, and certificate life cycle management, eg rotation, revocation, etc. Automating security workflows using GitLab CI/CD pipelines, AWS CLI and Chef. 10+ years experience in executing penetration testing, hands-on coding in at least one of the following: JavaScript, Java, Python. PKI based self-sovereign Identity experience is a plus Primary Skills Expertise in CIAM, ForgeRock stack (PingGateway, PingAM, PingIDM, PingDS) with certification or proof of completion of ForgeRock Deep-Dive 4xx training courses. Identifying, mitigating, and communicating security risks to executive leadership. Partnering with engineering, product, and CISO teams to embed security by design to the DevSecOps life cycle. Proactively defending against evolving cyber threats. Secondary Skills Cloud Security: deep knowledge of AWS security controls, policies, and automation, CLI tools. Role-based and attribute-based access control approaches, protocols and tools, PKI; HSMs; cryptographic protocols; and secure key life cycle management. Advanced threat modelling, SOC operations, and forensic analysis. Securing microservices, APIs, and DevSecOps integrations. Vulnerability scanning, tools, approaches, vulnerability patching, and vendor management for security. Penetration testing approaches and tools, preparing, supporting, and managing penetration testing. If you are interested in this position and would like to learn more, please send through your CV and we will get in touch with you as soon as possible. Please note, candidates are often Shortlisted within 48 hours.
Security Engineer-Forgerock Knutsford (Hybrid Working) ASAP until end of September initially £500p/d via Umbrella Role Brief: 5+ years experience in Hands-on configuration, deployment and running ForgeRock COTS based IAM solutions (PingGateway, PingAM, PingIDM, PingDS) with Embedded security gates, HTTP Header Signing, Access Token encryption, and Data at rest encryption approaches. Hands-on configuration and integration with HSM and CSM tools, and certificate life cycle management, eg rotation, revocation, etc. Automating security workflows using GitLab CI/CD pipelines, AWS CLI and Chef. 10+ years experience in executing penetration testing, hands-on coding in at least one of the following: JavaScript, Java, Python. PKI based self-sovereign Identity experience is a plus Primary Skills- Expertise in CIAM, ForgeRock stack (PingGateway, PingAM, PingIDM, PingDS) with certification or proof of completion of ForgeRock Deep-Dive 4xx training courses. Identifying, mitigating, and communicating security risks to executive leadership. Partnering with engineering, product, and CISO teams to embed security by design to the DevSecOps life cycle. Proactively defending against evolving cyber threats. Secondary Skills- Cloud Security: deep knowledge of AWS security controls, policies and automation, CLI tools. Role based and attribute based access control approaches, protocols and tools, PKI, HSMs, cryptographic protocols, and secure key life cycle management. Advanced threat modelling, SOC operations, and forensic analysis. Securing microservices, APIs, and DevSecOps integrations. Vulnerability scanning, tools, approaches, vulnerability patching and vendor management for security. Penetration testing approaches and tools, preparing, supporting, and managing penetration testing.
02/04/2025
Project-based
Security Engineer-Forgerock Knutsford (Hybrid Working) ASAP until end of September initially £500p/d via Umbrella Role Brief: 5+ years experience in Hands-on configuration, deployment and running ForgeRock COTS based IAM solutions (PingGateway, PingAM, PingIDM, PingDS) with Embedded security gates, HTTP Header Signing, Access Token encryption, and Data at rest encryption approaches. Hands-on configuration and integration with HSM and CSM tools, and certificate life cycle management, eg rotation, revocation, etc. Automating security workflows using GitLab CI/CD pipelines, AWS CLI and Chef. 10+ years experience in executing penetration testing, hands-on coding in at least one of the following: JavaScript, Java, Python. PKI based self-sovereign Identity experience is a plus Primary Skills- Expertise in CIAM, ForgeRock stack (PingGateway, PingAM, PingIDM, PingDS) with certification or proof of completion of ForgeRock Deep-Dive 4xx training courses. Identifying, mitigating, and communicating security risks to executive leadership. Partnering with engineering, product, and CISO teams to embed security by design to the DevSecOps life cycle. Proactively defending against evolving cyber threats. Secondary Skills- Cloud Security: deep knowledge of AWS security controls, policies and automation, CLI tools. Role based and attribute based access control approaches, protocols and tools, PKI, HSMs, cryptographic protocols, and secure key life cycle management. Advanced threat modelling, SOC operations, and forensic analysis. Securing microservices, APIs, and DevSecOps integrations. Vulnerability scanning, tools, approaches, vulnerability patching and vendor management for security. Penetration testing approaches and tools, preparing, supporting, and managing penetration testing.
