NO SPONSORSHIP Security/Systems Engineer $110k - $120k plus 5% bonus LOCATION: Tampa, FL - 5 days onsite, in office I need a cyber security engineer that also has experience with Windows or network or end user systems. Jack of all so when they don't have enough security work they can do other work threat monitoring incident response policies procedures backup. Manage and monitor all infrastructure and system installations, including configurations, testing, and maintenance. Support the design, implementation, and maintenance of cybersecurity measures to protect the company's information systems and data Collaborate with senior team members to integrate security solutions into existing infrastructure Assisting in threat monitoring and incident response support Contribute to the development, updating, and enforcement of security policies and procedures. Participate in security audits and risk assessments and collaborate with team members to address security findings. Participate in activities to enhance the overall security awareness of the organization. Implement and maintain backups, security, and redundancy strategies. Identify potential issues and implement the best possible solutions. Craft custom scripts, increasing automation for IT processes. Enable faster and smarter business processes and implement analytics. Communicate with stakeholders to identify requirements and implement solutions in a service development cycle. Use expert-level administration and optimization of hosts and Servers to ensure high availability and appropriate resource management. Standardize and automate processes and monitor, using Scripting technology. Install, configure, and patch operating systems, software, and hardware components, and clearly document the design, maintenance, and support procedures for routine tasks. Conduct high-level root-cause analysis for service interruption and establish preventive measures. Create reports and documentation outlining findings and solutions; oversee the overall backup strategy and daily operations for secure backups and restore testing. Provide after-hours support on a rotational "on-call" basis and to work "off-hours" as needed. Two (2) to Five (5) Years of technology and/or IT experience. Basic understanding of cybersecurity principles, technologies, and best practices. Experience as a Systems Engineer, preferably with a focus on Cybersecurity. Property and casualty industry experience preferred. Skills and Knowledge: Identity Access Management (IAM) Experience with vulnerability assessments, patching Servers and devices, and Endpoint Detection & Response (EDR) PowerShell Scripting knowledge Strong AD knowledge with a proficiency in GPO creation/troubleshooting. Experience with Windows Server 2016/2019, & 2022 environments and applications. Experience with AWS, AWS Workspaces, Azure, Entra ID and MS Exchange Online. Experience with Microsoft MECM, Deployment Toolkit, WSUS, SharePoint, SQL, and VMWare. SolarWinds and other network/systems monitoring tools preferred. Ability to quickly analyze issues in order to provide and implement the best possible solutions. Strong problem-solving skills and attention to detail. Experience researching technical issues and implementation of resolutions. Excellent written and verbal communication skills, relating to both technical and non-technical staff. Ability to work individually and in a team environment and to provide assistance, instruction and training. Ability to focus, execute and to provide excellent customer service. Relevant certifications such as MSCE, MCSA, CCNA, CISSP, CISM, or CompTIA Security+ preferred but not
19/09/2024
Full time
NO SPONSORSHIP Security/Systems Engineer $110k - $120k plus 5% bonus LOCATION: Tampa, FL - 5 days onsite, in office I need a cyber security engineer that also has experience with Windows or network or end user systems. Jack of all so when they don't have enough security work they can do other work threat monitoring incident response policies procedures backup. Manage and monitor all infrastructure and system installations, including configurations, testing, and maintenance. Support the design, implementation, and maintenance of cybersecurity measures to protect the company's information systems and data Collaborate with senior team members to integrate security solutions into existing infrastructure Assisting in threat monitoring and incident response support Contribute to the development, updating, and enforcement of security policies and procedures. Participate in security audits and risk assessments and collaborate with team members to address security findings. Participate in activities to enhance the overall security awareness of the organization. Implement and maintain backups, security, and redundancy strategies. Identify potential issues and implement the best possible solutions. Craft custom scripts, increasing automation for IT processes. Enable faster and smarter business processes and implement analytics. Communicate with stakeholders to identify requirements and implement solutions in a service development cycle. Use expert-level administration and optimization of hosts and Servers to ensure high availability and appropriate resource management. Standardize and automate processes and monitor, using Scripting technology. Install, configure, and patch operating systems, software, and hardware components, and clearly document the design, maintenance, and support procedures for routine tasks. Conduct high-level root-cause analysis for service interruption and establish preventive measures. Create reports and documentation outlining findings and solutions; oversee the overall backup strategy and daily operations for secure backups and restore testing. Provide after-hours support on a rotational "on-call" basis and to work "off-hours" as needed. Two (2) to Five (5) Years of technology and/or IT experience. Basic understanding of cybersecurity principles, technologies, and best practices. Experience as a Systems Engineer, preferably with a focus on Cybersecurity. Property and casualty industry experience preferred. Skills and Knowledge: Identity Access Management (IAM) Experience with vulnerability assessments, patching Servers and devices, and Endpoint Detection & Response (EDR) PowerShell Scripting knowledge Strong AD knowledge with a proficiency in GPO creation/troubleshooting. Experience with Windows Server 2016/2019, & 2022 environments and applications. Experience with AWS, AWS Workspaces, Azure, Entra ID and MS Exchange Online. Experience with Microsoft MECM, Deployment Toolkit, WSUS, SharePoint, SQL, and VMWare. SolarWinds and other network/systems monitoring tools preferred. Ability to quickly analyze issues in order to provide and implement the best possible solutions. Strong problem-solving skills and attention to detail. Experience researching technical issues and implementation of resolutions. Excellent written and verbal communication skills, relating to both technical and non-technical staff. Ability to work individually and in a team environment and to provide assistance, instruction and training. Ability to focus, execute and to provide excellent customer service. Relevant certifications such as MSCE, MCSA, CCNA, CISSP, CISM, or CompTIA Security+ preferred but not
Cyber Security Systems Engineer Salary: $100k-$120k + bonus Location: Tampa, FL Onsite: 5 days/week *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 2-5 years of related experience with a basic understanding of cybersecurity principles, technologies, and best practices Experience as a systems engineer (preferably with security) Identity Access Management (IAM) Experience with vulnerability assessments, patching Servers and devices, and Endpoint Detection & Response (EDR) PowerShell Scripting knowledge Strong AD knowledge with a proficiency in GPO creation/troubleshooting. Experience with Windows Server 2016/2019, & 2022 environments and applications. Experience with AWS, AWS Workspaces, Azure, Entra ID and MS Exchange Online. Experience with Microsoft MECM, Deployment Toolkit, WSUS, SharePoint, SQL, and VMWare. Bonus points SolarWinds and other network/systems monitoring tools Relevant certifications such as MSCE, MCSA, CCNA, CISSP, CISM, or CompTIA Security+ Responsibilities Manage and monitor all infrastructure and system installations, including configurations, testing, and maintenance. Support the design, implementation, and maintenance of cybersecurity measures to protect the company's information systems and data Collaborate with senior team members to integrate security solutions into existing infrastructure Assisting in threat monitoring and incident response support Contribute to the development, updating, and enforcement of security policies and procedures. Participate in security audits and risk assessments and collaborate with team members to address security findings. Participate in activities to enhance the overall security awareness of the organization. Implement and maintain backups, security, and redundancy strategies. Identify potential issues and implement the best possible solutions. Craft custom scripts, increasing automation for IT processes. Enable faster and smarter business processes and implement analytics. Communicate with stakeholders to identify requirements and implement solutions in a service development cycle. Use expert-level administration and optimization of hosts and Servers to ensure high availability and appropriate resource management. Standardize and automate processes and monitor, using Scripting technology. Install, configure, and patch operating systems, software, and hardware components, and clearly document the design, maintenance, and support procedures for routine tasks. Conduct high-level root-cause analysis for service interruption and establish preventive measures. Create reports and documentation outlining findings and solutions; oversee the overall backup strategy and daily operations for secure backups and restore testing. Manage and monitor all installed systems and infrastructure for the organization to be in line with company guidelines and established standard operating procedures. Install, configure, and test operating systems, application software, and system management tools. Ensure the highest level of systems and infrastructure availability. Plan and implement system automation for increased efficiency. Collaborate with other professionals to ensure high quality deliverables within organization guidelines, policies, and procedures. Deal with work process, optimization methods, and risk management tools in the given projects for the successful accomplishments according to the requirements of the stakeholders. Provide after-hours support on a rotational "on-call" basis and work "off-hours" as needed.
