Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a strong Application Security Engineer. Candidate will work closely with other members of the Security Services, IT Development Teams, and Development teams to support application and software security initiatives, projects, and operations. Responsibilities: Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Define and improve secure SDLC processes designing and implementing a developer friendly secure SDLC framework tailored to the delivery model. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. Review reports of the testing and conduct security risk assessments of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts/automation to assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Qualifications: Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, Google Cloud Platform, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Technical Skills: Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Familiarity with secure coding principles across multiple languages (eg python, Java, JavaScript etc.). Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Knowledge of shift-left strategies and embedding controls early in the development life cycle. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Familiarity with application frameworks and their built-in security services and API s (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.). Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools. Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP). Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, Google Cloud Platform) Cloud security concepts, best practices, and environments. Knowledge of Secure DevOps concepts. Education and/or Experience: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 5+ Years experience in Application Security or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline. Exposure to security architecture design through application development or knowledge of security concepts/best practices. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired. Professional network and/or security certifications a plus (ie, GIAC, CISSP, CISA, CISM, CRISC) Cloud security automation certifications a plus (ie GCSA) Penetration testing certifications a plus (ie OSCP, GWAPT)
01/07/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a strong Application Security Engineer. Candidate will work closely with other members of the Security Services, IT Development Teams, and Development teams to support application and software security initiatives, projects, and operations. Responsibilities: Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Define and improve secure SDLC processes designing and implementing a developer friendly secure SDLC framework tailored to the delivery model. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. Review reports of the testing and conduct security risk assessments of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts/automation to assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Qualifications: Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, Google Cloud Platform, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Technical Skills: Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Familiarity with secure coding principles across multiple languages (eg python, Java, JavaScript etc.). Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Knowledge of shift-left strategies and embedding controls early in the development life cycle. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Familiarity with application frameworks and their built-in security services and API s (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.). Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools. Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP). Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, Google Cloud Platform) Cloud security concepts, best practices, and environments. Knowledge of Secure DevOps concepts. Education and/or Experience: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 5+ Years experience in Application Security or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline. Exposure to security architecture design through application development or knowledge of security concepts/best practices. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired. Professional network and/or security certifications a plus (ie, GIAC, CISSP, CISA, CISM, CRISC) Cloud security automation certifications a plus (ie GCSA) Penetration testing certifications a plus (ie OSCP, GWAPT)
Lead Associate Principal, Software Engineering Middleware SALARY: $150k - 170k plus 15% bonus LOCATION: Chicago, IL Open to h1b transfer, 3 days onsite and 2 days remote Looking for a candidate that is strong in Middleware integration Proxy/reverse Proxy. Oriented Middleware working with apigee, nginx, Apache in containers a must. system administration j2ee application services in containers message Kafka MQ cicd strong ansible terraform cloud formation sftp pki infrastructure multi platform unix linux windows aws Provide subject matter expertise for implementation and ongoing support of Middleware integration technologies in production, non-production Legacy and container-based environments. Responsibilities: Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Resolve configuration related problems Resolve complex support issues in both production and non-production environments. Assist production support and development staff in debugging Middleware application defects. Create procedural and troubleshooting documentation related to Middleware products Participate in or lead moderately or high complex projects. Properly secure Middleware technologies Advise on industry best practices as it relates to new product selection. Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT's, Password rotations and Certificate renewals Qualifications: Expert understanding of: Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Systems administration and change management practices J2EE application services in containers and Legacy systems Message-oriented Middleware (tools such as Kafka, MQ) Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools ( Strong on Ansible, Terraform and Cloud Formation) Cloud native applications Technologies used to support microservices (like RKE) File transfer protocols including SFTP Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies. Education and/or Experience: Bachelor's degree in a related area 7-10 years of related experience with Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies
01/07/2025
Full time
Lead Associate Principal, Software Engineering Middleware SALARY: $150k - 170k plus 15% bonus LOCATION: Chicago, IL Open to h1b transfer, 3 days onsite and 2 days remote Looking for a candidate that is strong in Middleware integration Proxy/reverse Proxy. Oriented Middleware working with apigee, nginx, Apache in containers a must. system administration j2ee application services in containers message Kafka MQ cicd strong ansible terraform cloud formation sftp pki infrastructure multi platform unix linux windows aws Provide subject matter expertise for implementation and ongoing support of Middleware integration technologies in production, non-production Legacy and container-based environments. Responsibilities: Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Resolve configuration related problems Resolve complex support issues in both production and non-production environments. Assist production support and development staff in debugging Middleware application defects. Create procedural and troubleshooting documentation related to Middleware products Participate in or lead moderately or high complex projects. Properly secure Middleware technologies Advise on industry best practices as it relates to new product selection. Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT's, Password rotations and Certificate renewals Qualifications: Expert understanding of: Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Systems administration and change management practices J2EE application services in containers and Legacy systems Message-oriented Middleware (tools such as Kafka, MQ) Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools ( Strong on Ansible, Terraform and Cloud Formation) Cloud native applications Technologies used to support microservices (like RKE) File transfer protocols including SFTP Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies. Education and/or Experience: Bachelor's degree in a related area 7-10 years of related experience with Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies
Lead Associate Principal, Software Engineering Middleware SALARY: $150k - 170k plus 15% bonus LOCATION: DALLAS Open to h1b transfer, 3 days onsite and 2 days remote Looking for a candidate that is strong in Middleware integration Proxy/reverse Proxy. Oriented Middleware working with apigee, nginx, Apache in containers a must. system administration j2ee application services in containers message Kafka MQ cicd strong ansible terraform cloud formation sftp pki infrastructure multi platform unix linux windows aws Provide subject matter expertise for implementation and ongoing support of Middleware integration technologies in production, non-production Legacy and container-based environments. Responsibilities: Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Resolve configuration related problems Resolve complex support issues in both production and non-production environments. Assist production support and development staff in debugging Middleware application defects. Create procedural and troubleshooting documentation related to Middleware products Participate in or lead moderately or high complex projects. Properly secure Middleware technologies Advise on industry best practices as it relates to new product selection. Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT's, Password rotations and Certificate renewals Qualifications: Expert understanding of: Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Systems administration and change management practices J2EE application services in containers and Legacy systems Message-oriented Middleware (tools such as Kafka, MQ) Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools (Strong on Ansible, Terraform and Cloud Formation) Cloud native applications Technologies used to support microservices (like RKE) File transfer protocols including SFTP Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies. Education and/or Experience: Bachelor's degree in a related area 7-10 years of related experience with Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies
01/07/2025
Full time
Lead Associate Principal, Software Engineering Middleware SALARY: $150k - 170k plus 15% bonus LOCATION: DALLAS Open to h1b transfer, 3 days onsite and 2 days remote Looking for a candidate that is strong in Middleware integration Proxy/reverse Proxy. Oriented Middleware working with apigee, nginx, Apache in containers a must. system administration j2ee application services in containers message Kafka MQ cicd strong ansible terraform cloud formation sftp pki infrastructure multi platform unix linux windows aws Provide subject matter expertise for implementation and ongoing support of Middleware integration technologies in production, non-production Legacy and container-based environments. Responsibilities: Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Resolve configuration related problems Resolve complex support issues in both production and non-production environments. Assist production support and development staff in debugging Middleware application defects. Create procedural and troubleshooting documentation related to Middleware products Participate in or lead moderately or high complex projects. Properly secure Middleware technologies Advise on industry best practices as it relates to new product selection. Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT's, Password rotations and Certificate renewals Qualifications: Expert understanding of: Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Systems administration and change management practices J2EE application services in containers and Legacy systems Message-oriented Middleware (tools such as Kafka, MQ) Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools (Strong on Ansible, Terraform and Cloud Formation) Cloud native applications Technologies used to support microservices (like RKE) File transfer protocols including SFTP Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies. Education and/or Experience: Bachelor's degree in a related area 7-10 years of related experience with Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies
NO SPONSORSHIP Associate Principal, Security Engineering (Application Security) SALARY: $160k - $170k plus 15% bonus LOCATION: DALLAS, TX On site 3 days a week Application security, web applications, network applications. This position works closely with other members of the Security Services, IT Development Teams, and Development teams to support application and software security initiatives, projects, and operations. Responsibilities include: Candidate would perform Network/Application and Web Application security. Also create custom scripts and perform automation while also perform security assessments on both Legacy on prem and cloud environments. Candidate would also Identify, document and communicate vulnerabilities. Primary Duties and Responsibilities: Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Define and improve secure SDLC processes - designing and implementing a developer friendly secure SDLC framework tailored to the delivery model. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. Review reports of the testing and conduct security risk assessments of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Qualifications: The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, GCP, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Technical Skills: Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Familiarity with secure coding principles across multiple languages (eg python, Java, JavaScript etc.). Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Knowledge of shift-left strategies and embedding controls early in the development life cycle. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Familiarity with application frameworks and their built-in security services and API's (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.). Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools. Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP). Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, GCP) Cloud security concepts, best practices, and environments. Knowledge of Secure DevOps concepts. Education and/or Experience: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 5+ Years' experience in Application Security or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline. Exposure to security architecture design through application development or knowledge of security concepts/best practices. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired. Professional network and/or security certifications a plus (ie, GIAC, CISSP, CISA, CISM, CRISC) Cloud security automation certifications a plus (ie GCSA) Penetration testing certifications a plus (ie OSCP, GWAPT)
