Cyber Security Engineer Summary: Grade: 3B Contract Type: Permanent Location: London Reporting to: Head of Cyber Operations Division: CISO The Purpose of the Role This role will be responsible for delivering new security capabilities within the cloud, branch and college environments to improve the overall security posture of Postoffice. To support the long-term strategic goals of Cyber Operations Teams. We act as the first line of defense for attacks aimed against us internally or externally. The successful candidate will contribute to cross functional collaboration to ensure appropriate security measures, technologies and processes are in place. This role will report to the Security Engineering Lead. Principal Accountabilities As a Cyber Security Engineer, you will be responsible for the engineering code configuration of multiple systems Working along side SOC and other cyber teams. You would be expected to show: • Office365 Cyber Threat and Management capabilities, including digital policy configuration, DLP, AIP, Intune and other MS security event mechanisms. • SIEM use case development, testing and false-positive tuning for Sentinel as primary with additional initiatives in cloud SIEMS for Splunk and AWS Security Hub. • Working with tools such as; Mimecast, Symantec Endpoint Protection, ServiceNow • Security event triage and investigation of alerts from multiple sources. • Help fine tune and improve SIEM use cases and Microsoft polices. • Support threat hunting based on threat intelligence and improve alerting. • Influence and drive continuous improvement in our SecOps capabilities. • Demonstrable experience in SecOps and working with technologies such as SIEM, SOAR and EDR. • Good level of understanding of threat actors and Tactics, Techniques, and Procedures utilised. Coordination and prioritisation of efforts will be at the discretion of the Cyber Engineering Lead. This role also includes a close working alignment with SOC Analysts to ensure effective monitoring is delivered. Qualifications, Experience & Skills Ideally have experience in the below: • AZ-500 or comparable level of knowledge • Understanding and being able articulate emerging threats and incidents to different audiences, including technical, operations management, senior management and executives. • Using industry leading technology to create detections to threats to our networks from external and internal threat actors. • Overseeing the day to day maintenance of Security tooling • Working with senior stakeholders to support a threat led approach to generate mitigation and countermeasures through SIEM use case • Working with third-party suppliers and vendors • Taking part in post-incident reviews and proposing engineering resolutions to improve results in any future recurrence • Excellent team player but also confident working on own initiative. • Strong communication skills (both written and oral) and interpersonal skills at all levels • An understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection, vulnerability scanning etc. • A good understanding of cyber security concepts and systems/solutions such as IDM, EDR, DLP, SIEM, SSO etc. • Understanding of the Cyber Kill Chain and MITRE ATT&CK • Worked with or an understanding of EDR systems such as Defender or Symantec. • Commissioning Splunk infrastructure such as heavy and universal forwarders • Configuring and setting up data connectors within Sentinel • The creation and maintenance of Log Analytic Workspaces • experience with Microsoft KQL Experience required: • Excellent self-motivation skills • Proven experience or demonstrate working knowledge of Splunk or Sentinel. • Ability to share knowledge with the wider team • Business player with an appreciation of the wider implications of the unit to the future success of the Post Office. • Sound analytical skills. • A keen interest in cyber security with an enthusiasm for personal and professional growth • At least 5 years' experience in SecOps or IT Security. • Familiarity with enterprise security controls and security best practices for Windows, Linux, and Mac systems or similar • Experience working with Python and Linux shell scripts or similar • Experience or demonstrable knowledge in Incident response, log analysis, Log ingestion and event data sources. About Post Office The Post Office has thrived at the heart of high streets and local communities across the UK for over 370 years. As one of the country's most trusted brands, we take our commitment to providing essential services to customers across the UK very seriously. We're the UK's largest retail network, as well as the largest financial services provider in the UK, with over 11,600 branches nationwide - more than all of the UK's banks and building societies put together. We know that the best way to provide a great service for customers is to evolve our business and adapt to their changing needs. That's why we have a range of over 170 products and services, from personal financial services like banking, insurance, payments and travel money, to telecoms and, of course, mails. And we're improving our online and in store experience for customers. We know that our customers never stop changing, so neither will we. Securing the future Post Office's future: We are working hard to ensure that the next chapter of the Post Office's history is a bright one. We are the current guardians of an iconic business and we want to hand over a thriving network of branches which can continue to provide essential products and services for our customers for many years to come. This is a uniquely exciting and challenging time for the Post Office - we're shaping the future and creating a business we can all be proud of. Working at the Post Office: Post Office colleagues are the driving force behind our business. Whether they are in our branches or supporting from our offices, we are proud of the energy, commitment and customer focus our people all have in common. All Post Office people are guided by our three values and behaviours: We care by always thinking customer We strive to make things ever better through honest challenge We commit to decisive deliver The Post Office embraces diversity and inclusion in the workplace and actively promote working without discrimination. We are also a Disability Confident Employer and are committed to interviewing disabled people who meet our minimum criteria for the job.