19/09/2024
Full time
Cyber Security Systems Engineer Salary: $100k-$120k + bonus Location: Tampa, FL Onsite: 5 days/week *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 2-5 years of related experience with a basic understanding of cybersecurity principles, technologies, and best practices Experience as a systems engineer (preferably with security) Identity Access Management (IAM) Experience with vulnerability assessments, patching Servers and devices, and Endpoint Detection & Response (EDR) PowerShell Scripting knowledge Strong AD knowledge with a proficiency in GPO creation/troubleshooting. Experience with Windows Server 2016/2019, & 2022 environments and applications. Experience with AWS, AWS Workspaces, Azure, Entra ID and MS Exchange Online. Experience with Microsoft MECM, Deployment Toolkit, WSUS, SharePoint, SQL, and VMWare. Bonus points SolarWinds and other network/systems monitoring tools Relevant certifications such as MSCE, MCSA, CCNA, CISSP, CISM, or CompTIA Security+ Responsibilities Manage and monitor all infrastructure and system installations, including configurations, testing, and maintenance. Support the design, implementation, and maintenance of cybersecurity measures to protect the company's information systems and data Collaborate with senior team members to integrate security solutions into existing infrastructure Assisting in threat monitoring and incident response support Contribute to the development, updating, and enforcement of security policies and procedures. Participate in security audits and risk assessments and collaborate with team members to address security findings. Participate in activities to enhance the overall security awareness of the organization. Implement and maintain backups, security, and redundancy strategies. Identify potential issues and implement the best possible solutions. Craft custom scripts, increasing automation for IT processes. Enable faster and smarter business processes and implement analytics. Communicate with stakeholders to identify requirements and implement solutions in a service development cycle. Use expert-level administration and optimization of hosts and Servers to ensure high availability and appropriate resource management. Standardize and automate processes and monitor, using Scripting technology. Install, configure, and patch operating systems, software, and hardware components, and clearly document the design, maintenance, and support procedures for routine tasks. Conduct high-level root-cause analysis for service interruption and establish preventive measures. Create reports and documentation outlining findings and solutions; oversee the overall backup strategy and daily operations for secure backups and restore testing. Manage and monitor all installed systems and infrastructure for the organization to be in line with company guidelines and established standard operating procedures. Install, configure, and test operating systems, application software, and system management tools. Ensure the highest level of systems and infrastructure availability. Plan and implement system automation for increased efficiency. Collaborate with other professionals to ensure high quality deliverables within organization guidelines, policies, and procedures. Deal with work process, optimization methods, and risk management tools in the given projects for the successful accomplishments according to the requirements of the stakeholders. Provide after-hours support on a rotational "on-call" basis and work "off-hours" as needed.
Permanent £51,251 Salary + Benefits Staffordshire Hybrid working - 2-3 days working in Staffordshire Are you interested in helping one of the UK's largest Police Forces transform and support their new and changing technology needs? Staffordshire Police are looking for an experienced Cyber Security Engineer to join them and help ensuring the security, integrity, availability and performance of the Force's network and communications infrastructure in live operational use; Covering the Force's Airwave infrastructure, data network infrastructure, voice and video infrastructure and Firewall and gateway infrastructure. Supporting the transition of new/changed infrastructure from development and test environments Providing expert network and communication infrastructure knowledge to force projects and change initiatives as required As the Cyber Security Engineer you will be responsible for the management configuration and support of all IT security measures, such as system logs, Firewall policies, virus protection, Internet access, encryption, PKI, confidential systems, identity management and gateways. About you You have experience working in a 2nd line Cyber Security role, supporting infrastructure across a secure environment. Educated to Degree level qualification or equivalent experience in a related ICT discipline. You will have one or more recognised security qualifications, such as Certified Information Systems Security Professional (CISSP) and/or equivalent. Experience with GIRR or SyAp, Security Management, NIST and NCSC Guidelines, Microsoft security certifications, NESSUS application or equivalent, experience in MS Sentinel, experience working with a Security Operations Centre (SOC). Effective interpersonal and communication skills, both written and verbal are a given. How to Apply If you would like to discuss further, then please apply with your up to date CV, and visit our dedicated microsite to understand more about the challenge and the opportunities that await. Talent International UK Limited and it's subsidary Rethink Digital Gurus Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this opportunity, you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website
19/09/2024
Full time
Permanent £51,251 Salary + Benefits Staffordshire Hybrid working - 2-3 days working in Staffordshire Are you interested in helping one of the UK's largest Police Forces transform and support their new and changing technology needs? Staffordshire Police are looking for an experienced Cyber Security Engineer to join them and help ensuring the security, integrity, availability and performance of the Force's network and communications infrastructure in live operational use; Covering the Force's Airwave infrastructure, data network infrastructure, voice and video infrastructure and Firewall and gateway infrastructure. Supporting the transition of new/changed infrastructure from development and test environments Providing expert network and communication infrastructure knowledge to force projects and change initiatives as required As the Cyber Security Engineer you will be responsible for the management configuration and support of all IT security measures, such as system logs, Firewall policies, virus protection, Internet access, encryption, PKI, confidential systems, identity management and gateways. About you You have experience working in a 2nd line Cyber Security role, supporting infrastructure across a secure environment. Educated to Degree level qualification or equivalent experience in a related ICT discipline. You will have one or more recognised security qualifications, such as Certified Information Systems Security Professional (CISSP) and/or equivalent. Experience with GIRR or SyAp, Security Management, NIST and NCSC Guidelines, Microsoft security certifications, NESSUS application or equivalent, experience in MS Sentinel, experience working with a Security Operations Centre (SOC). Effective interpersonal and communication skills, both written and verbal are a given. How to Apply If you would like to discuss further, then please apply with your up to date CV, and visit our dedicated microsite to understand more about the challenge and the opportunities that await. Talent International UK Limited and it's subsidary Rethink Digital Gurus Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this opportunity, you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website
Hands on DevOps Engineer (VP) FX firm - Atlassian stack - Jira/Confluence/Bamboo - Jenkins/Puppet Our Financial services client is looking for a senior devops engineer to hire on a permanent basis. What you will be doing: The management and deployment of the enterprise's application systems for all products globally. Selecting and implementing suitable technologies to ensure production systems remain performant, available, scalable, secure and cost effective. Providing leadership for DevOps teams globally. Working with development and product teams to improve developer productivity and reduce time to market. Working with the architecture and security teams to set global best practices across all application platforms. Executing the global DevOps strategy. Ensure DevOps teams are continuing to mature and move towards global best practice. Manage technical application/infrastructure debt in line with our strategies. Developing, implementing, and reporting on critical metrics that demonstrate progress against agreed SLA's. Supporting the application security team in delivering and maintaining the Application Cyber Security strategies by executing security programs and ensuring governance and rigour is applied to existing security processes and practices. Supporting the security team in maintaining current security certifications for applications. 5 Years experience in a senior technical role, leading DevOps, Architecture or Development teams. Strong technical expertise across a wide range of domains, including infrastructure, software development and related cybersecurity. Strong technical capability and experience architecting, building, and managing AWS cloud environments. Experience of managing costs in a cloud compute environment, whilst maintaining scalable and performant systems. Experience of building distributed, toolchains and libraries that facilitate rapid application development and repeatable, predictable design patterns using: Atlassian based Products like JIRA/Confluence/Bamboo Jenkins/Puppet/CHEF DAST tooling (eg, AppScan) (Desirable not essential) SAST tooling (eg, SonarQube) (Desirable not essential) SCA tooling (eg, Mend.io) (Desirable not essential) Permanent role - based in Canary Wharf - hybrid working By applying to this job you are sending us your CV, which may contain personal information. Please refer to our Privacy Notice to understand how we process this information. In short, in order to supply you with work finding services, we will hold and process your personal data, and only with your express permission we will share this personal data with a client (or a third party working on behalf of the client) by email or by upload to the Client/third parties vendor management system. By giving us permission to send your CV to a client, this constitutes permission to share the personal data that would be necessary to consider your application, interview you (Phone/video/face to face) and if successful hire you. Scope AT acts as an employment agency for Permanent Recruitment and an employment business for the supply of temporary workers. By applying for this job you accept the Terms and Conditions, Data Protection Policy, Privacy Notice and Disclaimers which can be found at our website.