01/07/2025
Full time
NO SPONSORSHIP Associate Principal, Security Engineering (Application Security) SALARY: $160k - $170k plus 15% bonus LOCATION: DALLAS, TX On site 3 days a week Application security, web applications, network applications. This position works closely with other members of the Security Services, IT Development Teams, and Development teams to support application and software security initiatives, projects, and operations. Responsibilities include: Candidate would perform Network/Application and Web Application security. Also create custom scripts and perform automation while also perform security assessments on both Legacy on prem and cloud environments. Candidate would also Identify, document and communicate vulnerabilities. Primary Duties and Responsibilities: Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Define and improve secure SDLC processes - designing and implementing a developer friendly secure SDLC framework tailored to the delivery model. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. Review reports of the testing and conduct security risk assessments of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Qualifications: The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, GCP, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Technical Skills: Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Familiarity with secure coding principles across multiple languages (eg python, Java, JavaScript etc.). Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Knowledge of shift-left strategies and embedding controls early in the development life cycle. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Familiarity with application frameworks and their built-in security services and API's (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.). Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools. Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP). Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, GCP) Cloud security concepts, best practices, and environments. Knowledge of Secure DevOps concepts. Education and/or Experience: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 5+ Years' experience in Application Security or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline. Exposure to security architecture design through application development or knowledge of security concepts/best practices. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired. Professional network and/or security certifications a plus (ie, GIAC, CISSP, CISA, CISM, CRISC) Cloud security automation certifications a plus (ie GCSA) Penetration testing certifications a plus (ie OSCP, GWAPT)
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Principal, Research Technology Engineer. This engineer will focus on strategy, research, and development of new technologies for observability/enterprise level monitoring. This role will be in an R&D lab, doing testing and engineering of new technologies within containerization, Cloud, and DevOps practices. Responsibilities: Key contributor to technology platform design, testing, and implementation process to introduce new technology and improve existing technology initiatives for hybrid cloud and on-premises infrastructure within company Data Centers. Define and implement testing and success criteria for platforms, products, and technologies to ensure alignment with business, security, and architecture objectives. Lead and participate in exploratory proof-of-concept engagements and technology stress testing to determine solution feasibility and stability. Collaborate with various partner teams across technology, security, and business to provide technical consultation as part of projects and daily business activities. Create technical knowledge and guideline documentation for new and existing technologies to assist partner teams with knowledge transfer for execution and operations. Develop and maintain scalable DevSecOps pipelines, including CI/CD, Infrastructure as Code, and automated security scanning. Qualifications: Bachelor's degree or higher in a technical field 10+ years of progressive experience as a senior/lead engineer in a DevOps, SRE or infrastructure-focused role Deep expertise in cloud computing platforms (AWS, Azure, GCP, etc.) and infrastructure as code using tools like Terraform, Ansible, etc. Strong background in designing and maintaining CI/CD pipelines, with experience integration security testing and compliance Proficient in Scripting and programming languages such as Python, Bash or Go Understanding of traditional on-premises data center technologies and hybrid cloud architecture Experience developing CI/CD workflows using tools like Github Actions, Jenkins, Azure DevOps Pipelines, AWS CodePipeline, etc Familiarity with GitOps driven deployment tooling with solutions using tools like ArgoCD, FluxCD, etc In-depth knowledge of Observability and enterprise-level monitoring, logging, and alerting solutions through tools like Prometheus, Elasticsearch, Grafana, etc Experience with Cloud native technologies such as Kubernetes, ECS or Azure Container instances. Understanding of enterprise-grade networking technologies, including Routers, Switches, Firewalls and load balancers. Knowledge of network security protocols and certificate-based authentication Deeply experienced with infrastructure as code, like Terraform, OpenTofu or Pulumi Experience working with authentication protocols and suites ( LDAP, Kerberos, SAML, etc.), multi-factor authentication and password-less platforms and technologies, role-based access control and entitlements, etc. Solid understanding of common database technologies on-premises and in the cloud (PostgreSQL, MongoDB, Redis, MSSQL, etc ), data field hardening and encryption, access controls, high-availability, etc.
01/07/2025
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Principal, Research Technology Engineer. This engineer will focus on strategy, research, and development of new technologies for observability/enterprise level monitoring. This role will be in an R&D lab, doing testing and engineering of new technologies within containerization, Cloud, and DevOps practices. Responsibilities: Key contributor to technology platform design, testing, and implementation process to introduce new technology and improve existing technology initiatives for hybrid cloud and on-premises infrastructure within company Data Centers. Define and implement testing and success criteria for platforms, products, and technologies to ensure alignment with business, security, and architecture objectives. Lead and participate in exploratory proof-of-concept engagements and technology stress testing to determine solution feasibility and stability. Collaborate with various partner teams across technology, security, and business to provide technical consultation as part of projects and daily business activities. Create technical knowledge and guideline documentation for new and existing technologies to assist partner teams with knowledge transfer for execution and operations. Develop and maintain scalable DevSecOps pipelines, including CI/CD, Infrastructure as Code, and automated security scanning. Qualifications: Bachelor's degree or higher in a technical field 10+ years of progressive experience as a senior/lead engineer in a DevOps, SRE or infrastructure-focused role Deep expertise in cloud computing platforms (AWS, Azure, GCP, etc.) and infrastructure as code using tools like Terraform, Ansible, etc. Strong background in designing and maintaining CI/CD pipelines, with experience integration security testing and compliance Proficient in Scripting and programming languages such as Python, Bash or Go Understanding of traditional on-premises data center technologies and hybrid cloud architecture Experience developing CI/CD workflows using tools like Github Actions, Jenkins, Azure DevOps Pipelines, AWS CodePipeline, etc Familiarity with GitOps driven deployment tooling with solutions using tools like ArgoCD, FluxCD, etc In-depth knowledge of Observability and enterprise-level monitoring, logging, and alerting solutions through tools like Prometheus, Elasticsearch, Grafana, etc Experience with Cloud native technologies such as Kubernetes, ECS or Azure Container instances. Understanding of enterprise-grade networking technologies, including Routers, Switches, Firewalls and load balancers. Knowledge of network security protocols and certificate-based authentication Deeply experienced with infrastructure as code, like Terraform, OpenTofu or Pulumi Experience working with authentication protocols and suites ( LDAP, Kerberos, SAML, etc.), multi-factor authentication and password-less platforms and technologies, role-based access control and entitlements, etc. Solid understanding of common database technologies on-premises and in the cloud (PostgreSQL, MongoDB, Redis, MSSQL, etc ), data field hardening and encryption, access controls, high-availability, etc.
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Principal, Research Technology Engineer. This engineer will focus on strategy, research, and development of new technologies for observability/enterprise level monitoring. This role will be in an R&D lab, doing testing and engineering of new technologies within containerization, Cloud, and DevOps practices. Responsibilities: Key contributor to technology platform design, testing, and implementation process to introduce new technology and improve existing technology initiatives for hybrid cloud and on-premises infrastructure within company Data Centers. Define and implement testing and success criteria for platforms, products, and technologies to ensure alignment with business, security, and architecture objectives. Lead and participate in exploratory proof-of-concept engagements and technology stress testing to determine solution feasibility and stability. Collaborate with various partner teams across technology, security, and business to provide technical consultation as part of projects and daily business activities. Create technical knowledge and guideline documentation for new and existing technologies to assist partner teams with knowledge transfer for execution and operations. Develop and maintain scalable DevSecOps pipelines, including CI/CD, Infrastructure as Code, and automated security scanning. Qualifications: Bachelor's degree or higher in a technical field 10+ years of progressive experience as a senior/lead engineer in a DevOps, SRE or infrastructure-focused role Deep expertise in cloud computing platforms (AWS, Azure, GCP, etc.) and infrastructure as code using tools like Terraform, Ansible, etc. Strong background in designing and maintaining CI/CD pipelines, with experience integration security testing and compliance Proficient in Scripting and programming languages such as Python, Bash or Go Understanding of traditional on-premises data center technologies and hybrid cloud architecture Experience developing CI/CD workflows using tools like Github Actions, Jenkins, Azure DevOps Pipelines, AWS CodePipeline, etc Familiarity with GitOps driven deployment tooling with solutions using tools like ArgoCD, FluxCD, etc In-depth knowledge of Observability and enterprise-level monitoring, logging, and alerting solutions through tools like Prometheus, Elasticsearch, Grafana, etc Experience with Cloud native technologies such as Kubernetes, ECS or Azure Container instances. Understanding of enterprise-grade networking technologies, including Routers, Switches, Firewalls and load balancers. Knowledge of network security protocols and certificate-based authentication Deeply experienced with infrastructure as code, like Terraform, OpenTofu or Pulumi Experience working with authentication protocols and suites ( LDAP, Kerberos, SAML, etc.), multi-factor authentication and password-less platforms and technologies, role-based access control and entitlements, etc. Solid understanding of common database technologies on-premises and in the cloud (PostgreSQL, MongoDB, Redis, MSSQL, etc ), data field hardening and encryption, access controls, high-availability, etc.
01/07/2025
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Principal, Research Technology Engineer. This engineer will focus on strategy, research, and development of new technologies for observability/enterprise level monitoring. This role will be in an R&D lab, doing testing and engineering of new technologies within containerization, Cloud, and DevOps practices. Responsibilities: Key contributor to technology platform design, testing, and implementation process to introduce new technology and improve existing technology initiatives for hybrid cloud and on-premises infrastructure within company Data Centers. Define and implement testing and success criteria for platforms, products, and technologies to ensure alignment with business, security, and architecture objectives. Lead and participate in exploratory proof-of-concept engagements and technology stress testing to determine solution feasibility and stability. Collaborate with various partner teams across technology, security, and business to provide technical consultation as part of projects and daily business activities. Create technical knowledge and guideline documentation for new and existing technologies to assist partner teams with knowledge transfer for execution and operations. Develop and maintain scalable DevSecOps pipelines, including CI/CD, Infrastructure as Code, and automated security scanning. Qualifications: Bachelor's degree or higher in a technical field 10+ years of progressive experience as a senior/lead engineer in a DevOps, SRE or infrastructure-focused role Deep expertise in cloud computing platforms (AWS, Azure, GCP, etc.) and infrastructure as code using tools like Terraform, Ansible, etc. Strong background in designing and maintaining CI/CD pipelines, with experience integration security testing and compliance Proficient in Scripting and programming languages such as Python, Bash or Go Understanding of traditional on-premises data center technologies and hybrid cloud architecture Experience developing CI/CD workflows using tools like Github Actions, Jenkins, Azure DevOps Pipelines, AWS CodePipeline, etc Familiarity with GitOps driven deployment tooling with solutions using tools like ArgoCD, FluxCD, etc In-depth knowledge of Observability and enterprise-level monitoring, logging, and alerting solutions through tools like Prometheus, Elasticsearch, Grafana, etc Experience with Cloud native technologies such as Kubernetes, ECS or Azure Container instances. Understanding of enterprise-grade networking technologies, including Routers, Switches, Firewalls and load balancers. Knowledge of network security protocols and certificate-based authentication Deeply experienced with infrastructure as code, like Terraform, OpenTofu or Pulumi Experience working with authentication protocols and suites ( LDAP, Kerberos, SAML, etc.), multi-factor authentication and password-less platforms and technologies, role-based access control and entitlements, etc. Solid understanding of common database technologies on-premises and in the cloud (PostgreSQL, MongoDB, Redis, MSSQL, etc ), data field hardening and encryption, access controls, high-availability, etc.
