47 joburi disponibile

Network Engineering Manager/Team Lead Role: Network and Security Team Lead Industry: Financial Services Salary: £75,000 - 85,000 + benefits Location: City of London I'm currently working with a hugely successful financial services company that are looking to hire a Network Engineering Manager/Team Lead Network and Security Team Lead to manage their Network team whilst remaining hands on with the technology! This team is responsible for the full life cycle of the network, so your day to day would include: Man-management of a team of 3 Senior Network Engineers Running network strategy meetings Overseeing the network architecture Assisting with project and support work when necessary The ideal candidate will have the majority of the below: Experience managing and leading technical Network teams A CCNP or CCIE qualification Experience with network security (Firewalls, cyber security, regulation) A strong technical background with the ability to perform 3rd line network engineering when necessary Network Engineering Manager/Team Lead Please apply below or contact me directly To find out more about Huxley, please visit our website. Huxley, a trading division of SThree Partnership LLP is acting as an Employment Agency in relation to this vacancy

You will be working for a global, organisation based in London that are looking to expand their Cyber Security Incident Response Team (CSIRT) within their developed investigatory function. At the higher end of the salary banding you'd be expected to lead the response process, investigating threats and remediating damage caused using your forensic skills, bringing in other members of their expansive team as/when required in addition to supporting cyber functions. The cyber-attacks the business regularly faces can range from low-level trojans, phishing attacks and ransomware all the way up to sophisticated and targeted APT-style attacks involving nation-state actors so for this reason a technical appreciation of network and network security infrastructure in addition to threat intelligence would be highly beneficial. At the lower end, some experience in an incident response role would be a minimum requirement but this should be supplemented by some hands-on forensics knowledge (eg memory forensics, malware analysis, PCAP analysis). You will also need to build relationships with stakeholders both within the business and external public sector bodies, working with their Cyber Security specialists to create a symbiotic and collaborative environment for the alleviation of adversarial intrusions. There would also be a more strategic element to the role where you would have autonomy over bringing in tools, services and resources as/when required. There is no man-management in this role of any kind. Skills I'll be looking out for are: Cyber Incident Response (CSIRT/CERT), Network Forensics, Windows Forensics, Mobile Device Forensics, Threat Hunting, Threat Intelligence (Consumption & Production), Malware Analysis (Static, Dynamic & Reverse Engineering) inclusive of reverse engineering in addition to general client-facing/soft-skill abilities. You don't need to have all of these but at a minimum, some Incident Response and Forensics experience would be a baseline requirement. They're pretty tool agnostic so if you specialise in one they do use, then great but if not they're more than happy to train you up to fill gaps in solution knowledge. If you feel this role would be of interest to you, please do not hesitate to apply. Computer Futures, a trading division of SThree Partnership LLP is acting as an Employment Agency in relation to this vacancy

Network Engineer Based in Bristol Permenant opportunity Competitive Base salary Must hold active SC Clearance to gain access to client site. Job Description You will be working on the Enterprise Security team, whose primary objective is to design and build sophisticated infrastructure systems that are delivered into defence, government and public sector organisations. The role requires an excellent working knowledge of network and systems infrastructure technologies to design, deliver and maintain complex IT systems. You will be a member of a specialised engineering team that is responsible for the on-going systems engineering efforts across multiple active projects and bids. You should be comfortable working on multiple systems engineering life cycle phases including architectural design, detailed system/subsystem design, implementation and customer facing testing. You must have a strong all round technical ability with an excellent working knowledge of network security technologies. Current on-going projects will require an awareness of cyber security capabilities. Mandatory Skills Network Design to HLD & LLD level of detail. Cyber security fundamentals & key concepts Network taps & traffic aggregation - fundamental knowledge of key concepts. To include any of the following: packet level analysis using wireshark or tcpdump, physically inline Proxy/Firewall/IPS deployment, policy based routing, SPAN/RSPAN/ERSPAN configuration. Implementation & design experience using industry standard network protocols: IPSec VPN, OSPF, NTP, RADIUS & SNMP. Expert level of experience in at least one Next Generation Firewall product eg Palo Alto, Fortinet, Juniper. Advantagous Skills Network taps & traffic aggregation - advanced level knowledge. To include any of the following: Netscout/VSS/Gigamon/IXIA products, VLAN tagging/stripping, de-duplication, timestamping, packet slicing, header stripping, design experience identifying suitable tap placement. Secure systems architecture design concepts. Implementation or support of intrusion detection/prevention systems eg Cisco Firepower. Experience of other cyber security tools eg RSA Netwitness, Nessus, Kali Linux, Security Onion or enterprise level SIEMs. Cryptography, PKI technologies & implementation of certificate based solutions. Industry qualifications to CCNP/JNCIS level. Experience working on large projects, applying systems engineering life cycle.