Global Technology company that specialise in ensuring Software Security are looking for a Principal Software Engineer (C++) to join their Glasgow base. You'll have the opportunity to wok on a series of world-class products and gain experience with some really interesting development led security practices. Their software ensures security with data, communications, payments and protects content. The company have been operating successfully in Glasgow for over 20 years now, and they are well respected in the tech community. They have a global client base and build trusted securities software for billions of connected devices. It's an exciting time to join them as they have spent the last year refactoring their products to their best standard yet. They've also placed a focus on increasing their Global presence and plan to break into new several new markets. The ideal candidate will have several years of programming experience with C++ (bonus points if you have exposure with C or Objective-C). This role will mainly involve working on the company's core products, they currently have 3 that are used world-wide and very highly rated (in fact many of us use them daily and we don't even know it!). The project work is genuinely interesting and they have host of greenfield projects kicking off this year. As security is their bread and butter, they're ideally looking for someone from that background or to have strong knowledge/a passion for security. You'll ideally have experience with most of the following; * Strong knowledge of C/C++ * Deep understanding of Design processes and Architectural patterns * Low-level programming * Knowledge of mobile development The following is highly desirable; * Software Security experience (Cybersecurity certifications would really help set you apart here) * Experience in mentoring Junior members of the team Their office is based in Glasgow city centre , walking distance from both Central Station and Queen Street - like most they work on a hybrid basis , with a couple of days on site per week (however they do have some flex on this). They've got great staff retention - a testament to the good working environment and interesting technical work - in addition to this they offer a very comprehensive package of benefits including; Bonus, Private Medical Insurance, Life Assurance, Income Protection and Contributory Pension - this is all on top off a competitive salary (£70k to £80k). If you're interested in this role, or generally looking for a new opportunity the Central Belt, please apply and/or call Doug at Cathcart Technology.
01/04/2025
Full time
Global Technology company that specialise in ensuring Software Security are looking for a Principal Software Engineer (C++) to join their Glasgow base. You'll have the opportunity to wok on a series of world-class products and gain experience with some really interesting development led security practices. Their software ensures security with data, communications, payments and protects content. The company have been operating successfully in Glasgow for over 20 years now, and they are well respected in the tech community. They have a global client base and build trusted securities software for billions of connected devices. It's an exciting time to join them as they have spent the last year refactoring their products to their best standard yet. They've also placed a focus on increasing their Global presence and plan to break into new several new markets. The ideal candidate will have several years of programming experience with C++ (bonus points if you have exposure with C or Objective-C). This role will mainly involve working on the company's core products, they currently have 3 that are used world-wide and very highly rated (in fact many of us use them daily and we don't even know it!). The project work is genuinely interesting and they have host of greenfield projects kicking off this year. As security is their bread and butter, they're ideally looking for someone from that background or to have strong knowledge/a passion for security. You'll ideally have experience with most of the following; * Strong knowledge of C/C++ * Deep understanding of Design processes and Architectural patterns * Low-level programming * Knowledge of mobile development The following is highly desirable; * Software Security experience (Cybersecurity certifications would really help set you apart here) * Experience in mentoring Junior members of the team Their office is based in Glasgow city centre , walking distance from both Central Station and Queen Street - like most they work on a hybrid basis , with a couple of days on site per week (however they do have some flex on this). They've got great staff retention - a testament to the good working environment and interesting technical work - in addition to this they offer a very comprehensive package of benefits including; Bonus, Private Medical Insurance, Life Assurance, Income Protection and Contributory Pension - this is all on top off a competitive salary (£70k to £80k). If you're interested in this role, or generally looking for a new opportunity the Central Belt, please apply and/or call Doug at Cathcart Technology.