Senior IAM Engineer - ForgeRock Salary: $150k-$160k + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 7+ Years Identity Access Management (IAM) experience Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Responsibilities Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security.
01/07/2025
Full time
Senior IAM Engineer - ForgeRock Salary: $150k-$160k + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 7+ Years Identity Access Management (IAM) experience Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Responsibilities Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security.
Senior IAM Engineer - ForgeRock Salary: $150k-$160k + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 7+ Years Identity Access Management (IAM) experience Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Responsibilities Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security.
01/07/2025
Full time
Senior IAM Engineer - ForgeRock Salary: $150k-$160k + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 7+ Years Identity Access Management (IAM) experience Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Responsibilities Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security.
Infrastructure Engineer - Hybrid (Bridgend) Salary: Up to £60,000 per annum (DOE) Location: Bridgend (Hybrid - 3 days onsite) Contract: Permanent Right to Work: Must have full right to work in the UK (no sponsorship available) About the Role An established enterprise-level organisation is seeking a hands-on Infrastructure Engineer to support and maintain their on-premise infrastructure, application deployments, and platform improvements. This role offers the opportunity to work within a structured environment focused on automation and digital transformation. Key Responsibilities Manage and support Windows Server, Active Directory, DNS, and SQL Server environments Own deployment processes and release pipelines, driving automation improvements Develop and maintain scripts (PowerShell preferred) to automate infrastructure tasks Monitor system performance, availability, and disaster recovery readiness Maintain documentation and ensure compliance with change control procedures Collaborate across technical teams and support occasional out-of-hours deployments Essential Skills & Experience Proven experience managing on-premise infrastructure including Windows Server, AD, SQL Server Familiarity with CI/CD and deployment automation tools Strong Scripting skills (PowerShell preferred) Comfortable working onsite in Bridgend 3 days a week Full right to work in the UK (no sponsorship offered) Desirable Exposure to cloud environments, preferably Azure Experience supporting business applications in regulated environments Benefits Competitive salary up to £60,000 (DOE) Hybrid working: 3 days onsite (Bridgend), 2 days remote Generous pension scheme Comprehensive wellbeing package Regular team socials and events Supportive culture with long-term development opportunities How to Apply If you're interested, please apply now. For a confidential discussion or more information, contact: Thomas Garrett Senior Recruitment Consultant - CPS Group (see below) By applying to this advert you are giving CPS Group (UK) Ltd authority to hold and process your data for this specific role and any other roles we may deem suitable to you over time. We will not pass your data to any third party without your verbal or written permission to do so. All incoming and outgoing calls are recorded for training and compliance purposes. CPS Group (UK) Ltd is acting as an Employment Agency in relation to this vacancy. Our new privacy policy can be found on our website
01/07/2025
Full time
Infrastructure Engineer - Hybrid (Bridgend) Salary: Up to £60,000 per annum (DOE) Location: Bridgend (Hybrid - 3 days onsite) Contract: Permanent Right to Work: Must have full right to work in the UK (no sponsorship available) About the Role An established enterprise-level organisation is seeking a hands-on Infrastructure Engineer to support and maintain their on-premise infrastructure, application deployments, and platform improvements. This role offers the opportunity to work within a structured environment focused on automation and digital transformation. Key Responsibilities Manage and support Windows Server, Active Directory, DNS, and SQL Server environments Own deployment processes and release pipelines, driving automation improvements Develop and maintain scripts (PowerShell preferred) to automate infrastructure tasks Monitor system performance, availability, and disaster recovery readiness Maintain documentation and ensure compliance with change control procedures Collaborate across technical teams and support occasional out-of-hours deployments Essential Skills & Experience Proven experience managing on-premise infrastructure including Windows Server, AD, SQL Server Familiarity with CI/CD and deployment automation tools Strong Scripting skills (PowerShell preferred) Comfortable working onsite in Bridgend 3 days a week Full right to work in the UK (no sponsorship offered) Desirable Exposure to cloud environments, preferably Azure Experience supporting business applications in regulated environments Benefits Competitive salary up to £60,000 (DOE) Hybrid working: 3 days onsite (Bridgend), 2 days remote Generous pension scheme Comprehensive wellbeing package Regular team socials and events Supportive culture with long-term development opportunities How to Apply If you're interested, please apply now. For a confidential discussion or more information, contact: Thomas Garrett Senior Recruitment Consultant - CPS Group (see below) By applying to this advert you are giving CPS Group (UK) Ltd authority to hold and process your data for this specific role and any other roles we may deem suitable to you over time. We will not pass your data to any third party without your verbal or written permission to do so. All incoming and outgoing calls are recorded for training and compliance purposes. CPS Group (UK) Ltd is acting as an Employment Agency in relation to this vacancy. Our new privacy policy can be found on our website
Technical Infrastructure Manager/Linux Systems Administrator/Team Lead Candidates MUST come from a Highly Technical Linux Systems Administrators Background and still be Hands On with a minimum of 3 years' experience either a Manager or a Team Leader looking for the next step up. The successful candidate will be responsible for leading and managing the day-to-day operations of a mission-critical Linux infrastructure team, including both the Linux Support Desk staff along with senior-level system administrators. Previous Financial/Banking experience in a Low Latency environment would be highly beneficial but not essential. Responsibilities and Duties The successful candidate will manage both the Linux internal support team as well as a senior sysadmin team of experienced professionals. These teams oversee the entire company's Linux estate including development, QA and multiple production trading systems including some belonging to third party clients. Collaborate with development, networks, ops and product teams on strategic IT initiatives. Assist with planning, management and resource allocation of inter-departmental projects alongside the company's PM team. Oversee incident management, root cause analysis, and rapid resolution of system outages or performance degradation. Ensure compliance of company procedures such as change management, patch management and security and audit processes. Assist in the maintenance of these procedures. Support regular security audits and penetration tests, addressing findings and oversee any remediation work. Improve system monitoring, alerting, documentation, operating procedures and incident response processes. Manage, mentor, plan and coordinate the activities of both teams. Required Skills/Experience 7+ years Linux system administration experience with at least 3 years in a managerial or team lead role. Strong expertise with RHEL-based systems, including installation, ongoing management, monitoring, performance tuning, system security hardening, etc. Proven track record of managing geographically distributed teams, including senior engineers and tier-1/2 support staff including on-call and rota scheduling. Experience in managing complex IT projects, including system migrations and infrastructure upgrades. Strong understanding of cybersecurity principles and experience implementing security measures in a regulated environment. Ability to coach, mentor, and upskill staff; develop career paths and ensure team resilience. Experience undertaking root cause analysis including prevention orientated solution reporting. Working experience with deployment tools (eg GitLab pipelines) and rollback strategies. Proficiency in managing bare-metal Servers, virtualization platforms such as VMware, containerised systems as well as familiarity with hybrid cloud environments and DevOPS practices. Familiarity with incident/problem management and change control workflows a plus. Previous experience with low latency systems or financial experience desirable. Excellent verbal and written communication skills, with the ability to interface with operations desks, application developers, compliance teams, and executive leadership. Benefits Include 25 days annual leave - not including bank holidays Private medical insurance Flexible working hours Company pension Group Policies - Life Assurance, Income Protection and Critical Illness Discretionary bonus Share Incentive Plan Electric Car Scheme Enhanced Maternity and Paternity Policy
01/07/2025
Full time
Technical Infrastructure Manager/Linux Systems Administrator/Team Lead Candidates MUST come from a Highly Technical Linux Systems Administrators Background and still be Hands On with a minimum of 3 years' experience either a Manager or a Team Leader looking for the next step up. The successful candidate will be responsible for leading and managing the day-to-day operations of a mission-critical Linux infrastructure team, including both the Linux Support Desk staff along with senior-level system administrators. Previous Financial/Banking experience in a Low Latency environment would be highly beneficial but not essential. Responsibilities and Duties The successful candidate will manage both the Linux internal support team as well as a senior sysadmin team of experienced professionals. These teams oversee the entire company's Linux estate including development, QA and multiple production trading systems including some belonging to third party clients. Collaborate with development, networks, ops and product teams on strategic IT initiatives. Assist with planning, management and resource allocation of inter-departmental projects alongside the company's PM team. Oversee incident management, root cause analysis, and rapid resolution of system outages or performance degradation. Ensure compliance of company procedures such as change management, patch management and security and audit processes. Assist in the maintenance of these procedures. Support regular security audits and penetration tests, addressing findings and oversee any remediation work. Improve system monitoring, alerting, documentation, operating procedures and incident response processes. Manage, mentor, plan and coordinate the activities of both teams. Required Skills/Experience 7+ years Linux system administration experience with at least 3 years in a managerial or team lead role. Strong expertise with RHEL-based systems, including installation, ongoing management, monitoring, performance tuning, system security hardening, etc. Proven track record of managing geographically distributed teams, including senior engineers and tier-1/2 support staff including on-call and rota scheduling. Experience in managing complex IT projects, including system migrations and infrastructure upgrades. Strong understanding of cybersecurity principles and experience implementing security measures in a regulated environment. Ability to coach, mentor, and upskill staff; develop career paths and ensure team resilience. Experience undertaking root cause analysis including prevention orientated solution reporting. Working experience with deployment tools (eg GitLab pipelines) and rollback strategies. Proficiency in managing bare-metal Servers, virtualization platforms such as VMware, containerised systems as well as familiarity with hybrid cloud environments and DevOPS practices. Familiarity with incident/problem management and change control workflows a plus. Previous experience with low latency systems or financial experience desirable. Excellent verbal and written communication skills, with the ability to interface with operations desks, application developers, compliance teams, and executive leadership. Benefits Include 25 days annual leave - not including bank holidays Private medical insurance Flexible working hours Company pension Group Policies - Life Assurance, Income Protection and Critical Illness Discretionary bonus Share Incentive Plan Electric Car Scheme Enhanced Maternity and Paternity Policy