19/09/2024
Full time
Hands on DevOps Engineer (VP) FX firm - Atlassian stack - Jira/Confluence/Bamboo - Jenkins/Puppet Our Financial services client is looking for a senior devops engineer to hire on a permanent basis. What you will be doing: The management and deployment of the enterprise's application systems for all products globally. Selecting and implementing suitable technologies to ensure production systems remain performant, available, scalable, secure and cost effective. Providing leadership for DevOps teams globally. Working with development and product teams to improve developer productivity and reduce time to market. Working with the architecture and security teams to set global best practices across all application platforms. Executing the global DevOps strategy. Ensure DevOps teams are continuing to mature and move towards global best practice. Manage technical application/infrastructure debt in line with our strategies. Developing, implementing, and reporting on critical metrics that demonstrate progress against agreed SLA's. Supporting the application security team in delivering and maintaining the Application Cyber Security strategies by executing security programs and ensuring governance and rigour is applied to existing security processes and practices. Supporting the security team in maintaining current security certifications for applications. 5 Years experience in a senior technical role, leading DevOps, Architecture or Development teams. Strong technical expertise across a wide range of domains, including infrastructure, software development and related cybersecurity. Strong technical capability and experience architecting, building, and managing AWS cloud environments. Experience of managing costs in a cloud compute environment, whilst maintaining scalable and performant systems. Experience of building distributed, toolchains and libraries that facilitate rapid application development and repeatable, predictable design patterns using: Atlassian based Products like JIRA/Confluence/Bamboo Jenkins/Puppet/CHEF DAST tooling (eg, AppScan) (Desirable not essential) SAST tooling (eg, SonarQube) (Desirable not essential) SCA tooling (eg, Mend.io) (Desirable not essential) Permanent role - based in Canary Wharf - hybrid working By applying to this job you are sending us your CV, which may contain personal information. Please refer to our Privacy Notice to understand how we process this information. In short, in order to supply you with work finding services, we will hold and process your personal data, and only with your express permission we will share this personal data with a client (or a third party working on behalf of the client) by email or by upload to the Client/third parties vendor management system. By giving us permission to send your CV to a client, this constitutes permission to share the personal data that would be necessary to consider your application, interview you (Phone/video/face to face) and if successful hire you. Scope AT acts as an employment agency for Permanent Recruitment and an employment business for the supply of temporary workers. By applying for this job you accept the Terms and Conditions, Data Protection Policy, Privacy Notice and Disclaimers which can be found at our website.
We are currently helping out our Financial Services Client regarding the Modern Workplace Engineer contract position that they have for an initial 6 months contract assignment based in Belfast. (Duration is very likely to extend) The role can be carried out on hybrid basis of 2/3days on site and the rest remote. (Inside IR35) As a Modern Workplace engineer you will be responsible for the successful delivery of complex engineering solutions for corporate End user platform OneDesk'. Working alongside various teams and vendors you will grow the skills to design, develop and test infrastructure solutions. Main project will be Windows 11 rollout. Youll be responsible with assisting the existing engineering team and work with end user services team worldwide as we upgrade the global desktop estate to Windows 11. Develop new solutions to meet business requirements where no solutions currently exist Engineering and development of custom solutions with various tooling such as PowerShell and Scripting Work alongside our teams to advance and customise high quality designs and documentation for solutions Work on project-based delivery planning and execution of technologies in the modern workplace technology stack Designing, building, testing and implementation of the modern workplace technologies in using Microsoft Endpoint Manager, Azure Active Directory, Intune, Microsoft 365, Power Automate, Citrix Cloud, AWS. Operation and further development of Windows 10/11 and new features (Evergreen) Certification and integration of new hardware including Drivers and BIOS Work alongside our Cyber Security team on modern security best practice and its implementation in the end user environment (policies, compliance monitoring, etc.) Ownership of the engineering of the desktop build, DaaS and remote access desktop solutions Define and create process documentation for operational support on developed and existing engineering solutions Defining and documenting modern workplace standards in the end user environment Provide a 3rd line incident and problem escalation for applications and operating systems deployed to the live environment. Experience: At least 3+ years experience in a similar role having completed large scale deployments of engineering solutions in the end user environment Process and service-oriented thinking and familiarity with the Incident, Problem and Change Management process (ITIL) Understanding of agile working methods such as Kanban or Scrum A good understanding of desktop hardware and upcoming roadmaps from major vendors A good understanding of Microsoft 365 and Endpoint manger roadmaps, and the ability to evaluate the applicability for business productivity solutions Required Skills: Expert knowledge of Windows Desktop (OS, Security, Deployment, Application Management, BIOS, Drivers) Active Directory (Group Policies, Folder Redirection) Microsoft Endpoint Manager - Management of Applications, Packages, Task sequences, Baselines. Scripting (Powershell, Python) Image creation and deployment (MDT, WIM creation, Task Sequences) Microsoft 365 Preferred Skills: DaaS (Amazon Workspace, Windows 365) Intune (Configure profiles, compliance policies, enrolment) Autopilot Azure AD Jira/Confluence Vmware Amazon Web Services (Appstream, DynamoDB, Cloudwatch, Cloudtrail, Lambda, S3) Servicenow
19/09/2024
Project-based
We are currently helping out our Financial Services Client regarding the Modern Workplace Engineer contract position that they have for an initial 6 months contract assignment based in Belfast. (Duration is very likely to extend) The role can be carried out on hybrid basis of 2/3days on site and the rest remote. (Inside IR35) As a Modern Workplace engineer you will be responsible for the successful delivery of complex engineering solutions for corporate End user platform OneDesk'. Working alongside various teams and vendors you will grow the skills to design, develop and test infrastructure solutions. Main project will be Windows 11 rollout. Youll be responsible with assisting the existing engineering team and work with end user services team worldwide as we upgrade the global desktop estate to Windows 11. Develop new solutions to meet business requirements where no solutions currently exist Engineering and development of custom solutions with various tooling such as PowerShell and Scripting Work alongside our teams to advance and customise high quality designs and documentation for solutions Work on project-based delivery planning and execution of technologies in the modern workplace technology stack Designing, building, testing and implementation of the modern workplace technologies in using Microsoft Endpoint Manager, Azure Active Directory, Intune, Microsoft 365, Power Automate, Citrix Cloud, AWS. Operation and further development of Windows 10/11 and new features (Evergreen) Certification and integration of new hardware including Drivers and BIOS Work alongside our Cyber Security team on modern security best practice and its implementation in the end user environment (policies, compliance monitoring, etc.) Ownership of the engineering of the desktop build, DaaS and remote access desktop solutions Define and create process documentation for operational support on developed and existing engineering solutions Defining and documenting modern workplace standards in the end user environment Provide a 3rd line incident and problem escalation for applications and operating systems deployed to the live environment. Experience: At least 3+ years experience in a similar role having completed large scale deployments of engineering solutions in the end user environment Process and service-oriented thinking and familiarity with the Incident, Problem and Change Management process (ITIL) Understanding of agile working methods such as Kanban or Scrum A good understanding of desktop hardware and upcoming roadmaps from major vendors A good understanding of Microsoft 365 and Endpoint manger roadmaps, and the ability to evaluate the applicability for business productivity solutions Required Skills: Expert knowledge of Windows Desktop (OS, Security, Deployment, Application Management, BIOS, Drivers) Active Directory (Group Policies, Folder Redirection) Microsoft Endpoint Manager - Management of Applications, Packages, Task sequences, Baselines. Scripting (Powershell, Python) Image creation and deployment (MDT, WIM creation, Task Sequences) Microsoft 365 Preferred Skills: DaaS (Amazon Workspace, Windows 365) Intune (Configure profiles, compliance policies, enrolment) Autopilot Azure AD Jira/Confluence Vmware Amazon Web Services (Appstream, DynamoDB, Cloudwatch, Cloudtrail, Lambda, S3) Servicenow
Senior OT Security Engineer Location: Sheffield Working Pattern: Hybrid Up to £68,000 + benefits Your New Company I'm currently hiring for an OT Security Engineer based near Sheffield to work for an engineering organisation, assisting with full project life cycles from an OT security perspective, from conception to implementation. The ideal candidate will be well versed with OT Security concepts and will have consulted on a variety of projects using their knowledge of infrastructure and network security in order to harden tools, processes and machinery within an organisation's OT estate. Having come from an engineering background would be ideal for this role, but having worked solely in an OT Security role in an engineering-focused organisation would also be very useful. What you'll be doing: Reporting to the Head of Cyber Security, you'll be ensuring that my client's Industrial Automation and Control Systems will be secure from the point of design Advising over various external projects ensuring that the approach from conception to implementation is secure by design. Work with engineers to understand their ways of working, their machinery and equipment, with the view to identifying potential security risks in line with IEC62443 Working with engineering teams in a solution-focused way to understand, identify and mitigate potential cyber risks. Network Security - network segmentation, Firewall and network management Cyber work - assisting with endpoint detection and response, overseeing intrusion detection systems, SIEM tools, vulnerability scanning and assessments etc. Using your contemporary knowledge of cybersecurity and Operational Technology as a whole to continually enhance the overall security of the business across various sites What I'm looking for: OT Security experience within an engineering environment would be ideal but experience within translatable organisation types and sectors will be considered Applied understanding of core OT Security standards and systems commonly adhered to and used. eg IEC62443, SCADA systems Ability to, and experience of, engaging comfortably with various areas of a business in a solution focused way with the view to enhancing their overall security posture within Operational Technology Experience of operational cyber realms (EDR, SIEM, Vulnerability, IPS/IDS etc. Ability to effectively articulate OT Risk to stakeholders inside and outside of engineering and IT capacities What you'll get in return A salary of up to £68,000 Long service awards Private healthcare for self 25 days leave plus 5 days to buy/sell Paid overtime available Good pension What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