Support Engineer - Active Directory - Stoke on Trent - Permanent Hybrid working - This role requires travel 3-4 days per week on site in Stoke on Trent Salary - Up to £39,500 + Benefits Support Engineer required for a leading client based in Stoke on Trent. Our client is seeking an experienced Information Security Engineer to come on board as part of their Data and Technology department. This role will provide support and operation of technical security measures, aligned with security policies and best practice. Key Skills and Responsibilities: Manage information security risk through identification, management and mitigation Extensive experience with Active Directory is essential Security experience withing a certified standard environment (ISO 27001, NIST) Strong understanding and experience with security technologies (IAM, MS Entra, MS AD, Cloud, SaaS, SIEM, Proxy, Firewall) Liaise with various business areas to understand process, strategy and ambition to support with activity surrounding information security Ability to identify cyber vulnerabilities to ensure security maintenance Identify threats and hazards to systems, services and processes to contribute to risk assessment and design of security features Perform research and investigation into attack techniques, and suitable methods of mitigation against them Support cyber security risk assessments, cyber security audits and security incident management Hold responsibility for technical solutions deployed across the business Ability to analyse security requirements and develop security cases Interested? Please submit your updated CV to Lewis Rushton at Crimson for immediate consideration. Not interested? Do you know someone who might be a perfect fit for this role? Refer a friend and earn £250 worth of vouchers! Crimson is acting as an employment agency regarding this vacancy
01/04/2025
Full time
Support Engineer - Active Directory - Stoke on Trent - Permanent Hybrid working - This role requires travel 3-4 days per week on site in Stoke on Trent Salary - Up to £39,500 + Benefits Support Engineer required for a leading client based in Stoke on Trent. Our client is seeking an experienced Information Security Engineer to come on board as part of their Data and Technology department. This role will provide support and operation of technical security measures, aligned with security policies and best practice. Key Skills and Responsibilities: Manage information security risk through identification, management and mitigation Extensive experience with Active Directory is essential Security experience withing a certified standard environment (ISO 27001, NIST) Strong understanding and experience with security technologies (IAM, MS Entra, MS AD, Cloud, SaaS, SIEM, Proxy, Firewall) Liaise with various business areas to understand process, strategy and ambition to support with activity surrounding information security Ability to identify cyber vulnerabilities to ensure security maintenance Identify threats and hazards to systems, services and processes to contribute to risk assessment and design of security features Perform research and investigation into attack techniques, and suitable methods of mitigation against them Support cyber security risk assessments, cyber security audits and security incident management Hold responsibility for technical solutions deployed across the business Ability to analyse security requirements and develop security cases Interested? Please submit your updated CV to Lewis Rushton at Crimson for immediate consideration. Not interested? Do you know someone who might be a perfect fit for this role? Refer a friend and earn £250 worth of vouchers! Crimson is acting as an employment agency regarding this vacancy
Contract - Senior Cyber Risk Engineer Rate: Open Location: Remote Duration: 1 year Qualifications Bachelor's degree in Cybersecurity, Information Security, Computer Science, or a related field. Certifications (Preferred): CISSP, CISA, CISM, CRISC, CAP, Security+, or equivalent. 5+ years of experience in cyber security, compliance, cyber risk assessment, or security auditing. Working knowledge of NIST 800-53. Proficient in supporting the performance of SOC 2 audits by external auditors and prepare materials to support attestations with NAIC model laws and NYDFS. Cloud-based cyber risk management controls (Azure and/or Oracle Cloud Infrastructure). Technology management methodologies (DevOps, SAFe, ITIL). Proficiency in multiple cyber risk management domains. Understanding of cyber risk management oversight and administration processes, security architecture, technical security controls, and data protection strategies. Responsibilities Cyber Risk Management Capability Assessments: Conduct thorough assessments of the effectiveness of cyber risk management capabilities within the organization. Gap Analysis: Identify gaps in cyber risk management capability effectiveness and provide recommendations for enhancing the organization's cyber risk management posture. Issue Management & POAM: Manage issues and develop Plan of Action and Milestones (POAM) to address identified gaps and vulnerabilities. Documentation & Reporting: Develop detailed reports and documentation on assessment findings, remediation plans, and effective metrics. Stakeholder Collaboration: Work closely with cyber risk management, technology, and business partners to ensure that cyber risk management capabilities are effective. Compliance, Standards, and Regulatory Alignment: Ensure adherence to regulatory and industry standard requirements such as NIST 800-53, SOC 2, 23 NYCRR 500, NAIC Model Law, and HIPAA. As regulations and standards are introduced and updated, assist in enhancing and extending the framework.