Surgical Robotics Software Lead Engineer - Cambridge - Perm Salary: £40,000 - £70,000 pa Location: Cambridge 5 days a week on site My client can provide Sponsorship for the right candidate Our client is a global advisory and product development company are looking for a Surgical Robotics Software Lead Engineer in the Cambridge area. Your expertise in surgical robotics, software coding, and technical project management will be crucial for this role. You will be responsible for the implementation of advanced surgical robotic software control systems. You will lead a project team of software engineers and collaborate with cross-functional teams to ensure the successful delivery of projects. Surgical Robotics Software Lead Engineer Responsibilities: Lead the design and development of surgical robotic software systems for client projects. Design and develop software applications and control algorithms for surgical robotics systems using Object Oriented languages (C# and C++) and/or Embedded code (C) Collaborating with electronics, mechanical and systems engineers to integrate software with hardware components and mechanical robotics platforms Surgical Robotics Software Lead Engineer Skills: Proven experience in leading surgical robotic software development as a product following medical development processes. Experience designing software for Real Time Operating Systems (RTOS). Proficiency in modern Object Oriented languages (C#, C++) and Embedded code (C). Solid understanding of robotics principles, including kinematics, dynamics, and control theory with robotics frameworks, communications Middleware and digital position controllers. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
01/07/2025
Full time
Surgical Robotics Software Lead Engineer - Cambridge - Perm Salary: £40,000 - £70,000 pa Location: Cambridge 5 days a week on site My client can provide Sponsorship for the right candidate Our client is a global advisory and product development company are looking for a Surgical Robotics Software Lead Engineer in the Cambridge area. Your expertise in surgical robotics, software coding, and technical project management will be crucial for this role. You will be responsible for the implementation of advanced surgical robotic software control systems. You will lead a project team of software engineers and collaborate with cross-functional teams to ensure the successful delivery of projects. Surgical Robotics Software Lead Engineer Responsibilities: Lead the design and development of surgical robotic software systems for client projects. Design and develop software applications and control algorithms for surgical robotics systems using Object Oriented languages (C# and C++) and/or Embedded code (C) Collaborating with electronics, mechanical and systems engineers to integrate software with hardware components and mechanical robotics platforms Surgical Robotics Software Lead Engineer Skills: Proven experience in leading surgical robotic software development as a product following medical development processes. Experience designing software for Real Time Operating Systems (RTOS). Proficiency in modern Object Oriented languages (C#, C++) and Embedded code (C). Solid understanding of robotics principles, including kinematics, dynamics, and control theory with robotics frameworks, communications Middleware and digital position controllers. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
Job title: Production Support Engineer - Trading Client: FinTech Salary: £75,000-£90,000 + Bonus Location: London Skills: Linux, Windows, SQL, C#, Java, Front Office My client are seeking an experienced Application/Production Support Engineer to join their small but busy team. You will be providing Support to Front Office Trading Applications, as well as other Middle and Back Office systems. The role covers a number of Asset Classes including Rates, FX, Credit, Equities etc. The role is hybrid, with 4 days in the office required. Core experience required: Experience working in Front Office Application/Production Support within Financial Services Experience with Linux/Windows Ability to read and debug C#/Java code Strong experience with SQL and interrogating databases Strong understanding of Trade Flow and the Trading Lifecycle Desirable skills: Bloomberg Calypso Risk/P&L Systems Control-M VBA Please apply ASAP for more information.
01/07/2025
Full time
Job title: Production Support Engineer - Trading Client: FinTech Salary: £75,000-£90,000 + Bonus Location: London Skills: Linux, Windows, SQL, C#, Java, Front Office My client are seeking an experienced Application/Production Support Engineer to join their small but busy team. You will be providing Support to Front Office Trading Applications, as well as other Middle and Back Office systems. The role covers a number of Asset Classes including Rates, FX, Credit, Equities etc. The role is hybrid, with 4 days in the office required. Core experience required: Experience working in Front Office Application/Production Support within Financial Services Experience with Linux/Windows Ability to read and debug C#/Java code Strong experience with SQL and interrogating databases Strong understanding of Trade Flow and the Trading Lifecycle Desirable skills: Bloomberg Calypso Risk/P&L Systems Control-M VBA Please apply ASAP for more information.
Senior SQL Database Administrator Location: Hybrid - Sunderland (with flexible working) Salary: Up to £55,000 + excellent benefits We're working with a respected organisation in Sunderland to recruit a Senior SQL Database Administrator . This is a fantastic opportunity to join an experienced IT team and take a lead role in the ongoing development, optimisation, and resilience of the organisation's database environment. You'll be responsible for maintaining high availability, supporting integrations across platforms, and ensuring the reliability and performance of systems critical to business operations. Key Responsibilities: Configure and manage high availability and disaster recovery solutions including Always On Availability Groups, mirroring, and clustering. Implement and test backup and recovery procedures to safeguard data. Monitor performance metrics and carry out tuning and optimisation as required. Support development and integration efforts across cloud and on-prem environments. Use version control tools (eg GitHub, Bitbucket) to manage database scripts and schema changes. Maintain comprehensive technical documentation and system records. Collaborate with software developers, analysts, and other teams to deliver scalable and secure database services. Provide 2nd/3rd line support and investigate root causes of system issues. What We're Looking For: Solid experience in SQL Server database administration. Strong understanding of high availability, backup, and recovery strategies. Proficient in writing and troubleshooting T-SQL. Experience with ETL tools (eg SSIS, Azure Data Factory, Informatica, Talend). Familiarity with version control and collaborative working in a support or project setting. Strong communication skills and a methodical, team-focused approach. Desirable (but not essential): Experience with open-source RDBMS (PostgreSQL, MySQL, MongoDB). Familiarity with Redgate tools (SQL Toolbelt, Backup Pro, SQL Monitor). Benefits: Up to £55,000 salary depending on experience 31 days annual leave plus bank holidays, with the option to buy more Flexible and hybrid working, including early Friday finishes Health Cash Plan - cashback on optical, dental, therapies, and more (includes free child cover) Access to private healthcare through the plan Generous pension scheme - up to 10% employer contribution Salary sacrifice scheme for electric vehicles Enhanced parental and family leave Business mileage allowance Life assurance (3x salary) Please note: This role is subject to a basic DBS check, funded by the employer. Randstad Technologies Ltd is a leading specialist recruitment business for the IT & Engineering industries. Please note that due to a high level of applications, we can only respond to applicants whose skills & qualifications are suitable for this position. No terminology in this advert is intended to discriminate against any of the protected characteristics that fall under the Equality Act 2010. For the purposes of the Conduct Regulations 2003, when advertising permanent vacancies we are acting as an Employment Agency, and when advertising temporary/contract vacancies we are acting as an Employment Business.
01/07/2025
Full time
Senior SQL Database Administrator Location: Hybrid - Sunderland (with flexible working) Salary: Up to £55,000 + excellent benefits We're working with a respected organisation in Sunderland to recruit a Senior SQL Database Administrator . This is a fantastic opportunity to join an experienced IT team and take a lead role in the ongoing development, optimisation, and resilience of the organisation's database environment. You'll be responsible for maintaining high availability, supporting integrations across platforms, and ensuring the reliability and performance of systems critical to business operations. Key Responsibilities: Configure and manage high availability and disaster recovery solutions including Always On Availability Groups, mirroring, and clustering. Implement and test backup and recovery procedures to safeguard data. Monitor performance metrics and carry out tuning and optimisation as required. Support development and integration efforts across cloud and on-prem environments. Use version control tools (eg GitHub, Bitbucket) to manage database scripts and schema changes. Maintain comprehensive technical documentation and system records. Collaborate with software developers, analysts, and other teams to deliver scalable and secure database services. Provide 2nd/3rd line support and investigate root causes of system issues. What We're Looking For: Solid experience in SQL Server database administration. Strong understanding of high availability, backup, and recovery strategies. Proficient in writing and troubleshooting T-SQL. Experience with ETL tools (eg SSIS, Azure Data Factory, Informatica, Talend). Familiarity with version control and collaborative working in a support or project setting. Strong communication skills and a methodical, team-focused approach. Desirable (but not essential): Experience with open-source RDBMS (PostgreSQL, MySQL, MongoDB). Familiarity with Redgate tools (SQL Toolbelt, Backup Pro, SQL Monitor). Benefits: Up to £55,000 salary depending on experience 31 days annual leave plus bank holidays, with the option to buy more Flexible and hybrid working, including early Friday finishes Health Cash Plan - cashback on optical, dental, therapies, and more (includes free child cover) Access to private healthcare through the plan Generous pension scheme - up to 10% employer contribution Salary sacrifice scheme for electric vehicles Enhanced parental and family leave Business mileage allowance Life assurance (3x salary) Please note: This role is subject to a basic DBS check, funded by the employer. Randstad Technologies Ltd is a leading specialist recruitment business for the IT & Engineering industries. Please note that due to a high level of applications, we can only respond to applicants whose skills & qualifications are suitable for this position. No terminology in this advert is intended to discriminate against any of the protected characteristics that fall under the Equality Act 2010. For the purposes of the Conduct Regulations 2003, when advertising permanent vacancies we are acting as an Employment Agency, and when advertising temporary/contract vacancies we are acting as an Employment Business.