Security Operations Engineer | Remote working/West London Office Up to £50,000 + Fantastic Benefits + Bonus + Remote Working Security Operations Engineer opening with a global company who create market leading web-based insight products. The role will initially be fully remote. As a Security Operations Engineer, you will be part of the Information & Cyber Security Operations team which help improve the clients security positioning and mitigate risk to the company ASAP by researching, implementing/engineering and improving security products. You will take responsibility of security tools and projects whilst participating in the ongoing security transformation programme as well as identifying and improving security gaps or weaknesses. They are open to a varied background in security operations but you must have specialist knowledge of one or more of the following - cloud technologies, Internet security, networking protocols or experience with software development. You will also have taken relevant courses, or gained specific certifications inline with these. Other experience will include: Experience deployment/implementation of IT and security tools and processes Microsoft Office 365 SANS Top 20 Controls Microsoft Active Directory MITRE ATT&CK Matrix SIEM tools (Splunk, ELK, IBM QRadar, LogRhythm, ArcSight, RSA NetWitness) Networking & Firewalls (Cisco, Palo Alto, Checkpoint) Access & Identity Management (BeyondTrust, IBM) Privileged Access management (CyberArk, Osirium, Thycotic, Bomgar) Their office is based in West London with easy transport links. The role will be initially based from home full time. You will receive 25 days leave, a great bonus scheme and a flexible benefits package. On the last Friday of the month the whole company finish at 2pm, and 4pm on all other Fridays. Other benefits include, subsidised masseuse and osteopath (Visits office weekly), Travel and Parking Season Ticket Loan, Fruity Wednesdays, your birthday off, free use of company gym and critical illness cover. If this sounds like something that you might be interested in send me your CV ASAP so that we can arrange a time to speak! Security Operations Engineer | Remote working/West London Office Up to £50,000 + Fantastic Benefits + Bonus + Remote Working People Source Consulting Ltd is acting as an Employment Agency in relation to this vacancy. People Source specialise in technology recruitment across niche markets including Information Technology, Digital TV, Digital Marketing, Project and Programme Management, SAP, Digital and Consumer Electronics, Air Traffic Management, Management Consultancy, Business Intelligence, Manufacturing, Telecoms, Public Sector, Healthcare, Finance and Oil & Gas.

Security Engineer | Remote working/West London Office Up to £50,000 + Fantastic Benefits + Bonus + Remote Working Security Engineer opening with a global company who create market leading web-based insight products. The role will initially be based fully remote, eventually moving to 3-4 days in their West London office. As a Security Operations Engineer, you will be part of the Information & Cyber Security Operations team which help improve the clients security positioning and mitigate risk to the company ASAP by researching, implementing/engineering and improving security products. You will take responsibility of security tools and projects whilst participating in the ongoing security transformation programme as well as identifying and improving security gaps or weaknesses. They are open to a varied background in security operations but you must have specialist knowledge of one or more of the following - cloud technologies, Internet security, networking protocols or experience with software development. You will also have taken relevant courses, or gained specific certifications inline with these. Other experience will include: Experience deployment/implementation of IT and security tools and processes Microsoft Office 365 SANS Top 20 Controls Microsoft Active Directory MITRE ATT&CK Matrix SIEM tools (Splunk, ELK, IBM QRadar, LogRhythm, ArcSight, RSA NetWitness) Networking & Firewalls (Cisco, Palo Alto, Checkpoint) Access & Identity Management (BeyondTrust, IBM) Privileged Access management (CyberArk, Osirium, Thycotic, Bomgar) Their office is based in West London with easy transport links. Given the current situation with the Corona Virus, the role will be initially based from home full time. Moving forward, this will be based at Head Office, with 1-2 days working from home. You will receive 25 days leave, a great bonus scheme and a flexible benefits package. On the last Friday of the month the whole company finish at 2pm, and 4pm on all other Fridays. Other benefits include, subsidised masseuse and osteopath (Visits office weekly), Travel and Parking Season Ticket Loan, Fruity Wednesdays, your birthday off, free use of company gym and critical illness cover. If this sounds like something that you might be interested in send me your CV ASAP so that we can arrange a time to speak! Security Engineer | Remote working/West London Office Up to £50,000 + Fantastic Benefits + Bonus + Remote Working People Source Consulting Ltd is acting as an Employment Agency in relation to this vacancy. People Source specialise in technology recruitment across niche markets including Information Technology, Digital TV, Digital Marketing, Project and Programme Management, SAP, Digital and Consumer Electronics, Air Traffic Management, Management Consultancy, Business Intelligence, Manufacturing, Telecoms, Public Sector, Healthcare, Finance and Oil & Gas.