19/09/2024
Full time
Senior OT Security Engineer Location: Sheffield Working Pattern: Hybrid Up to £68,000 + benefits Your New Company I'm currently hiring for an OT Security Engineer based near Sheffield to work for an engineering organisation, assisting with full project life cycles from an OT security perspective, from conception to implementation. The ideal candidate will be well versed with OT Security concepts and will have consulted on a variety of projects using their knowledge of infrastructure and network security in order to harden tools, processes and machinery within an organisation's OT estate. Having come from an engineering background would be ideal for this role, but having worked solely in an OT Security role in an engineering-focused organisation would also be very useful. What you'll be doing: Reporting to the Head of Cyber Security, you'll be ensuring that my client's Industrial Automation and Control Systems will be secure from the point of design Advising over various external projects ensuring that the approach from conception to implementation is secure by design. Work with engineers to understand their ways of working, their machinery and equipment, with the view to identifying potential security risks in line with IEC62443 Working with engineering teams in a solution-focused way to understand, identify and mitigate potential cyber risks. Network Security - network segmentation, Firewall and network management Cyber work - assisting with endpoint detection and response, overseeing intrusion detection systems, SIEM tools, vulnerability scanning and assessments etc. Using your contemporary knowledge of cybersecurity and Operational Technology as a whole to continually enhance the overall security of the business across various sites What I'm looking for: OT Security experience within an engineering environment would be ideal but experience within translatable organisation types and sectors will be considered Applied understanding of core OT Security standards and systems commonly adhered to and used. eg IEC62443, SCADA systems Ability to, and experience of, engaging comfortably with various areas of a business in a solution focused way with the view to enhancing their overall security posture within Operational Technology Experience of operational cyber realms (EDR, SIEM, Vulnerability, IPS/IDS etc. Ability to effectively articulate OT Risk to stakeholders inside and outside of engineering and IT capacities What you'll get in return A salary of up to £68,000 Long service awards Private healthcare for self 25 days leave plus 5 days to buy/sell Paid overtime available Good pension What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
Description Methods Business and Digital Technology Limited Methods is a £100M+ IT Services Consultancy who has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK. Established over 30 years ago and UK-based, we apply our skills in transformation, delivery, and collaboration from across the Methods Group, to create end-to-end business and technical solutions that are people-centred, safe, and designed for the future. Our human touch sets us apart from other consultancies, system integrators and software houses - with people, technology, and data at the heart of who we are, we believe in creating value and sustainability through everything we do for our clients, staff, communities, and the planet. We support our clients in the success of their projects while working collaboratively to share skill sets and solve problems. At Methods we have fun while working hard; we are not afraid of making mistakes and learning from them. Predominantly focused on the public-sector, Methods is now building a significant private sector client portfolio. Methods was acquired by the Alten Group in early 2022. Requirements The development, management and supporting of the infrastructure that underpins the platforms, applications, and data which support the business Automating where possible to facilitate the rapid delivery of approved capabilities to their respective environments in a secure manner Must have good experience in developing Infrastructure as Code to automate the creation of infrastructure from development all the way to production. Should be passionate about improving ways of working and best practices by understanding the customer and the market trends. Understanding the needs of stakeholders and conveying this to the target audience. Testing and examining code written by others and providing an approval as part of the governance and review process. Ensuring that systems are safe and secure against cybersecurity threats when developing by keeping in mind that the systems must be secure by design. Familiar with the NCSC secure design principles. Familiar with managing the security of platforms whether they're on cloud or on-premises, including administration of secrets, tokens, and certificates. Working with the team (business, architecture, engineers, security, data) to ensure that development and delivery follows established processes and works as intended. Planning out projects and being involved in project management decisions. Responsible for the design, security, and maintenance of on-prem/cloud infrastructure. Making and guiding effective decisions, explaining clearly how the decision has been reached with the ability to understand and resolve technical disputes across varying levels of complexity and risk. Communicating effectively across organisational, technical, and political boundaries to understand the context and how to make complex and technical information and language simple and accessible for non-technical audiences. Understanding of how to expose data from systems (for example through APIs), link data from multiple systems, and deliver streaming services. Ensuring that risks associated with deployment are adequately understood and documented. Integrating security features in the software development life cycle. Identification and probable security risks, with their mitigating strategies. Implementation of security controls. Monitoring the infrastructure and the threat to security. Ensuring regulatory compliances for standards of security. Early detection of security vulnerabilities Faster deployment of secure software By following better compliance with security standards and regulations Greater visibility into security risks and threats Have experience or familiarity with working in an agile delivery methodology Ideal Candidates will demonstrate: Experience working with many teams especially security would be beneficial. Solid infrastructure design experience for on-prem environments to implement or migrate applications and databases. Have experience with hybrid designs between on-premise and cloud Solid experience in a range of technologies and be able to make assessments as to what is best to be used for the projects and the organisation. As well as suggest and develop innovative approaches within constrained projects and environments. Strong experience in software development change/release management processes and technical governance to fully understand the typical life cycle and maintenance of live systems. Ability to work with containerization platforms such as Kubernetes, PKS, Docker; provisioning software including Ansible, Terraform, YAML; and application/infrastructure/data performance analysis and monitoring. Experience of functional and non-functional testing. Experience with automated deployment of applications, databases and infrastructure. Understanding of the government digital service (GDS) manual and standards across Discovery/Alpha/Beta/Live phases. Understanding of SaaS, PaaS, IaaS technologies, and the implications of their use compared with bespoke development. Being able to provide training, support, and mentoring to the wider business. Knowledge of how to ensure that risks associated with deployment are adequately understood and documented. Desirable Skills & Experience: Worked as part of a system support team managing live systems and triaging & resolving incidents to resolution, including management of known defects and issues. Worked as part of a multi-disciplinary project team. Experience with Terraform and YAML to deploy on-prem/cloud infrastructure. Experience with automation tools to build and deploy containerized applications. Experience implementing effective instrumentation to monitor applications. Experience implementing SAST and DAST tooling in deployment pipelines like Trivvy and SonarQube. Experience with on-prem DevOps tooling. This role will require you to have or be willing to go through Security Clearance. As part of the onboarding process candidates will be asked to complete a Baseline Personnel Security Standard; details of the evidence required to apply may be found on the government website Gov.UK. If you are unable to meet this and any associated criteria, then your employment may be delayed, or rejected. Details of this will be discussed with you at interview. Benefits Methods is passionate about its people; we want our colleagues to develop the things they are good at and enjoy. By joining us you can expect Autonomy to develop and grow your skills and experience Be part of exciting project work that is making a difference in society Strong, inspiring and thought-provoking leadership A supportive and collaborative environment Development - access to LinkedIn Learning, a management development programme, and training Wellness - 24/7 confidential employee assistance programme Flexible Working - including home working and part time Social - office parties, breakfast Tuesdays, monthly pizza Thursdays, Thirsty Thursdays, and commitment to charitable causes Time Off - 25 days of annual leave a year, plus bank holidays, with the option to buy 5 extra days each year Volunteering - 2 paid days per year to volunteer in our local communities or within a charity organisation Pension - Salary Exchange Scheme with 4% employer contribution and 5% employee contribution Discretionary Company Bonus - based on company and individual performance Life Assurance - of 4 times base salary Private Medical Insurance - which is non-contributory (spouse and dependants included) Worldwide Travel Insurance - which is non-contributory (spouse and dependants included) Enhanced Maternity and Paternity Pay Travel - season ticket loan, cycle to work scheme *SOLE BRITISH NATIONALS ONLY* *SC REQUIRE*