01/04/2023
Full time
Cyber Security Engineer Summary: Grade: 3B Contract Type: Permanent Location: London Reporting to: Head of Cyber Operations Division: CISO The Purpose of the Role This role will be responsible for delivering new security capabilities within the cloud, branch and college environments to improve the overall security posture of Postoffice. To support the long-term strategic goals of Cyber Operations Teams. We act as the first line of defense for attacks aimed against us internally or externally. The successful candidate will contribute to cross functional collaboration to ensure appropriate security measures, technologies and processes are in place. This role will report to the Security Engineering Lead. Principal Accountabilities As a Cyber Security Engineer, you will be responsible for the engineering code configuration of multiple systems Working along side SOC and other cyber teams. You would be expected to show: • Office365 Cyber Threat and Management capabilities, including digital policy configuration, DLP, AIP, Intune and other MS security event mechanisms. • SIEM use case development, testing and false-positive tuning for Sentinel as primary with additional initiatives in cloud SIEMS for Splunk and AWS Security Hub. • Working with tools such as; Mimecast, Symantec Endpoint Protection, ServiceNow • Security event triage and investigation of alerts from multiple sources. • Help fine tune and improve SIEM use cases and Microsoft polices. • Support threat hunting based on threat intelligence and improve alerting. • Influence and drive continuous improvement in our SecOps capabilities. • Demonstrable experience in SecOps and working with technologies such as SIEM, SOAR and EDR. • Good level of understanding of threat actors and Tactics, Techniques, and Procedures utilised. Coordination and prioritisation of efforts will be at the discretion of the Cyber Engineering Lead. This role also includes a close working alignment with SOC Analysts to ensure effective monitoring is delivered. Qualifications, Experience & Skills Ideally have experience in the below: • AZ-500 or comparable level of knowledge • Understanding and being able articulate emerging threats and incidents to different audiences, including technical, operations management, senior management and executives. • Using industry leading technology to create detections to threats to our networks from external and internal threat actors. • Overseeing the day to day maintenance of Security tooling • Working with senior stakeholders to support a threat led approach to generate mitigation and countermeasures through SIEM use case • Working with third-party suppliers and vendors • Taking part in post-incident reviews and proposing engineering resolutions to improve results in any future recurrence • Excellent team player but also confident working on own initiative. • Strong communication skills (both written and oral) and interpersonal skills at all levels • An understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection, vulnerability scanning etc. • A good understanding of cyber security concepts and systems/solutions such as IDM, EDR, DLP, SIEM, SSO etc. • Understanding of the Cyber Kill Chain and MITRE ATT&CK • Worked with or an understanding of EDR systems such as Defender or Symantec. • Commissioning Splunk infrastructure such as heavy and universal forwarders • Configuring and setting up data connectors within Sentinel • The creation and maintenance of Log Analytic Workspaces • experience with Microsoft KQL Experience required: • Excellent self-motivation skills • Proven experience or demonstrate working knowledge of Splunk or Sentinel. • Ability to share knowledge with the wider team • Business player with an appreciation of the wider implications of the unit to the future success of the Post Office. • Sound analytical skills. • A keen interest in cyber security with an enthusiasm for personal and professional growth • At least 5 years' experience in SecOps or IT Security. • Familiarity with enterprise security controls and security best practices for Windows, Linux, and Mac systems or similar • Experience working with Python and Linux shell scripts or similar • Experience or demonstrable knowledge in Incident response, log analysis, Log ingestion and event data sources. About Post Office The Post Office has thrived at the heart of high streets and local communities across the UK for over 370 years. As one of the country's most trusted brands, we take our commitment to providing essential services to customers across the UK very seriously. We're the UK's largest retail network, as well as the largest financial services provider in the UK, with over 11,600 branches nationwide - more than all of the UK's banks and building societies put together. We know that the best way to provide a great service for customers is to evolve our business and adapt to their changing needs. That's why we have a range of over 170 products and services, from personal financial services like banking, insurance, payments and travel money, to telecoms and, of course, mails. And we're improving our online and in store experience for customers. We know that our customers never stop changing, so neither will we. Securing the future Post Office's future: We are working hard to ensure that the next chapter of the Post Office's history is a bright one. We are the current guardians of an iconic business and we want to hand over a thriving network of branches which can continue to provide essential products and services for our customers for many years to come. This is a uniquely exciting and challenging time for the Post Office - we're shaping the future and creating a business we can all be proud of. Working at the Post Office: Post Office colleagues are the driving force behind our business. Whether they are in our branches or supporting from our offices, we are proud of the energy, commitment and customer focus our people all have in common. All Post Office people are guided by our three values and behaviours: We care by always thinking customer We strive to make things ever better through honest challenge We commit to decisive deliver The Post Office embraces diversity and inclusion in the workplace and actively promote working without discrimination. We are also a Disability Confident Employer and are committed to interviewing disabled people who meet our minimum criteria for the job.
Cyber Security Engineer Summary: Grade: 3B Contract Type: Permanent Location: London Reporting to: Head of Cyber Operations Division: CISO The Purpose of the Role This role will be responsible for delivering new security capabilities within the cloud, branch and college environments to improve the overall security posture of Postoffice. To support the long-term strategic goals of Cyber Operations Teams. We act as the first line of defense for attacks aimed against us internally or externally. The successful candidate will contribute to cross functional collaboration to ensure appropriate security measures, technologies and processes are in place. This role will report to the Security Engineering Lead. Principal Accountabilities As a Cyber Security Engineer, you will be responsible for the engineering code configuration of multiple systems Working along side SOC and other cyber teams. You would be expected to show: • Office365 Cyber Threat and Management capabilities, including digital policy configuration, DLP, AIP, Intune and other MS security event mechanisms. • SIEM use case development, testing and false-positive tuning for Sentinel as primary with additional initiatives in cloud SIEMS for Splunk and AWS Security Hub. • Working with tools such as; Mimecast, Symantec Endpoint Protection, ServiceNow • Security event triage and investigation of alerts from multiple sources. • Help fine tune and improve SIEM use cases and Microsoft polices. • Support threat hunting based on threat intelligence and improve alerting. • Influence and drive continuous improvement in our SecOps capabilities. • Demonstrable experience in SecOps and working with technologies such as SIEM, SOAR and EDR. • Good level of understanding of threat actors and Tactics, Techniques, and Procedures utilised. Coordination and prioritisation of efforts will be at the discretion of the Cyber Engineering Lead. This role also includes a close working alignment with SOC Analysts to ensure effective monitoring is delivered. Qualifications, Experience & Skills Ideally have experience in the below: • AZ-500 or comparable level of knowledge • Understanding and being able articulate emerging threats and incidents to different audiences, including technical, operations management, senior management and executives. • Using industry leading technology to create detections to threats to our networks from external and internal threat actors. • Overseeing the day to day maintenance of Security tooling • Working with senior stakeholders to support a threat led approach to generate mitigation and countermeasures through SIEM use case • Working with third-party suppliers and vendors • Taking part in post-incident reviews and proposing engineering resolutions to improve results in any future recurrence • Excellent team player but also confident working on own initiative. • Strong communication skills (both written and oral) and interpersonal skills at all levels • An understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection, vulnerability scanning etc. • A good understanding of cyber security concepts and systems/ solutions such as IDM, EDR, DLP, SIEM, SSO etc. • Understanding of the Cyber Kill Chain and MITRE ATT&CK • Worked with or an understanding of EDR systems such as Defender or Symantec. • Commissioning Splunk infrastructure such as heavy and universal forwarders • Configuring and setting up data connectors within Sentinel • The creation and maintenance of Log Analytic Workspaces • experience with Microsoft KQL Experience required: • Excellent self-motivation skills • Proven experience or demonstrate working knowledge of Splunk or Sentinel. • Ability to share knowledge with the wider team • Business player with an appreciation of the wider implications of the unit to the future success of the Post Office. • Sound analytical skills. • A keen interest in cyber security with an enthusiasm for personal and professional growth • At least 5 years' experience in SecOps or IT Security. • Familiarity with enterprise security controls and security best practices for Windows, Linux, and Mac systems or similar • Experience working with Python and Linux shell scripts or similar • Experience or demonstrable knowledge in Incident response, log analysis, Log ingestion and event data sources. About Post Office The Post Office has thrived at the heart of high streets and local communities across the UK for over 370 years. As one of the country's most trusted brands, we take our commitment to providing essential services to customers across the UK very seriously. We're the UK's largest retail network, as well as the largest financial services provider in the UK, with over 11,600 branches nationwide - more than all of the UK's banks and building societies put together. We know that the best way to provide a great service for customers is to evolve our business and adapt to their changing needs. That's why we have a range of over 170 products and services, from personal financial services like banking, insurance, payments and travel money, to telecoms and, of course, mails. And we're improving our online and in store experience for customers. We know that our customers never stop changing, so neither will we. Securing the future Post Office's future: We are working hard to ensure that the next chapter of the Post Office's history is a bright one. We are the current guardians of an iconic business and we want to hand over a thriving network of branches which can continue to provide essential products and services for our customers for many years to come. This is a uniquely exciting and challenging time for the Post Office - we're shaping the future and creating a business we can all be proud of. Working at the Post Office: Post Office colleagues are the driving force behind our business. Whether they are in our branches or supporting from our offices, we are proud of the energy, commitment and customer focus our people all have in common. All Post Office people are guided by our three values and behaviours: We care by always thinking customer We strive to make things ever better through honest challenge We commit to decisive deliver The Post Office embraces diversity and inclusion in the workplace and actively promote working without discrimination. We are also a Disability Confident Employer and are committed to interviewing disabled people who meet our minimum criteria for the job.