UK CSIRT Senior Analyst The Senior CSIRT Senior Analyst will provide technical support to the Global Cyber Security Operations Centre for security detection and mitigation activities. Primary duties include leveraging advanced expertise with security tools to lead CSIRT Analysts in the investigation of cyber threats, effectively engaging CSIRT Analysts, Incident Managers, Forensics and other key stake holders to efficiently mitigate cyber incidents and providing technical mentoring and direction to enhance the response capabilities. The Senior CSIRT Analyst will provide insight to the company's security infrastructure and technologies, helping to design, and implement detection and mitigation controls and detection capability for the CSIRT team. The role will also serve as a technical liaison to engineering and tool support groups The Senior CSIRT Analyst will: Provide technical leadership and support to the CSIRT analysts. Effectively engage other response services teams and management to better mitigate cyber threats Develop and leverage advanced tool skills to increase detection and response capabilities The Senior CSIRT Analyst will possess experience in many of the following: Extensive experience in Cyber Security, specifically monitoring, detection and incident response duties. Strong experience with operating security monitoring platforms (SIEM) alongside the creation, tuning and management of the associated rulesets Ability to coordinate and respond to security incidents using commercial/open source technologies. Experience with Incident Response methodology in investigations, and the groups behind targeted attacks and tactics, techniques, and procedures (TTPs) Comprehension of how attacks exploit operating systems and protocols Experience performing malware analysis and the associated principles. Solid understanding of networking protocols and infrastructure designs; including cloud infrastructures, routing, Firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network devices Hands-on experience with security technologies, including: Endpoint Detection & Response tools (EDR) Intrusion Detection & Prevention (IDP) Security Information & Event Management (SIEM) Network Analysis tools - Wireshark, tcpdump Experience with Scripting in Python, Bash, Powershell, Strong understanding of network protocols (TCP/UDP) Experience in forensic analysis and the associated principles. Ability to summarize events/incidents effectively to different constituencies such as legal counsel, executive management and technical staff, both in written and verbal forms. Host Based Investigations - Log File and Memory Investigations Email Investigations - Including Header Analysis, Office Doc Investigations and Macro Extraction Basic Malware Analysis - Static and Dynamic analysis YARA rule writing Analysis of Event Logs Experience with penetration testing and the associated principles Solid understanding of Windows and Linux Operating Systems Strong understanding of TCP/IP and underlying network protocols Qualifications welcome: Technical qualifications should include but are not limited to: First degree in a computer related discipline or equivalent experience SANS certified Forensic Analyst (GCFA), Reverse Engineering Malware (GREM), Cyber Threat Intelligence (CTI), SANS certified Incident Hander (GCIH), SANS certified Intrusion Analyst (GCIA) or equivalent. Key Interfaces: CSIRT Analysts CSIRT Manager (UK & US) Incident Management Team (UK & US) Threat Intelligence Team Penetration Testing Team Security Engineering Function IT partners and Service providers (Service Delivery & Major Incident Management) OT Technical support Core Business Skills: Excellent stakeholder management covering colleagues, partners/vendors and project sponsors. Experience of managing and responding to information security, or cyber security, incidents in a large enterprise environment; background of information security incident management and response; Experience interacting as an information security incident responder with internal business functions, eg legal, Ethics, HR and physical security.

CYBER SECURITY & NETWORK ENGINEER - LINE FIREWALL - 365 - HEALTHCARE - ESSEX - £32-40K + Our client is a leading UK Healthcare organisation with offices in Essex. Due to continued growth they now urgently need a CYBER SECURITY ENGINEER - 2ND/3RD LINE FIREWALL - 365 - HEALTHCARE - ESSEX KEY TASKS AND RESPONSIBILITIES: Cyber Security Firewall and infrastructure management Effective WSUS and patch management Sophos endpoint security Remote access + mobility solutions Monthly MI Report Daily/weekly monitoring Management of back-up process - Office 365 Success/failure Testing Recovery Management of Windows Servers, Office 365 environment Installation and configuration of existing and new hardware and software (Back End) Testing/UAT Effective rollout and release procedures Assist Head of IT with network management, monitoring and reporting Assist Head of IT in research and testing of new technologies to be used by the IT Department and employees Assist Service Desk team in their core tasks and duties Advanced problem solving with other members of the team To assist colleagues with knowledge transfer Manage documentation for current and new procedures In return you will get the opportunity to develop and progress with an expanding company bucking the trend and one that rewards achievers Shortlisting today so make contact to find out more