19/09/2024
Description Methods Business and Digital Technology Limited Methods is a £100M+ IT Services Consultancy who has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK. Established over 30 years ago and UK-based, we apply our skills in transformation, delivery, and collaboration from across the Methods Group, to create end-to-end business and technical solutions that are people-centred, safe, and designed for the future. Our human touch sets us apart from other consultancies, system integrators and software houses - with people, technology, and data at the heart of who we are, we believe in creating value and sustainability through everything we do for our clients, staff, communities, and the planet. We support our clients in the success of their projects while working collaboratively to share skill sets and solve problems. At Methods we have fun while working hard; we are not afraid of making mistakes and learning from them. Predominantly focused on the public-sector, Methods is now building a significant private sector client portfolio. Methods was acquired by the Alten Group in early 2022. Requirements The development, management and supporting of the infrastructure that underpins the platforms, applications, and data which support the business Automating where possible to facilitate the rapid delivery of approved capabilities to their respective environments in a secure manner Must have good experience in developing Infrastructure as Code to automate the creation of infrastructure from development all the way to production. Should be passionate about improving ways of working and best practices by understanding the customer and the market trends. Understanding the needs of stakeholders and conveying this to the target audience. Testing and examining code written by others and providing an approval as part of the governance and review process. Ensuring that systems are safe and secure against cybersecurity threats when developing by keeping in mind that the systems must be secure by design. Familiar with the NCSC secure design principles. Familiar with managing the security of platforms whether they're on cloud or on-premises, including administration of secrets, tokens, and certificates. Working with the team (business, architecture, engineers, security, data) to ensure that development and delivery follows established processes and works as intended. Planning out projects and being involved in project management decisions. Responsible for the design, security, and maintenance of on-prem/cloud infrastructure. Making and guiding effective decisions, explaining clearly how the decision has been reached with the ability to understand and resolve technical disputes across varying levels of complexity and risk. Communicating effectively across organisational, technical, and political boundaries to understand the context and how to make complex and technical information and language simple and accessible for non-technical audiences. Understanding of how to expose data from systems (for example through APIs), link data from multiple systems, and deliver streaming services. Ensuring that risks associated with deployment are adequately understood and documented. Integrating security features in the software development life cycle. Identification and probable security risks, with their mitigating strategies. Implementation of security controls. Monitoring the infrastructure and the threat to security. Ensuring regulatory compliances for standards of security. Early detection of security vulnerabilities Faster deployment of secure software By following better compliance with security standards and regulations Greater visibility into security risks and threats Have experience or familiarity with working in an agile delivery methodology Ideal Candidates will demonstrate: Experience working with many teams especially security would be beneficial. Solid infrastructure design experience for on-prem environments to implement or migrate applications and databases. Have experience with hybrid designs between on-premise and cloud Solid experience in a range of technologies and be able to make assessments as to what is best to be used for the projects and the organisation. As well as suggest and develop innovative approaches within constrained projects and environments. Strong experience in software development change/release management processes and technical governance to fully understand the typical life cycle and maintenance of live systems. Ability to work with containerization platforms such as Kubernetes, PKS, Docker; provisioning software including Ansible, Terraform, YAML; and application/infrastructure/data performance analysis and monitoring. Experience of functional and non-functional testing. Experience with automated deployment of applications, databases and infrastructure. Understanding of the government digital service (GDS) manual and standards across Discovery/Alpha/Beta/Live phases. Understanding of SaaS, PaaS, IaaS technologies, and the implications of their use compared with bespoke development. Being able to provide training, support, and mentoring to the wider business. Knowledge of how to ensure that risks associated with deployment are adequately understood and documented. Desirable Skills & Experience: Worked as part of a system support team managing live systems and triaging & resolving incidents to resolution, including management of known defects and issues. Worked as part of a multi-disciplinary project team. Experience with Terraform and YAML to deploy on-prem/cloud infrastructure. Experience with automation tools to build and deploy containerized applications. Experience implementing effective instrumentation to monitor applications. Experience implementing SAST and DAST tooling in deployment pipelines like Trivvy and SonarQube. Experience with on-prem DevOps tooling. This role will require you to have or be willing to go through Security Clearance. As part of the onboarding process candidates will be asked to complete a Baseline Personnel Security Standard; details of the evidence required to apply may be found on the government website Gov.UK. If you are unable to meet this and any associated criteria, then your employment may be delayed, or rejected. Details of this will be discussed with you at interview. Benefits Methods is passionate about its people; we want our colleagues to develop the things they are good at and enjoy. By joining us you can expect Autonomy to develop and grow your skills and experience Be part of exciting project work that is making a difference in society Strong, inspiring and thought-provoking leadership A supportive and collaborative environment Development - access to LinkedIn Learning, a management development programme, and training Wellness - 24/7 confidential employee assistance programme Flexible Working - including home working and part time Social - office parties, breakfast Tuesdays, monthly pizza Thursdays, Thirsty Thursdays, and commitment to charitable causes Time Off - 25 days of annual leave a year, plus bank holidays, with the option to buy 5 extra days each year Volunteering - 2 paid days per year to volunteer in our local communities or within a charity organisation Pension - Salary Exchange Scheme with 4% employer contribution and 5% employee contribution Discretionary Company Bonus - based on company and individual performance Life Assurance - of 4 times base salary Private Medical Insurance - which is non-contributory (spouse and dependants included) Worldwide Travel Insurance - which is non-contributory (spouse and dependants included) Enhanced Maternity and Paternity Pay Travel - season ticket loan, cycle to work scheme *SOLE BRITISH NATIONALS ONLY* *SC REQUIRE*
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible, and requires working onsite 5 days per week* Prestigious Enterprise Company is currently seeking a Cyber Security and Windows Systems Engineer. Candidate will manage and monitor all infrastructure and system installations, including configurations, testing, and maintenance. Responsibilities: Implement and maintain backups, security, and redundancy strategies. Identify potential issues and implement the best possible solutions. Craft custom scripts, increasing automation for IT processes. Enable faster and smarter business processes and implement analytics. Communicate with stakeholders to identify requirements and implement solutions in a service development cycle. Use expert-level administration and optimization of hosts and Servers to ensure high availability and appropriate resource management. Standardize and automate processes and monitor, using Scripting technology. Install, configure, and patch operating systems, software, and hardware components, and clearly document the design, maintenance, and support procedures for routine tasks. Conduct high-level root-cause analysis for service interruption and establish preventive measures. Create reports and documentation outlining findings and solutions; oversee the overall backup strategy and daily operations for secure backups and restore testing. Manage and monitor all installed systems and infrastructure for the organization to be in line with company guidelines and established standard operating procedures. Install, configure, and test operating systems, application software, and system management tools. Ensure the highest level of systems and infrastructure availability. Plan and implement system automation for increased efficiency. Collaborate with other professionals to ensure high quality deliverables within organization guidelines, policies, and procedures. Deal with work process, optimization methods, and risk management tools in the given projects for the successful accomplishments according to the requirements of the stakeholders. Provide after-hours support on a rotational "on-call" basis and to work "off-hours" as needed. Qualifications: PowerShell Scripting expertise. Strong AD knowledge with a proficiency in GPO creation/troubleshooting. Experience with Windows Server 2016/2019 environments and applications. Experience with AWS Workspaces and Azure & Azure AD. Experience with Microsoft SCCM, SCSM, Deployment Toolkit, WSUS, SharePoint and SQL, and VMWare. SolarWinds and other network/systems monitoring tools preferred. Ability to quickly analyze issues in order to provide and implement the best possible solutions. Strong problem-solving skills and attention to detail. Experience researching technical issues and implementation of resolutions. Excellent written and verbal communication skills, relating to both technical and non-technical staff. Ability to work individually and in a team environment and to provide assistance, instruction and training. Ability to focus, execute and to provide excellent customer service. Relevant certifications such as MSCE, MCSA, CCNA preferred but not required. Bachelor's Degree in Computer Science/MIS or equivalent years of experience in similar position.