01/04/2023
Full time
Cyber Security Engineer Summary: Grade: 3B Contract Type: Permanent Location: London Reporting to: Head of Cyber Operations Division: CISO The Purpose of the Role This role will be responsible for delivering new security capabilities within the cloud, branch and college environments to improve the overall security posture of Postoffice. To support the long-term strategic goals of Cyber Operations Teams. We act as the first line of defense for attacks aimed against us internally or externally. The successful candidate will contribute to cross functional collaboration to ensure appropriate security measures, technologies and processes are in place. This role will report to the Security Engineering Lead. Principal Accountabilities As a Cyber Security Engineer, you will be responsible for the engineering code configuration of multiple systems Working along side SOC and other cyber teams. You would be expected to show: • Office365 Cyber Threat and Management capabilities, including digital policy configuration, DLP, AIP, Intune and other MS security event mechanisms. • SIEM use case development, testing and false-positive tuning for Sentinel as primary with additional initiatives in cloud SIEMS for Splunk and AWS Security Hub. • Working with tools such as; Mimecast, Symantec Endpoint Protection, ServiceNow • Security event triage and investigation of alerts from multiple sources. • Help fine tune and improve SIEM use cases and Microsoft polices. • Support threat hunting based on threat intelligence and improve alerting. • Influence and drive continuous improvement in our SecOps capabilities. • Demonstrable experience in SecOps and working with technologies such as SIEM, SOAR and EDR. • Good level of understanding of threat actors and Tactics, Techniques, and Procedures utilised. Coordination and prioritisation of efforts will be at the discretion of the Cyber Engineering Lead. This role also includes a close working alignment with SOC Analysts to ensure effective monitoring is delivered. Qualifications, Experience & Skills Ideally have experience in the below: • AZ-500 or comparable level of knowledge • Understanding and being able articulate emerging threats and incidents to different audiences, including technical, operations management, senior management and executives. • Using industry leading technology to create detections to threats to our networks from external and internal threat actors. • Overseeing the day to day maintenance of Security tooling • Working with senior stakeholders to support a threat led approach to generate mitigation and countermeasures through SIEM use case • Working with third-party suppliers and vendors • Taking part in post-incident reviews and proposing engineering resolutions to improve results in any future recurrence • Excellent team player but also confident working on own initiative. • Strong communication skills (both written and oral) and interpersonal skills at all levels • An understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection, vulnerability scanning etc. • A good understanding of cyber security concepts and systems/ solutions such as IDM, EDR, DLP, SIEM, SSO etc. • Understanding of the Cyber Kill Chain and MITRE ATT&CK • Worked with or an understanding of EDR systems such as Defender or Symantec. • Commissioning Splunk infrastructure such as heavy and universal forwarders • Configuring and setting up data connectors within Sentinel • The creation and maintenance of Log Analytic Workspaces • experience with Microsoft KQL Experience required: • Excellent self-motivation skills • Proven experience or demonstrate working knowledge of Splunk or Sentinel. • Ability to share knowledge with the wider team • Business player with an appreciation of the wider implications of the unit to the future success of the Post Office. • Sound analytical skills. • A keen interest in cyber security with an enthusiasm for personal and professional growth • At least 5 years' experience in SecOps or IT Security. • Familiarity with enterprise security controls and security best practices for Windows, Linux, and Mac systems or similar • Experience working with Python and Linux shell scripts or similar • Experience or demonstrable knowledge in Incident response, log analysis, Log ingestion and event data sources. About Post Office The Post Office has thrived at the heart of high streets and local communities across the UK for over 370 years. As one of the country's most trusted brands, we take our commitment to providing essential services to customers across the UK very seriously. We're the UK's largest retail network, as well as the largest financial services provider in the UK, with over 11,600 branches nationwide - more than all of the UK's banks and building societies put together. We know that the best way to provide a great service for customers is to evolve our business and adapt to their changing needs. That's why we have a range of over 170 products and services, from personal financial services like banking, insurance, payments and travel money, to telecoms and, of course, mails. And we're improving our online and in store experience for customers. We know that our customers never stop changing, so neither will we. Securing the future Post Office's future: We are working hard to ensure that the next chapter of the Post Office's history is a bright one. We are the current guardians of an iconic business and we want to hand over a thriving network of branches which can continue to provide essential products and services for our customers for many years to come. This is a uniquely exciting and challenging time for the Post Office - we're shaping the future and creating a business we can all be proud of. Working at the Post Office: Post Office colleagues are the driving force behind our business. Whether they are in our branches or supporting from our offices, we are proud of the energy, commitment and customer focus our people all have in common. All Post Office people are guided by our three values and behaviours: We care by always thinking customer We strive to make things ever better through honest challenge We commit to decisive deliver The Post Office embraces diversity and inclusion in the workplace and actively promote working without discrimination. We are also a Disability Confident Employer and are committed to interviewing disabled people who meet our minimum criteria for the job.