IAM/Patching Consultant An amazing opportunity to work for an organisation that creates innovative and technical solutions, in order to provide essential information to customers globally. Our client are now looking for an IAM specialist to join their access management team. The organisation uses large, diverse and challenging estates and therefore are looking for an engineer to aid in building and maintaining robust automated IAM systems, in support of their premise, SaaS and cloud based services. What the role entails: Building an identity and access management strategy that support cloud services. Define identity and access management life cycle and RBAC controls for new and Legacy systems Support the automation of JML for customer and employee access Setup and implement patches to various server and PC environments Contributing to the continuous improvement and development of the corporate identity and access management services To be considered for the role, you will require the following: Must currently hold Valid SC Clearance Good knowledge of best practices in Identity and Access Management system design and maintenance Extensive knowledge and skills in building and maintaining access management/SSO system Demonstrable experience of low level design and implementation of hybrid identity access management solutions spanning on premises and cloud Experience of WSUS, SCCM and whitelisting Organised and structured approach to work with experience in defining technical IAM work work packages Ability to manage stakeholder relationships at all levels Exposure to writing and managing code developed in Java Javascript, Python, Powershell Desirable attributes would include: Experience with identity and Access management Governance solutions 2+ years of IT/Cybersecurity/information security experience Extensive experience with databases, application Servers, operating systems and networking infrastructure Experience of agile development ServiceNow skills in creating Business Workflows in support of JML Processes and customer portals for self management Keywords: IAM, infrastructure, Security, network, consultant, specialist, AWS, cyber, security, clearance, cleared, Identity, Access, Management, System Qualserv Consulting Ltd is acting as a Recruitment Consultancy/Employment Agency in relation to this vacancy and advert. Qualserv Consulting is an Equal Opportunities Employer

RHEL Linux Systems Engineer/Administrator Our client, a prestigious organisation, providing innovative and technical support for their customers globally, are now looking for 3 skilled Redhat Linux System Engineer. This contract is for 9 months and successful candidates will be involved in critical infrastructure assignments and have the opportunity to develop their skills on various range of technologies. What the role entails: Building platforms for introduction into operational use Manage process and undertake various practices to support operational platforms Design procedures for automating support for Red Hat Linux systems Aid cyber security activities within teams To be considered for the role, you will require the following: Extensive experience managing Linux systems and willingness to further enhance skills Enthusiasm towards solving abstract IT problems Structured approach to work Good communications skills Excellent Team working skills Desirable attributes would include: Knowledge of: red hat network, puppet, python, Shell Scripting, networking, configuration management Have knowledge of information system related standards, ie ITIL Experience of automation services Keywords: RHN, engineer, administrator, Linux, windows, Redhat, red, Python, RHEL, support, admin, analyst Qualserv Consulting Ltd is acting as a Recruitment Consultancy/Employment Agency in relation to this vacancy and advert. Qualserv Consulting is an Equal Opportunities Employer

Für unseren Kunden, ein vertrauenswürdiger Mobilitätsdienstleister mit dem Sitz in Bern, suchen wir ab sofort oder nach Vereinbarung eine Verstärkung. Das können Sie bewegen: Sie tragen massgebend dazu bei, DASS das internes Angebot an Application Security Services wächst und den Sicherheitsansprüchen entspricht. Sie erweitern die zentrale CI/CD-Pipeline mit automatisierten Security Checks, nach der Devise: einfach, sicher, wiederverwendbar. Ihr Wissen lassen Sie in die Application Security Trainings einfliessen und tragen damit einen massgeblichen Teil zur Steigerung der Security Awareness der Softwareentwickler bei. Sie arbeiten eng mit den Auftraggebern bei der Beurteilung der Cyber-Risiken zusammen und beraten sie, welche geeigneten Gegenmassnahmen sie ergreifen sollen. Sie ergreifen die Initiative und unterstützt der Entwicklungsteams in einem der ca. 200 Projekte und Produkte. Das bringen Sie mit: Als leidenschaftlicher DevOps Security Engineer haben Sie gute Kenntnisse in Cloud- und Container Security und haben Lust, mit dem Kunden die Schweiz zu bewegen. Erfahrung in Security-Automatisierungslösungen (SAST, DAST, Secret Store usw.) sowie Zertifizierungen wie CSSLP, CISSP, CISA o. ä. sind von Vorteil. Sie besitzen einen ETH/Uni/FH Abschluss und verstehen die technischen Details der gängigen Angriffe auf Applikations-Layer und sind in der Lage zu erklären, wie diese vermieden werden können (OWASP Top 10). Sie haben bereits mehrere Tätigkeiten in Ihrem (Arbeits-)Leben automatisiert und haben sich damit Zeit für Neues geschaffen (Java, Python, JavaScript von Vorteil). Sie arbeiten gerne eigenverantwortlich und strukturiert und bringen eine grosse Portion Neugierde und Durchhaltewillen mit. Dabei können Sie sich mühelos in Deutsch und Englisch verständigen. Nebst den Fähigkeiten zu konzeptioneller Tätigkeit sowie Beratung und Lösung von komplexen Problemen, wissen Sie wie Vorhaben umgesetzt werden (Scrum, Agile, DevOps, Kanban). Sie sind flexibel und nutzen die Möglichkeit von Work Smart, um auch unterwegs oder von zu Hause aus zu arbeiten. Zusätzliche Informationen Bitte schicken Sie neben Ihren Lebenslauf auch Ihre Zeugnisse und Diplome mit.

