Request Technology - Craig Johnson
Oakland, California
*This is a remote 6+ month contract role, there is no sponsorship, and no 3rd party candidates will be considered* Prestigious Enterprise Company is currently seeking a Application Security Analyst. Candidate works closely with other members of the Security Services, IT Development Teams and Quality Assurance teams to support application and software security initiatives, projects, and operations. Candidate will be integrating security tools into the development pipeline to support the confidentiality, integrity and availability of enterprise applications. Responsibilities: Assist with application penetration testing Assist with retesting vulnerabilities to verify the development teams have remediated Review reports of the testing and conduct security risk assessment of the vulnerabilities Conduct code scans using automated tools and risk rate the vulnerabilities according to the organization risk profile and mitigating controls. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams Assist with application security vulnerability management including implementation of new vulnerability management tools Assist in the development of metrics documentation to track the burndown rate of vulnerability remediation Assist in the development of security engineering documentation: Explore opportunities for updates to Security Engineering policies and standards Assist with the development and periodic review of Security controls, policies, and procedures in close coordination with Security managers Participate in the improvement of security engineering processes Help gather evidence of security testing processes for audits Work with development team and Q/A to create development life cycle documentation, provides integrated systems planning which will enhance current systems and support corporate, business and system goals. Identify automation opportunities and help with department automation efforts Collaborate and brainstorm with the Security Engineering team on new application and application infrastructure technology components Qualifications : Highly motivated individual that assumes ownership of their projects Ability to act as a liaison between security and the development, IT, and QA teams. Strong desire and capacity to learn and support new technical applications Exceptional verbal communication skills that include the ability to articulate ideas clearly and concisely Ability to write clear and concise documentation Knowledge of security principles Training and/or education preferred Experience administering and interpreting results from security scanning tools Experience working in the financial industry Technical Skills: Knowledge of Scripting languages including Java, C++, Python, JavaScript, Bash Familiarity with application frameworks and their built-in security services and API s (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.) Knowledge of automated code scanning tools (ie,) and development pipeline tools (ie,) Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP).Knowledge of Secure DevOps concepts Bachelors degree in Cybersecurity, Computer Science, Management Information Systems, or related field or the equivalent combination of education and/or relevant experience 3+ year experience in Security-related roles or equivalent training/knowledge of security best practices and OWASP and NVD Experience with SDLC and working with business users, database analysts, system architects, etc., to identify and prioritize requirements
31/05/2023
Project-based
*This is a remote 6+ month contract role, there is no sponsorship, and no 3rd party candidates will be considered* Prestigious Enterprise Company is currently seeking a Application Security Analyst. Candidate works closely with other members of the Security Services, IT Development Teams and Quality Assurance teams to support application and software security initiatives, projects, and operations. Candidate will be integrating security tools into the development pipeline to support the confidentiality, integrity and availability of enterprise applications. Responsibilities: Assist with application penetration testing Assist with retesting vulnerabilities to verify the development teams have remediated Review reports of the testing and conduct security risk assessment of the vulnerabilities Conduct code scans using automated tools and risk rate the vulnerabilities according to the organization risk profile and mitigating controls. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams Assist with application security vulnerability management including implementation of new vulnerability management tools Assist in the development of metrics documentation to track the burndown rate of vulnerability remediation Assist in the development of security engineering documentation: Explore opportunities for updates to Security Engineering policies and standards Assist with the development and periodic review of Security controls, policies, and procedures in close coordination with Security managers Participate in the improvement of security engineering processes Help gather evidence of security testing processes for audits Work with development team and Q/A to create development life cycle documentation, provides integrated systems planning which will enhance current systems and support corporate, business and system goals. Identify automation opportunities and help with department automation efforts Collaborate and brainstorm with the Security Engineering team on new application and application infrastructure technology components Qualifications : Highly motivated individual that assumes ownership of their projects Ability to act as a liaison between security and the development, IT, and QA teams. Strong desire and capacity to learn and support new technical applications Exceptional verbal communication skills that include the ability to articulate ideas clearly and concisely Ability to write clear and concise documentation Knowledge of security principles Training and/or education preferred Experience administering and interpreting results from security scanning tools Experience working in the financial industry Technical Skills: Knowledge of Scripting languages including Java, C++, Python, JavaScript, Bash Familiarity with application frameworks and their built-in security services and API s (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.) Knowledge of automated code scanning tools (ie,) and development pipeline tools (ie,) Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP).Knowledge of Secure DevOps concepts Bachelors degree in Cybersecurity, Computer Science, Management Information Systems, or related field or the equivalent combination of education and/or relevant experience 3+ year experience in Security-related roles or equivalent training/knowledge of security best practices and OWASP and NVD Experience with SDLC and working with business users, database analysts, system architects, etc., to identify and prioritize requirements
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life-cycle management of client responses, Policy & Standards life-cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
30/05/2023
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life-cycle management of client responses, Policy & Standards life-cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
We are currently looking on behalf of one of our important clients for a Medical Device Systems Engineer (Cybersecurity). The role is a permanent position based in Solothurn Canton with good home office allowance. Your Role: Operate as a Systems Engineer with strong focus on cybersecurity of a Medical Device. Define requirements (on stakeholder & technical levels) related to security for Medical Devices & Connected Systems. Define architecture & design of secure Medical Devices & Connected Systems (security by design). Work closely with other specialists, including Systems Engineers, Software Developers, Hardware Engineers, Test Managers & Risk Managers to specify & develop secure Connected solutions. Participate actively in Cybersecurity Risk Assessments/Threat Modeling. Partake in pre- & post-market vulnerability assessments. Evaluate & interpret Cybersecurity related standards. Develop & maintain concept & design documents & create & maintain traceability. Your Skills: At least 3 years of relevant professional experience, including experience in Cybersecurity, Systems Architecture & Software Architecture. Strong skills & experience in Security Architectures, Technologies & Best Practices. Ideally experienced in the Medical Technology Sector or other Highly Regulated Environments. Your Profile: Completed University Degree in Computer Science, Information Security or similar. Strategic, able to think critically & in possession of strong problem-solving skills. Fluent in English (spoken & written), German language skills are considered a plus. If you wish to apply, please send us your resume in Word or PDF format.
30/05/2023
Full time
We are currently looking on behalf of one of our important clients for a Medical Device Systems Engineer (Cybersecurity). The role is a permanent position based in Solothurn Canton with good home office allowance. Your Role: Operate as a Systems Engineer with strong focus on cybersecurity of a Medical Device. Define requirements (on stakeholder & technical levels) related to security for Medical Devices & Connected Systems. Define architecture & design of secure Medical Devices & Connected Systems (security by design). Work closely with other specialists, including Systems Engineers, Software Developers, Hardware Engineers, Test Managers & Risk Managers to specify & develop secure Connected solutions. Participate actively in Cybersecurity Risk Assessments/Threat Modeling. Partake in pre- & post-market vulnerability assessments. Evaluate & interpret Cybersecurity related standards. Develop & maintain concept & design documents & create & maintain traceability. Your Skills: At least 3 years of relevant professional experience, including experience in Cybersecurity, Systems Architecture & Software Architecture. Strong skills & experience in Security Architectures, Technologies & Best Practices. Ideally experienced in the Medical Technology Sector or other Highly Regulated Environments. Your Profile: Completed University Degree in Computer Science, Information Security or similar. Strategic, able to think critically & in possession of strong problem-solving skills. Fluent in English (spoken & written), German language skills are considered a plus. If you wish to apply, please send us your resume in Word or PDF format.
*We are unable to sponsor as this is a permanent Full time role* *This can be a fully remote position* A prestigious company is on the search for an Expert CRM Architect, Vulnerability Researcher. This position will focus heavily on offensive security vulnerability assessments and research manual & automated source code review. They will work with reverse engineering and binary analysis. They will focus on web applications, cloud infrastructure, red team/purple team, etc. Responsibilities: Performs vulnerability assessments using industry best practices on various environments, including web applications, APIs, and cloud infrastructure Develops and manages testing methodologies that adhere to common security guidelines and NIST standards Conducts an evaluation of cloud security configurations, identifies prevalent vulnerabilities in cloud security controls, and improves and maintains cloud testing standards Provides detailed reports with proof of vulnerabilities, guidance, and advice to support customer teams through vulnerability remediation Researches and develops innovative techniques, tools, and methodologies for vulnerability research and red team activities Exercises thought leadership in the development and execution of security threats and malicious actors Qualifications: 7+ years of work experience in the Cyber Security industry Bachelor's Degree in Computer Science or Management Information related field, or equivalent work experience Extensive experience in offensive cybersecurity roles, such as red teaming, penetration testing (eg, web, infrastructure, cloud), purple team exercises in cloud and on-prem environments A robust understanding of contemporary security theory and application exploitation techniques and attack vectors (including the vulnerability life cycle and scanning methodologies (SAST, DAST, IAST, RASP) Experience developing and managing testing methodologies that adhere to common security guidelines such as OWASP and frameworks such NIST 800 or MITRE ATT&CK A solid understanding of computer architecture and organization with respect to binary analysis and exploitation Ability to analyze, create, and debug shellcode and other low-level exploits Experience developing custom security (either offensive or defensive) software in one or more compiled languages Demonstrated abilities to reverse engineer binaries, enumerate vulnerabilities in compiled software, and provide working exploits (eg, CVEs, public acknowledgements, or ability to demonstrate on demand) Familiarity with automated security analysis and fuzzing tools (eg, AFL and Peach) Demonstrated ability to discover vulnerabilities via static analysis and source code review A working understanding of key programming languages and frameworks (eg, Java, Node.js, Python, JSP, etc.), including the ability to pick up new languages quickly, understand the security implications of those languages, and enumerate vulnerabilities in custom-developed software packages that leverage those languages Familiarity with Scripting/programming of Python, PowerShell, or C# with the ability to create and customize tools
30/05/2023
Full time
*We are unable to sponsor as this is a permanent Full time role* *This can be a fully remote position* A prestigious company is on the search for an Expert CRM Architect, Vulnerability Researcher. This position will focus heavily on offensive security vulnerability assessments and research manual & automated source code review. They will work with reverse engineering and binary analysis. They will focus on web applications, cloud infrastructure, red team/purple team, etc. Responsibilities: Performs vulnerability assessments using industry best practices on various environments, including web applications, APIs, and cloud infrastructure Develops and manages testing methodologies that adhere to common security guidelines and NIST standards Conducts an evaluation of cloud security configurations, identifies prevalent vulnerabilities in cloud security controls, and improves and maintains cloud testing standards Provides detailed reports with proof of vulnerabilities, guidance, and advice to support customer teams through vulnerability remediation Researches and develops innovative techniques, tools, and methodologies for vulnerability research and red team activities Exercises thought leadership in the development and execution of security threats and malicious actors Qualifications: 7+ years of work experience in the Cyber Security industry Bachelor's Degree in Computer Science or Management Information related field, or equivalent work experience Extensive experience in offensive cybersecurity roles, such as red teaming, penetration testing (eg, web, infrastructure, cloud), purple team exercises in cloud and on-prem environments A robust understanding of contemporary security theory and application exploitation techniques and attack vectors (including the vulnerability life cycle and scanning methodologies (SAST, DAST, IAST, RASP) Experience developing and managing testing methodologies that adhere to common security guidelines such as OWASP and frameworks such NIST 800 or MITRE ATT&CK A solid understanding of computer architecture and organization with respect to binary analysis and exploitation Ability to analyze, create, and debug shellcode and other low-level exploits Experience developing custom security (either offensive or defensive) software in one or more compiled languages Demonstrated abilities to reverse engineer binaries, enumerate vulnerabilities in compiled software, and provide working exploits (eg, CVEs, public acknowledgements, or ability to demonstrate on demand) Familiarity with automated security analysis and fuzzing tools (eg, AFL and Peach) Demonstrated ability to discover vulnerabilities via static analysis and source code review A working understanding of key programming languages and frameworks (eg, Java, Node.js, Python, JSP, etc.), including the ability to pick up new languages quickly, understand the security implications of those languages, and enumerate vulnerabilities in custom-developed software packages that leverage those languages Familiarity with Scripting/programming of Python, PowerShell, or C# with the ability to create and customize tools