API Security Engineer Location: Galway, hybrid 1 week/pm onsite Contract Type: 12 Months Salary: Up to €375 per day About the Team Join a dynamic and forward-thinking API Security team dedicated to strengthening the security posture of APIs across our infrastructure. We're focused on enabling modern, scalable API security solutions and practices to protect our systems and deliver a safer digital experience for our users. As an API Security Engineer, you'll play a key role in designing, deploying, and enhancing security controls for APIs used across our platform. This hands-on role blends technical expertise, strategic thinking, and strong collaboration as you partner with cross-functional teams to deliver secure, scalable solutions. Key Responsibilities: Lead the end-to-end implementation and optimization of API security solutions. Collaborate with development, DevOps, and security teams to integrate API security into all stages of the software development life cycle. Continuously monitor and enhance the API security platform's performance in line with KPIs and SLAs. Detect and respond to API-specific threats by leveraging runtime protection, traffic analysis, and security testing tools. Contribute to broader security initiatives and roadmaps focused on application and infrastructure protection. Automate processes and develop tooling to support testing, analysis, and reporting. Keep documentation updated and foster knowledge sharing across the organization. Stay on top of emerging API threats, vulnerabilities, and protection technologies. What You Bring Experience & Expertise: 5+ years in software engineering with a strong focus on Application or API Security. In-depth knowledge of API protocols and architectures (REST, SOAP, GraphQL, gRPC). Familiarity with API gateways, OAuth2, OIDC, JWT, and related authentication/authorization protocols. Solid understanding of the OWASP API Security Top 10 and secure coding practices. Experience with API vulnerability management and security testing tools (DAST, SAST, SCA, WAF, etc.). Experience with runtime security solutions, traffic monitoring, and eBPF is a plus. Skills & Mindset: Strong engineering fundamentals and a mindset focused on secure, scalable software. Familiarity with agile development and DevSecOps practices. Analytical thinker with problem-solving acumen in ambiguous or high-pressure environments. Excellent communication and stakeholder collaboration skills. Eagerness to learn, mentor, and contribute to a culture of continuous improvement. Why Join Us? You'll have the opportunity to make a real impact by shaping how API security is delivered in a high-performing, mission-driven environment. You'll work with smart, motivated people, leveraging the latest technology to solve complex challenges and protect critical infrastructure. If you're passionate about security, innovation, and creating value through engineering excellence-this is the role for you.
01/07/2025
Project-based
API Security Engineer Location: Galway, hybrid 1 week/pm onsite Contract Type: 12 Months Salary: Up to €375 per day About the Team Join a dynamic and forward-thinking API Security team dedicated to strengthening the security posture of APIs across our infrastructure. We're focused on enabling modern, scalable API security solutions and practices to protect our systems and deliver a safer digital experience for our users. As an API Security Engineer, you'll play a key role in designing, deploying, and enhancing security controls for APIs used across our platform. This hands-on role blends technical expertise, strategic thinking, and strong collaboration as you partner with cross-functional teams to deliver secure, scalable solutions. Key Responsibilities: Lead the end-to-end implementation and optimization of API security solutions. Collaborate with development, DevOps, and security teams to integrate API security into all stages of the software development life cycle. Continuously monitor and enhance the API security platform's performance in line with KPIs and SLAs. Detect and respond to API-specific threats by leveraging runtime protection, traffic analysis, and security testing tools. Contribute to broader security initiatives and roadmaps focused on application and infrastructure protection. Automate processes and develop tooling to support testing, analysis, and reporting. Keep documentation updated and foster knowledge sharing across the organization. Stay on top of emerging API threats, vulnerabilities, and protection technologies. What You Bring Experience & Expertise: 5+ years in software engineering with a strong focus on Application or API Security. In-depth knowledge of API protocols and architectures (REST, SOAP, GraphQL, gRPC). Familiarity with API gateways, OAuth2, OIDC, JWT, and related authentication/authorization protocols. Solid understanding of the OWASP API Security Top 10 and secure coding practices. Experience with API vulnerability management and security testing tools (DAST, SAST, SCA, WAF, etc.). Experience with runtime security solutions, traffic monitoring, and eBPF is a plus. Skills & Mindset: Strong engineering fundamentals and a mindset focused on secure, scalable software. Familiarity with agile development and DevSecOps practices. Analytical thinker with problem-solving acumen in ambiguous or high-pressure environments. Excellent communication and stakeholder collaboration skills. Eagerness to learn, mentor, and contribute to a culture of continuous improvement. Why Join Us? You'll have the opportunity to make a real impact by shaping how API security is delivered in a high-performing, mission-driven environment. You'll work with smart, motivated people, leveraging the latest technology to solve complex challenges and protect critical infrastructure. If you're passionate about security, innovation, and creating value through engineering excellence-this is the role for you.
Role Overview As Head of AI, you will be the primary technical driver of all AI/ML initiatives. You'll report directly to the CEO/CTO and own the full life cycle of our AI roadmap-from research and proof-of-concept to scalable production. We're looking for a doer who can rapidly prototype models, optimize for performance, and mentor junior engineers, all while helping define product strategy. In this role, you will: Lead AI strategy and execution in a high-ambiguity environment. Build, train, and deploy state-of-the-art models (eg, deep learning, NLP, computer vision, reinforcement learning, or relevant domain-specific architectures). Design infrastructure for data ingestion, annotation, experimentation, model versioning, and monitoring. Collaborate closely with product, design, and DevOps to integrate AI features into our platform. Continuously evaluate new research, open-source tools, and emerging frameworks to keep us at the forefront. Recruit, mentor, and grow an AI/ML team as we scale beyond our seed round. Key Responsibilities 1. Architecture & Hands-On Development Define and implement end-to-end AI pipelines: data collection/cleaning, feature engineering, model training, validation, and inference. Rapidly prototype novel models (eg, neural networks, probabilistic models) using PyTorch, TensorFlow, JAX, or equivalent. Productionize models in cloud/on-prem environments (AWS/GCP/Azure) with containerization (Docker/Kubernetes) and ensure low-latency, high-availability inference. 2. Strategic Leadership Develop a multi-quarter AI roadmap aligned with product milestones and fundraising milestones. Identify and evaluate opportunities for AI-driven competitive advantages (eg, proprietary data, unique model architectures, transfer/few-shot learning). Collaborate with business stakeholders to translate big problems into technically feasible AI solutions. 3. Data & Infrastructure Oversee the creation and maintenance of scalable data pipelines (ETL/ELT) and data lakes/warehouses. Establish best practices for data labeling, versioning, and governance to ensure high data quality. Implement ML Ops processes: CI/CD for model training, automated testing, model-drift detection, and continuous monitoring. 4. Team Building & Mentorship Hire and mentor AI/ML engineers, data scientists, and research interns. Set coding standards, model-development guidelines, and rigor around reproducible experiments (eg, clear Git workflow, experiment tracking). Conduct regular code/model reviews and foster a culture of learn by doing and iterative improvement. 5. Research & Innovation Stay abreast of state-of-the-art AI research (eg, pre-training, fine-tuning, generative methods) and evaluate applicability. Publish or present whitepapers/prototype demos if appropriate (keeping stealth constraints in mind). Forge partnerships with academic labs or open-source communities to accelerate innovation. Minimum Qualifications Experience (7 + years total; 3 + years in senior/lead role): Demonstrated track record of shipping AI/ML products end-to-end (from prototype to production). Hands-on expertise building and deploying deep learning models (eg, CNNs, Transformers, graph neural networks) in real-world applications. Proficiency in Python and core ML libraries (PyTorch, TensorFlow, scikit-learn, Hugging Face, etc.). Strong software engineering background: data structures, algorithms, distributed systems, and version control (Git). Experience designing scalable ML infrastructure on cloud platforms (AWS SageMaker, GCP AI Platform, Azure ML, or equivalent). Solid understanding of data-engineering concepts: SQL/noSQL, data pipelines (Airflow, Prefect, or similar), and batch/streaming frameworks (Spark, Kafka). Leadership & Communication: Proven ability to lead cross-functional teams in ambiguous startup settings. Exceptional written and verbal communication skills-able to explain complex concepts to both technical and non-technical stakeholders. Experience recruiting and mentoring engineers or data scientists in a fast-paced environment. Education: Bachelor's or Master's in Computer Science, AI/ML, Electrical Engineering, Statistics, or a related field. (Ph.D. in AI/ML is a plus but not required if hands-on experience is extensive.) Preferred (Nice-to-Have) Prior experience in a stealth-mode or early-stage startup, ideally taking an AI product from 0 - 1. Background in a relevant domain (eg, healthcare AI, autonomous systems, finance, robotics, computer vision, or NLP). Hands-on experience with large-scale language models (LLMs) and prompt engineering (eg, GPT, BERT, T5 family). Familiarity with on-device or edge-AI deployments (eg, TensorFlow Lite, ONNX, mobile/Embedded inference). Knowledge of MLOps tooling (MLflow, Weights & Biases, Kubeflow, or similar) for experiment tracking and model governance. Open-source contributions or published papers in top-tier AI/ML conferences (NeurIPS, ICML, CVPR, ACL, etc.). Soft Skills & Cultural Fit Doer Mindset: You thrive in scrappy, ambiguous environments. You'll roll up your sleeves to write production code, prototype research ideas, and iterate quickly. Bias for Action: You favor shipping an MVP quickly, measuring impact, and iterating-over striving for perfect academic proofs that never see production. Ownership Mentality: You treat the startup as your own: you take responsibility for system uptime, data integrity, and feature adoption, not just model accuracy. Collaborative Attitude: You value cross-functional teamwork and can pivot between researcher mode and software engineer mode depending on the task at hand. Growth-Oriented: You continually learn new algorithms, architectures, and engineering best practices; you encourage team members to do the same. What We Offer Equity Package: Meaningful ownership stake, commensurate with an early leadership role. Competitive Compensation: Salary aligned with early-stage startup benchmarks; a large portion of the upside is in equity. Autonomy & Impact: You'll shape the technical direction of our AI stack and lay the groundwork for a market-leading product. Flexible Work Environment: Remote-friendly with occasional in-person retreats or team meetups. Learning Budget: Funds for conferences, courses, or publications to ensure you stay at the bleeding edge. Fast-Track Growth: As our first AI hire and eventual team leader, you'll rapidly expand your responsibilities-and the team you build-within months. How to Apply Please send your resume/CV and a brief cover letter with the subject line: Head of AI Application - [Your Name] In your cover letter, highlight: 1. A recent project where you built and deployed an AI/ML system end-to-end (include technical stack and impact). 2. Any leadership or mentoring experience guiding other engineers or data scientists. 3. Why you're excited to join a stealth startup and move quickly from prototype to production. We will review applications on a rolling basis and aim to schedule initial calls within two weeks of receipt. Equal Opportunity: We are committed to building a diverse team and welcome applicants of all backgrounds. We celebrate differences and encourage individuals who thrive in a fast-paced, collaborative, and impact-driven culture to apply. Ready to build world-class AI from day one? Come join us and help shape the future.