Bridewell Consulting is a fast-growing Cyber Security and Data Privacy company. Bridewell have a strong track record for delivering complex security projects and providing excellent customer service. Bridewell have an exciting and varied portfolio of clients across Financial Services, Manufacturing, Oil & Gas and Government. We assist our clients by providing a full range of security services across information security, cyber security, technology risk, security testing and data privacy. Our vision is to be the UK's leading Information Security consultancy trusted across all sectors for providing high calibre expertise and excellent customer service. Description We are looking for a Senior/Principal Cyber Security Consultant with substantial experience of Industrial Control Systems and working within Operational Technology. The role will be to work with Bridewell's clients helping them to design or review their Operational Technology and ensuring appropriate security controls are in place. Those who have come from an engineering background and then moved into Cyber Security are of interest as a lot of the work is working directly with clients Engineering teams. Successful candidates will have good technical ability as well as excellent communication and leadership skills. Preferred experience in the Energy Sector. Responsibilities Advising clients on appropriate security controls in their OT environments Reviewing OT environments, providing feedback on risk and providing appropriate security advice Helping to architect secure OT environments across a wide range of clients Working with Bridewell's other security teams to ensure a joined-up approach to client delivery Working with Clients to understand the threats to their business and develop effective security solutions Supporting Bridewell's Directors, Associate Directors and Sales team to identify and deliver on sales opportunities Bridewell Consulting will provide a great career opportunity with continual development as well as the following; Competitive Salary Profit Share Scheme Dedicated training budget 25 days holiday Private Healthcare Flexible Working

*This role can be a possible remote role for the right candidate* Prestigious Enterprise Company is currently seeking a Cyber Security Architecture Lead with strong Cloud, Infrastructure, and Application Security experience. Candidate will be responsible for engaging IT projects to prescribe protection measures for new and redesigned IT solutions, identifying pre-production technical security control deficiencies, subscribing IT solutions to enterprise technical security platforms, developing and maintaining a technical controls framework, and designing technical hardening standards. Candidate will work with the project team to define the scope, work effort, and deliverables for the security engineering engagement and will oversee multiple engagements executing in parallel. In addition to being an individual contributor, the lead cyber security Architect has overall responsibility for delivering multiple technical design engagements on-time and on-budget, and is expected to effectively exercise leadership and guidance to enable the team's success. Responsibilities: Design, build, and lead a team that ensures the security of enterprise data and systems by specifying requirements for technical security controls for all enterprise information technology development initiatives. Develop a capability to design, implement, and continuously update a technical security control requirements model supporting enterprise information security policies and standards, enterprise technology strategy, enterprise technology architecture and patterns, information security industry best practices, emerging information security technologies, and relevant laws and regulations (eg HIPAA, Sarbanes-Oxley, GLB, and others.) Develop a capability to evaluate the architecture and design of existing and proposed information technology systems against the enterprise technical security control requirements model. Enable the organization to identify any gaps between specific technical security requirements and the architecture of a given system and provide detailed technical recommendations on appropriate design or architecture improvements. Develop a capability to assist the organizations responsible for the architecture, design, implementation, and deployment of technical security controls by providing virtual team resources and knowledge sharing to enterprise information technology development initiatives. Develop a capability to verify that the requirements for technical security controls were addressed correctly and that all recommendations were implemented effectively (this includes collecting necessary information, verifying the accuracy of the information, testing the solution, and building an assurance argument). Serve as a cyber security subject matter expert, assessing the business impact of cyber security risks to the enterprise and identifying options and recommendations for mitigating those risks. Identify security control requirements for technology initiatives and deliver effective and practical solutions to meet those requirements in alignment with the overall objectives of the project and the business. Work with Enterprise Architects and other functional area architects and security specialists to ensure adequate security solutions are in place throughout all IT systems and platforms to mitigate identified risks sufficiently and support business objectives. Serve as an expert in platform, application, storage, network, virtualization, cloud and mobile security best practices. Exercise thought leadership in the creation and maintenance of security architectures/design patterns. Develop technical designs for a project to meet information security requirements based on approved security architectures/design patterns. Resource planning and engagement management. Service development and improvement. Communicate and interact effectively and professionally with co-workers, management, internal and external customers and partners. Communicate cyber security risks and solutions to various technical and non-technical audiences and levels of management. Maintain communication with management regarding development within areas of assigned responsibilities and perform special projects as required or requested. Develop strong working relationships with and offer continuous assistance and thought leadership to other leaders in the information technology organization. Continuously track and report the status of all capability development and service delivery efforts through boardroom-quality visual communication deliverables. Comply with HIPAA, Diversity Principles, Corporate Integrity, Compliance Program policies and other applicable corporate and departmental policies. Qualifications: Strong working understanding of enterprise technologies, operations, and architectural principles and models. Knowledge of virtualized data center architectures and operations, SOA-type deployments, web services and multi-tier web applications, and technologies supporting Intranet, Extranet, and remote access services. Must be able to evaluate disparate IT system architectures and designs in Real Time and recommend appropriate security control and countermeasure solutions. Strong working understanding of contemporary security theory and application (including vulnerabilities, exploitation techniques and attack vectors). Knowledge of laws, regulations, and standards relevant to the US Healthcare industry. Externally recognized information security industry thought leadership and innovation accomplishments desired but not required. Bachelor's or Master's Degree in Computer Science, Information Systems, or other related field (or equivalent work experience). Technical certification such as GIAC or CISSP is strongly preferred. 8 years of hands-on experience in the information security field with expert knowledge of platform, application, storage, data, network, virtualization, cloud and mobile security. 2 years of experience in information security solution engineering or security service delivery. 2 years of leadership experience with planning and managing security engagements and/or leading a team of technical resources.