19/09/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible, and requires working onsite 5 days per week* Prestigious Enterprise Company is currently seeking a Cyber Security and Windows Systems Engineer. Candidate will manage and monitor all infrastructure and system installations, including configurations, testing, and maintenance. Responsibilities: Implement and maintain backups, security, and redundancy strategies. Identify potential issues and implement the best possible solutions. Craft custom scripts, increasing automation for IT processes. Enable faster and smarter business processes and implement analytics. Communicate with stakeholders to identify requirements and implement solutions in a service development cycle. Use expert-level administration and optimization of hosts and Servers to ensure high availability and appropriate resource management. Standardize and automate processes and monitor, using Scripting technology. Install, configure, and patch operating systems, software, and hardware components, and clearly document the design, maintenance, and support procedures for routine tasks. Conduct high-level root-cause analysis for service interruption and establish preventive measures. Create reports and documentation outlining findings and solutions; oversee the overall backup strategy and daily operations for secure backups and restore testing. Manage and monitor all installed systems and infrastructure for the organization to be in line with company guidelines and established standard operating procedures. Install, configure, and test operating systems, application software, and system management tools. Ensure the highest level of systems and infrastructure availability. Plan and implement system automation for increased efficiency. Collaborate with other professionals to ensure high quality deliverables within organization guidelines, policies, and procedures. Deal with work process, optimization methods, and risk management tools in the given projects for the successful accomplishments according to the requirements of the stakeholders. Provide after-hours support on a rotational "on-call" basis and to work "off-hours" as needed. Qualifications: PowerShell Scripting expertise. Strong AD knowledge with a proficiency in GPO creation/troubleshooting. Experience with Windows Server 2016/2019 environments and applications. Experience with AWS Workspaces and Azure & Azure AD. Experience with Microsoft SCCM, SCSM, Deployment Toolkit, WSUS, SharePoint and SQL, and VMWare. SolarWinds and other network/systems monitoring tools preferred. Ability to quickly analyze issues in order to provide and implement the best possible solutions. Strong problem-solving skills and attention to detail. Experience researching technical issues and implementation of resolutions. Excellent written and verbal communication skills, relating to both technical and non-technical staff. Ability to work individually and in a team environment and to provide assistance, instruction and training. Ability to focus, execute and to provide excellent customer service. Relevant certifications such as MSCE, MCSA, CCNA preferred but not required. Bachelor's Degree in Computer Science/MIS or equivalent years of experience in similar position.
*Inside IR35* We are searching for a Splunk Engineer to join a Tier one bank. The Senior Splunk Engineer will be a member of the Global Cybersecurity Engineering team, responsible for the Splunk SIEM and SOAR platforms, along with other technology supporting Global Cybersecurity Operations. The team partners with IT Infrastructure teams in end-to-end deployment of security technologies across the firm. The role involves the architectural design and technical support for SIEM and SOAR platform infrastructure (Splunk, Phantom and AWS). This includes system integration and interoperability, application components, systems programming, ingestion and normalisation of security log sources, patches and upgrades, capacity planning, performance management and use case development. This role will participate in efforts to test the effectiveness of defined controls and ensure that critical processes in the firm are evaluated from a security perspective. The role requires an experienced systems engineer with strong technical leadership and collaboration skills. The ideal candidate will have significant experience in SIEM technologies, Linux system administration and cloud infrastructure (eg Splunk ES, Splunk SOAR, RHEL/AL2, AWS platform services, etc.). Responsibilities will include (But not limited to) Engineering leadership and support for existing and future SIEM and SOAR technology (Splunk ES, Phantom, etc.) Leading the continued technical enhancement of security platforms Supporting the identification, development and implementation of new detections (use cases) Leading the continued evolution of automation and orchestration across the platform Training and developing other members of the Logging and Operations team as well as other members of the engineering function. Supporting a culture of individual self-improvement, whereby staff are expected to maintain subject matter expertise within their area of focus and within the realm of cybersecurity more broadly, for example remaining up to date on the latest forensic techniques and tooling for strategically important platforms. Taking a leading role in the engagement of Global Businesses and Functions, driving global up-lift in cybersecurity awareness. Collaborating with various layers of management across Cybersecurity and other IT teams to develop solutions that protect the organisation. Designing and driving the implementation of new service offerings, capability uplifts and process improvements to protect the bank for a continuously changing threat landscape.
19/09/2024
Project-based
*Inside IR35* We are searching for a Splunk Engineer to join a Tier one bank. The Senior Splunk Engineer will be a member of the Global Cybersecurity Engineering team, responsible for the Splunk SIEM and SOAR platforms, along with other technology supporting Global Cybersecurity Operations. The team partners with IT Infrastructure teams in end-to-end deployment of security technologies across the firm. The role involves the architectural design and technical support for SIEM and SOAR platform infrastructure (Splunk, Phantom and AWS). This includes system integration and interoperability, application components, systems programming, ingestion and normalisation of security log sources, patches and upgrades, capacity planning, performance management and use case development. This role will participate in efforts to test the effectiveness of defined controls and ensure that critical processes in the firm are evaluated from a security perspective. The role requires an experienced systems engineer with strong technical leadership and collaboration skills. The ideal candidate will have significant experience in SIEM technologies, Linux system administration and cloud infrastructure (eg Splunk ES, Splunk SOAR, RHEL/AL2, AWS platform services, etc.). Responsibilities will include (But not limited to) Engineering leadership and support for existing and future SIEM and SOAR technology (Splunk ES, Phantom, etc.) Leading the continued technical enhancement of security platforms Supporting the identification, development and implementation of new detections (use cases) Leading the continued evolution of automation and orchestration across the platform Training and developing other members of the Logging and Operations team as well as other members of the engineering function. Supporting a culture of individual self-improvement, whereby staff are expected to maintain subject matter expertise within their area of focus and within the realm of cybersecurity more broadly, for example remaining up to date on the latest forensic techniques and tooling for strategically important platforms. Taking a leading role in the engagement of Global Businesses and Functions, driving global up-lift in cybersecurity awareness. Collaborating with various layers of management across Cybersecurity and other IT teams to develop solutions that protect the organisation. Designing and driving the implementation of new service offerings, capability uplifts and process improvements to protect the bank for a continuously changing threat landscape.
Request Technology - Craig Johnson
San Francisco, California
*We are unable to sponsor for this 6+ month straight contract role, no 3rd party candidates will be considered* Prestigious Enterprise Company is currently seeking a Cyber Security Infrastructure Engineer and Architect with Azure experience. Candidate will be responsible for the planning, development and implementation of enterprise information security solutions (such as authentication and authorization, public key infrastructure, data loss prevention, and security event information management) to address the current and emerging security needs of the business. This role requires the solution of complex enterprise-scale information security problems. The role will design and develop new technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Responsibilities: Contributes to a team that ensures the security of enterprise data and systems by developing enterprise information security solutions. Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats. Researches, designs, and develops new enterprise technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Serves as a security expert in one or more of application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture. Engages with security specialists and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements. Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks. Serves as an expert in one or more of platform, application, storage, network, virtualization, cloud and mobile security best practices. Cloud Security: Shared Responsibility model Secure services in the cloud Infrastructure security in the cloud Secure boundaries Authentication & Authorization security services in the Cloud Cloud Native VS Third party security capabilities Container Security Container security life cycle Image scanning Qualifications: Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of identity and access management controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Preferred Skills: The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications ability to lead the exercise of collecting the required data to produce the deliverables Ability to articulate the requirements in technical and non technical language Ability to defend secure design and support it with real life scenarios Ability to articulate the risk and findings in business language Explain vulnerabilities and threats Threat modelling Recent attacks Application Security Focus Areas Secure Code Development Secure SDLC Secure Agile development Testing Security requirements Writing security stories Web Application Security Owasp 10 SAST and DAST Scan API Security CI/CD pipeline Integrate security tools Security testing
17/09/2024
Project-based