01/07/2025
Full time
Role Overview As Head of AI, you will be the primary technical driver of all AI/ML initiatives. You'll report directly to the CEO/CTO and own the full life cycle of our AI roadmap-from research and proof-of-concept to scalable production. We're looking for a doer who can rapidly prototype models, optimize for performance, and mentor junior engineers, all while helping define product strategy. In this role, you will: Lead AI strategy and execution in a high-ambiguity environment. Build, train, and deploy state-of-the-art models (eg, deep learning, NLP, computer vision, reinforcement learning, or relevant domain-specific architectures). Design infrastructure for data ingestion, annotation, experimentation, model versioning, and monitoring. Collaborate closely with product, design, and DevOps to integrate AI features into our platform. Continuously evaluate new research, open-source tools, and emerging frameworks to keep us at the forefront. Recruit, mentor, and grow an AI/ML team as we scale beyond our seed round. Key Responsibilities 1. Architecture & Hands-On Development Define and implement end-to-end AI pipelines: data collection/cleaning, feature engineering, model training, validation, and inference. Rapidly prototype novel models (eg, neural networks, probabilistic models) using PyTorch, TensorFlow, JAX, or equivalent. Productionize models in cloud/on-prem environments (AWS/GCP/Azure) with containerization (Docker/Kubernetes) and ensure low-latency, high-availability inference. 2. Strategic Leadership Develop a multi-quarter AI roadmap aligned with product milestones and fundraising milestones. Identify and evaluate opportunities for AI-driven competitive advantages (eg, proprietary data, unique model architectures, transfer/few-shot learning). Collaborate with business stakeholders to translate big problems into technically feasible AI solutions. 3. Data & Infrastructure Oversee the creation and maintenance of scalable data pipelines (ETL/ELT) and data lakes/warehouses. Establish best practices for data labeling, versioning, and governance to ensure high data quality. Implement ML Ops processes: CI/CD for model training, automated testing, model-drift detection, and continuous monitoring. 4. Team Building & Mentorship Hire and mentor AI/ML engineers, data scientists, and research interns. Set coding standards, model-development guidelines, and rigor around reproducible experiments (eg, clear Git workflow, experiment tracking). Conduct regular code/model reviews and foster a culture of learn by doing and iterative improvement. 5. Research & Innovation Stay abreast of state-of-the-art AI research (eg, pre-training, fine-tuning, generative methods) and evaluate applicability. Publish or present whitepapers/prototype demos if appropriate (keeping stealth constraints in mind). Forge partnerships with academic labs or open-source communities to accelerate innovation. Minimum Qualifications Experience (7 + years total; 3 + years in senior/lead role): Demonstrated track record of shipping AI/ML products end-to-end (from prototype to production). Hands-on expertise building and deploying deep learning models (eg, CNNs, Transformers, graph neural networks) in real-world applications. Proficiency in Python and core ML libraries (PyTorch, TensorFlow, scikit-learn, Hugging Face, etc.). Strong software engineering background: data structures, algorithms, distributed systems, and version control (Git). Experience designing scalable ML infrastructure on cloud platforms (AWS SageMaker, GCP AI Platform, Azure ML, or equivalent). Solid understanding of data-engineering concepts: SQL/noSQL, data pipelines (Airflow, Prefect, or similar), and batch/streaming frameworks (Spark, Kafka). Leadership & Communication: Proven ability to lead cross-functional teams in ambiguous startup settings. Exceptional written and verbal communication skills-able to explain complex concepts to both technical and non-technical stakeholders. Experience recruiting and mentoring engineers or data scientists in a fast-paced environment. Education: Bachelor's or Master's in Computer Science, AI/ML, Electrical Engineering, Statistics, or a related field. (Ph.D. in AI/ML is a plus but not required if hands-on experience is extensive.) Preferred (Nice-to-Have) Prior experience in a stealth-mode or early-stage startup, ideally taking an AI product from 0 - 1. Background in a relevant domain (eg, healthcare AI, autonomous systems, finance, robotics, computer vision, or NLP). Hands-on experience with large-scale language models (LLMs) and prompt engineering (eg, GPT, BERT, T5 family). Familiarity with on-device or edge-AI deployments (eg, TensorFlow Lite, ONNX, mobile/Embedded inference). Knowledge of MLOps tooling (MLflow, Weights & Biases, Kubeflow, or similar) for experiment tracking and model governance. Open-source contributions or published papers in top-tier AI/ML conferences (NeurIPS, ICML, CVPR, ACL, etc.). Soft Skills & Cultural Fit Doer Mindset: You thrive in scrappy, ambiguous environments. You'll roll up your sleeves to write production code, prototype research ideas, and iterate quickly. Bias for Action: You favor shipping an MVP quickly, measuring impact, and iterating-over striving for perfect academic proofs that never see production. Ownership Mentality: You treat the startup as your own: you take responsibility for system uptime, data integrity, and feature adoption, not just model accuracy. Collaborative Attitude: You value cross-functional teamwork and can pivot between researcher mode and software engineer mode depending on the task at hand. Growth-Oriented: You continually learn new algorithms, architectures, and engineering best practices; you encourage team members to do the same. What We Offer Equity Package: Meaningful ownership stake, commensurate with an early leadership role. Competitive Compensation: Salary aligned with early-stage startup benchmarks; a large portion of the upside is in equity. Autonomy & Impact: You'll shape the technical direction of our AI stack and lay the groundwork for a market-leading product. Flexible Work Environment: Remote-friendly with occasional in-person retreats or team meetups. Learning Budget: Funds for conferences, courses, or publications to ensure you stay at the bleeding edge. Fast-Track Growth: As our first AI hire and eventual team leader, you'll rapidly expand your responsibilities-and the team you build-within months. How to Apply Please send your resume/CV and a brief cover letter with the subject line: Head of AI Application - [Your Name] In your cover letter, highlight: 1. A recent project where you built and deployed an AI/ML system end-to-end (include technical stack and impact). 2. Any leadership or mentoring experience guiding other engineers or data scientists. 3. Why you're excited to join a stealth startup and move quickly from prototype to production. We will review applications on a rolling basis and aim to schedule initial calls within two weeks of receipt. Equal Opportunity: We are committed to building a diverse team and welcome applicants of all backgrounds. We celebrate differences and encourage individuals who thrive in a fast-paced, collaborative, and impact-driven culture to apply. Ready to build world-class AI from day one? Come join us and help shape the future.