Associate Principal, Cyber Defense Associate Principal, Cyber Defense SALARY: $150K - $165K PLUS 15% BONUS Hybrid: 3 days on site, 2 days remote SELLING POINTS: cyber security analysis digital computer forensics incident response application security operating system windows Linux cryptographic controls network programming language incident response web applications Firewall and security orchestration automation response tools network sniffers packet tracing tools DSS NAI SnifferPro ethereal and tcp dump The Associate Principal, Cyber Defense will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. Position will enhance the process around monitoring third-party security-related feeds, websites, forums, and mailing lists for information regarding cyber threats, vulnerabilities, and exploits. Primary Duties and Responsibilities: Incident Management and Security Analysis: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Qualifications : Incident Response playbook development managing incident analysis and remediation. Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Standard technical writing tools including MS Word, Excel, Project and Visio Education and/or Experience: Minimum three years of information security experience, preferably in the financial services industry. Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Industry knowledge of leading-edge security technologies and methods
31/03/2023
Full time
Associate Principal, Cyber Defense Associate Principal, Cyber Defense SALARY: $150K - $165K PLUS 15% BONUS Hybrid: 3 days on site, 2 days remote SELLING POINTS: cyber security analysis digital computer forensics incident response application security operating system windows Linux cryptographic controls network programming language incident response web applications Firewall and security orchestration automation response tools network sniffers packet tracing tools DSS NAI SnifferPro ethereal and tcp dump The Associate Principal, Cyber Defense will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. Position will enhance the process around monitoring third-party security-related feeds, websites, forums, and mailing lists for information regarding cyber threats, vulnerabilities, and exploits. Primary Duties and Responsibilities: Incident Management and Security Analysis: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Qualifications : Incident Response playbook development managing incident analysis and remediation. Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Standard technical writing tools including MS Word, Excel, Project and Visio Education and/or Experience: Minimum three years of information security experience, preferably in the financial services industry. Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Industry knowledge of leading-edge security technologies and methods
Request Technology - Craig Johnson
East Chicago, Indiana
*We are unable to sponsor for this permanent Full time role* Prestigious Enterprise Company is currently seeking an Information Security Engineer. Candidate is responsible for maintaining and implementing the cybersecurity infrastructure and program. This position will work very closely and collaborate with other technical teams to respond to threats as well as on a daily basis to maintain the security posture of the environment. Responsibilities: This position works on highly complex projects and maintains knowledge across multiple domains (networking, server, end points, mobile, cloud, etc.). The Information Security Engineer has a thorough understanding of network defense technologies, TCP/IP Networking, Active Directory, DHCP, DNS, network security monitoring tools, secure engineering principles and technical security testing. This is a hands-on role which will be involved in patching, maintaining Firewalls, scanning for vulnerabilities, keeping current on the latest security threats and trends, and reviewing technical architecture for security compliance. This individual will be regarded as an expert in all things cybersecurity related. Qualifications: Bachelor's Degree in Business, Computer Science or related field. 3-5 years of enterprise IT security engineering experience. CISSP preferred. Must possess expert understanding of Information Technology, Information Security, and Risk Management. Knowledge of security and control frameworks, such as ISO 17799, COBIT, and NIST CyberSecurity Framework. Systems Security Certified Practitioner (SSCP), CompTIA Security+, or GIAC Security Essentials Certification (GSEC) certification required or must be obtained within 2 years of hire. Experience with ProofPoint, Cisco AMP, SpecOps and other industry standard security tools. Experience with Palo Alto Firewalls Advanced knowledge of Network Security Advanced knowledge of Endpoint Security Advanced knowledge of Server hardening, patching, and base-lining Advanced knowledge of Mobile device security Advanced knowledge of Data Loss Prevention Advanced knowledge of IDS/IPS Advanced knowledge of Log analysis Skilled Critical Thinking Cisco ISE or NAC experience desired Keeps current on emerging threats and mitigation strategies. Scripting (Python, Perl, Powershell) knowledge preferred.
27/03/2023
Full time
*We are unable to sponsor for this permanent Full time role* Prestigious Enterprise Company is currently seeking an Information Security Engineer. Candidate is responsible for maintaining and implementing the cybersecurity infrastructure and program. This position will work very closely and collaborate with other technical teams to respond to threats as well as on a daily basis to maintain the security posture of the environment. Responsibilities: This position works on highly complex projects and maintains knowledge across multiple domains (networking, server, end points, mobile, cloud, etc.). The Information Security Engineer has a thorough understanding of network defense technologies, TCP/IP Networking, Active Directory, DHCP, DNS, network security monitoring tools, secure engineering principles and technical security testing. This is a hands-on role which will be involved in patching, maintaining Firewalls, scanning for vulnerabilities, keeping current on the latest security threats and trends, and reviewing technical architecture for security compliance. This individual will be regarded as an expert in all things cybersecurity related. Qualifications: Bachelor's Degree in Business, Computer Science or related field. 3-5 years of enterprise IT security engineering experience. CISSP preferred. Must possess expert understanding of Information Technology, Information Security, and Risk Management. Knowledge of security and control frameworks, such as ISO 17799, COBIT, and NIST CyberSecurity Framework. Systems Security Certified Practitioner (SSCP), CompTIA Security+, or GIAC Security Essentials Certification (GSEC) certification required or must be obtained within 2 years of hire. Experience with ProofPoint, Cisco AMP, SpecOps and other industry standard security tools. Experience with Palo Alto Firewalls Advanced knowledge of Network Security Advanced knowledge of Endpoint Security Advanced knowledge of Server hardening, patching, and base-lining Advanced knowledge of Mobile device security Advanced knowledge of Data Loss Prevention Advanced knowledge of IDS/IPS Advanced knowledge of Log analysis Skilled Critical Thinking Cisco ISE or NAC experience desired Keeps current on emerging threats and mitigation strategies. Scripting (Python, Perl, Powershell) knowledge preferred.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Forensics Engineer. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security initiatives and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. In addition, the position will enhance the process around monitoring third-party security-related feeds, websites, forums, and mailing lists for information regarding cyber threats, vulnerabilities, and exploits. The role will be heavily involved in the documenting, delivery, and testing of regulatory compliance to all required security regulation as well as the reporting of high-level details and metrics to Senior management. Responsibilities: Incident Management and Security Analysis: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Actively monitor and research cyber threats with a direct or indirect impact to the business operations, or technology infrastructure. Oversee process of monthly reporting to Security management on and Incident management metrics. Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives. Lead various teams to operationalize remediation efforts for gaps identified. Develop and implement security monitoring roadmaps for technologies, applications, SaaS, and other cloud-hosted solutions. These roadmaps will direct efforts on implementation of monitoring use cases and measurement of monitoring capabilities. Qualifications : Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. Technical Skills: Demonstrated proficiency in: Incident Response playbook development managing incident analysis and remediation. Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Standard technical writing tools including MS Word, Excel, Project and Visio Proxy and caching services. Client Server platforms including Windows, Linux. Operating system hardening procedures (, Linux, Windows, etc.) Web Application Firewalls. Security Orchestration and Automated Response tools and concepts. Minimum three years of information security experience, preferably in the financial services industry.