1st Line/2nd Line/Support Engineer/Helpdesk/Cybersecurity/Licence Management/Customer Service/Service Desk Analyst/Windows/Support/ITIL IT Support Engineer Akkodis are currently working in partnership with an industrial tools specialist to recruit an IT Support Engineer with previous IT Support experience and the ability to support departments across the wider business. The Role As an IT Support Engineer, you'll be the point of contact when it comes to general IT support, as well as maintaining and improving Cybersecurity. The Responsibilities To handle support calls in a timely and efficient manner, providing fault resolutions and carrying out escalation procedures where required. Improve and maintain company Cybersecurity profile where necessary. To review patch, asset and licensing management when required. Produce user documentation as required. Offer support for local and remote users Attend regular meeting to review operational issues hindering customer service. Showing a willingness to up-skill and learn new technologies when needed. To undertake overtime in line with business requirements. To assist with the promotion of Cybersecurity throughout the organisation. Attend courses/training where necessary to develop and maintain skills. Providing L1 & L2 support for users. The Requirements Experience within a 1st or 2nd Line support and or Cybersecurity role. Strong working knowledge of Windows 10 and Office 365. Requirement for overtime as part of a 1 in 3 rota. ITIL Foundation Cybersecurity Qualification (Desirable) If you are looking for an exciting new challenge to join a leading organisation please apply now. Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
30/05/2023
Full time
1st Line/2nd Line/Support Engineer/Helpdesk/Cybersecurity/Licence Management/Customer Service/Service Desk Analyst/Windows/Support/ITIL IT Support Engineer Akkodis are currently working in partnership with an industrial tools specialist to recruit an IT Support Engineer with previous IT Support experience and the ability to support departments across the wider business. The Role As an IT Support Engineer, you'll be the point of contact when it comes to general IT support, as well as maintaining and improving Cybersecurity. The Responsibilities To handle support calls in a timely and efficient manner, providing fault resolutions and carrying out escalation procedures where required. Improve and maintain company Cybersecurity profile where necessary. To review patch, asset and licensing management when required. Produce user documentation as required. Offer support for local and remote users Attend regular meeting to review operational issues hindering customer service. Showing a willingness to up-skill and learn new technologies when needed. To undertake overtime in line with business requirements. To assist with the promotion of Cybersecurity throughout the organisation. Attend courses/training where necessary to develop and maintain skills. Providing L1 & L2 support for users. The Requirements Experience within a 1st or 2nd Line support and or Cybersecurity role. Strong working knowledge of Windows 10 and Office 365. Requirement for overtime as part of a 1 in 3 rota. ITIL Foundation Cybersecurity Qualification (Desirable) If you are looking for an exciting new challenge to join a leading organisation please apply now. Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
Hays Specialist Recruitment
Cardiff, South Glamorgan
2nd line Support Engineer - Just outside of Cardiff - up to £220 per day Inside IR35 - 3 months contract Are you on the lookout for a new role? I've got an opportunity that could be of interest to you. 2nd line Support Engineer 3 months (with a chance to extend) up to £220 per day inside IR35 On site in just outside Cardiff (Would require driving) Asap Start Hays are currently recruiting for a 2nd line Support Engineer to join a growing team on a 3 month contract to join a client based just outside of Cardiff. As the location is difficult to reach via public transport you will need to drive. You will be part of a small team which will take escalations from 1st line/service desk analysts. You will need experience or exposure to the following areas: Dealing with escalations from 1st line. Great communication skills. Cyber Security monitoring tools (SolarWinds/Siem) Azure (Creating/migrating mailboxes) Experience in a Citrix environment Choosing your next role takes careful consideration. I'm here to help you take your career forward, so if you'd like to know more about this role, or just want a confidential catch-up about what you're looking for, feel free to reach out on the details below What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
30/05/2023
Project-based
2nd line Support Engineer - Just outside of Cardiff - up to £220 per day Inside IR35 - 3 months contract Are you on the lookout for a new role? I've got an opportunity that could be of interest to you. 2nd line Support Engineer 3 months (with a chance to extend) up to £220 per day inside IR35 On site in just outside Cardiff (Would require driving) Asap Start Hays are currently recruiting for a 2nd line Support Engineer to join a growing team on a 3 month contract to join a client based just outside of Cardiff. As the location is difficult to reach via public transport you will need to drive. You will be part of a small team which will take escalations from 1st line/service desk analysts. You will need experience or exposure to the following areas: Dealing with escalations from 1st line. Great communication skills. Cyber Security monitoring tools (SolarWinds/Siem) Azure (Creating/migrating mailboxes) Experience in a Citrix environment Choosing your next role takes careful consideration. I'm here to help you take your career forward, so if you'd like to know more about this role, or just want a confidential catch-up about what you're looking for, feel free to reach out on the details below What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
Systems Engineer - London - £40,000 and £50,000 Summary of role - Systems Engineer I have partnered with a leading logistics business, who are looking for a Systems Engineer to join a close-knit IT support team. Based in Central London (Camden Town) with offices that have just been newly refurbished, it is a vibrant and exciting place to be and work. This role is office based (5 days a week) The IT Systems Engineer is a critical role within the IT team with a primary objective of providing IT support to our staff members and performing systems administration across multiple company systems. The company's IT landscape consists predominantly of Microsoft systems, both on-prem and cloud based (Windows Server, Microsoft 365, Azure). The role will also be responsible for addressing system alerts and incident management, systems configuration and software updates. There will be involvement in numerous IT projects. In addition, the role will provide rota based out-of-hours on call support for all Infrastructure and critical business applications. Experience/Requirements for Systems Engineer: - At least 3 - 5 years of experience in systems administration, network administration and IT support. - Excellent knowledge of operating systems, including Windows 10,11 Windows Server . - Experience with virtualization technologies, including hypervisors such as VMware and Hyper-V. - Familiarity with network protocols and technologies, including TCP/IP, DNS, DHCP, VLANs, and VPNs. - Good experience in Microsoft cloud services (Azure, Microsoft 365). - Strong understanding of cybersecurity principles and best practices. - Excellent problem-solving and analytical skills. - Strong communication and collaboration skills at all levels (both verbal and written). - Ability to provide immediate IT support and assistance to users in need. To discuss this exciting opportunity in more detail, please APPLY NOW for a no obligation chat with your VIQU Consultant. Additionally, you can contact Tom Wright , by exploring the VIQU IT Recruitment website . If you know someone who would be ideal for this role, by way of showing our appreciation, VIQU is offering an introduction fee up to £1,000 once your referral has successfully started work with our client (terms apply).
30/05/2023
Full time
Systems Engineer - London - £40,000 and £50,000 Summary of role - Systems Engineer I have partnered with a leading logistics business, who are looking for a Systems Engineer to join a close-knit IT support team. Based in Central London (Camden Town) with offices that have just been newly refurbished, it is a vibrant and exciting place to be and work. This role is office based (5 days a week) The IT Systems Engineer is a critical role within the IT team with a primary objective of providing IT support to our staff members and performing systems administration across multiple company systems. The company's IT landscape consists predominantly of Microsoft systems, both on-prem and cloud based (Windows Server, Microsoft 365, Azure). The role will also be responsible for addressing system alerts and incident management, systems configuration and software updates. There will be involvement in numerous IT projects. In addition, the role will provide rota based out-of-hours on call support for all Infrastructure and critical business applications. Experience/Requirements for Systems Engineer: - At least 3 - 5 years of experience in systems administration, network administration and IT support. - Excellent knowledge of operating systems, including Windows 10,11 Windows Server . - Experience with virtualization technologies, including hypervisors such as VMware and Hyper-V. - Familiarity with network protocols and technologies, including TCP/IP, DNS, DHCP, VLANs, and VPNs. - Good experience in Microsoft cloud services (Azure, Microsoft 365). - Strong understanding of cybersecurity principles and best practices. - Excellent problem-solving and analytical skills. - Strong communication and collaboration skills at all levels (both verbal and written). - Ability to provide immediate IT support and assistance to users in need. To discuss this exciting opportunity in more detail, please APPLY NOW for a no obligation chat with your VIQU Consultant. Additionally, you can contact Tom Wright , by exploring the VIQU IT Recruitment website . If you know someone who would be ideal for this role, by way of showing our appreciation, VIQU is offering an introduction fee up to £1,000 once your referral has successfully started work with our client (terms apply).
Are you a highly skilled and motivated Cyber Security Officer seeking an exciting opportunity with significant responsibilities? Look no further! We are currently hiring a Cyber Security Officer to join our dynamic organization. At our leading mobility company, we empower freedom of movement through safe, reliable, and innovative solutions that serve the common good. With operations across the country, we deliver transportation services under well-known brand names, contributing to a connected and accessible Netherlands. As the Cyber Security Officer, you will play a critical role in ensuring the overall cyber hygiene and IT security of our organization. Your primary responsibility will be to maintain a comprehensive oversight of our platforms, continuously monitoring for potential threats and vulnerabilities. You will be responsible for the swift identification and resolution of security incidents and cyber attacks, collaborating closely with our IT security engineers and colleagues from different departments. In addition to your day-to-day operational tasks, you will actively contribute to strategic decision-making. You will have the opportunity to present innovative ideas and IT security improvements to our Chief Information Security Officer (CISO). This will involve proposing system implementations, suggesting new processes and procedures, and recommending measures to enhance the security and robustness of our infrastructure. As a major stakeholder, you will participate in new IT projects, conduct third-party risk assessments, and drive information security enhancements across various departments. Responsibilities: Oversee the day-to-day control, maintenance, and monitoring of our cyber security measures, reporting directly to the CISO. Develop and update security policies pertaining to cyber security, aligning NL security policies with group-wide standards. Provide clear security requirements and guidance to steer the organization in the right direction. Offer expert advice on cyber security matters, supporting and collaborating with departments throughout the organization. Guide the purchasing and contracting department in managing third-party risks effectively. Drive continuous improvement of our cyber security posture and initiatives. Requirements: To be successful in this role, you should meet the following requirements: Bachelor's or master's degree in Computer Science, Cyber Security, Informatics, Information Security, or a related field. Minimum of 3 years of experience in cyber security governance and process management. Relevant certifications such as CISM, CISA, CISSP, CRISC, ISO27001, or willingness to obtain them. Up-to-date knowledge of emerging cyber security innovations and upcoming threats. Experience in reviewing and maintaining the Cybersecurity policy framework, ensuring compliance with ISO 27001. Proficiency in working with security frameworks such as ISO27001/2, NIST, SOC2, etc. Familiarity with cloud platforms (Azure/AWS) and website security. Excellent communication skills in both written and spoken Dutch and English. Strong technical expertise in cybersecurity and project management. What We Offer: We offer an excellent compensation package, including pension benefits, a 13th-month bonus, vacation allowance, and a personal growth budget. You will enjoy flexible scheduling options and the possibility of remote work. Join us and be part of a company that values innovation, security, and a sustainable future. If you are ready to take on this exciting opportunity as a Cyber Security Officer and contribute to the safe and reliable mobility solutions we provide, apply now! Venquis is acting as an Employment Agency in relation to this vacancy.