SENIOR IT TECHNICAL ENGINEER (Senior Network Engineer)(Based on site 4 days a week in Flimby, Cumbria) £50,000 - £65,000 depending upon experience, plus great benefits and every Friday off! WHO WE ARE: For over a century, we have been dedicated to empowering people through innovation and craftsmanship, driving positive change in communities across the globe. We challenge the status quo, guided by our core values, and foster a culture that welcomes every team member. Our goal is to inspire leaders and creatives to shape the future by taking bold actions today. JOB MISSION: As a Senior IT Technical Engineer, you will be responsible for maintaining the infrastructure, networks, and systems critical to the efficient operation of our manufacturing facility. Your expertise in networking, computer systems, and software-along with strong interpersonal skills-will be key as you work closely with stakeholders both onsite and with our global IT team. This role acts as the main IT liaison for the manufacturing team, requiring both technical proficiency and the ability to consult with business leaders to define requirements and solutions. You'll also participate in IT projects outside of the facility, with occasional travel within Europe. This position requires you to be onsite four days a week, with flexible hours to support a healthy work-life balance. KEY RESPONSIBILITIES: Oversee network hardware and IT equipment onsite, ensuring all end devices remain connected. Administer upgrades for equipment, hardware, and software, while maintaining asset management records. Participate in Agile teams with daily stand-ups, retrospectives, and iteration planning. Translate technical requirements from manufacturing partners into actionable plans for the IT team. Recommend, implement, and perform network improvements, upgrades, and repairs. Create and maintain IT documentation, including network configurations, mappings, and service records. Perform system backups and recovery. Provide technical support, troubleshooting, and training for staff as needed. Stay informed of industry trends and emerging technologies to strengthen infrastructure and security. Manage IT contracts and identify opportunities to maximize ROI. Collaborate with vendors and contractors to ensure high-quality IT service delivery. REQUIREMENTS FOR SUCCESS: Valid Driving License and Passport, as travel across the UK and Europe is required. Excellent communication skills, with the ability to convey technical concepts to non-technical audiences. Strong knowledge of networking technologies such as Cisco Catalyst switching, Cisco Meraki MS/MR/MX, Palo Alto Firewalls, HPE Aruba Wireless Controllers, and cloud-based solutions. CCNA certification is a plus. Extensive experience troubleshooting complex enterprise networks and systems. Hands-on technical expertise with network and operating systems. A proactive mindset with a focus on continuous improvement and technical research. Ability to present ideas clearly to individuals and groups, both in person and virtually. Highly self-motivated, detail-oriented, and capable of prioritizing tasks in a dynamic environment. Strong customer service focus and ability to work collaboratively with global IT teams. Experience with virtualization technologies (eg, Zerto, Azure Backup, Azure File Sync, Veeam) is desirable. Previous experience in a manufacturing environment and working in an Agile team is beneficial. BENEFITS: 4 days a week working schedule Relocation package Discretionary Bonus Opportunity Private Medical Insurance Dental Scheme Pension Scheme Life Insurance Employee Discounts Wellbeing and Mental Health support (24/7 Employment Assistance Program) If you would like to find out more please email me your CV (see below)
01/07/2025
Full time
SENIOR IT TECHNICAL ENGINEER (Senior Network Engineer)(Based on site 4 days a week in Flimby, Cumbria) £50,000 - £65,000 depending upon experience, plus great benefits and every Friday off! WHO WE ARE: For over a century, we have been dedicated to empowering people through innovation and craftsmanship, driving positive change in communities across the globe. We challenge the status quo, guided by our core values, and foster a culture that welcomes every team member. Our goal is to inspire leaders and creatives to shape the future by taking bold actions today. JOB MISSION: As a Senior IT Technical Engineer, you will be responsible for maintaining the infrastructure, networks, and systems critical to the efficient operation of our manufacturing facility. Your expertise in networking, computer systems, and software-along with strong interpersonal skills-will be key as you work closely with stakeholders both onsite and with our global IT team. This role acts as the main IT liaison for the manufacturing team, requiring both technical proficiency and the ability to consult with business leaders to define requirements and solutions. You'll also participate in IT projects outside of the facility, with occasional travel within Europe. This position requires you to be onsite four days a week, with flexible hours to support a healthy work-life balance. KEY RESPONSIBILITIES: Oversee network hardware and IT equipment onsite, ensuring all end devices remain connected. Administer upgrades for equipment, hardware, and software, while maintaining asset management records. Participate in Agile teams with daily stand-ups, retrospectives, and iteration planning. Translate technical requirements from manufacturing partners into actionable plans for the IT team. Recommend, implement, and perform network improvements, upgrades, and repairs. Create and maintain IT documentation, including network configurations, mappings, and service records. Perform system backups and recovery. Provide technical support, troubleshooting, and training for staff as needed. Stay informed of industry trends and emerging technologies to strengthen infrastructure and security. Manage IT contracts and identify opportunities to maximize ROI. Collaborate with vendors and contractors to ensure high-quality IT service delivery. REQUIREMENTS FOR SUCCESS: Valid Driving License and Passport, as travel across the UK and Europe is required. Excellent communication skills, with the ability to convey technical concepts to non-technical audiences. Strong knowledge of networking technologies such as Cisco Catalyst switching, Cisco Meraki MS/MR/MX, Palo Alto Firewalls, HPE Aruba Wireless Controllers, and cloud-based solutions. CCNA certification is a plus. Extensive experience troubleshooting complex enterprise networks and systems. Hands-on technical expertise with network and operating systems. A proactive mindset with a focus on continuous improvement and technical research. Ability to present ideas clearly to individuals and groups, both in person and virtually. Highly self-motivated, detail-oriented, and capable of prioritizing tasks in a dynamic environment. Strong customer service focus and ability to work collaboratively with global IT teams. Experience with virtualization technologies (eg, Zerto, Azure Backup, Azure File Sync, Veeam) is desirable. Previous experience in a manufacturing environment and working in an Agile team is beneficial. BENEFITS: 4 days a week working schedule Relocation package Discretionary Bonus Opportunity Private Medical Insurance Dental Scheme Pension Scheme Life Insurance Employee Discounts Wellbeing and Mental Health support (24/7 Employment Assistance Program) If you would like to find out more please email me your CV (see below)
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking an Information Technology Internal Auditor. Candidate will support independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for determining the sufficiency of management's controls and activities related to the management of regulatory, operational, and strategic risks and presenting recommendations for improvements to the engagement team. Responsibilities: Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, change management, security), engagement and alignment of change initiatives to business objectives. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Ability to understand professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and control. Keeping current on best practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Qualifications Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. [Preferred] Experience working in a complex, fast paced environment. [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). [Preferred] Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Required] Microsoft Office applications [Preferred] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Preferred] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Workday [Preferred] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Education: [Required] Bachelors degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. [Preferred] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
01/07/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking an Information Technology Internal Auditor. Candidate will support independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for determining the sufficiency of management's controls and activities related to the management of regulatory, operational, and strategic risks and presenting recommendations for improvements to the engagement team. Responsibilities: Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, change management, security), engagement and alignment of change initiatives to business objectives. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Ability to understand professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and control. Keeping current on best practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Qualifications Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. [Preferred] Experience working in a complex, fast paced environment. [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). [Preferred] Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Required] Microsoft Office applications [Preferred] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Preferred] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Workday [Preferred] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Education: [Required] Bachelors degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. [Preferred] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking a Principal Technology Platform Engineer. Candidate will be a senior member of the team, and be responsible for collaborating with stakeholders, partner teams, and solutions architects to research and engineer available technologies as part of a comprehensive requirements-driven solution design. Candidate will be developing technology engineering requirements and leading proof-of-concept and laboratory testing efforts using modern approaches to process and automation. Responsibilities: Key contributor to technology platform design, testing, and implementation process to introduce new technology and improve existing technology initiatives for hybrid cloud and on-premises infrastructure within the Data Centers. Define and implement testing and success criteria for platforms, products, and technologies to ensure alignment with business, security, and architecture objectives. Lead and participate in exploratory proof-of-concept engagements and technology stress testing to determine solution feasibility and stability. Collaborate with various partner teams across technology, security, and business to provide technical consultation as part of projects and daily business activities. Create technical knowledge and guideline documentation for new and existing technologies to assist partner teams with knowledge transfer for execution and operations. Develop and maintain scalable DevSecOps pipelines, including CI/CD, Infrastructure as Code, and automated security scanning. No direct supervision, but candidate will provide mentorship to members of the team. Qualifications: Excellent oral and written communication. Ability to think strategically and map architectural decisions/recommendations to business needs Ability to work independently and collaboratively with local and remote employees, vendors, and consultants. Must possess critical values, including (but not limited to) collaboration, credibility, trust, adaptability and commitment to do the right thing. Proven track record of collaborating cross-functionally and delivering impactful technical solutions. Technical Skills: Experience developing CI/CD workflows using tools like Github Actions, Jenkins, Azure DevOps Pipelines, AWS CodePipeline, etc Familiarity with GitOps driven deployment tooling with solutions using tools like ArgoCD, FluxCD, etc In-depth knowledge of Observability and enterprise-level monitoring, logging, and alerting solutions through tools like Prometheus, Elasticsearch, Grafana, etc Experience with Cloud native technologies such as Kubernetes, ECS or Azure Container instances. Understanding of enterprise-grade networking technologies, including Routers, Switches, Firewalls and load balancers. Knowledge of network security protocols and certificate-based authentication Deeply experienced with infrastructure as code, like Terraform, OpenTofu or Pulumi Experience working with authentication protocols and suites ( LDAP, Kerberos, SAML, etc.), multi-factor authentication and password-less platforms and technologies, role-based access control and entitlements, etc. Solid understanding of common database technologies on-premises and in the cloud (PostgreSQL, MongoDB, Redis, MSSQL, etc ), data field hardening and encryption, access controls, high-availability, etc. Understanding of governance frameworks and standards such as COBIT, NIST CSF are a plus. Experience with regulatory frameworks such as Reg SCI and CFTC 99.18 are a plus. Education and/or Experience: [Preferred] 10+ years of progressive experience as a senior/lead engineer in a DevOps, SRE or infrastructure-focused role [Required] Deep expertise in cloud computing platforms (AWS, Azure, Google Cloud Platform, etc.) and infrastructure as code using tools like Terraform, Ansible, etc. [Required] Strong background in designing and maintaining CI/CD pipelines, with experience integration security testing and compliance [Required] Proficient in Scripting and programming languages such as Python, Bash or Go [Required] Understanding of traditional on-premises data center technologies and hybrid cloud architecture [Preferred] Bachelor's degree or higher in a technical field