27/03/2023
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Forensics Engineer. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security initiatives and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. In addition, the position will enhance the process around monitoring third-party security-related feeds, websites, forums, and mailing lists for information regarding cyber threats, vulnerabilities, and exploits. The role will be heavily involved in the documenting, delivery, and testing of regulatory compliance to all required security regulation as well as the reporting of high-level details and metrics to Senior management. Responsibilities: Incident Management and Security Analysis: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Actively monitor and research cyber threats with a direct or indirect impact to the business operations, or technology infrastructure. Oversee process of monthly reporting to Security management on and Incident management metrics. Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives. Lead various teams to operationalize remediation efforts for gaps identified. Develop and implement security monitoring roadmaps for technologies, applications, SaaS, and other cloud-hosted solutions. These roadmaps will direct efforts on implementation of monitoring use cases and measurement of monitoring capabilities. Qualifications : Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. Technical Skills: Demonstrated proficiency in: Incident Response playbook development managing incident analysis and remediation. Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Standard technical writing tools including MS Word, Excel, Project and Visio Proxy and caching services. Client Server platforms including Windows, Linux. Operating system hardening procedures (, Linux, Windows, etc.) Web Application Firewalls. Security Orchestration and Automated Response tools and concepts. Minimum three years of information security experience, preferably in the financial services industry.
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Forensics Engineer. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security initiatives and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. In addition, the position will enhance the process around monitoring third-party security-related feeds, websites, forums, and mailing lists for information regarding cyber threats, vulnerabilities, and exploits. The role will be heavily involved in the documenting, delivery, and testing of regulatory compliance to all required security regulation as well as the reporting of high-level details and metrics to Senior management. Responsibilities: Incident Management and Security Analysis: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Actively monitor and research cyber threats with a direct or indirect impact to the business operations, or technology infrastructure. Oversee process of monthly reporting to Security management on and Incident management metrics. Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives. Lead various teams to operationalize remediation efforts for gaps identified. Develop and implement security monitoring roadmaps for technologies, applications, SaaS, and other cloud-hosted solutions. These roadmaps will direct efforts on implementation of monitoring use cases and measurement of monitoring capabilities. Qualifications : Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. Technical Skills: Demonstrated proficiency in: Incident Response playbook development managing incident analysis and remediation. Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Standard technical writing tools including MS Word, Excel, Project and Visio Proxy and caching services. Client Server platforms including Windows, Linux. Operating system hardening procedures (, Linux, Windows, etc.) Web Application Firewalls. Security Orchestration and Automated Response tools and concepts. Minimum three years of information security experience, preferably in the financial services industry.
27/03/2023
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Forensics Engineer. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security initiatives and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. In addition, the position will enhance the process around monitoring third-party security-related feeds, websites, forums, and mailing lists for information regarding cyber threats, vulnerabilities, and exploits. The role will be heavily involved in the documenting, delivery, and testing of regulatory compliance to all required security regulation as well as the reporting of high-level details and metrics to Senior management. Responsibilities: Incident Management and Security Analysis: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Actively monitor and research cyber threats with a direct or indirect impact to the business operations, or technology infrastructure. Oversee process of monthly reporting to Security management on and Incident management metrics. Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives. Lead various teams to operationalize remediation efforts for gaps identified. Develop and implement security monitoring roadmaps for technologies, applications, SaaS, and other cloud-hosted solutions. These roadmaps will direct efforts on implementation of monitoring use cases and measurement of monitoring capabilities. Qualifications : Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. Technical Skills: Demonstrated proficiency in: Incident Response playbook development managing incident analysis and remediation. Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Standard technical writing tools including MS Word, Excel, Project and Visio Proxy and caching services. Client Server platforms including Windows, Linux. Operating system hardening procedures (, Linux, Windows, etc.) Web Application Firewalls. Security Orchestration and Automated Response tools and concepts. Minimum three years of information security experience, preferably in the financial services industry.
Associate Principal, Cyber Defense SALARY: $150K - $165K PLUS 15% BONUS Hybrid: 3 days on site, 2 days remote SELLING POINTS: cyber security analysis digital computer forensics incident response application security operating system windows Linux cryptographic controls network programming language incident response web applications Firewall and security orchestration automation response tools network sniffers packet tracing tools DSS NAI SnifferPro ethereal and tcp dump The Associate Principal, Cyber Defense will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. Position will enhance the process around monitoring third-party security-related feeds, websites, forums, and mailing lists for information regarding cyber threats, vulnerabilities, and exploits. Primary Duties and Responsibilities: Incident Management and Security Analysis: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Qualifications : Incident Response playbook development managing incident analysis and remediation. Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Standard technical writing tools including MS Word, Excel, Project and Visio Education and/or Experience: Minimum three years of information security experience, preferably in the financial services industry. Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Industry knowledge of leading-edge security technologies and methods
27/03/2023
Full time
Associate Principal, Cyber Defense SALARY: $150K - $165K PLUS 15% BONUS Hybrid: 3 days on site, 2 days remote SELLING POINTS: cyber security analysis digital computer forensics incident response application security operating system windows Linux cryptographic controls network programming language incident response web applications Firewall and security orchestration automation response tools network sniffers packet tracing tools DSS NAI SnifferPro ethereal and tcp dump The Associate Principal, Cyber Defense will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. Position will enhance the process around monitoring third-party security-related feeds, websites, forums, and mailing lists for information regarding cyber threats, vulnerabilities, and exploits. Primary Duties and Responsibilities: Incident Management and Security Analysis: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Qualifications : Incident Response playbook development managing incident analysis and remediation. Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Standard technical writing tools including MS Word, Excel, Project and Visio Education and/or Experience: Minimum three years of information security experience, preferably in the financial services industry. Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Industry knowledge of leading-edge security technologies and methods
Request Technology - Robyn Honquest
East Chicago, Indiana
NO SPONSORSHIP Information Security Engineer LOCATION: EAST CHICAGO, INDIANA Will need to go to the office when an issue arises, must live within an hour away Looking for a candidate with cyber security infrastructure, Firewalls, networking, Active Directory, threats, vulnerabilities, DLP, cloud, mobile, endpoint, CISSP preferred. Full-time, Days + Call, M- F 8:00 am - 4:30 pm The Information Security Engineer is responsible for maintaining and implementing the cybersecurity infrastructure and program. This position will work very closely and collaborate with other technical teams to respond to threats as well as on a daily basis to maintain the security posture of the environment. This position works on highly complex projects and maintains knowledge across multiple domains (networking, server, end points, mobile, cloud, etc.). The Information Security Engineer has a thorough understanding of network defense technologies, TCP/IP Networking, Active Directory, DHCP, DNS, network security monitoring tools, secure engineering principles and technical security testing. This is a hands-on role which will be involved in patching, maintaining Firewalls, scanning for vulnerabilities, keeping current on the latest security threats and trends, and reviewing technical architecture for security compliance. This individual will be regarded as an expert in all things cybersecurity related. To qualify you must have: Bachelor's Degree in Business, Computer Science or related field. 3-5 years of enterprise IT security engineering experience. CISSP preferred. Must possess expert understanding of Information Technology, Information Security, and Risk Management. Knowledge of security and control frameworks, such as ISO 17799, COBIT, and NIST CyberSecurity Framework. Systems Security Certified Practitioner (SSCP), CompTIA Security+, or GIAC Security Essentials Certification (GSEC) certification required or must be obtained within 2 years of hire. Experience with ProofPoint, Cisco AMP, SpecOps and other industry standard security tools. Experience with Palo Alto Firewalls Advanced knowledge of Network Security Advanced knowledge of Endpoint Security Advanced knowledge of Server hardening, patching, and base-lining Advanced knowledge of Mobile device security Advanced knowledge of Data Loss Prevention Advanced knowledge of IDS/IPS Advanced knowledge of Log analysis Skilled Critical Thinking Cisco ISE or NAC experience desired Keeps current on emerging threats and mitigation strategies. Scripting (Python, Perl, Powershell) knowledge preferred.