30/05/2023
Full time
Are you a highly skilled and motivated Cyber Security Officer seeking an exciting opportunity with significant responsibilities? Look no further! We are currently hiring a Cyber Security Officer to join our dynamic organization. At our leading mobility company, we empower freedom of movement through safe, reliable, and innovative solutions that serve the common good. With operations across the country, we deliver transportation services under well-known brand names, contributing to a connected and accessible Netherlands. As the Cyber Security Officer, you will play a critical role in ensuring the overall cyber hygiene and IT security of our organization. Your primary responsibility will be to maintain a comprehensive oversight of our platforms, continuously monitoring for potential threats and vulnerabilities. You will be responsible for the swift identification and resolution of security incidents and cyber attacks, collaborating closely with our IT security engineers and colleagues from different departments. In addition to your day-to-day operational tasks, you will actively contribute to strategic decision-making. You will have the opportunity to present innovative ideas and IT security improvements to our Chief Information Security Officer (CISO). This will involve proposing system implementations, suggesting new processes and procedures, and recommending measures to enhance the security and robustness of our infrastructure. As a major stakeholder, you will participate in new IT projects, conduct third-party risk assessments, and drive information security enhancements across various departments. Responsibilities: Oversee the day-to-day control, maintenance, and monitoring of our cyber security measures, reporting directly to the CISO. Develop and update security policies pertaining to cyber security, aligning NL security policies with group-wide standards. Provide clear security requirements and guidance to steer the organization in the right direction. Offer expert advice on cyber security matters, supporting and collaborating with departments throughout the organization. Guide the purchasing and contracting department in managing third-party risks effectively. Drive continuous improvement of our cyber security posture and initiatives. Requirements: To be successful in this role, you should meet the following requirements: Bachelor's or master's degree in Computer Science, Cyber Security, Informatics, Information Security, or a related field. Minimum of 3 years of experience in cyber security governance and process management. Relevant certifications such as CISM, CISA, CISSP, CRISC, ISO27001, or willingness to obtain them. Up-to-date knowledge of emerging cyber security innovations and upcoming threats. Experience in reviewing and maintaining the Cybersecurity policy framework, ensuring compliance with ISO 27001. Proficiency in working with security frameworks such as ISO27001/2, NIST, SOC2, etc. Familiarity with cloud platforms (Azure/AWS) and website security. Excellent communication skills in both written and spoken Dutch and English. Strong technical expertise in cybersecurity and project management. What We Offer: We offer an excellent compensation package, including pension benefits, a 13th-month bonus, vacation allowance, and a personal growth budget. You will enjoy flexible scheduling options and the possibility of remote work. Join us and be part of a company that values innovation, security, and a sustainable future. If you are ready to take on this exciting opportunity as a Cyber Security Officer and contribute to the safe and reliable mobility solutions we provide, apply now! Venquis is acting as an Employment Agency in relation to this vacancy.
OT/IT Security Analyst - NIS/CAF/IEC62443 (Relocation package available) £50,000 - £60,000 + 20% Bonus/overtime Interesting opportunity to join one of the UK's largest energy producing companies as they continue to grow and further develop their OT/IT Security functions. We require a Security Analyst with strong experience and knowledge of security, ideally within the energy sector. The Security Analyst will assist with the monitoring and management of operational security. This will include monitoring adherence to security governance (including capturing evidence as appropriate), monitoring security alerts, monitoring security KPI's and assisting production of reports (eg to Board, or regulators), assisting with planning and operation of security activity according to the security calendar (eg user recertification, internal audit/risk management, penetration testing), monitoring updates with security regulation and best practice, and monitoring/reporting/actioning (as appropriate) threat intelligence. Strong experience within a security environment is required and specific knowledge of NIS CAF, IEC62443 and ISO27001 will be advantageous. The role requires an understanding of the technology principles underpinning the energy sectors unique environment, and utilisation of purdue layering (including OT/DMZ/IT layers), as well as a broad, up-to-date knowledge of security policies, processes and procedures including Risk Management, Identity & Access Management and Incident Management & Response. In additional to a strong understanding of Security principles this role will involve close liaison with the IT Team, Site/Security Engineers and other staff at all levels as appropriate. The candidate should be a strong team player with excellent security governance and communication skills; and be motivated and independent. Key Responsibilities Working with SOC, monitor security alerts from intrusion detection systems; document triaging data and escalate as appropriate. Assist analysis of system and network logs to identify false positives, data trends and non-conformance with security policies; test and evaluate security policies. Assist key processes from a security perspective (eg Risk Management, Change Management, User Management, Incident Management and Recovery/Disaster Recovery). Ensure security documentation remains up to date/aligned with current regulations and best practice; gather evidence of adherence to security policies, processes and procedures. Monitoring/capturing operational security KPI's; Generating reports as required (eg Board, Regulators etc) Compiling required information/documentation in the event of a security incident Link with key external parties to gather threat intelligence; document/present proposals for continuous improvement. Provide security related SME support to projects and initiatives as required. Assist with the creation and delivery of the security calendar, including assisting regular events such as annual policy reviews, user recertification, internal audit and penetration testing. Desired Skills Understanding/experience of key security standards and frameworks (eg NIS CAF, IEC62443, ISO27001, NIST, CoBIT, CIS, GDPR, Cyber Essentials) Experience in conducting IT/OT compliance assessments and administering IT/OT security controls. Proven experience in relevant areas, such as incident response, intrusion analysis, malware analysis or security engineering. Knowledge of malware families and network attack vectors. Solid understanding internetworking technologies including packet analysis, routing and network security defences. Knowledge of common security tools such as SIEM, WAF, IDS, PAM, IdAM, Packet Analyzer and Endpoint Detection and Response tools. Excellent problem-solving skills, with tenacity and resilience to resolve issues. Excellent communication and collaboration skills. Relevant security-related certifications (eg CISSP, GCIH, GCIA, GCED, GCFA, CySA) OT/IT Security Analyst - NIS/CAF/IEC62443 £50,000 - £60,000 + 20% Bonus/overtime
30/05/2023
Full time
OT/IT Security Analyst - NIS/CAF/IEC62443 (Relocation package available) £50,000 - £60,000 + 20% Bonus/overtime Interesting opportunity to join one of the UK's largest energy producing companies as they continue to grow and further develop their OT/IT Security functions. We require a Security Analyst with strong experience and knowledge of security, ideally within the energy sector. The Security Analyst will assist with the monitoring and management of operational security. This will include monitoring adherence to security governance (including capturing evidence as appropriate), monitoring security alerts, monitoring security KPI's and assisting production of reports (eg to Board, or regulators), assisting with planning and operation of security activity according to the security calendar (eg user recertification, internal audit/risk management, penetration testing), monitoring updates with security regulation and best practice, and monitoring/reporting/actioning (as appropriate) threat intelligence. Strong experience within a security environment is required and specific knowledge of NIS CAF, IEC62443 and ISO27001 will be advantageous. The role requires an understanding of the technology principles underpinning the energy sectors unique environment, and utilisation of purdue layering (including OT/DMZ/IT layers), as well as a broad, up-to-date knowledge of security policies, processes and procedures including Risk Management, Identity & Access Management and Incident Management & Response. In additional to a strong understanding of Security principles this role will involve close liaison with the IT Team, Site/Security Engineers and other staff at all levels as appropriate. The candidate should be a strong team player with excellent security governance and communication skills; and be motivated and independent. Key Responsibilities Working with SOC, monitor security alerts from intrusion detection systems; document triaging data and escalate as appropriate. Assist analysis of system and network logs to identify false positives, data trends and non-conformance with security policies; test and evaluate security policies. Assist key processes from a security perspective (eg Risk Management, Change Management, User Management, Incident Management and Recovery/Disaster Recovery). Ensure security documentation remains up to date/aligned with current regulations and best practice; gather evidence of adherence to security policies, processes and procedures. Monitoring/capturing operational security KPI's; Generating reports as required (eg Board, Regulators etc) Compiling required information/documentation in the event of a security incident Link with key external parties to gather threat intelligence; document/present proposals for continuous improvement. Provide security related SME support to projects and initiatives as required. Assist with the creation and delivery of the security calendar, including assisting regular events such as annual policy reviews, user recertification, internal audit and penetration testing. Desired Skills Understanding/experience of key security standards and frameworks (eg NIS CAF, IEC62443, ISO27001, NIST, CoBIT, CIS, GDPR, Cyber Essentials) Experience in conducting IT/OT compliance assessments and administering IT/OT security controls. Proven experience in relevant areas, such as incident response, intrusion analysis, malware analysis or security engineering. Knowledge of malware families and network attack vectors. Solid understanding internetworking technologies including packet analysis, routing and network security defences. Knowledge of common security tools such as SIEM, WAF, IDS, PAM, IdAM, Packet Analyzer and Endpoint Detection and Response tools. Excellent problem-solving skills, with tenacity and resilience to resolve issues. Excellent communication and collaboration skills. Relevant security-related certifications (eg CISSP, GCIH, GCIA, GCED, GCFA, CySA) OT/IT Security Analyst - NIS/CAF/IEC62443 £50,000 - £60,000 + 20% Bonus/overtime
Infrastructure Engineer - Platforms/Servers/Networks/AWS/Azure - is required by fast growing, highly successful and international organisation. Based remote and commutable monthly to Chorley, Lancashire. J ob Purpose: Responsible for the operations of secure and highly available computing platforms, Servers, and networks. This is achieved by monitoring, maintaining, supporting, optimising and improving the environment. The Infrastructure Engineer will apply proven communication, analytical, and problem-solving skills to help identify, communicate, and resolve issues to maximise the benefit of IT systems, checking that they are managed in accordance with agreed standards and procedures. A can-do, proactive approach is essential to aid innovation and continuous improvement. The position involves progressing various key infrastructure projects and delivering them. Main Duties & responsibilities: Ensure high levels of performance, availability and security throughout the IT infrastructure. Physical and logical network design, monitoring, optimisation and security. Management of Virtual Servers, Operating systems and the desktop estate. Monitor, diagnose and resolve problems with key IT systems to ensure systems work efficiently. Manage crisis situations and work under pressure to resolve problems. Plan and undertake projects to improve and upgrade key IT systems. Produce relevant documentation and project plans. Ensuring continued compliance with ISO and Cyber Essentials +. Manage, configure and develop the LAN and WAN across Europe. Provide technical expertise for 1st and 2nd line IT support staff, sharing technical knowledge. Share domain and technical expertise, providing technical mentorship and cross-training to other peers and team members. Provide operational and technical support documentation as appropriate. Independently analyse, solve and correct issues in Real Time, providing problem resolution end-to-end. Refine and automate regular processes, track issues and document all changes. Provide out of hours support for critical production systems as needed. Ensure out of hours support is needed as infrequently as possible. Perform scheduled maintenance and support release deployment activities outside of core hours - whilst working towards in-hours releases. Knowledge, Skills, Qualifications and Experience: The ideal candidate will be educated to Degree level/equivalent and possess expert knowledge in some of the technologies currently used. Specific experience is unimportant as tools many change, though the candidate should have a broad knowledge in the field. Current Technologies include: Microsoft O365, Windows 10, Windows Server , SQL Server, Exchange online. Active Directory, Microsoft Group Policy, Microsoft IIS VMware vSphere, Desktop Central, Arcserve Backup, Sophos, Nessus, PRTG IP Stack, Managed Switches and structured cabling Excellent training and career development opportunities exist for the right candidate. Basic salary £40-55,000 + excellent benefits Based remote and commutable monthly to Chorley in Lancashire.
30/05/2023
Full time
Infrastructure Engineer - Platforms/Servers/Networks/AWS/Azure - is required by fast growing, highly successful and international organisation. Based remote and commutable monthly to Chorley, Lancashire. J ob Purpose: Responsible for the operations of secure and highly available computing platforms, Servers, and networks. This is achieved by monitoring, maintaining, supporting, optimising and improving the environment. The Infrastructure Engineer will apply proven communication, analytical, and problem-solving skills to help identify, communicate, and resolve issues to maximise the benefit of IT systems, checking that they are managed in accordance with agreed standards and procedures. A can-do, proactive approach is essential to aid innovation and continuous improvement. The position involves progressing various key infrastructure projects and delivering them. Main Duties & responsibilities: Ensure high levels of performance, availability and security throughout the IT infrastructure. Physical and logical network design, monitoring, optimisation and security. Management of Virtual Servers, Operating systems and the desktop estate. Monitor, diagnose and resolve problems with key IT systems to ensure systems work efficiently. Manage crisis situations and work under pressure to resolve problems. Plan and undertake projects to improve and upgrade key IT systems. Produce relevant documentation and project plans. Ensuring continued compliance with ISO and Cyber Essentials +. Manage, configure and develop the LAN and WAN across Europe. Provide technical expertise for 1st and 2nd line IT support staff, sharing technical knowledge. Share domain and technical expertise, providing technical mentorship and cross-training to other peers and team members. Provide operational and technical support documentation as appropriate. Independently analyse, solve and correct issues in Real Time, providing problem resolution end-to-end. Refine and automate regular processes, track issues and document all changes. Provide out of hours support for critical production systems as needed. Ensure out of hours support is needed as infrequently as possible. Perform scheduled maintenance and support release deployment activities outside of core hours - whilst working towards in-hours releases. Knowledge, Skills, Qualifications and Experience: The ideal candidate will be educated to Degree level/equivalent and possess expert knowledge in some of the technologies currently used. Specific experience is unimportant as tools many change, though the candidate should have a broad knowledge in the field. Current Technologies include: Microsoft O365, Windows 10, Windows Server , SQL Server, Exchange online. Active Directory, Microsoft Group Policy, Microsoft IIS VMware vSphere, Desktop Central, Arcserve Backup, Sophos, Nessus, PRTG IP Stack, Managed Switches and structured cabling Excellent training and career development opportunities exist for the right candidate. Basic salary £40-55,000 + excellent benefits Based remote and commutable monthly to Chorley in Lancashire.