*We are unable to sponsor for this 6+ month straight contract role, no 3rd party candidates will be considered* Prestigious Enterprise Company is currently seeking a Cyber Security Infrastructure Engineer and Architect with Azure experience. Candidate will be responsible for the planning, development and implementation of enterprise information security solutions (such as authentication and authorization, public key infrastructure, data loss prevention, and security event information management) to address the current and emerging security needs of the business. This role requires the solution of complex enterprise-scale information security problems. The role will design and develop new technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Responsibilities: Contributes to a team that ensures the security of enterprise data and systems by developing enterprise information security solutions. Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats. Researches, designs, and develops new enterprise technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Serves as a security expert in one or more of application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture. Engages with security specialists and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements. Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks. Serves as an expert in one or more of platform, application, storage, network, virtualization, cloud and mobile security best practices. Cloud Security: Shared Responsibility model Secure services in the cloud Infrastructure security in the cloud Secure boundaries Authentication & Authorization security services in the Cloud Cloud Native VS Third party security capabilities Container Security Container security life cycle Image scanning Qualifications: Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of identity and access management controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Preferred Skills: The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications ability to lead the exercise of collecting the required data to produce the deliverables Ability to articulate the requirements in technical and non technical language Ability to defend secure design and support it with real life scenarios Ability to articulate the risk and findings in business language Explain vulnerabilities and threats Threat modelling Recent attacks Application Security Focus Areas Secure Code Development Secure SDLC Secure Agile development Testing Security requirements Writing security stories Web Application Security Owasp 10 SAST and DAST Scan API Security CI/CD pipeline Integrate security tools Security testing
Security Engineering - PAM - Secrets SALARY: $150K - $160K plus 15% bonus LOCATION: DALLAS Secrets and privileged access management hardware security modules HSMs integrating secrets management PKI sessions management python ansible terraform and YAML HSMS MS PKI Hashicorp vault CyberArk AIM PSMP PVWA CPM vault leveraging APIs cryptographic operations As a member of the Secrets and Privileged Access Management team you are responsible for applying skills and knowledge to perform functions for Privileged Access and Secrets Management solutions, Hardware security modules (HSMs), and encryption practices. You must ensure to take a security first approach when deploying or integrating Secrets Management, PKI, Sessions Management, or authentication integrations under the team's purview using agile methodology. Primary Duties and Responsibilities: To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Design, document, deploy, and support PAM solutions supporting vaulting, session management, hardcoded credential removal, and support integrations with PAM solution for secure secrets management supporting app-to-app communication. Design, document, develop, and support PAM integrations to support automated password rotations and establishing secure sessions through jump host solution. Design, document, implement, and maintain our Certificate Authority PKI infrastructure. Ensure certificates are correctly issued, renewed, and revoked as necessary. Implement and manage certificate templates and revocation configurations. Implement, configure, and maintain HSMs to support PKI operations. Work with vendors to ensure systems are patched and up to date. Address and troubleshoot issues related to PAM, PKI, and HSM solutions. Implement and manage encryption tools and software. Ensure team solutions are monitored following best practice. Proficient in using Scripting and automation skills to convert manual maintenance and audit functions into orchestrated automation. Track and execute work following agile best practices with self-motivation to bring a task from ideation to implementation. Ability to operate in a highly regulated complex operational environment and collaborate with internal SMEs required to maintain and mature the PAM program. Document, review, and update run books supporting Secrets and Privileged Access Management solutions. Develop and maintain encryption standards, practices, and solutions. Develop and maintain documentation related to PAM policies, procedures, and configurations. Qualifications: Experience with enterprise PAM tools and technologies such as various CyberArk and HashiVault components and underlying infrastructure supporting those technologies. Experience with various integration techniques for Secrets Management and Privileged Management to target systems such as databases, directories, and applications. Experience with Microsoft certificate authority PKI infrastructure. Experience with hardware security modules (HSMs). Experience with Python, Ansible, Terraform, and YAML packages. Requires in-depth knowledge of PAM and Secrets Management best practices. Requires in-depth knowledge of encryption algorithms, protocols, and best practices. Working knowledge of system monitoring techniques and tooling. Working knowledge of the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines. 5+ years of experience with PAM tools and technologies. 3+ years of experience in PKI infrastructure including Microsoft Certificate Authority. Bachelor's degree in computer science, Information Technology, or related field. Technical Skills: Hands on deployment, management, and troubleshooting experience with HSMs, MS PKI, HashiCorp Vault, and all CyberArk components (AIM, PSM/P, PVWA, CPM, VAULT). Hands on experience leveraging APIs. Knowledge of cryptographic operations, secure key storage, and key life cycle management with HSM and encryption tools. Knowledge of end-to-end encryption, data at rest, and data in transit protection methodologies. Ability to interpret logs and events related to PKI, HSMs, encryption, and PAM activities. Education and/or Experience: 5+ years of experience with security engineering activities and testing. 5+ years of experience with privileged access management platforms. 3+ years of experience with HSM, PKI, Microsoft Certificate Authority. 2+ years of experience with DevOps/DevSecOps (eg, GitOps, Version Control, RESTful APIs) 2+ years of experience with cloud architecture and deployments. Certificates or Licenses: CyberArk Defender, Sentry, or Guardian HashiCorp Certified: Terraform Associate HashiCorp Certified: Vault Associate Certification Information Systems Security Professional (CISSP) AWS Certified Security Specialty CompTIA Security+ Microsoft Certified: Security Engineer Associate
17/09/2024
Full time
Security Engineering - PAM - Secrets SALARY: $150K - $160K plus 15% bonus LOCATION: DALLAS Secrets and privileged access management hardware security modules HSMs integrating secrets management PKI sessions management python ansible terraform and YAML HSMS MS PKI Hashicorp vault CyberArk AIM PSMP PVWA CPM vault leveraging APIs cryptographic operations As a member of the Secrets and Privileged Access Management team you are responsible for applying skills and knowledge to perform functions for Privileged Access and Secrets Management solutions, Hardware security modules (HSMs), and encryption practices. You must ensure to take a security first approach when deploying or integrating Secrets Management, PKI, Sessions Management, or authentication integrations under the team's purview using agile methodology. Primary Duties and Responsibilities: To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Design, document, deploy, and support PAM solutions supporting vaulting, session management, hardcoded credential removal, and support integrations with PAM solution for secure secrets management supporting app-to-app communication. Design, document, develop, and support PAM integrations to support automated password rotations and establishing secure sessions through jump host solution. Design, document, implement, and maintain our Certificate Authority PKI infrastructure. Ensure certificates are correctly issued, renewed, and revoked as necessary. Implement and manage certificate templates and revocation configurations. Implement, configure, and maintain HSMs to support PKI operations. Work with vendors to ensure systems are patched and up to date. Address and troubleshoot issues related to PAM, PKI, and HSM solutions. Implement and manage encryption tools and software. Ensure team solutions are monitored following best practice. Proficient in using Scripting and automation skills to convert manual maintenance and audit functions into orchestrated automation. Track and execute work following agile best practices with self-motivation to bring a task from ideation to implementation. Ability to operate in a highly regulated complex operational environment and collaborate with internal SMEs required to maintain and mature the PAM program. Document, review, and update run books supporting Secrets and Privileged Access Management solutions. Develop and maintain encryption standards, practices, and solutions. Develop and maintain documentation related to PAM policies, procedures, and configurations. Qualifications: Experience with enterprise PAM tools and technologies such as various CyberArk and HashiVault components and underlying infrastructure supporting those technologies. Experience with various integration techniques for Secrets Management and Privileged Management to target systems such as databases, directories, and applications. Experience with Microsoft certificate authority PKI infrastructure. Experience with hardware security modules (HSMs). Experience with Python, Ansible, Terraform, and YAML packages. Requires in-depth knowledge of PAM and Secrets Management best practices. Requires in-depth knowledge of encryption algorithms, protocols, and best practices. Working knowledge of system monitoring techniques and tooling. Working knowledge of the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines. 5+ years of experience with PAM tools and technologies. 3+ years of experience in PKI infrastructure including Microsoft Certificate Authority. Bachelor's degree in computer science, Information Technology, or related field. Technical Skills: Hands on deployment, management, and troubleshooting experience with HSMs, MS PKI, HashiCorp Vault, and all CyberArk components (AIM, PSM/P, PVWA, CPM, VAULT). Hands on experience leveraging APIs. Knowledge of cryptographic operations, secure key storage, and key life cycle management with HSM and encryption tools. Knowledge of end-to-end encryption, data at rest, and data in transit protection methodologies. Ability to interpret logs and events related to PKI, HSMs, encryption, and PAM activities. Education and/or Experience: 5+ years of experience with security engineering activities and testing. 5+ years of experience with privileged access management platforms. 3+ years of experience with HSM, PKI, Microsoft Certificate Authority. 2+ years of experience with DevOps/DevSecOps (eg, GitOps, Version Control, RESTful APIs) 2+ years of experience with cloud architecture and deployments. Certificates or Licenses: CyberArk Defender, Sentry, or Guardian HashiCorp Certified: Terraform Associate HashiCorp Certified: Vault Associate Certification Information Systems Security Professional (CISSP) AWS Certified Security Specialty CompTIA Security+ Microsoft Certified: Security Engineer Associate