27/03/2023
Full time
NO SPONSORSHIP Information Security Engineer LOCATION: EAST CHICAGO, INDIANA Will need to go to the office when an issue arises, must live within an hour away Looking for a candidate with cyber security infrastructure, Firewalls, networking, Active Directory, threats, vulnerabilities, DLP, cloud, mobile, endpoint, CISSP preferred. Full-time, Days + Call, M- F 8:00 am - 4:30 pm The Information Security Engineer is responsible for maintaining and implementing the cybersecurity infrastructure and program. This position will work very closely and collaborate with other technical teams to respond to threats as well as on a daily basis to maintain the security posture of the environment. This position works on highly complex projects and maintains knowledge across multiple domains (networking, server, end points, mobile, cloud, etc.). The Information Security Engineer has a thorough understanding of network defense technologies, TCP/IP Networking, Active Directory, DHCP, DNS, network security monitoring tools, secure engineering principles and technical security testing. This is a hands-on role which will be involved in patching, maintaining Firewalls, scanning for vulnerabilities, keeping current on the latest security threats and trends, and reviewing technical architecture for security compliance. This individual will be regarded as an expert in all things cybersecurity related. To qualify you must have: Bachelor's Degree in Business, Computer Science or related field. 3-5 years of enterprise IT security engineering experience. CISSP preferred. Must possess expert understanding of Information Technology, Information Security, and Risk Management. Knowledge of security and control frameworks, such as ISO 17799, COBIT, and NIST CyberSecurity Framework. Systems Security Certified Practitioner (SSCP), CompTIA Security+, or GIAC Security Essentials Certification (GSEC) certification required or must be obtained within 2 years of hire. Experience with ProofPoint, Cisco AMP, SpecOps and other industry standard security tools. Experience with Palo Alto Firewalls Advanced knowledge of Network Security Advanced knowledge of Endpoint Security Advanced knowledge of Server hardening, patching, and base-lining Advanced knowledge of Mobile device security Advanced knowledge of Data Loss Prevention Advanced knowledge of IDS/IPS Advanced knowledge of Log analysis Skilled Critical Thinking Cisco ISE or NAC experience desired Keeps current on emerging threats and mitigation strategies. Scripting (Python, Perl, Powershell) knowledge preferred.
Computer Futures - London & S.E(Permanent and Contract)
Kingston Upon Thames, Surrey
Role: Network Architect - SC cleared (will need DV Clearance) Location: South West London (Hybrid - Will be some weeks where you are needed on site 5 days) IR35: Inside IR35 Contract Length: 6 months This is with one of our Defense clients, providing network cyber security design, implementation and support services. Through practical application, technical governance and legislative compliance in the support of project delivery. Must Haves: UK SC clearance and eligible for DV Clearance Have a full understanding and security accreditation for UK Defence Systems, including production of RMADS, SyOPs and participation in Security Working Groups Understand electro optical sensors, video streaming technologies and video standards (H.264 and H.265) Expertise in Networking Infrastructure - TCP/IP, DHCP, DNS, RRAS, WAN, RDP, with remote management, static routes, managed Switches (ideally CISCO trained or DELL) and Firewalls. Understanding of UK MOD security policy ie JSP 440, HMG SPF and the IS1&2 risk methodology. Competent user of Microsoft office package ie Word, Excel, PowerPoint and Visio Main responsibilities: Design and implement new network solutions to improve resilience and performance. Maintain network infrastructure through remote management, static routes, managed Switches and Firewalls. Integrate Legacy and new systems, with a primary understanding of UK military communications systems Communicate at all levels, with internal and external stakeholders as part of a collaborative enterprise with other companies Producing technical documentation to support handbooks and training of end users Please note that the documents provided contain generic information. If we are successful in finding you an assignment, you will receive a Key Information Document which will be specific to the vendor set-up you have chosen and your placement. Computer Futures, a trading division of SThree Partnership LLP is acting as an Employment Business in relation to this vacancy
27/03/2023
Project-based
Role: Network Architect - SC cleared (will need DV Clearance) Location: South West London (Hybrid - Will be some weeks where you are needed on site 5 days) IR35: Inside IR35 Contract Length: 6 months This is with one of our Defense clients, providing network cyber security design, implementation and support services. Through practical application, technical governance and legislative compliance in the support of project delivery. Must Haves: UK SC clearance and eligible for DV Clearance Have a full understanding and security accreditation for UK Defence Systems, including production of RMADS, SyOPs and participation in Security Working Groups Understand electro optical sensors, video streaming technologies and video standards (H.264 and H.265) Expertise in Networking Infrastructure - TCP/IP, DHCP, DNS, RRAS, WAN, RDP, with remote management, static routes, managed Switches (ideally CISCO trained or DELL) and Firewalls. Understanding of UK MOD security policy ie JSP 440, HMG SPF and the IS1&2 risk methodology. Competent user of Microsoft office package ie Word, Excel, PowerPoint and Visio Main responsibilities: Design and implement new network solutions to improve resilience and performance. Maintain network infrastructure through remote management, static routes, managed Switches and Firewalls. Integrate Legacy and new systems, with a primary understanding of UK military communications systems Communicate at all levels, with internal and external stakeholders as part of a collaborative enterprise with other companies Producing technical documentation to support handbooks and training of end users Please note that the documents provided contain generic information. If we are successful in finding you an assignment, you will receive a Key Information Document which will be specific to the vendor set-up you have chosen and your placement. Computer Futures, a trading division of SThree Partnership LLP is acting as an Employment Business in relation to this vacancy
Request Technology - Craig Johnson
Oakland, California