Prestigious Fortune 500 Company is currently seeking a Security Orchestration and Automation Response Developer. Candidate is responsible for the delivery of all Security Orchestration, Automation and Response activities. Responsibilities: Closely support and collaborate with other Security Operations Center teams to identify requirements, develop playbooks on the Phantom and Resilient platforms to accomplish the requirements, test playbooks, communicate/coordinate the release of playbooks with affected customers and stake-holders, then release developed automations. Python development, credentials management, Firewall Change Requests, etc. Build strong partnerships with technical dependency teams Light project management Expert-level technical hands-on work Mentoring other platform engineers in OS, networking, IT operations Tracking and driving to completion all of the SOAR development focus group's deliverables Qualifications: Bachelors and/or Master's Degree or equivalent experience in Information Security, Engineering, Computers Science, or related field Have 5+ years experience in application care: admin, patching, vendor support interactions, etc. Have 5+ years experience in network fundamentals mastery: OSI/DoD network models Ethernet IPv4/IPv6 typical layer 3 and 4 protocols associated with IP application layer protocol knowledge stateful inspection Firewalls etc. Have 5+ years experience in security operations center related disciplines: threat Intel, vulnerability management, penetration testing, incident handling (preferred), etc... 2+ years programming/software development: procedural and OO programming, Scripting, RESTful/SOAP API. Most of our work is with Python, so Python programming is necessary. 5+ years SOAR development experience. Preferred candidates will be well versed in Splunk/Phantom. Outstanding customer service attitude and skill. Moderate familiarity with Splunk and Splunk Enterprise Security. Passion for constant self-improvement and learning Familiar with industry standard security best practices for information security and cyber security operations

Bachelor/Master Degree of electrical engineering, computer science or similar 3-5 years of experience in development as software/hardware or systems engineer or feature/function owner. Solid understanding of automotive bus technologies and trends (eg ADAS, Automotive Ethernet, CAN, Flexray, Ethernet). Good understanding of systems workflow and its relation to requirements management. Good understanding of system elements on vehicle level for features (Electrical, Software, Mechanical engineering). Good understanding of automotive and safety-related functions process. Good understanding of automotive standards like A-SPICE and ISO 26262 and cybersecurity standards. General understanding of ISO 21434, classic and adaptive AUTOSAR, and Embedded SW development process. Knowledge of Enterprise Architect/Rhapsody is a plus. Team Player, pro-active and good communication skills (taking complicated things and explain them in easy-to-understand manner, talent in showing ideas graphically) Fluent English language skills. German, French or Swedish is a plus! Enjoys investigating, asking questions, take initiative!

This dynamic technology solutions company has an immediate need for a Pre-Sales Senior Solutions Architect for the Greater Houston territory. This role will be responsible for mapping business requirements to technical solutions. The ideal candidate will have the following qualifications: Minimum of 5 years of related industry experience with at least 2-4 years of pre-sales experience Strong background with Cisco portfolio of solutions and general experience with: data center networking, WAN architecture/design, wireless solutions, cybersecurity architecture, software-defined networking, etc. Experience in complex technology projects using PMBOK, Lean, ITIL or Agile methodologies Must enjoy cultivating new relationships and sales leads Excellent verbal and written communication skills Strong technical expertise on multi-technology and infrastructure design and implementation Extensive vendor engagement and research and development experience Bachelor's Degree or equivalent in Accounting, Math, Business Administration, Engineering, Computer Science or equivalent combination of education and experience Responsibilities include: Develop technical capability across a broad range of products, services, and solutions Map business needs to technology solutions Utilize excellent verbal and written communication skills with the ability to develop strong client relationships Utilize analytical skills and proven ability to work with a client to understand requirements and define appropriate solutions Collaborate with team members and other resources within the organization Communicate and lead client discussions and meetings at a business and technical level Must have good project and time management skills This well-established company offers extremely generous compensation plan and excellent benefits. Send your resume today!