01/04/2025
Project-based
Contract - Senior Cyber Risk Engineer Rate: Open Location: Remote Duration: 1 year Qualifications Bachelor's degree in Cybersecurity, Information Security, Computer Science, or a related field. Certifications (Preferred): CISSP, CISA, CISM, CRISC, CAP, Security+, or equivalent. 5+ years of experience in cyber security, compliance, cyber risk assessment, or security auditing. Working knowledge of NIST 800-53. Proficient in supporting the performance of SOC 2 audits by external auditors and prepare materials to support attestations with NAIC model laws and NYDFS. Cloud-based cyber risk management controls (Azure and/or Oracle Cloud Infrastructure). Technology management methodologies (DevOps, SAFe, ITIL). Proficiency in multiple cyber risk management domains. Understanding of cyber risk management oversight and administration processes, security architecture, technical security controls, and data protection strategies. Responsibilities Cyber Risk Management Capability Assessments: Conduct thorough assessments of the effectiveness of cyber risk management capabilities within the organization. Gap Analysis: Identify gaps in cyber risk management capability effectiveness and provide recommendations for enhancing the organization's cyber risk management posture. Issue Management & POAM: Manage issues and develop Plan of Action and Milestones (POAM) to address identified gaps and vulnerabilities. Documentation & Reporting: Develop detailed reports and documentation on assessment findings, remediation plans, and effective metrics. Stakeholder Collaboration: Work closely with cyber risk management, technology, and business partners to ensure that cyber risk management capabilities are effective. Compliance, Standards, and Regulatory Alignment: Ensure adherence to regulatory and industry standard requirements such as NIST 800-53, SOC 2, 23 NYCRR 500, NAIC Model Law, and HIPAA. As regulations and standards are introduced and updated, assist in enhancing and extending the framework.
Senior Software Engineer - TypeScript, Node.JS, AWS, Node, Amazon Web Services, Cybersecurity, Cloud Security, IDAM/IAM, MFA, Ping Identity, REST APIs, Investment Management - Central Manchester A Senior Engineer skilled in TypeScript/Node development on AWS is sought after by a global Investment Manager to join their Security Architecture and Engineering function, specifically to focus within their Cybersecurity Engineering team. Specifically, this team own the Client Authentication services for their Client/Customer retail investment platform covering multi-factor authentication (MFA), Passkeys etc. As a Senior Engineer, you will a multi-functional agile squad contributing to the development and evolution of their cloud-based cybersecurity services. This will include developing new capability to make the platform more secure and resilient, new functionality to make it more user-friendly, with a pipeline of exciting work into 2026 and beyond. To be successful, you will demonstrate: Strong hands-on coding skills with TypeScript and Node In-depth understand and experience of cloud-based engineering on AWS Prior experience of Back End development in Python is a bonus Any previous experience in security engineering and architecture is highly beneficial Knowledge of customer-based IDAM tools such as Ping Identity is useful A background in finance is beneficial but not critical If you have an interest in Cybersecurity and developing robust cloud-based web services, this is an exciting time to join a successful and still growing global Investment Manager
01/04/2025
Full time
Senior Software Engineer - TypeScript, Node.JS, AWS, Node, Amazon Web Services, Cybersecurity, Cloud Security, IDAM/IAM, MFA, Ping Identity, REST APIs, Investment Management - Central Manchester A Senior Engineer skilled in TypeScript/Node development on AWS is sought after by a global Investment Manager to join their Security Architecture and Engineering function, specifically to focus within their Cybersecurity Engineering team. Specifically, this team own the Client Authentication services for their Client/Customer retail investment platform covering multi-factor authentication (MFA), Passkeys etc. As a Senior Engineer, you will a multi-functional agile squad contributing to the development and evolution of their cloud-based cybersecurity services. This will include developing new capability to make the platform more secure and resilient, new functionality to make it more user-friendly, with a pipeline of exciting work into 2026 and beyond. To be successful, you will demonstrate: Strong hands-on coding skills with TypeScript and Node In-depth understand and experience of cloud-based engineering on AWS Prior experience of Back End development in Python is a bonus Any previous experience in security engineering and architecture is highly beneficial Knowledge of customer-based IDAM tools such as Ping Identity is useful A background in finance is beneficial but not critical If you have an interest in Cybersecurity and developing robust cloud-based web services, this is an exciting time to join a successful and still growing global Investment Manager