*We are unable to sponsor for this Remote permanent role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Lead Cyber Security Penetration & Vulnerability Tester. Candidate will provide domain expertise in Penetration testing of Infrastructure and Networks, Web Applications, Cloud and Social engineering! In this role, the candidate will provide improved vulnerability analysis and contextual feedback to stakeholders to support the resolution of discovered vulnerabilities and facilitate risk awareness. Responsibilities: Penetration Testing and Red Team assessments Perform internal and external penetration testing of network infrastructure and applications Red team assessments including physical, social engineering, and network exploitation Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases Perform network reconnaissance, OSINT, social engineering, and physical security reviews Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards Effectively communicate findings and strategy to stakeholders, including technical staff and executive leadership Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement Purple Team and Adversary simulations Participate in regular Purple team exercises and perform adversary simulations to test defense controls Assist with scoping prospective engagements, leading engagements from kickoff through remediation Work closely with Blue team to test efficacy of existing alerts and help create new detection. Create findings reports and communicate to stakeholders Contribute to enhancing the team's toolkit Write custom scripts to automate tasks related to finding new vulnerabilities Maintain runbooks to continually improve penetration testing methodologies and threat modelling. The Red team is responsible for testing the overall strength of our organization's defenses (the technology, the processes, and the people) by simulating the objectives and actions of an attacker! This role provides domain expertise in Penetration testing of Infrastructure and Networks, Web Applications, Cloud and Social engineering, as well as Red Team and Purple Team internal engagements. Additionally, you will provide improved vulnerability analysis and contextual feedback to partners to support the resolution of discovered vulnerabilities and facilitate risk awareness. Qualifications : 8-10 years of experience in Penetration testing, Red Team and Purple Team Bachelor of Science in Engineering, Computer Science, Information Technology, or equivalent work experience Advanced knowledge in common penetration testing tools (Metasploit, Burp Suite, Cobalt Strike, Empire, KALI Linux etc.) Must have a demonstrable understanding of voice and data networks, major operating systems, Active Directory, cloud technologies Must demonstrate knowledge of MITRE's ATT&CK framework, execute and chain TTP's Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms. Ability to optimally code in a Scripting language (Python, Bash, PowerShell, Perl, etc.) OSCP 7+ to 10 years experience Seniority Level - Other Management Experience Required - No Minimum Education - Bachelor's Degree Willingness to Travel - Never
24/03/2023
Full time
*We are unable to sponsor for this Remote permanent role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Lead Cyber Security Penetration & Vulnerability Tester. Candidate will provide domain expertise in Penetration testing of Infrastructure and Networks, Web Applications, Cloud and Social engineering! In this role, the candidate will provide improved vulnerability analysis and contextual feedback to stakeholders to support the resolution of discovered vulnerabilities and facilitate risk awareness. Responsibilities: Penetration Testing and Red Team assessments Perform internal and external penetration testing of network infrastructure and applications Red team assessments including physical, social engineering, and network exploitation Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases Perform network reconnaissance, OSINT, social engineering, and physical security reviews Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards Effectively communicate findings and strategy to stakeholders, including technical staff and executive leadership Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement Purple Team and Adversary simulations Participate in regular Purple team exercises and perform adversary simulations to test defense controls Assist with scoping prospective engagements, leading engagements from kickoff through remediation Work closely with Blue team to test efficacy of existing alerts and help create new detection. Create findings reports and communicate to stakeholders Contribute to enhancing the team's toolkit Write custom scripts to automate tasks related to finding new vulnerabilities Maintain runbooks to continually improve penetration testing methodologies and threat modelling. The Red team is responsible for testing the overall strength of our organization's defenses (the technology, the processes, and the people) by simulating the objectives and actions of an attacker! This role provides domain expertise in Penetration testing of Infrastructure and Networks, Web Applications, Cloud and Social engineering, as well as Red Team and Purple Team internal engagements. Additionally, you will provide improved vulnerability analysis and contextual feedback to partners to support the resolution of discovered vulnerabilities and facilitate risk awareness. Qualifications : 8-10 years of experience in Penetration testing, Red Team and Purple Team Bachelor of Science in Engineering, Computer Science, Information Technology, or equivalent work experience Advanced knowledge in common penetration testing tools (Metasploit, Burp Suite, Cobalt Strike, Empire, KALI Linux etc.) Must have a demonstrable understanding of voice and data networks, major operating systems, Active Directory, cloud technologies Must demonstrate knowledge of MITRE's ATT&CK framework, execute and chain TTP's Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms. Ability to optimally code in a Scripting language (Python, Bash, PowerShell, Perl, etc.) OSCP 7+ to 10 years experience Seniority Level - Other Management Experience Required - No Minimum Education - Bachelor's Degree Willingness to Travel - Never
*We are unable to sponsor as this is a permanent Full time role* *Remote with occasional travel to East Chicago, IN* A prestigious company is on the search for an Information Security Engineer. This engineer will get their hands on everything related to cybersecurity which includes, network defense, TCP/IP Networking, Active Directory, Firewalls, vulnerabilities, compliance, etc. Responsibilities: This position works on highly complex projects and maintains knowledge across multiple domains (networking, server, end points, mobile, cloud, etc.). The Information Security Engineer has a thorough understanding of network defense technologies, TCP/IP Networking, Active Directory, DHCP, DNS, network security monitoring tools, secure engineering principles and technical security testing. This is a hands-on role which will be involved in patching, maintaining Firewalls, scanning for vulnerabilities, keeping current on the latest security threats and trends, and reviewing technical architecture for security compliance. Qualifications: Bachelor's Degree in Business, Computer Science or related field. 3-5 years of enterprise IT security engineering experience. CISSP preferred. Must possess expert understanding of Information Technology, Information Security, and Risk Management. Knowledge of security and control frameworks, such as ISO 17799, COBIT, and NIST CyberSecurity Framework. Systems Security Certified Practitioner (SSCP), CompTIA Security+, or GIAC Security Essentials Certification (GSEC) certification required or must be obtained within 2 years of hire. Experience with ProofPoint, Cisco AMP, SpecOps and other industry standard security tools. Experience with Palo Alto Firewalls Advanced knowledge of Network Security Advanced knowledge of Endpoint Security Advanced knowledge of Server hardening, patching, and base-lining Advanced knowledge of Mobile device security Advanced knowledge of Data Loss Prevention Advanced knowledge of IDS/IPS Advanced knowledge of Log analysis Skilled Critical Thinking Cisco ISE or NAC experience desired Keeps current on emerging threats and mitigation strategies. Scripting (Python, Perl, Powershell) knowledge preferred.