Incident Response/Forensics Engineer Responsibilities Design, build, run, and own infrastructure and automation to detect, contain, and eradicate security threats. Lead the Computer Incident Response Team (CIRT) in responding to active and time-sensitive threats including communications and coordination across different teams. Work closely with other members of the Information Security team to lead changes in the company's defense posture. Develop new and novel defense techniques to identify and stop advanced adversary tactics and techniques. Perform forensics on network, host, memory, and other artifacts originating from multiple operating systems, applications, or networks and extract IOCs (Indicators of Compromise) and TTP (Tactics, Techniques, and Procedures). Collect, analyze, assess, and disseminate information about cyber threats and potential attacks. Conduct human-driven, proactive, and iterative hunts through enterprise networks, endpoints, or datasets to detect malicious, suspicious, or risky activities that have evaded detection by existing tools. Qualifications Bachelor's degree in Computer Science or equivalent work experience. 7+ years of experience in information security. Advanced knowledge of TCP/IP Networking, and network services such as DNS, SMTP, DHCP, etc. In-depth understanding of authentication protocols, applied cryptography, key management, PKI and SSL/TLS. Possession of a holistic view of the threat, vulnerability, and risk as well as their relationship. Deep understanding of internals and constructs of at least two main modern operation systems. Relevant security certifications (OSCP, OSCE, GPEN, GXPN, GREM, GNFA, GCFA). Applied experience with application and business logic Embedded in business systems. Knowledge of open security testing standards and projects, including OWASP. Proficiency with at least one interpreted programming language (Python, Ruby, etc.). Experience employing phishing and other social engineering tactics. Experience using multiple command and control channels, including DNS and HTTPS. If this is an opportunity that you're interested in please email your resume to: (see below)

NO SPONSORSHIP Security Incident Response Engineer Salary: $100-120k flex + 20 percent bonus Location: Remote Looking for a sharp incident response engineeer with threat hunting, incident response, threat management, threat intelligence. digital forensics and threat protection. Must also have splunk experience -not just as user but someone who can adjust logs, format logs and able to customize the splunk infrastructure. Key to the job along with the inicident response is heavy splunk and experiene customizing user settings. The Security Incident Response Logging and Event Engineer is responsible for building, maintaining, and improving the engine that powers large-scale security threat management capabilities that protect, detect, and respond to emerging threats and sophisticated attacks on enterprise networks. The person in this role onboards, ingests, reviews, and analyzes large and highly complex datasets and information to provide content, conclusions, and actionable recommendations to mitigate risk and stop attackers cold. Work with application development teams and third-party vendors to develop data for enterprise applications in order to create appropriate logs and events Create logging configuration standards for all IT infrastructure and instructs IT on how to configure systems to log appropriately Create event dashboards and metrics and establishes threshold standards Perform centralized data onboarding and log ingestion into the Splunk platform to improve the visibility of security threat management at Company Administer Splunk Enterprise Security solution in a highly available, redundant, distributed multi-site clustered environment Create and optimize correlation searches for the Security Operations Center (SOC) analysts Assist in the operations, performance, and troubleshooting of Splunk, Search Heads, Indexers, Heavy Forwarders, Deployment Server, Splunk Apps/TAs and Data Models Provide recommendations and implement changes to optimize the Splunk platform Reproduce issues, file bug reports, and escalate cases to Splunk support as necessary Performs log audits and actively works to improve log management compliance Ensures data retention of logs and alerts meets corporate standards Maintain Splunk systems internal documentation, including SOP's and design documents Create technical documentation related to system configurations, process, procedure, and knowledgebase articles. Support defensive tools and solutions that identify and stop advanced adversary tactics and techniques. Participate in Computer Incident Response Team (CIRT) responses to active and time-sensitive threats including communications and coordination across different teams. Work closely with other members of the Cyber Risk Management team to lead changes in the company's defense posture. Qualifications: 5+ years of experience in information security 2+ years of hands-on experience with Splunk Enterprise Security Certified Splunk Administrator/Enterprise Security Relevant security certifications (OSCP, OSCE, GPEN, GXPN, GREM, GNFA, GCFA) Experience administrating and operating Splunk in an enterprise environment Knowledge and experience working with the Splunk API Understands the security incident response discipline, including threat hunting, forensics, intrusion detection, and threat intelligence Experience with at least one interpreted programming language (Python, Ruby, etc.) Proficiency in PowerShell and/or Bash Understanding of TCP/IP Networking, and network services such as DNS, SMTP, DHCP, etc. Experience in common phishing and other social engineering tactics Familiarity with malware, command and control channels, and attacker tactics, techniques, and procedures