SCADA and Telemetry Engineer Are you an experienced SCADA and Telemetry Engineer looking for a role which offers genuine work life balance and job security alongside exposure to cutting edge technologies? The Opportunity We're looking for a SCADA and Telemetry Engineer on behalf of our client, a well-established, nationwide utilities provider. The role sits within a small team of specialist Engineers who form the SCADA and Telemetry Services department and report into the SCADA and Telemetry Team Leader. The team play a business critical role in ensuring an efficient and effective service is delivered through supporting essential operational systems. The position offers a fantastic opportunity to join a high performing team and gain exposure to cutting edge technologies as the business is implementing significant modernisation upgrades across their platforms. Key responsibilities; Provide expertise in SCADA and Telemetry technology and systems Acknowledge, prioritise and rectify faults and problems within the information services system Liaise with departments within the organisation to provide guidance and support on SCADA and Telemetry issues Assist in the development of SCADA and Telemetry systems to meet changing business requirements The successful candidate will be able to demonstrate skills and experience in; Maintenance and fault finding of SCADA and Telemetry technology and systems Process control Radio, Cellular and IP Communications Networking and cyber security Liaising with stakeholders to deliver projects The client is a well-established business with a distinguished reputation in its field, alongside fantastic opportunities for career development the successful candidate will benefit from a high level of job security, genuine work life balance and an excellent remuneration package which is not to be missed. This is a permanent position which involves a combination of site visits and remote working, as a result a full UK driving Licence is required. The role is based in Middlesborough and is interviewing immediately, please call today for a further discussion . Please note applicants must have full right to work in the UK as sponsorship is not available for this role.
30/05/2023
Full time
SCADA and Telemetry Engineer Are you an experienced SCADA and Telemetry Engineer looking for a role which offers genuine work life balance and job security alongside exposure to cutting edge technologies? The Opportunity We're looking for a SCADA and Telemetry Engineer on behalf of our client, a well-established, nationwide utilities provider. The role sits within a small team of specialist Engineers who form the SCADA and Telemetry Services department and report into the SCADA and Telemetry Team Leader. The team play a business critical role in ensuring an efficient and effective service is delivered through supporting essential operational systems. The position offers a fantastic opportunity to join a high performing team and gain exposure to cutting edge technologies as the business is implementing significant modernisation upgrades across their platforms. Key responsibilities; Provide expertise in SCADA and Telemetry technology and systems Acknowledge, prioritise and rectify faults and problems within the information services system Liaise with departments within the organisation to provide guidance and support on SCADA and Telemetry issues Assist in the development of SCADA and Telemetry systems to meet changing business requirements The successful candidate will be able to demonstrate skills and experience in; Maintenance and fault finding of SCADA and Telemetry technology and systems Process control Radio, Cellular and IP Communications Networking and cyber security Liaising with stakeholders to deliver projects The client is a well-established business with a distinguished reputation in its field, alongside fantastic opportunities for career development the successful candidate will benefit from a high level of job security, genuine work life balance and an excellent remuneration package which is not to be missed. This is a permanent position which involves a combination of site visits and remote working, as a result a full UK driving Licence is required. The role is based in Middlesborough and is interviewing immediately, please call today for a further discussion . Please note applicants must have full right to work in the UK as sponsorship is not available for this role.
Network Domain Architect - €100K+ Bonus & Benefits Highly regarded Insurance and Financial Services Multinational has an immediate requirement for a Network Domain Architect to join operations at their European HQ in Dublin City Centre. The Network Domain Architect will set the direction enterprise network solutions and influence direction on security, tooling and strategy. They will ensure we have the right technologies, capabilities, and architectures to connect, support and secure Enterprise operations into the future. This position also has a leadership Dimension, as the Network Domain Architect will have responsibility for leading a team of solution architects whose primary purpose is the ongoing improvement of Information Systems methods, tools, techniques and the delivery of services throughout the business. This role is permanent and comes with an exceptionally generous benefits package. The working arrangements for this role are hybrid, with a 1-2 day per week onsite requirement. Please note that while this role is offered on a hybrid basis there may be an occasional requirement to visit the company's offices at short notice so all prospective candidates must be willing to reside in the republic of Ireland. Duties and Responsibilities: Work closely with the other architects and leaders across the enterprise to define technology direction, strategies and roadmaps. Ensure that strategies are in place which align with business and other IS strategies including the wider European Technology Strategy. Manage a team of architects working on a diverse project portfolio. Define goals and objectives, meet regularly, provide direction and guidance, review project allocations Mentor other staff and assist in succession planning activities Represent your Domain/Specialist area(s) at Technical Design Authority Provide governance and oversight to project/programmes Provide consultancy services to the enterprise Lead technology RFPs Business case development Vendor management Stakeholder management Technology Due diligence exercises for M&A Activities Maintain strong partnership with IT leaders and practitioners across the enterprise Ensure technology deliveries align to strategies and standards Essential Candidate Requirements 10+ Years working in network/security engineering Third Level degree in Computer Science, IT or other relevant area. A proven track record in working effectively as part of a team within formal project management methodologies and processes. Broad technical knowledge of a range of Application and Infrastructure disciplines across Storage/Compute/Network for on-prem and experience in working on delivery of Cloud solutions in addition to Cyber Security is an essential. Experience in architecting and designing complex technical solutions in a hybrid cloud environment. Ability to collaborate effectively with staff at all levels and use your influencing skills to drive better business outcomes Demonstratable experience as the technical lead in the delivery of infrastructure and software solutions, and be able to reference successful implementations Possess professional Cloud, Security & Networking certification. Knowledge of industry trends, directions, roadmaps, capability models and frameworks The drive and willingness to continuously develop your technical knowledge Excellent communications skills with a trac k record in communicating at all levels from Executive to Team level, IS and business stakeholders. Excellent written skills are also essential. Telecoms knowledge and experience would be an advantage. Experience in working and driving large scale programs. Has a very strong risk security focus. Representing Information Security across Technology Services and playing a key role in communicating the technology strategies and road maps. Leading complex projects/issues that require in-depth knowledge across multiple technical areas across common enterprise architecture domains Advantageous but not essential: Experience working within the financial services sector is preferable, or within other heavily regulated entities such as Pharma. A broad understanding of how applications work and the implications of technology change on them. IMPORTANT - All applicants must have immediate availability to work in the EU as our client cannot provide any kind of Visa or Work Permit sponsorship at present. To Apply: For more information on this role, please contact Níall or send current CV along with brief cover letter through this site
30/05/2023
Full time
Network Domain Architect - €100K+ Bonus & Benefits Highly regarded Insurance and Financial Services Multinational has an immediate requirement for a Network Domain Architect to join operations at their European HQ in Dublin City Centre. The Network Domain Architect will set the direction enterprise network solutions and influence direction on security, tooling and strategy. They will ensure we have the right technologies, capabilities, and architectures to connect, support and secure Enterprise operations into the future. This position also has a leadership Dimension, as the Network Domain Architect will have responsibility for leading a team of solution architects whose primary purpose is the ongoing improvement of Information Systems methods, tools, techniques and the delivery of services throughout the business. This role is permanent and comes with an exceptionally generous benefits package. The working arrangements for this role are hybrid, with a 1-2 day per week onsite requirement. Please note that while this role is offered on a hybrid basis there may be an occasional requirement to visit the company's offices at short notice so all prospective candidates must be willing to reside in the republic of Ireland. Duties and Responsibilities: Work closely with the other architects and leaders across the enterprise to define technology direction, strategies and roadmaps. Ensure that strategies are in place which align with business and other IS strategies including the wider European Technology Strategy. Manage a team of architects working on a diverse project portfolio. Define goals and objectives, meet regularly, provide direction and guidance, review project allocations Mentor other staff and assist in succession planning activities Represent your Domain/Specialist area(s) at Technical Design Authority Provide governance and oversight to project/programmes Provide consultancy services to the enterprise Lead technology RFPs Business case development Vendor management Stakeholder management Technology Due diligence exercises for M&A Activities Maintain strong partnership with IT leaders and practitioners across the enterprise Ensure technology deliveries align to strategies and standards Essential Candidate Requirements 10+ Years working in network/security engineering Third Level degree in Computer Science, IT or other relevant area. A proven track record in working effectively as part of a team within formal project management methodologies and processes. Broad technical knowledge of a range of Application and Infrastructure disciplines across Storage/Compute/Network for on-prem and experience in working on delivery of Cloud solutions in addition to Cyber Security is an essential. Experience in architecting and designing complex technical solutions in a hybrid cloud environment. Ability to collaborate effectively with staff at all levels and use your influencing skills to drive better business outcomes Demonstratable experience as the technical lead in the delivery of infrastructure and software solutions, and be able to reference successful implementations Possess professional Cloud, Security & Networking certification. Knowledge of industry trends, directions, roadmaps, capability models and frameworks The drive and willingness to continuously develop your technical knowledge Excellent communications skills with a trac k record in communicating at all levels from Executive to Team level, IS and business stakeholders. Excellent written skills are also essential. Telecoms knowledge and experience would be an advantage. Experience in working and driving large scale programs. Has a very strong risk security focus. Representing Information Security across Technology Services and playing a key role in communicating the technology strategies and road maps. Leading complex projects/issues that require in-depth knowledge across multiple technical areas across common enterprise architecture domains Advantageous but not essential: Experience working within the financial services sector is preferable, or within other heavily regulated entities such as Pharma. A broad understanding of how applications work and the implications of technology change on them. IMPORTANT - All applicants must have immediate availability to work in the EU as our client cannot provide any kind of Visa or Work Permit sponsorship at present. To Apply: For more information on this role, please contact Níall or send current CV along with brief cover letter through this site
Principal Engineer - Produsct Security Filton (Or nearest site) £83.40p/h Inside IR35 This role requires Active SC clearance from day 1. (No Sponsorship offered) Role Description The following activities are typical of the work that may be carried out by the PSA Principal Engineer, in full or part dependent on the role and the place the project is in the engineering life cycle: Provide advice on Product Security matters for programmes to a wide range of stakeholders which will include System Engineers, Engineering Managers and Technical Authorities as required. Gain sufficient understanding of a system, its concept of use and architectures in order to provide an accurate assessment of Product Security in terms of possible threats, potential avenues of attack and to advise on the application of secure development practices. Be able to select appropriate Product Security techniques which are consistent and repeatable for use across a programme. Understand and be able to provide relevant guidance on the threat environment for a programme. Ensure that Product Security analysis of a project, system or equipment, is delivered and is managed using recognised risk analysis techniques. Ensure that Product Security analysis work is fully documented, enabling the management of risk throughout the product life cycle. Be able to contribute and influence the development of Product Security strategies, policies, guidance, good practices and awareness. Be able to recommend appropriate controls to mitigate identified risks in line with government and MOD policies and good practice, to provide more cost effective risk mitigation in the longer term. Present risks and proposed controls to internal and external stakeholders, to achieve agreement and buy-in. Be able to plan and manage work concurrently across multiple security work programmes. Provide regular updates on project status/progress in accordance with project specific reporting cycles. Represent the Product Security group at Design Reviews and other various engagements, to ensure that Product Security is appropriately considered at each stage of the design life cycle. Undertake peer reviews as directed. Provide technical guidance and supervision to other Product Security engineers and support the management and planning of specialist activities. Provide technical guidance and support in relation to product incident management. Specific Key Accountabilities and Deliverables The PSA Principal Engineer will be responsible for, or provide input to the following typical key deliverables, dependent on the role and the place the project is in the engineering life cycle: Risk Management Accreditation Document Set (RMADS). Security Strategy and other accreditation documentation Captured and agreed technical requirements in accordance with company and programme processes. Compliant technical solutions against contractual requirements and regulations. Technical input and appropriate consideration of product security activities and issues for LCM deliverables and Design Reviews, including Sub-Contract Design Reviews. Captured and agreed input to appropriate Verification and Qualification Plans. Specialist advice and contribution to other project documentation, such as Training Needs Analysis (TNA), Technical Publications, Cyber Incident Plans and Operating Instructions (list is not exhaustive). Experience Degree (or equivalent experience) in a relevant STEM subject or Information Security related. Holds NCSC CCP SIRA status (or able to achieve) Good understanding of information security principles and is able to advise on the potential impact to Product Systems. Experience of Product Security Engineering activities in the defence, maritime or closely linked domain. Knowledge of security related activities required to support the engineering life cycle with experience of operating in the phase relevant to the role. Proven experience of assessing and managing information risk in line with industry good practice. Experience of assessing and advising on controls to support Product Safety. Proven experience of applying Product Security/Information Security concepts to applicable technologies within the environment (or similar).