21/03/2023
Full time
*We are unable to sponsor as this is a permanent Full time role* *Remote with occasional travel to East Chicago, IN* A prestigious company is on the search for an Information Security Engineer. This engineer will get their hands on everything related to cybersecurity which includes, network defense, TCP/IP Networking, Active Directory, Firewalls, vulnerabilities, compliance, etc. Responsibilities: This position works on highly complex projects and maintains knowledge across multiple domains (networking, server, end points, mobile, cloud, etc.). The Information Security Engineer has a thorough understanding of network defense technologies, TCP/IP Networking, Active Directory, DHCP, DNS, network security monitoring tools, secure engineering principles and technical security testing. This is a hands-on role which will be involved in patching, maintaining Firewalls, scanning for vulnerabilities, keeping current on the latest security threats and trends, and reviewing technical architecture for security compliance. Qualifications: Bachelor's Degree in Business, Computer Science or related field. 3-5 years of enterprise IT security engineering experience. CISSP preferred. Must possess expert understanding of Information Technology, Information Security, and Risk Management. Knowledge of security and control frameworks, such as ISO 17799, COBIT, and NIST CyberSecurity Framework. Systems Security Certified Practitioner (SSCP), CompTIA Security+, or GIAC Security Essentials Certification (GSEC) certification required or must be obtained within 2 years of hire. Experience with ProofPoint, Cisco AMP, SpecOps and other industry standard security tools. Experience with Palo Alto Firewalls Advanced knowledge of Network Security Advanced knowledge of Endpoint Security Advanced knowledge of Server hardening, patching, and base-lining Advanced knowledge of Mobile device security Advanced knowledge of Data Loss Prevention Advanced knowledge of IDS/IPS Advanced knowledge of Log analysis Skilled Critical Thinking Cisco ISE or NAC experience desired Keeps current on emerging threats and mitigation strategies. Scripting (Python, Perl, Powershell) knowledge preferred.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Engineer. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security initiatives and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. Responsibilities: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Actively monitor and research cyber threats with a direct or indirect impact to the brand, business operations, or technology infrastructure. Oversee process of monthly reporting to Security management on and Incident management metrics. Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives. Lead various teams to operationalize remediation efforts for gaps identified. Develop and implement security monitoring roadmaps for technologies, applications, SaaS, and other cloud-hosted solutions. These roadmaps will direct efforts on implementation of monitoring use cases and measurement of monitoring capabilities. Security Device Administration Report on and enhance current metrics surrounding security tool capabilities and efficacy. Qualifications: Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Incident Response playbook development managing incident analysis and remediation Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Standard technical writing tools including MS Word, Excel, Project and Visio Proxy and caching services. Client Server platforms including Windows, Linux. Operating system hardening procedures (, Linux, Windows, etc.) Web Application Firewalls. Security Orchestration and Automated Response tools and concepts. Minimum three years of information security experience, preferably in the financial services industry. Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Industry knowledge of leading-edge security technologies and methods working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CCE, CFE
07/03/2023
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Engineer. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security initiatives and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. Responsibilities: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Actively monitor and research cyber threats with a direct or indirect impact to the brand, business operations, or technology infrastructure. Oversee process of monthly reporting to Security management on and Incident management metrics. Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives. Lead various teams to operationalize remediation efforts for gaps identified. Develop and implement security monitoring roadmaps for technologies, applications, SaaS, and other cloud-hosted solutions. These roadmaps will direct efforts on implementation of monitoring use cases and measurement of monitoring capabilities. Security Device Administration Report on and enhance current metrics surrounding security tool capabilities and efficacy. Qualifications: Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Incident Response playbook development managing incident analysis and remediation Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Standard technical writing tools including MS Word, Excel, Project and Visio Proxy and caching services. Client Server platforms including Windows, Linux. Operating system hardening procedures (, Linux, Windows, etc.) Web Application Firewalls. Security Orchestration and Automated Response tools and concepts. Minimum three years of information security experience, preferably in the financial services industry. Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Industry knowledge of leading-edge security technologies and methods working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CCE, CFE
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Engineer. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security initiatives and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. Responsibilities: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Actively monitor and research cyber threats with a direct or indirect impact to the brand, business operations, or technology infrastructure. Oversee process of monthly reporting to Security management on and Incident management metrics. Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives. Lead various teams to operationalize remediation efforts for gaps identified. Develop and implement security monitoring roadmaps for technologies, applications, SaaS, and other cloud-hosted solutions. These roadmaps will direct efforts on implementation of monitoring use cases and measurement of monitoring capabilities. Security Device Administration Report on and enhance current metrics surrounding security tool capabilities and efficacy. Qualifications: Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Incident Response playbook development managing incident analysis and remediation Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Standard technical writing tools including MS Word, Excel, Project and Visio Proxy and caching services. Client Server platforms including Windows, Linux. Operating system hardening procedures (, Linux, Windows, etc.) Web Application Firewalls. Security Orchestration and Automated Response tools and concepts. Minimum three years of information security experience, preferably in the financial services industry. Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Industry knowledge of leading-edge security technologies and methods working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CCE, CFE
07/03/2023
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Engineer. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security initiatives and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. Responsibilities: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Actively monitor and research cyber threats with a direct or indirect impact to the brand, business operations, or technology infrastructure. Oversee process of monthly reporting to Security management on and Incident management metrics. Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives. Lead various teams to operationalize remediation efforts for gaps identified. Develop and implement security monitoring roadmaps for technologies, applications, SaaS, and other cloud-hosted solutions. These roadmaps will direct efforts on implementation of monitoring use cases and measurement of monitoring capabilities. Security Device Administration Report on and enhance current metrics surrounding security tool capabilities and efficacy. Qualifications: Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Incident Response playbook development managing incident analysis and remediation Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Standard technical writing tools including MS Word, Excel, Project and Visio Proxy and caching services. Client Server platforms including Windows, Linux. Operating system hardening procedures (, Linux, Windows, etc.) Web Application Firewalls. Security Orchestration and Automated Response tools and concepts. Minimum three years of information security experience, preferably in the financial services industry. Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Industry knowledge of leading-edge security technologies and methods working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CCE, CFE