We are currently looking on behalf of one of our important clients for a Senior C/C++ Embedded Software Developer/Technical Coordinator. The role is a permanent position based in Solothurn Canton. Your Role: Technically coordinate an Embedded software project team (80% of time/workload). Specify, analyze, design, implement, verify & document Embedded software of class C medical devices according to IEC 62304. Technically coordinate with adjacent specialist disciplines (electrical hardware, mechanics, app development & systems engineering). Participate in risk & safety clarifications. Creation & review technical Embedded software documentation. Your Skills: At least 5 years of professional experience in C/C ++ Embedded Software Development. Ideally experienced in the fields of wireless communication (Bluetooth & NFC) & cyber security. Any experience in development methods such as Unit Testing & Continuous Integration is considered advantageous. Enthusiastic to develop high-quality & hardware-related software. Your Profile: Completed Engineering University Degree specializing in Electrical, Micro or Medical Technology or Computer Science (or similar). A good communicator & team-player. Fluent English speaker & ideally also a very good knowledge of German. If you wish to apply, please send us your resume in Word format with some references.

Senior Cyber Security Engineer - DevSecOps - Greenfield An exciting opportunity for a Senior Cyber Security Engineer to join a Greenfield site! This retailer is moving their Cyber Security in-house and have the vision to build a new SOC capability that would allow them rapid delivery. You would be working with the Software Development Team on creating a new zero-trust environment by using the latest tech and your previous experiences. Your ideas can be transformed into reality and you can progress into a Security Architect role over a short period of time. Within the role you will be reporting directly to the IT Director. What will you do? Development of the SOC and Threat Hunting capabilities. Security by design. Build and develop various security tooling. Support the secure coding practice. What experience are we looking for? Strong technical background in Cyber Security as an Engineer or equivalent. Software Development background. Strong problem-solving/communication skills. Location: Central London Type: Permanent Salary: up to £100k This is an amazing opportunity for a Senior Cyber Security Engineer. If you enjoy working with new technologies and want to work in a dynamic environment, this is the role for you. There are massive progression opportunities involved and a chance to influence the way the company sees Cyber Security! Lawrence Harvey is acting as an employment agency in regards to this position.

SIEM (SOAR) ENGINEER - SIEM, Splunk, Python, Java, Perl, R, C++, Automation This Critical National Infrastructure company is seeking innovative, and experienced security automation and orchestration (SAO) engineering specialists to join the Security Orchestration, Automation and Response (SOAR) Engineering team. The SIEM (SOAR) Engineers are the primary technical resource for developing automation and response to detect, resolve and mitigate cyber security attacks. Successful candidate(s) will possess expertise in data analytics, Scripting and development, and be able to work with the security response and threat management teams to protect our national energy services from cyber disruption. The SIEM (SOAR) Engineers will: Work in partnership with the incident response team to design to identify opportunities for improvement Display experience of working with SIEM tools - Splunk ideal but not essential Develop, and implement automations for detection and response. Become the subject matter experts on big data analytics and automation Participate in special projects, as needed, and perform other duties as assigned Produce System Analytics to prove automation behavior assumptions Document all system changes in line with Change Management good practices Recommend, Develop and Release new Use Cases to maximize the benefits and efficiencies from a SOAR platform. Qualifications: A strong multi-tasker with a keen eye for detail that thrives in a fast-paced work environment. Innovative, analytical and driven. Bachelor's Degree with concentration in engineering/computer/data science or minimum 3 years' successful experience in similar role. Intermediate knowledge of data science disciplines including data framing and analytics. A passion for security automation and a solid understanding of security incident response Knowledge of security frameworks including MITRE Att&CK, NIST, etc. Working experience and knowledge of operating systems (eg: Windows, UNIX/Linux) and databases Must participate in a 24x7 on-call rotation Knowledge in various Scripting and programming languages (Java, Perl, R, Python, C++ etc.) a plus Must be able to work independently as well as work as part of a fast-moving team Ability to meet deadlines, time constraints and periodic requirements Experience in working with (multi-petabyte) data lakes Understanding of entire technology stack of networks, databases, applications and endpoints Experience planning, researching and developing security policies, standards and procedures is a plus. Ability to learn and retain information on multiple products Detailed-oriented with strong communication, Interpersonal and organizational skills Participation in on-call rotation once established (On Call payment provided)