30/05/2023
Project-based
Principal Engineer - Produsct Security Filton (Or nearest site) £83.40p/h Inside IR35 This role requires Active SC clearance from day 1. (No Sponsorship offered) Role Description The following activities are typical of the work that may be carried out by the PSA Principal Engineer, in full or part dependent on the role and the place the project is in the engineering life cycle: Provide advice on Product Security matters for programmes to a wide range of stakeholders which will include System Engineers, Engineering Managers and Technical Authorities as required. Gain sufficient understanding of a system, its concept of use and architectures in order to provide an accurate assessment of Product Security in terms of possible threats, potential avenues of attack and to advise on the application of secure development practices. Be able to select appropriate Product Security techniques which are consistent and repeatable for use across a programme. Understand and be able to provide relevant guidance on the threat environment for a programme. Ensure that Product Security analysis of a project, system or equipment, is delivered and is managed using recognised risk analysis techniques. Ensure that Product Security analysis work is fully documented, enabling the management of risk throughout the product life cycle. Be able to contribute and influence the development of Product Security strategies, policies, guidance, good practices and awareness. Be able to recommend appropriate controls to mitigate identified risks in line with government and MOD policies and good practice, to provide more cost effective risk mitigation in the longer term. Present risks and proposed controls to internal and external stakeholders, to achieve agreement and buy-in. Be able to plan and manage work concurrently across multiple security work programmes. Provide regular updates on project status/progress in accordance with project specific reporting cycles. Represent the Product Security group at Design Reviews and other various engagements, to ensure that Product Security is appropriately considered at each stage of the design life cycle. Undertake peer reviews as directed. Provide technical guidance and supervision to other Product Security engineers and support the management and planning of specialist activities. Provide technical guidance and support in relation to product incident management. Specific Key Accountabilities and Deliverables The PSA Principal Engineer will be responsible for, or provide input to the following typical key deliverables, dependent on the role and the place the project is in the engineering life cycle: Risk Management Accreditation Document Set (RMADS). Security Strategy and other accreditation documentation Captured and agreed technical requirements in accordance with company and programme processes. Compliant technical solutions against contractual requirements and regulations. Technical input and appropriate consideration of product security activities and issues for LCM deliverables and Design Reviews, including Sub-Contract Design Reviews. Captured and agreed input to appropriate Verification and Qualification Plans. Specialist advice and contribution to other project documentation, such as Training Needs Analysis (TNA), Technical Publications, Cyber Incident Plans and Operating Instructions (list is not exhaustive). Experience Degree (or equivalent experience) in a relevant STEM subject or Information Security related. Holds NCSC CCP SIRA status (or able to achieve) Good understanding of information security principles and is able to advise on the potential impact to Product Systems. Experience of Product Security Engineering activities in the defence, maritime or closely linked domain. Knowledge of security related activities required to support the engineering life cycle with experience of operating in the phase relevant to the role. Proven experience of assessing and managing information risk in line with industry good practice. Experience of assessing and advising on controls to support Product Safety. Proven experience of applying Product Security/Information Security concepts to applicable technologies within the environment (or similar).
NO SPONSORSHIP Expert Vulnerability Researcher Researcher with CVE. 100% REMOTE Looking for a candidate who has a track record of Vulnerability Research (based on products developed, conference presentations, CVEs reported, having held research positions at prominent research orgs (.gov, Raytheon, MIT Lincoln Labs, niche security consulting shops, etc.). Ideal candidate will have additional skillsets like: Azure, Oracle Cloud, web platforms (specifically Java and Node/React on the research side, not OWASP. Someone who has published research or presented at a conference on web application security (eg, OAuth, SAML, web platform security bugs), and/or enterprise product vulnerability research All candidates should have experience developing in multiple languages and be able to find bugs in closed source products (ie, via reverse engineering). The Vulnerability Researcher role is responsible for analysing systems, software, and security strategies to discover previously unknown vulnerabilities to proactively identify and mitigate emerging threats. This is accomplished by performing manual and automated source code review, binary analysis, vulnerability assessments, threat modelling, and security architecture review. This role requires research into the latest threat actors, attack vectors, and the offensive security techniques. Development of custom tooling and automation will be required to supplement manual vulnerability discovery. You must be an application, penetration, code-testing EXPERT. Somebody who can call into the code and punch holes from the inside-out. QUALIFICATIONS: 7+ years of work experience in the Cyber Security industry Bachelors Degree in Computer Science or Management Information related field, or equivalent work experience Understanding of all phases of adversary emulation operations including reconnaissance, social engineering, exploitation, post-exploitation, covert techniques, lateral movement, and data exfiltration Extensive experience in offensive cybersecurity roles, such as red teaming, penetration testing (eg, web, infrastructure, cloud), purple team exercises in cloud and on-prem environments A robust understanding of contemporary security theory and application exploitation techniques and attack vectors (including the vulnerability life cycle and scanning methodologies (SAST, DAST, IAST, RASP) Experience developing and managing testing methodologies that adhere to common security guidelines such as OWASP and frameworks such NIST 800 or MITRE ATT&CK CVE A solid understanding of computer architecture and organization with respect to binary analysis and exploitation Ability to analyze, create, and debug shellcode and other low-level exploits Experience developing custom security (either offensive or defensive) software in one or more compiled languages Demonstrated abilities to reverse engineer binaries, enumerate vulnerabilities in compiled software, and provide working exploits (eg, CVEs, public acknowledgements, or ability to demonstrate on demand) Familiarity with automated security analysis and fuzzing tools (eg, AFL and Peach) Demonstrated ability to discover vulnerabilities via static analysis and source code review A working understanding of key programming languages and frameworks (eg, Java, Node.js, Python, JSP, etc.), including the ability to pick up new languages quickly, understand the security implications of those languages, and enumerate vulnerabilities in custom-developed software packages that leverage those languages Familiarity with Scripting/programming of Python, PowerShell, or C# with the ability to create and customize tools Must have Reverse Engineering and Binary Analysis experience
29/05/2023
Full time
NO SPONSORSHIP Expert Vulnerability Researcher Researcher with CVE. 100% REMOTE Looking for a candidate who has a track record of Vulnerability Research (based on products developed, conference presentations, CVEs reported, having held research positions at prominent research orgs (.gov, Raytheon, MIT Lincoln Labs, niche security consulting shops, etc.). Ideal candidate will have additional skillsets like: Azure, Oracle Cloud, web platforms (specifically Java and Node/React on the research side, not OWASP. Someone who has published research or presented at a conference on web application security (eg, OAuth, SAML, web platform security bugs), and/or enterprise product vulnerability research All candidates should have experience developing in multiple languages and be able to find bugs in closed source products (ie, via reverse engineering). The Vulnerability Researcher role is responsible for analysing systems, software, and security strategies to discover previously unknown vulnerabilities to proactively identify and mitigate emerging threats. This is accomplished by performing manual and automated source code review, binary analysis, vulnerability assessments, threat modelling, and security architecture review. This role requires research into the latest threat actors, attack vectors, and the offensive security techniques. Development of custom tooling and automation will be required to supplement manual vulnerability discovery. You must be an application, penetration, code-testing EXPERT. Somebody who can call into the code and punch holes from the inside-out. QUALIFICATIONS: 7+ years of work experience in the Cyber Security industry Bachelors Degree in Computer Science or Management Information related field, or equivalent work experience Understanding of all phases of adversary emulation operations including reconnaissance, social engineering, exploitation, post-exploitation, covert techniques, lateral movement, and data exfiltration Extensive experience in offensive cybersecurity roles, such as red teaming, penetration testing (eg, web, infrastructure, cloud), purple team exercises in cloud and on-prem environments A robust understanding of contemporary security theory and application exploitation techniques and attack vectors (including the vulnerability life cycle and scanning methodologies (SAST, DAST, IAST, RASP) Experience developing and managing testing methodologies that adhere to common security guidelines such as OWASP and frameworks such NIST 800 or MITRE ATT&CK CVE A solid understanding of computer architecture and organization with respect to binary analysis and exploitation Ability to analyze, create, and debug shellcode and other low-level exploits Experience developing custom security (either offensive or defensive) software in one or more compiled languages Demonstrated abilities to reverse engineer binaries, enumerate vulnerabilities in compiled software, and provide working exploits (eg, CVEs, public acknowledgements, or ability to demonstrate on demand) Familiarity with automated security analysis and fuzzing tools (eg, AFL and Peach) Demonstrated ability to discover vulnerabilities via static analysis and source code review A working understanding of key programming languages and frameworks (eg, Java, Node.js, Python, JSP, etc.), including the ability to pick up new languages quickly, understand the security implications of those languages, and enumerate vulnerabilities in custom-developed software packages that leverage those languages Familiarity with Scripting/programming of Python, PowerShell, or C# with the ability to create and customize tools Must have Reverse Engineering and Binary Analysis experience
We are currently looking on behalf of one of our important clients for a C#/.NET Architect/Tech Leader. The role is permanent position based in Zürich Canton & comes with good home office allowance. Your role: Carry out technical leadership in SW architecture topics in close collaboration with the other global sub-teams. Work with Business & Software Engineering Teams to build C, C++ & C#/.NET applications from the ground up. Develop edge & cloud products that shape & optimize customer production environments. Work on all layers of the technology stack to provide a solution, which is perfectly integrated from the sensor, over the edge and to the cloud. Prepare solutions by determining & designing system specifications. Ensure that solutions comply to all cyber security demands. Provide solutions that are ready to integrate into the industrial Internet of things (IIoT). Guide teams on the end-to-end project life cycle, covering the initial conception, business requirements, software architecture & technical leadership. Provide technological & architectural consulting to stakeholders. Work on proof-of-concept & the design of innovative solutions, with an emphasis on scalability, modularity, flexibility & performance. Run group-wide thought leadership initiatives to advance architectural practices & sustain technical excellence. Work closely with cooperation partners including product managers, requirements engineers, test-automation-teams, Embedded software development teams & DevOps teams. Your Skills: At least 6 years of professional experience in Designing & implementing large-scale C, C++, C#/.NET & WPF Applications. Experienced in one or several other frameworks such as ASP.NET or on web Front End frameworks such as React, Angular, Vue.js & Blazor. A good knowledge of Integration Patterns & best practices such as Synchronous vs. Asynchronous Communications, RESTful APIs, Messaging & Publish-subscribe. Experienced in IIoT communication protocols, OPC-UA & MQTT. A strong understanding of Multi-tier Architectures & Microservices (load balancers, caching, web Servers, application Servers, networking, databases & content delivery networks). Hands-on experience with Containers & Orchestration Platforms. A strong knowledge of best practices & tooling for CI/CD pipelines, DevOps, Agile methods (SAFe, Scrum), Automated Testing, Code Quality, VSTS, Selenium/Gherkin & Artifactory. Experienced in monitoring, troubleshooting & profiling systems. Skills & expertise in Cloud Services (Azure, AWS, etc.) is considered a plus. Your Profile: Completed University Degree in Computer Science or similar. Enthusiastic, creative, flexible & team-oriented. Confident with strong communication skills. Fluent in English (spoken & written), German language skills are considered very advantageous. If you wish to apply, please send us your resume in Word or PDF format with some references.