01/07/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking a Principal Technology Platform Engineer. Candidate will be a senior member of the team, and be responsible for collaborating with stakeholders, partner teams, and solutions architects to research and engineer available technologies as part of a comprehensive requirements-driven solution design. Candidate will be developing technology engineering requirements and leading proof-of-concept and laboratory testing efforts using modern approaches to process and automation. Responsibilities: Key contributor to technology platform design, testing, and implementation process to introduce new technology and improve existing technology initiatives for hybrid cloud and on-premises infrastructure within the Data Centers. Define and implement testing and success criteria for platforms, products, and technologies to ensure alignment with business, security, and architecture objectives. Lead and participate in exploratory proof-of-concept engagements and technology stress testing to determine solution feasibility and stability. Collaborate with various partner teams across technology, security, and business to provide technical consultation as part of projects and daily business activities. Create technical knowledge and guideline documentation for new and existing technologies to assist partner teams with knowledge transfer for execution and operations. Develop and maintain scalable DevSecOps pipelines, including CI/CD, Infrastructure as Code, and automated security scanning. No direct supervision, but candidate will provide mentorship to members of the team. Qualifications: Excellent oral and written communication. Ability to think strategically and map architectural decisions/recommendations to business needs Ability to work independently and collaboratively with local and remote employees, vendors, and consultants. Must possess critical values, including (but not limited to) collaboration, credibility, trust, adaptability and commitment to do the right thing. Proven track record of collaborating cross-functionally and delivering impactful technical solutions. Technical Skills: Experience developing CI/CD workflows using tools like Github Actions, Jenkins, Azure DevOps Pipelines, AWS CodePipeline, etc Familiarity with GitOps driven deployment tooling with solutions using tools like ArgoCD, FluxCD, etc In-depth knowledge of Observability and enterprise-level monitoring, logging, and alerting solutions through tools like Prometheus, Elasticsearch, Grafana, etc Experience with Cloud native technologies such as Kubernetes, ECS or Azure Container instances. Understanding of enterprise-grade networking technologies, including Routers, Switches, Firewalls and load balancers. Knowledge of network security protocols and certificate-based authentication Deeply experienced with infrastructure as code, like Terraform, OpenTofu or Pulumi Experience working with authentication protocols and suites ( LDAP, Kerberos, SAML, etc.), multi-factor authentication and password-less platforms and technologies, role-based access control and entitlements, etc. Solid understanding of common database technologies on-premises and in the cloud (PostgreSQL, MongoDB, Redis, MSSQL, etc ), data field hardening and encryption, access controls, high-availability, etc. Understanding of governance frameworks and standards such as COBIT, NIST CSF are a plus. Experience with regulatory frameworks such as Reg SCI and CFTC 99.18 are a plus. Education and/or Experience: [Preferred] 10+ years of progressive experience as a senior/lead engineer in a DevOps, SRE or infrastructure-focused role [Required] Deep expertise in cloud computing platforms (AWS, Azure, Google Cloud Platform, etc.) and infrastructure as code using tools like Terraform, Ansible, etc. [Required] Strong background in designing and maintaining CI/CD pipelines, with experience integration security testing and compliance [Required] Proficient in Scripting and programming languages such as Python, Bash or Go [Required] Understanding of traditional on-premises data center technologies and hybrid cloud architecture [Preferred] Bachelor's degree or higher in a technical field
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking an Information Technology Internal Auditor. Candidate will support independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for determining the sufficiency of management's controls and activities related to the management of regulatory, operational, and strategic risks and presenting recommendations for improvements to the engagement team. Responsibilities: Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, change management, security), engagement and alignment of change initiatives to business objectives. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Ability to understand professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and control. Keeping current on best practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Qualifications Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. [Preferred] Experience working in a complex, fast paced environment. [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). [Preferred] Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Required] Microsoft Office applications [Preferred] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Preferred] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Workday [Preferred] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Education: [Required] Bachelors degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. [Preferred] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
30/06/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking an Information Technology Internal Auditor. Candidate will support independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for determining the sufficiency of management's controls and activities related to the management of regulatory, operational, and strategic risks and presenting recommendations for improvements to the engagement team. Responsibilities: Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, change management, security), engagement and alignment of change initiatives to business objectives. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Ability to understand professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and control. Keeping current on best practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Qualifications Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. [Preferred] Experience working in a complex, fast paced environment. [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). [Preferred] Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Required] Microsoft Office applications [Preferred] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Preferred] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Workday [Preferred] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Education: [Required] Bachelors degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. [Preferred] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking a Principal Technology Platform Engineer. Candidate will be a senior member of the team, and be responsible for collaborating with stakeholders, partner teams, and solutions architects to research and engineer available technologies as part of a comprehensive requirements-driven solution design. Candidate will be developing technology engineering requirements and leading proof-of-concept and laboratory testing efforts using modern approaches to process and automation. Responsibilities: Key contributor to technology platform design, testing, and implementation process to introduce new technology and improve existing technology initiatives for hybrid cloud and on-premises infrastructure within the Data Centers. Define and implement testing and success criteria for platforms, products, and technologies to ensure alignment with business, security, and architecture objectives. Lead and participate in exploratory proof-of-concept engagements and technology stress testing to determine solution feasibility and stability. Collaborate with various partner teams across technology, security, and business to provide technical consultation as part of projects and daily business activities. Create technical knowledge and guideline documentation for new and existing technologies to assist partner teams with knowledge transfer for execution and operations. Develop and maintain scalable DevSecOps pipelines, including CI/CD, Infrastructure as Code, and automated security scanning. No direct supervision, but candidate will provide mentorship to members of the team. Qualifications: Excellent oral and written communication. Ability to think strategically and map architectural decisions/recommendations to business needs Ability to work independently and collaboratively with local and remote employees, vendors, and consultants. Must possess critical values, including (but not limited to) collaboration, credibility, trust, adaptability and commitment to do the right thing. Proven track record of collaborating cross-functionally and delivering impactful technical solutions. Technical Skills: Experience developing CI/CD workflows using tools like Github Actions, Jenkins, Azure DevOps Pipelines, AWS CodePipeline, etc Familiarity with GitOps driven deployment tooling with solutions using tools like ArgoCD, FluxCD, etc In-depth knowledge of Observability and enterprise-level monitoring, logging, and alerting solutions through tools like Prometheus, Elasticsearch, Grafana, etc Experience with Cloud native technologies such as Kubernetes, ECS or Azure Container instances. Understanding of enterprise-grade networking technologies, including Routers, Switches, Firewalls and load balancers. Knowledge of network security protocols and certificate-based authentication Deeply experienced with infrastructure as code, like Terraform, OpenTofu or Pulumi Experience working with authentication protocols and suites ( LDAP, Kerberos, SAML, etc.), multi-factor authentication and password-less platforms and technologies, role-based access control and entitlements, etc. Solid understanding of common database technologies on-premises and in the cloud (PostgreSQL, MongoDB, Redis, MSSQL, etc ), data field hardening and encryption, access controls, high-availability, etc. Understanding of governance frameworks and standards such as COBIT, NIST CSF are a plus. Experience with regulatory frameworks such as Reg SCI and CFTC 99.18 are a plus. Education and/or Experience: [Preferred] 10+ years of progressive experience as a senior/lead engineer in a DevOps, SRE or infrastructure-focused role [Required] Deep expertise in cloud computing platforms (AWS, Azure, Google Cloud Platform, etc.) and infrastructure as code using tools like Terraform, Ansible, etc. [Required] Strong background in designing and maintaining CI/CD pipelines, with experience integration security testing and compliance [Required] Proficient in Scripting and programming languages such as Python, Bash or Go [Required] Understanding of traditional on-premises data center technologies and hybrid cloud architecture [Preferred] Bachelor's degree or higher in a technical field
30/06/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking a Principal Technology Platform Engineer. Candidate will be a senior member of the team, and be responsible for collaborating with stakeholders, partner teams, and solutions architects to research and engineer available technologies as part of a comprehensive requirements-driven solution design. Candidate will be developing technology engineering requirements and leading proof-of-concept and laboratory testing efforts using modern approaches to process and automation. Responsibilities: Key contributor to technology platform design, testing, and implementation process to introduce new technology and improve existing technology initiatives for hybrid cloud and on-premises infrastructure within the Data Centers. Define and implement testing and success criteria for platforms, products, and technologies to ensure alignment with business, security, and architecture objectives. Lead and participate in exploratory proof-of-concept engagements and technology stress testing to determine solution feasibility and stability. Collaborate with various partner teams across technology, security, and business to provide technical consultation as part of projects and daily business activities. Create technical knowledge and guideline documentation for new and existing technologies to assist partner teams with knowledge transfer for execution and operations. Develop and maintain scalable DevSecOps pipelines, including CI/CD, Infrastructure as Code, and automated security scanning. No direct supervision, but candidate will provide mentorship to members of the team. Qualifications: Excellent oral and written communication. Ability to think strategically and map architectural decisions/recommendations to business needs Ability to work independently and collaboratively with local and remote employees, vendors, and consultants. Must possess critical values, including (but not limited to) collaboration, credibility, trust, adaptability and commitment to do the right thing. Proven track record of collaborating cross-functionally and delivering impactful technical solutions. Technical Skills: Experience developing CI/CD workflows using tools like Github Actions, Jenkins, Azure DevOps Pipelines, AWS CodePipeline, etc Familiarity with GitOps driven deployment tooling with solutions using tools like ArgoCD, FluxCD, etc In-depth knowledge of Observability and enterprise-level monitoring, logging, and alerting solutions through tools like Prometheus, Elasticsearch, Grafana, etc Experience with Cloud native technologies such as Kubernetes, ECS or Azure Container instances. Understanding of enterprise-grade networking technologies, including Routers, Switches, Firewalls and load balancers. Knowledge of network security protocols and certificate-based authentication Deeply experienced with infrastructure as code, like Terraform, OpenTofu or Pulumi Experience working with authentication protocols and suites ( LDAP, Kerberos, SAML, etc.), multi-factor authentication and password-less platforms and technologies, role-based access control and entitlements, etc. Solid understanding of common database technologies on-premises and in the cloud (PostgreSQL, MongoDB, Redis, MSSQL, etc ), data field hardening and encryption, access controls, high-availability, etc. Understanding of governance frameworks and standards such as COBIT, NIST CSF are a plus. Experience with regulatory frameworks such as Reg SCI and CFTC 99.18 are a plus. Education and/or Experience: [Preferred] 10+ years of progressive experience as a senior/lead engineer in a DevOps, SRE or infrastructure-focused role [Required] Deep expertise in cloud computing platforms (AWS, Azure, Google Cloud Platform, etc.) and infrastructure as code using tools like Terraform, Ansible, etc. [Required] Strong background in designing and maintaining CI/CD pipelines, with experience integration security testing and compliance [Required] Proficient in Scripting and programming languages such as Python, Bash or Go [Required] Understanding of traditional on-premises data center technologies and hybrid cloud architecture [Preferred] Bachelor's degree or higher in a technical field