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking an Information Technology Internal Auditor. Candidate will support independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for determining the sufficiency of management's controls and activities related to the management of regulatory, operational, and strategic risks and presenting recommendations for improvements to the engagement team. Responsibilities: Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, change management, security), engagement and alignment of change initiatives to business objectives. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Ability to understand professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and control. Keeping current on best practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Qualifications Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. [Preferred] Experience working in a complex, fast paced environment. [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). [Preferred] Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Required] Microsoft Office applications [Preferred] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Preferred] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Workday [Preferred] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Education: [Required] Bachelors degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. [Preferred] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
28/03/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking an Information Technology Internal Auditor. Candidate will support independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for determining the sufficiency of management's controls and activities related to the management of regulatory, operational, and strategic risks and presenting recommendations for improvements to the engagement team. Responsibilities: Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, change management, security), engagement and alignment of change initiatives to business objectives. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Ability to understand professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and control. Keeping current on best practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Qualifications Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. [Preferred] Experience working in a complex, fast paced environment. [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). [Preferred] Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Required] Microsoft Office applications [Preferred] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Preferred] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Workday [Preferred] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Education: [Required] Bachelors degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. [Preferred] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
Request Technology - Robyn Honquest
San Francisco, California
NO SPONSORSHIP EXPERTY CYBER DEFENSE ENGINEER SALARY:$200k - $250k plus 20% bonus LOCATION: REMOTE EXCEPT AK, ND, NE, HI, OK, VT, ME, WY, NH, PUERTO RICO SELLING POINTS: SOAR Detection engineering, SIEM log management, incident response, processes detect and prevent cyber-attacks. You will design develop deploy cyber defense tools, platform threat detection, forensic investigations, threat analysis and build task automation using python. Cyber defense operations on-call support 8 years detection engineering incident response SIEM SOAR EDR NGFW network monitoring APIs threat defense SIEM analytics cloud engineering LLMS ML/AI endpoint detection response network generation machine learning models Firewalls. We are seeking an experienced Cybersecurity Defense Engineer to join the cybersecurity engineering team. In this position, you will architect, develop, and implement advanced technical solutions that empower our cyber defense investigations and incident response teams. You will work independently and in teams to design and implement effective and sustainable capabilities to detect and prevent cyber-attacks, optimize our incident response processes, and enhance the effectiveness of mitigation, containment, and recovery. Responsibilities Solution Engineering: design develop, and deploy cyber defense tools, platforms, and capabilities that support threat detection, incident response, and forensic investigations. Technical Leadership: serve as a subject matter expert on cyber defense engineering, providing guidance and technical insights to our customers, your peers, and the cyber engineering strategy. Threat Analysis: collaborate with cyber defense operations to analyze emerging threats and current gaps in technical capabilities, implementing measures to strengthen defense mechanisms. Develop and refine threat defense analytics to effectively detect cyber-attacks Build task automation and procedure orchestration to support cyber defense operations. Qualifications Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Relevant experience and relevant experience within the military is acceptable in lieu of a degree. 8+ years of experience in one or more of the following areas: cybersecurity engineering, detection engineering, incident response, or a similar role, with a proven track record of independent problem solving in high-stakes environments. Python for task automation Hands-on experience deploying and configuring security platforms, such as SIEM, SOAR, EDR, NGFW, and network monitoring tools. Experience integrating cyber defense tools and utilizing APIs for process orchestration and task automation. Experience building and deploying threat defense (SIEM) analytics using a detection engineering pipeline. Strong analytical skills with a keen attention to detail. Strong technical writing skills including documentation development, process mapping, and visualization, with the ability to translate complex technical concepts for a variety of technical audiences. Proven ability to work autonomously, lead projects from conception to implementation, and overcome roadblocks in a highly collaborative environment. Nice to Have: Cloud engineering experience. Experience implementing LLMs, ML, or other advanced analytic and decision-making support capabilities into enterprise cybersecurity services and workflows.