29/05/2023
Full time
We are currently looking on behalf of one of our important clients for a C#/.NET Architect/Tech Leader. The role is permanent position based in Zürich Canton & comes with good home office allowance. Your role: Carry out technical leadership in SW architecture topics in close collaboration with the other global sub-teams. Work with Business & Software Engineering Teams to build C, C++ & C#/.NET applications from the ground up. Develop edge & cloud products that shape & optimize customer production environments. Work on all layers of the technology stack to provide a solution, which is perfectly integrated from the sensor, over the edge and to the cloud. Prepare solutions by determining & designing system specifications. Ensure that solutions comply to all cyber security demands. Provide solutions that are ready to integrate into the industrial Internet of things (IIoT). Guide teams on the end-to-end project life cycle, covering the initial conception, business requirements, software architecture & technical leadership. Provide technological & architectural consulting to stakeholders. Work on proof-of-concept & the design of innovative solutions, with an emphasis on scalability, modularity, flexibility & performance. Run group-wide thought leadership initiatives to advance architectural practices & sustain technical excellence. Work closely with cooperation partners including product managers, requirements engineers, test-automation-teams, Embedded software development teams & DevOps teams. Your Skills: At least 6 years of professional experience in Designing & implementing large-scale C, C++, C#/.NET & WPF Applications. Experienced in one or several other frameworks such as ASP.NET or on web Front End frameworks such as React, Angular, Vue.js & Blazor. A good knowledge of Integration Patterns & best practices such as Synchronous vs. Asynchronous Communications, RESTful APIs, Messaging & Publish-subscribe. Experienced in IIoT communication protocols, OPC-UA & MQTT. A strong understanding of Multi-tier Architectures & Microservices (load balancers, caching, web Servers, application Servers, networking, databases & content delivery networks). Hands-on experience with Containers & Orchestration Platforms. A strong knowledge of best practices & tooling for CI/CD pipelines, DevOps, Agile methods (SAFe, Scrum), Automated Testing, Code Quality, VSTS, Selenium/Gherkin & Artifactory. Experienced in monitoring, troubleshooting & profiling systems. Skills & expertise in Cloud Services (Azure, AWS, etc.) is considered a plus. Your Profile: Completed University Degree in Computer Science or similar. Enthusiastic, creative, flexible & team-oriented. Confident with strong communication skills. Fluent in English (spoken & written), German language skills are considered very advantageous. If you wish to apply, please send us your resume in Word or PDF format with some references.
Infrastructure Consultant - Architecture, Cloud, Design, Implementation Job Title: Infrastructure Consultant Location: Hybrid/Leicestershire Salary: Up to £56,500 per annum Benefits: Excellent pension (49% employer contributions!), flexible working, social benefits, and discounts at numerous retailers! The Client: Curo is collaborating with a public sector client based in Leicestershire. They provide vital services to their communities in and around the county, and have forged excellent relationships with the local community, organisations and agencies, working towards a shared goal of making real improvements to quality of life for everyone. They offer a collaborative and supportive environment, and excellent benefits. It is worth noting that this employer offers exceptional benefits, including 49% employer pension contributions, flexible working, discounted gym membership and discounts at numerous retailers. The Candidate: This role would suit a Solutions Architect, Consultant or Senior Engineer with strong experience in networking, designing, managing and implementing complex infrastructure and technology projects within a large organisation with relevant security checks. You will be involved in a mix of projects, and support with the local implementation of national projects. This role requires 2+ years design experience (HLD and LLD). This opportunity would suit a candidate who: Can work with business, regional and national stakeholders to identify, plan, design and deliver new information technology services and infrastructure across the Leicestershire region. Can further identify areas and opportunities to improve and support existing technology and critical infrastructure. Can be responsible for technical design, implementation, maintenance, security, final line support and budgeting for a wide range of national, regional, local and collaborative systems. Can provide technical expertise to resolve and to manage any and all IT related issues, and to be part of an on-call rota to provide out of hours emergency IT service. Please note this role requires a candidate who is eligible to undergo DV Clearance. Ideally you will live within a commutable distance of Leicestershire, to accommodate the on-site requirement associated with the role. The Role: You will be joining an established internal team of 12 Solution Architects, supporting with the local implementation of regional IT Projects. This position would suit a candidate with experience of conceptualising and identifying solutions, with the ability to take responsibility for all aspects of the design, implementation and technical management of enterprise grade systems and cloud platforms as necessary. This role would suit a candidate with Solution Architecture experience in core technologies such as Active Directory, SQL Server, SAN, and Citrix. This is a hybrid position. Knowledge and Skills: As a Technical Solution Architect, the suitable candidate will (as part of a team): Have the ability to communicate effectively (both written and verbal) to a technical and non-technical audience and present technical information in a clear concise way to a range of senior technical and operational/business stakeholders. Manage relationships with local, regional and national stakeholders and partners and lead the implementation of ICT projects, systems and services. Be able to work either independently or collaboratively with colleagues to achieve the best outcome for the organisation and a passion for maintaining existing skills and acquiring new capabilities via a mix of self-learning and formal training. Education and Experience required: Solution Architecture experience with core technologies including Active Directory, SQL Server, SAN, Citrix etc. Qualified to a degree level in a Computer Science or other Technology discipline, or hold a professional qualification in a relevant subject (eg MBCS or equivalent), or demonstrate work experience to an equivalent level. Experience of conceptualising and identifying solutions and to take responsibility for all aspects of the design, implementation and technical management of enterprise grade systems and infrastructure to include physical systems, virtual systems and cloud platforms as necessary. Demonstrable experience of taking ownership of a project throughout the full implementation life cycle, of projects & systems, utilising appropriate methodologies and techniques. To include experience of planning and managing budgetary control over the life cycle of a piece of software, infrastructure or system. Maintaining documentation of systems, processes and problems using the appropriate tools and techniques (eg UML, DFD, network diagram, etc.) Manage systems to suggest technical and system optimisations through a multi-year solution lifespan to maintain and enhance business benefits. Have experience and awareness of identifying and implementing appropriate system backup, recovery and business continuity processes. Demonstrate experience and a good working knowledge of implementing systems and services that conform to the requirements of internal and external security standards (eg relevant British and ISO standards, Cyber Essentials, NCSC and NIST). Have a strong understanding of infrastructure technologies and experience of utilising and implementing such technology in a secure and practical way, to provide a technical and infrastructure expert view for procurement decisions and to influence decisions based on best practice and current industry thinking. To apply for this Infrastructure Consultant permanent job, please click the button below and submit your latest CV. Curo Services endeavours to respond to all applications, however this may not always be possible during periods of high volume. Thank you for your patience. Curo Services is a trading name of Curo Resourcing Ltd and acts as an Employment Business for contract and temporary recruitment as well as an Employment Agency in relation to permanent vacancies.
29/05/2023
Full time
Infrastructure Consultant - Architecture, Cloud, Design, Implementation Job Title: Infrastructure Consultant Location: Hybrid/Leicestershire Salary: Up to £56,500 per annum Benefits: Excellent pension (49% employer contributions!), flexible working, social benefits, and discounts at numerous retailers! The Client: Curo is collaborating with a public sector client based in Leicestershire. They provide vital services to their communities in and around the county, and have forged excellent relationships with the local community, organisations and agencies, working towards a shared goal of making real improvements to quality of life for everyone. They offer a collaborative and supportive environment, and excellent benefits. It is worth noting that this employer offers exceptional benefits, including 49% employer pension contributions, flexible working, discounted gym membership and discounts at numerous retailers. The Candidate: This role would suit a Solutions Architect, Consultant or Senior Engineer with strong experience in networking, designing, managing and implementing complex infrastructure and technology projects within a large organisation with relevant security checks. You will be involved in a mix of projects, and support with the local implementation of national projects. This role requires 2+ years design experience (HLD and LLD). This opportunity would suit a candidate who: Can work with business, regional and national stakeholders to identify, plan, design and deliver new information technology services and infrastructure across the Leicestershire region. Can further identify areas and opportunities to improve and support existing technology and critical infrastructure. Can be responsible for technical design, implementation, maintenance, security, final line support and budgeting for a wide range of national, regional, local and collaborative systems. Can provide technical expertise to resolve and to manage any and all IT related issues, and to be part of an on-call rota to provide out of hours emergency IT service. Please note this role requires a candidate who is eligible to undergo DV Clearance. Ideally you will live within a commutable distance of Leicestershire, to accommodate the on-site requirement associated with the role. The Role: You will be joining an established internal team of 12 Solution Architects, supporting with the local implementation of regional IT Projects. This position would suit a candidate with experience of conceptualising and identifying solutions, with the ability to take responsibility for all aspects of the design, implementation and technical management of enterprise grade systems and cloud platforms as necessary. This role would suit a candidate with Solution Architecture experience in core technologies such as Active Directory, SQL Server, SAN, and Citrix. This is a hybrid position. Knowledge and Skills: As a Technical Solution Architect, the suitable candidate will (as part of a team): Have the ability to communicate effectively (both written and verbal) to a technical and non-technical audience and present technical information in a clear concise way to a range of senior technical and operational/business stakeholders. Manage relationships with local, regional and national stakeholders and partners and lead the implementation of ICT projects, systems and services. Be able to work either independently or collaboratively with colleagues to achieve the best outcome for the organisation and a passion for maintaining existing skills and acquiring new capabilities via a mix of self-learning and formal training. Education and Experience required: Solution Architecture experience with core technologies including Active Directory, SQL Server, SAN, Citrix etc. Qualified to a degree level in a Computer Science or other Technology discipline, or hold a professional qualification in a relevant subject (eg MBCS or equivalent), or demonstrate work experience to an equivalent level. Experience of conceptualising and identifying solutions and to take responsibility for all aspects of the design, implementation and technical management of enterprise grade systems and infrastructure to include physical systems, virtual systems and cloud platforms as necessary. Demonstrable experience of taking ownership of a project throughout the full implementation life cycle, of projects & systems, utilising appropriate methodologies and techniques. To include experience of planning and managing budgetary control over the life cycle of a piece of software, infrastructure or system. Maintaining documentation of systems, processes and problems using the appropriate tools and techniques (eg UML, DFD, network diagram, etc.) Manage systems to suggest technical and system optimisations through a multi-year solution lifespan to maintain and enhance business benefits. Have experience and awareness of identifying and implementing appropriate system backup, recovery and business continuity processes. Demonstrate experience and a good working knowledge of implementing systems and services that conform to the requirements of internal and external security standards (eg relevant British and ISO standards, Cyber Essentials, NCSC and NIST). Have a strong understanding of infrastructure technologies and experience of utilising and implementing such technology in a secure and practical way, to provide a technical and infrastructure expert view for procurement decisions and to influence decisions based on best practice and current industry thinking. To apply for this Infrastructure Consultant permanent job, please click the button below and submit your latest CV. Curo Services endeavours to respond to all applications, however this may not always be possible during periods of high volume. Thank you for your patience. Curo Services is a trading name of Curo Resourcing Ltd and acts as an Employment Business for contract and temporary recruitment as well as an Employment Agency in relation to permanent vacancies.
Methods is a £100M+ IT Services Consultancy who has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK. Established over 30 years ago and UK-based, we apply our skills in transformation, delivery, and collaboration from across the Methods Group, to create end-to-end business and technical solutions that are people-centred, safe, and designed for the future. Our human touch sets us apart from other consultancies, system integrators and software houses - with people, technology, and data at the heart of who we are, we believe in creating value and sustainability through everything we do for our clients, staff, communities, and the planet. We support our clients in the success of their projects while working collaboratively to share skill sets and solve problems. At Methods we have fun while working hard; we are not afraid of making mistakes and learning from them. Predominantly focused on the public-sector, Methods is now building a significant private sector client portfolio. Methods was acquired by the Alten Group in early 2022. Summary Profile We are seeking skilled Network Engineers with a passion for cyber security to join our team. The successful candidate will be responsible for designing, implementing, and maintaining network infrastructure and security solutions for our clients in the public sector. They will have a deep understanding of Cisco or Juniper networking technologies and hold a CCNP/CCNA certification. Responsibilities Design and implement network solutions for clients in the public sector, ensuring that they are secure and meet business requirements. Configure and troubleshoot Cisco or Juniper networking technologies, including Routers, Switches, Firewalls, and wireless access points. Collaborate with project managers, security professionals, and other stakeholders to ensure successful project delivery. Conduct security assessments and penetration testing to identify and remediate vulnerabilities. Monitor network performance and ensure that it meets service level agreements. Document network configurations and maintain network diagrams. Provide technical support to clients and internal teams as needed. Stay up-to-date with emerging network technologies and security threats. Develop and implement disaster recovery and business continuity plans for network infrastructure and security solutions. Analyse network traffic and logs to identify and investigate security incidents and recommend remediation actions. Manage and maintain network security devices such as Firewalls, intrusion detection and prevention systems, and VPN concentrators. Design and implement network segmentation to enhance security and improve network performance. Create and maintain network and security policies, procedures, and standards. Conduct training sessions for clients and internal teams on networking best practices and policies. Work closely with vendors and service providers to manage and optimize network performance and security. Participate in the evaluation and selection of new networking and security products and technologies Develop and implement disaster recovery and business continuity plans for network infrastructure and security solutions. Analyse network traffic and logs to identify and investigate security incidents and recommend remediation actions. Manage and maintain network security devices such as Firewalls, intrusion detection and prevention systems, and VPN concentrators. Design and implement network segmentation to enhance security and improve network performance. Create and maintain network and security policies, procedures, and standards. Conduct training sessions for clients and internal teams on network security best practices and policies. Work closely with vendors and service providers to manage and optimise network performance and security. Participate in the evaluation and selection of new networking and security products and technologies. Skills & Experience CCNP/CCNA certification is essential Experience with Cisco or Juniper networking technologies, including Routers, Switches, Firewalls, and wireless access points. Strong understanding of network protocols and services, including TCP/IP, DNS, DHCP, VPN, and VLANs. Familiarity with network monitoring and troubleshooting tools, such as Wireshark and SolarWinds. Experience with cyber security best practices and tools, such as Firewalls, intrusion detection and prevention systems, and vulnerability scanners. Excellent problem-solving and communication skills. Ability to work independently and as part of a team. Experience with cloud networking technologies, such as AWS or Azure networking. Familiarity with Scripting languages such as Python, Perl, or Bash to automate network tasks. Knowledge of virtualization technologies such as VMware, Hyper-V, or KVM. Experience with software-defined networking (SDN) technologies such as OpenFlow, Open vSwitch, or Cisco ACI. Strong knowledge of security compliance frameworks such as NIST, ISO 27001, and PCI DSS. Ability to mentor and train junior network engineers and security analysts. Experience with network automation tools such as Ansible, Chef, or Puppet. If you are passionate about network engineering and cyber security and want to make a meaningful impact in the public sector, we encourage you to apply for this exciting opportunity. Desirable: Experience with cloud networking technologies, such as AWS or Azure networking. Familiarity with Scripting languages such as Python, Perl, or Bash to automate network tasks. Knowledge of virtualisation technologies such as VMware, Hyper-V, or KVM. Experience with software-defined networking (SDN) technologies such as OpenFlow, Open vSwitch, or Cisco ACI. Strong knowledge of security compliance frameworks such as NIST, ISO 27001, and PCI DSS. Ability to mentor and train junior network engineers and security analysts. Experience with network automation tools such as Ansible, Chef, or Puppet. This role will require you to have or be willing to go through Security Clearance. As part of the onboarding process candidates will be asked to complete a Baseline Personnel Security Standard; details of the evidence required to apply may be found on the government website Gov.UK. If you are unable to meet this and any associated criteria, then your employment may be delayed, or rejected. Details of this will be discussed with you at interview. Benefits Methods is passionate about its people; we want our colleagues to develop the things they are good at and enjoy. By joining us you can expect: Autonomy to develop and grow your skills and experience Be part of exciting project work that is making a difference in society Strong, inspiring, and thought-provoking leadership A supportive and collaborative environment As well as this we offer: Development access to LinkedIn Learning, a management development programme, and training Wellness 24/7 confidential employee assistance programme Flexible Working including home working and part time Social office parties, breakfast Tuesdays, monthly pizza Thursdays, Thirsty Thursdays, and commitment to charitable causes Time Off 25 days of annual leave a year, plus bank holidays, with the option to buy 5 extra days each year Volunteering 2 paid days per year to volunteer in our local communities or within a charity organisation Pension Salary Exchange Scheme with 4% employer contribution and 5% employee contribution Discretionary Company Bonus based on company and individual performance Life Assurance of 4 times base salary Private Medical Insurance which is non-contributory (spouse and dependants included) Worldwide Travel Insurance which is non-contributory (spouse and dependants included) Enhanced Maternity and Paternity Pay Travel season ticket loan, cycle to work scheme For a full list of benefits please visit our website.
29/05/2023
Full time
Methods is a £100M+ IT Services Consultancy who has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK. Established over 30 years ago and UK-based, we apply our skills in transformation, delivery, and collaboration from across the Methods Group, to create end-to-end business and technical solutions that are people-centred, safe, and designed for the future. Our human touch sets us apart from other consultancies, system integrators and software houses - with people, technology, and data at the heart of who we are, we believe in creating value and sustainability through everything we do for our clients, staff, communities, and the planet. We support our clients in the success of their projects while working collaboratively to share skill sets and solve problems. At Methods we have fun while working hard; we are not afraid of making mistakes and learning from them. Predominantly focused on the public-sector, Methods is now building a significant private sector client portfolio. Methods was acquired by the Alten Group in early 2022. Summary Profile We are seeking skilled Network Engineers with a passion for cyber security to join our team. The successful candidate will be responsible for designing, implementing, and maintaining network infrastructure and security solutions for our clients in the public sector. They will have a deep understanding of Cisco or Juniper networking technologies and hold a CCNP/CCNA certification. Responsibilities Design and implement network solutions for clients in the public sector, ensuring that they are secure and meet business requirements. Configure and troubleshoot Cisco or Juniper networking technologies, including Routers, Switches, Firewalls, and wireless access points. Collaborate with project managers, security professionals, and other stakeholders to ensure successful project delivery. Conduct security assessments and penetration testing to identify and remediate vulnerabilities. Monitor network performance and ensure that it meets service level agreements. Document network configurations and maintain network diagrams. Provide technical support to clients and internal teams as needed. Stay up-to-date with emerging network technologies and security threats. Develop and implement disaster recovery and business continuity plans for network infrastructure and security solutions. Analyse network traffic and logs to identify and investigate security incidents and recommend remediation actions. Manage and maintain network security devices such as Firewalls, intrusion detection and prevention systems, and VPN concentrators. Design and implement network segmentation to enhance security and improve network performance. Create and maintain network and security policies, procedures, and standards. Conduct training sessions for clients and internal teams on networking best practices and policies. Work closely with vendors and service providers to manage and optimize network performance and security. Participate in the evaluation and selection of new networking and security products and technologies Develop and implement disaster recovery and business continuity plans for network infrastructure and security solutions. Analyse network traffic and logs to identify and investigate security incidents and recommend remediation actions. Manage and maintain network security devices such as Firewalls, intrusion detection and prevention systems, and VPN concentrators. Design and implement network segmentation to enhance security and improve network performance. Create and maintain network and security policies, procedures, and standards. Conduct training sessions for clients and internal teams on network security best practices and policies. Work closely with vendors and service providers to manage and optimise network performance and security. Participate in the evaluation and selection of new networking and security products and technologies. Skills & Experience CCNP/CCNA certification is essential Experience with Cisco or Juniper networking technologies, including Routers, Switches, Firewalls, and wireless access points. Strong understanding of network protocols and services, including TCP/IP, DNS, DHCP, VPN, and VLANs. Familiarity with network monitoring and troubleshooting tools, such as Wireshark and SolarWinds. Experience with cyber security best practices and tools, such as Firewalls, intrusion detection and prevention systems, and vulnerability scanners. Excellent problem-solving and communication skills. Ability to work independently and as part of a team. Experience with cloud networking technologies, such as AWS or Azure networking. Familiarity with Scripting languages such as Python, Perl, or Bash to automate network tasks. Knowledge of virtualization technologies such as VMware, Hyper-V, or KVM. Experience with software-defined networking (SDN) technologies such as OpenFlow, Open vSwitch, or Cisco ACI. Strong knowledge of security compliance frameworks such as NIST, ISO 27001, and PCI DSS. Ability to mentor and train junior network engineers and security analysts. Experience with network automation tools such as Ansible, Chef, or Puppet. If you are passionate about network engineering and cyber security and want to make a meaningful impact in the public sector, we encourage you to apply for this exciting opportunity. Desirable: Experience with cloud networking technologies, such as AWS or Azure networking. Familiarity with Scripting languages such as Python, Perl, or Bash to automate network tasks. Knowledge of virtualisation technologies such as VMware, Hyper-V, or KVM. Experience with software-defined networking (SDN) technologies such as OpenFlow, Open vSwitch, or Cisco ACI. Strong knowledge of security compliance frameworks such as NIST, ISO 27001, and PCI DSS. Ability to mentor and train junior network engineers and security analysts. Experience with network automation tools such as Ansible, Chef, or Puppet. This role will require you to have or be willing to go through Security Clearance. As part of the onboarding process candidates will be asked to complete a Baseline Personnel Security Standard; details of the evidence required to apply may be found on the government website Gov.UK. If you are unable to meet this and any associated criteria, then your employment may be delayed, or rejected. Details of this will be discussed with you at interview. Benefits Methods is passionate about its people; we want our colleagues to develop the things they are good at and enjoy. By joining us you can expect: Autonomy to develop and grow your skills and experience Be part of exciting project work that is making a difference in society Strong, inspiring, and thought-provoking leadership A supportive and collaborative environment As well as this we offer: Development access to LinkedIn Learning, a management development programme, and training Wellness 24/7 confidential employee assistance programme Flexible Working including home working and part time Social office parties, breakfast Tuesdays, monthly pizza Thursdays, Thirsty Thursdays, and commitment to charitable causes Time Off 25 days of annual leave a year, plus bank holidays, with the option to buy 5 extra days each year Volunteering 2 paid days per year to volunteer in our local communities or within a charity organisation Pension Salary Exchange Scheme with 4% employer contribution and 5% employee contribution Discretionary Company Bonus based on company and individual performance Life Assurance of 4 times base salary Private Medical Insurance which is non-contributory (spouse and dependants included) Worldwide Travel Insurance which is non-contributory (spouse and dependants included) Enhanced Maternity and Paternity Pay Travel season ticket loan, cycle to work scheme For a full list of benefits please visit our website.