28/03/2025
Full time
NO SPONSORSHIP EXPERTY CYBER DEFENSE ENGINEER SALARY:$200k - $250k plus 20% bonus LOCATION: REMOTE EXCEPT AK, ND, NE, HI, OK, VT, ME, WY, NH, PUERTO RICO SELLING POINTS: SOAR Detection engineering, SIEM log management, incident response, processes detect and prevent cyber-attacks. You will design develop deploy cyber defense tools, platform threat detection, forensic investigations, threat analysis and build task automation using python. Cyber defense operations on-call support 8 years detection engineering incident response SIEM SOAR EDR NGFW network monitoring APIs threat defense SIEM analytics cloud engineering LLMS ML/AI endpoint detection response network generation machine learning models Firewalls. We are seeking an experienced Cybersecurity Defense Engineer to join the cybersecurity engineering team. In this position, you will architect, develop, and implement advanced technical solutions that empower our cyber defense investigations and incident response teams. You will work independently and in teams to design and implement effective and sustainable capabilities to detect and prevent cyber-attacks, optimize our incident response processes, and enhance the effectiveness of mitigation, containment, and recovery. Responsibilities Solution Engineering: design develop, and deploy cyber defense tools, platforms, and capabilities that support threat detection, incident response, and forensic investigations. Technical Leadership: serve as a subject matter expert on cyber defense engineering, providing guidance and technical insights to our customers, your peers, and the cyber engineering strategy. Threat Analysis: collaborate with cyber defense operations to analyze emerging threats and current gaps in technical capabilities, implementing measures to strengthen defense mechanisms. Develop and refine threat defense analytics to effectively detect cyber-attacks Build task automation and procedure orchestration to support cyber defense operations. Qualifications Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Relevant experience and relevant experience within the military is acceptable in lieu of a degree. 8+ years of experience in one or more of the following areas: cybersecurity engineering, detection engineering, incident response, or a similar role, with a proven track record of independent problem solving in high-stakes environments. Python for task automation Hands-on experience deploying and configuring security platforms, such as SIEM, SOAR, EDR, NGFW, and network monitoring tools. Experience integrating cyber defense tools and utilizing APIs for process orchestration and task automation. Experience building and deploying threat defense (SIEM) analytics using a detection engineering pipeline. Strong analytical skills with a keen attention to detail. Strong technical writing skills including documentation development, process mapping, and visualization, with the ability to translate complex technical concepts for a variety of technical audiences. Proven ability to work autonomously, lead projects from conception to implementation, and overcome roadblocks in a highly collaborative environment. Nice to Have: Cloud engineering experience. Experience implementing LLMs, ML, or other advanced analytic and decision-making support capabilities into enterprise cybersecurity services and workflows.
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Senior Associate, Internal Audit IT & Security. This internal auditor will need 2+ years of experience conducting risk-based information technology and security audits. This is a highly regulated financial environment, and these audits will follow AICPA, IIA, IPPF, COBIT, NIST, and CSF standards/frameworks. Responsibilities: Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, change management, security), engagement and alignment of change initiatives to business objectives. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Ability to understand professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and control. Keeping current on best practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Qualifications Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent. Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software
28/03/2025
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Senior Associate, Internal Audit IT & Security. This internal auditor will need 2+ years of experience conducting risk-based information technology and security audits. This is a highly regulated financial environment, and these audits will follow AICPA, IIA, IPPF, COBIT, NIST, and CSF standards/frameworks. Responsibilities: Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, change management, security), engagement and alignment of change initiatives to business objectives. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Ability to understand professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and control. Keeping current on best practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Qualifications Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent. Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software