Request Technology - Craig Johnson
Oakland, California
*We are unable to sponsor for this Remote permanent role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Lead Cyber Security Penetration & Vulnerability Tester. Candidate will provide domain expertise in Penetration testing of Infrastructure and Networks, Web Applications, Cloud and Social engineering! In this role, the candidate will provide improved vulnerability analysis and contextual feedback to stakeholders to support the resolution of discovered vulnerabilities and facilitate risk awareness. Responsibilities: Penetration Testing and Red Team assessments Perform internal and external penetration testing of network infrastructure and applications Red team assessments including physical, social engineering, and network exploitation Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases Perform network reconnaissance, OSINT, social engineering, and physical security reviews Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards Effectively communicate findings and strategy to stakeholders, including technical staff and executive leadership Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement Purple Team and Adversary simulations Participate in regular Purple team exercises and perform adversary simulations to test defense controls Assist with scoping prospective engagements, leading engagements from kickoff through remediation Work closely with Blue team to test efficacy of existing alerts and help create new detection. Create findings reports and communicate to stakeholders Contribute to enhancing the team's toolkit Write custom scripts to automate tasks related to finding new vulnerabilities Maintain runbooks to continually improve penetration testing methodologies and threat modelling. The Red team is responsible for testing the overall strength of our organization's defenses (the technology, the processes, and the people) by simulating the objectives and actions of an attacker! This role provides domain expertise in Penetration testing of Infrastructure and Networks, Web Applications, Cloud and Social engineering, as well as Red Team and Purple Team internal engagements. Additionally, you will provide improved vulnerability analysis and contextual feedback to partners to support the resolution of discovered vulnerabilities and facilitate risk awareness. Qualifications : 8-10 years of experience in Penetration testing, Red Team and Purple Team Bachelor of Science in Engineering, Computer Science, Information Technology, or equivalent work experience Advanced knowledge in common penetration testing tools (Metasploit, Burp Suite, Cobalt Strike, Empire, KALI Linux etc.) Must have a demonstrable understanding of voice and data networks, major operating systems, Active Directory, cloud technologies Must demonstrate knowledge of MITRE's ATT&CK framework, execute and chain TTP's Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms. Ability to optimally code in a Scripting language (Python, Bash, PowerShell, Perl, etc.) OSCP 7+ to 10 years experience Seniority Level - Other Management Experience Required - No Minimum Education - Bachelor's Degree Willingness to Travel - Never
26/05/2023
Full time
*We are unable to sponsor for this Remote permanent role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Lead Cyber Security Penetration & Vulnerability Tester. Candidate will provide domain expertise in Penetration testing of Infrastructure and Networks, Web Applications, Cloud and Social engineering! In this role, the candidate will provide improved vulnerability analysis and contextual feedback to stakeholders to support the resolution of discovered vulnerabilities and facilitate risk awareness. Responsibilities: Penetration Testing and Red Team assessments Perform internal and external penetration testing of network infrastructure and applications Red team assessments including physical, social engineering, and network exploitation Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases Perform network reconnaissance, OSINT, social engineering, and physical security reviews Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards Effectively communicate findings and strategy to stakeholders, including technical staff and executive leadership Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement Purple Team and Adversary simulations Participate in regular Purple team exercises and perform adversary simulations to test defense controls Assist with scoping prospective engagements, leading engagements from kickoff through remediation Work closely with Blue team to test efficacy of existing alerts and help create new detection. Create findings reports and communicate to stakeholders Contribute to enhancing the team's toolkit Write custom scripts to automate tasks related to finding new vulnerabilities Maintain runbooks to continually improve penetration testing methodologies and threat modelling. The Red team is responsible for testing the overall strength of our organization's defenses (the technology, the processes, and the people) by simulating the objectives and actions of an attacker! This role provides domain expertise in Penetration testing of Infrastructure and Networks, Web Applications, Cloud and Social engineering, as well as Red Team and Purple Team internal engagements. Additionally, you will provide improved vulnerability analysis and contextual feedback to partners to support the resolution of discovered vulnerabilities and facilitate risk awareness. Qualifications : 8-10 years of experience in Penetration testing, Red Team and Purple Team Bachelor of Science in Engineering, Computer Science, Information Technology, or equivalent work experience Advanced knowledge in common penetration testing tools (Metasploit, Burp Suite, Cobalt Strike, Empire, KALI Linux etc.) Must have a demonstrable understanding of voice and data networks, major operating systems, Active Directory, cloud technologies Must demonstrate knowledge of MITRE's ATT&CK framework, execute and chain TTP's Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms. Ability to optimally code in a Scripting language (Python, Bash, PowerShell, Perl, etc.) OSCP 7+ to 10 years experience Seniority Level - Other Management Experience Required - No Minimum Education - Bachelor's Degree Willingness to Travel - Never
Services and Control Senior Analyst - Insurance Market Competitive Salary + Bonus + Benefits The Service and Controls Lead is part of the Technology Service Management function and helps leads and enable the definition and improvement of ITSM capability. This role enables our Technology Change Delivery Portfolios as well as BAU service delivery teams by driving and owning appropriate ITSM Controls and Governance to assure secure, stable, and performing technology services. The role leverages existing the client's enterprise service management process and controls capability, owning their localized implementation to support the GRSI Tech's strategy. As well, the role leads on the necessary improvements to address gaps and recommendations across the wider Audit, Cyber and IT controls frameworks. Key Responsibilities: Responsible for ITSM Controls and Governance enabling secure, stable and performing technology services. Implement and improve ITSM capability, reporting, controls, service integration and process support Provide appropriate service reporting on a regular basis to achieve targets, continuously improve and deliver excellent customer service Share best practice and coach on ITSM, increasing the internal body of knowledge Develop quality, exec-ready management information, presentations, proposals, and reports Helps drive the ITSM Strategy for GRSI Technology working in coordination with Enterprise SMO, as well as GRS Tech. Engineering, Resilience and support teams Drive the necessary improvements to address gaps and recommendations relating to ITSM across the wider Audit, DT Cyber and IT controls frameworks Compliance & Strategic Alignment Ensure appropriate technology controls are implemented and regularly tested in line with the client, GRSI, GRS and GDS practices Align to Company and GRS technology delivery functions to ensure the service management team operates in compliance with all relevant standards, processes and procedures Demonstrate behaviours as set out in the Conduct Risk Policy in alignment with company commitment to placing customers at the centre of our business and behaving with integrity Service Management Support Service Delivery Team leads and Managers with robust ITSM practices and process support Oversee and evolve Major and High Priority Incident Management Drive adoption of Problem Management and Continual Improvement Engage with business leaders to ensure Services are understood and appropriate, evolving our service catalogue and service level agreement framework Ensure appropriate service level reporting and dashboards as required Chair the service review process with customers and key stakeholders Enhance the Supplier Management practices, ensuring formal inventory of vendor contracts and active management of all contracts with a strong commercial mindset Service Operations Support Act as an escalation point for major incident and problem management; Take ownership of critical incidents, coordinating with resolution parties, and establishing effective communication between stakeholders for post-incident reviews Ensure appropriate risk and impact assessments are Embedded and performed in Change Management and CAB processes Collaborate with the Desktop Support, Cloud and Infrastructure Engineering Managers to ensure team priorities are aligned with the ITSM strategy Information Security Management Devise measures to protect company data from both internal and external threats Take part in day-to-day monitoring for activities, implement defensive protocols, and report incidents in line with security best practices Contribute to security guidelines, procedures, standards, and controls documentation Continuous Improvement, Governance & Delivery Own ITSM capability and service improvement roadmaps, enhancing service management processes, governance, tools, reporting and compliance Act as Product Owner for ITSM Processes and Tooling maintain a backlog of all related initiatives aligned to the Agile Portfolio Office Actively manage risks and issues in the ITSM area, developing mitigation plans/actions and remediation planning sessions, logging and escalating where appropriate Review practices to ensure consistency with policies, compliance regulations and control requirements, providing direction and changes as needed and ensuring alignment with business objectives and industry trends Champion, coach and promote the sharing of best practice on ITSM, increasing the internal capability and body of knowledge Develop and maintain Service management operational policies, standards, procedures, and guidelines where applicable Skills and Experience Experienced Service Management professional ITIL qualifications - preferably ITIL Expert, or Strategic Leader Excellent interpersonal and customer service skills with a passion for service excellence and a track record of continuous service improvement Strong leadership ability and team spirit with exceptional skills in motivating, coaching and supporting team members to deliver success outcomes Demonstrable experience of internal and external stakeholder engagement Exposure to financial and vendor management Strong organisational skills with an ability to balance and prioritise multiple initiatives at once, and to work under pressure when necessary Apply today with your most up to date CV. If this role isn't quite what you are after but know someone who may be relevant, we offer a referral scheme for any successful recommendations. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.
26/05/2023
Full time
Services and Control Senior Analyst - Insurance Market Competitive Salary + Bonus + Benefits The Service and Controls Lead is part of the Technology Service Management function and helps leads and enable the definition and improvement of ITSM capability. This role enables our Technology Change Delivery Portfolios as well as BAU service delivery teams by driving and owning appropriate ITSM Controls and Governance to assure secure, stable, and performing technology services. The role leverages existing the client's enterprise service management process and controls capability, owning their localized implementation to support the GRSI Tech's strategy. As well, the role leads on the necessary improvements to address gaps and recommendations across the wider Audit, Cyber and IT controls frameworks. Key Responsibilities: Responsible for ITSM Controls and Governance enabling secure, stable and performing technology services. Implement and improve ITSM capability, reporting, controls, service integration and process support Provide appropriate service reporting on a regular basis to achieve targets, continuously improve and deliver excellent customer service Share best practice and coach on ITSM, increasing the internal body of knowledge Develop quality, exec-ready management information, presentations, proposals, and reports Helps drive the ITSM Strategy for GRSI Technology working in coordination with Enterprise SMO, as well as GRS Tech. Engineering, Resilience and support teams Drive the necessary improvements to address gaps and recommendations relating to ITSM across the wider Audit, DT Cyber and IT controls frameworks Compliance & Strategic Alignment Ensure appropriate technology controls are implemented and regularly tested in line with the client, GRSI, GRS and GDS practices Align to Company and GRS technology delivery functions to ensure the service management team operates in compliance with all relevant standards, processes and procedures Demonstrate behaviours as set out in the Conduct Risk Policy in alignment with company commitment to placing customers at the centre of our business and behaving with integrity Service Management Support Service Delivery Team leads and Managers with robust ITSM practices and process support Oversee and evolve Major and High Priority Incident Management Drive adoption of Problem Management and Continual Improvement Engage with business leaders to ensure Services are understood and appropriate, evolving our service catalogue and service level agreement framework Ensure appropriate service level reporting and dashboards as required Chair the service review process with customers and key stakeholders Enhance the Supplier Management practices, ensuring formal inventory of vendor contracts and active management of all contracts with a strong commercial mindset Service Operations Support Act as an escalation point for major incident and problem management; Take ownership of critical incidents, coordinating with resolution parties, and establishing effective communication between stakeholders for post-incident reviews Ensure appropriate risk and impact assessments are Embedded and performed in Change Management and CAB processes Collaborate with the Desktop Support, Cloud and Infrastructure Engineering Managers to ensure team priorities are aligned with the ITSM strategy Information Security Management Devise measures to protect company data from both internal and external threats Take part in day-to-day monitoring for activities, implement defensive protocols, and report incidents in line with security best practices Contribute to security guidelines, procedures, standards, and controls documentation Continuous Improvement, Governance & Delivery Own ITSM capability and service improvement roadmaps, enhancing service management processes, governance, tools, reporting and compliance Act as Product Owner for ITSM Processes and Tooling maintain a backlog of all related initiatives aligned to the Agile Portfolio Office Actively manage risks and issues in the ITSM area, developing mitigation plans/actions and remediation planning sessions, logging and escalating where appropriate Review practices to ensure consistency with policies, compliance regulations and control requirements, providing direction and changes as needed and ensuring alignment with business objectives and industry trends Champion, coach and promote the sharing of best practice on ITSM, increasing the internal capability and body of knowledge Develop and maintain Service management operational policies, standards, procedures, and guidelines where applicable Skills and Experience Experienced Service Management professional ITIL qualifications - preferably ITIL Expert, or Strategic Leader Excellent interpersonal and customer service skills with a passion for service excellence and a track record of continuous service improvement Strong leadership ability and team spirit with exceptional skills in motivating, coaching and supporting team members to deliver success outcomes Demonstrable experience of internal and external stakeholder engagement Exposure to financial and vendor management Strong organisational skills with an ability to balance and prioritise multiple initiatives at once, and to work under pressure when necessary Apply today with your most up to date CV. If this role isn't quite what you are after but know someone who may be relevant, we offer a referral scheme for any successful recommendations. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.
We are seeking x2 talented Linux Engineers to join a cyber security software provider located globally that needs your help for a national contract they've just won. They have recently expanded from the UK over to the Netherlands, Switzerland and now Sydney, with even more growth happening! You will be supporting the implementation and operation of 1200 new secure gateways across this client, interface with customers and maintain technical relationships, analyse existing customer networks and designs to identify opportunities for improvements as well as designing solutions to be deployed and integrated into a railway environment with customers! Salary depending on experience can reach up to 90k, you will need to attend the site in Utrecht 1 day per week, the rest you can operate remotely. There are some fantastic benefits, with expenses covered, allowances and a pension to rival any, 20% contribution! Flexitime and opportunity for 4 day working week! They are a company that truly looks after their employees Knowledge and experience needed: Experience with Linux and IP-based Networking Strong skills with Python, Bash, Ansible and/or Rust Strong verbal and written communication skills Strong customer focus
26/05/2023
Full time
We are seeking x2 talented Linux Engineers to join a cyber security software provider located globally that needs your help for a national contract they've just won. They have recently expanded from the UK over to the Netherlands, Switzerland and now Sydney, with even more growth happening! You will be supporting the implementation and operation of 1200 new secure gateways across this client, interface with customers and maintain technical relationships, analyse existing customer networks and designs to identify opportunities for improvements as well as designing solutions to be deployed and integrated into a railway environment with customers! Salary depending on experience can reach up to 90k, you will need to attend the site in Utrecht 1 day per week, the rest you can operate remotely. There are some fantastic benefits, with expenses covered, allowances and a pension to rival any, 20% contribution! Flexitime and opportunity for 4 day working week! They are a company that truly looks after their employees Knowledge and experience needed: Experience with Linux and IP-based Networking Strong skills with Python, Bash, Ansible and/or Rust Strong verbal and written communication skills Strong customer focus