Security Engineering - PAM - Secrets SALARY: $150K - $160K plus 15% bonus LOCATION: CHICAGO Secrets and privileged access management hardware security modules HSMs integrating secrets management PKI sessions management python ansible terraform and YAML HSMS MS PKI Hashicorp vault CyberArk AIM PSMP PVWA CPM vault leveraging APIs cryptographic operations As a member of the Secrets and Privileged Access Management team you are responsible for applying skills and knowledge to perform functions for Privileged Access and Secrets Management solutions, Hardware security modules (HSMs), and encryption practices. You must ensure to take a security first approach when deploying or integrating Secrets Management, PKI, Sessions Management, or authentication integrations under the team's purview using agile methodology. Primary Duties and Responsibilities: To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Design, document, deploy, and support PAM solutions supporting vaulting, session management, hardcoded credential removal, and support integrations with PAM solution for secure secrets management supporting app-to-app communication. Design, document, develop, and support PAM integrations to support automated password rotations and establishing secure sessions through jump host solution. Design, document, implement, and maintain our Certificate Authority PKI infrastructure. Ensure certificates are correctly issued, renewed, and revoked as necessary. Implement and manage certificate templates and revocation configurations. Implement, configure, and maintain HSMs to support PKI operations. Work with vendors to ensure systems are patched and up to date. Address and troubleshoot issues related to PAM, PKI, and HSM solutions. Implement and manage encryption tools and software. Ensure team solutions are monitored following best practice. Proficient in using Scripting and automation skills to convert manual maintenance and audit functions into orchestrated automation. Track and execute work following agile best practices with self-motivation to bring a task from ideation to implementation. Ability to operate in a highly regulated complex operational environment and collaborate with internal SMEs required to maintain and mature the PAM program. Document, review, and update run books supporting Secrets and Privileged Access Management solutions. Develop and maintain encryption standards, practices, and solutions. Develop and maintain documentation related to PAM policies, procedures, and configurations. Qualifications: Experience with enterprise PAM tools and technologies such as various CyberArk and HashiVault components and underlying infrastructure supporting those technologies. Experience with various integration techniques for Secrets Management and Privileged Management to target systems such as databases, directories, and applications. Experience with Microsoft certificate authority PKI infrastructure. Experience with hardware security modules (HSMs). Experience with Python, Ansible, Terraform, and YAML packages. Requires in-depth knowledge of PAM and Secrets Management best practices. Requires in-depth knowledge of encryption algorithms, protocols, and best practices. Working knowledge of system monitoring techniques and tooling. Working knowledge of the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines. 5+ years of experience with PAM tools and technologies. 3+ years of experience in PKI infrastructure including Microsoft Certificate Authority. Bachelor's degree in computer science, Information Technology, or related field. Technical Skills: Hands on deployment, management, and troubleshooting experience with HSMs, MS PKI, HashiCorp Vault, and all CyberArk components (AIM, PSM/P, PVWA, CPM, VAULT). Hands on experience leveraging APIs. Knowledge of cryptographic operations, secure key storage, and key life cycle management with HSM and encryption tools. Knowledge of end-to-end encryption, data at rest, and data in transit protection methodologies. Ability to interpret logs and events related to PKI, HSMs, encryption, and PAM activities. Education and/or Experience: 5+ years of experience with security engineering activities and testing. 5+ years of experience with privileged access management platforms. 3+ years of experience with HSM, PKI, Microsoft Certificate Authority. 2+ years of experience with DevOps/DevSecOps (eg, GitOps, Version Control, RESTful APIs) 2+ years of experience with cloud architecture and deployments. Certificates or Licenses: CyberArk Defender, Sentry, or Guardian HashiCorp Certified: Terraform Associate HashiCorp Certified: Vault Associate Certification Information Systems Security Professional (CISSP) AWS Certified Security Specialty CompTIA Security+ Microsoft Certified: Security Engineer Associate
17/09/2024
Full time
Security Engineering - PAM - Secrets SALARY: $150K - $160K plus 15% bonus LOCATION: CHICAGO Secrets and privileged access management hardware security modules HSMs integrating secrets management PKI sessions management python ansible terraform and YAML HSMS MS PKI Hashicorp vault CyberArk AIM PSMP PVWA CPM vault leveraging APIs cryptographic operations As a member of the Secrets and Privileged Access Management team you are responsible for applying skills and knowledge to perform functions for Privileged Access and Secrets Management solutions, Hardware security modules (HSMs), and encryption practices. You must ensure to take a security first approach when deploying or integrating Secrets Management, PKI, Sessions Management, or authentication integrations under the team's purview using agile methodology. Primary Duties and Responsibilities: To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Design, document, deploy, and support PAM solutions supporting vaulting, session management, hardcoded credential removal, and support integrations with PAM solution for secure secrets management supporting app-to-app communication. Design, document, develop, and support PAM integrations to support automated password rotations and establishing secure sessions through jump host solution. Design, document, implement, and maintain our Certificate Authority PKI infrastructure. Ensure certificates are correctly issued, renewed, and revoked as necessary. Implement and manage certificate templates and revocation configurations. Implement, configure, and maintain HSMs to support PKI operations. Work with vendors to ensure systems are patched and up to date. Address and troubleshoot issues related to PAM, PKI, and HSM solutions. Implement and manage encryption tools and software. Ensure team solutions are monitored following best practice. Proficient in using Scripting and automation skills to convert manual maintenance and audit functions into orchestrated automation. Track and execute work following agile best practices with self-motivation to bring a task from ideation to implementation. Ability to operate in a highly regulated complex operational environment and collaborate with internal SMEs required to maintain and mature the PAM program. Document, review, and update run books supporting Secrets and Privileged Access Management solutions. Develop and maintain encryption standards, practices, and solutions. Develop and maintain documentation related to PAM policies, procedures, and configurations. Qualifications: Experience with enterprise PAM tools and technologies such as various CyberArk and HashiVault components and underlying infrastructure supporting those technologies. Experience with various integration techniques for Secrets Management and Privileged Management to target systems such as databases, directories, and applications. Experience with Microsoft certificate authority PKI infrastructure. Experience with hardware security modules (HSMs). Experience with Python, Ansible, Terraform, and YAML packages. Requires in-depth knowledge of PAM and Secrets Management best practices. Requires in-depth knowledge of encryption algorithms, protocols, and best practices. Working knowledge of system monitoring techniques and tooling. Working knowledge of the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines. 5+ years of experience with PAM tools and technologies. 3+ years of experience in PKI infrastructure including Microsoft Certificate Authority. Bachelor's degree in computer science, Information Technology, or related field. Technical Skills: Hands on deployment, management, and troubleshooting experience with HSMs, MS PKI, HashiCorp Vault, and all CyberArk components (AIM, PSM/P, PVWA, CPM, VAULT). Hands on experience leveraging APIs. Knowledge of cryptographic operations, secure key storage, and key life cycle management with HSM and encryption tools. Knowledge of end-to-end encryption, data at rest, and data in transit protection methodologies. Ability to interpret logs and events related to PKI, HSMs, encryption, and PAM activities. Education and/or Experience: 5+ years of experience with security engineering activities and testing. 5+ years of experience with privileged access management platforms. 3+ years of experience with HSM, PKI, Microsoft Certificate Authority. 2+ years of experience with DevOps/DevSecOps (eg, GitOps, Version Control, RESTful APIs) 2+ years of experience with cloud architecture and deployments. Certificates or Licenses: CyberArk Defender, Sentry, or Guardian HashiCorp Certified: Terraform Associate HashiCorp Certified: Vault Associate Certification Information Systems Security Professional (CISSP) AWS Certified Security Specialty CompTIA Security+ Microsoft Certified: Security Engineer Associate
Long term contract role - remote rate is around $115 c2c CYBERSECURITY ENGINEER/ARCHITECT Must have very clear communication skills Mandatory Technical Skills: Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of IAM controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Additional Technical Skills: Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Desired Skills: Architecture Skills The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications ability to lead the exercise of collecting the required data to produce the deliverables Ability to articulate the requirements in technical and non technical language Ability to defend secure design and support it with real life scenarios Ability to articulate the risk and findings in business language Explain vulnerabilities and threats Threat modelling Recent attacks Application Security Focus Areas Secure Code Development Secure SDLC Secure Agile development Testing Security requirements Writing security stories Web Application Security Owasp 10 SAST and DAST Scan API Security CI/CD pipeline Integrate security tools Security testing Cloud Security Focus Area Shared Responsibility model Secure services in the cloud Infrastructure security in the cloud Secure boundaries Authentication & Authorization security services in the Cloud Cloud Native VS Third party security capabilities Container Security Container security life cycle Image scanning
17/09/2024
Project-based
Long term contract role - remote rate is around $115 c2c CYBERSECURITY ENGINEER/ARCHITECT Must have very clear communication skills Mandatory Technical Skills: Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of IAM controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Additional Technical Skills: Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Desired Skills: Architecture Skills The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications ability to lead the exercise of collecting the required data to produce the deliverables Ability to articulate the requirements in technical and non technical language Ability to defend secure design and support it with real life scenarios Ability to articulate the risk and findings in business language Explain vulnerabilities and threats Threat modelling Recent attacks Application Security Focus Areas Secure Code Development Secure SDLC Secure Agile development Testing Security requirements Writing security stories Web Application Security Owasp 10 SAST and DAST Scan API Security CI/CD pipeline Integrate security tools Security testing Cloud Security Focus Area Shared Responsibility model Secure services in the cloud Infrastructure security in the cloud Secure boundaries Authentication & Authorization security services in the Cloud Cloud Native VS Third party security capabilities Container Security Container security life cycle Image scanning
*We are unable to sponsor as this is a permanent Full time role* *Onsite 5 days a week in Tampa Bay, FL.* A prestigious company is looking for a Cybersecurity System Engineer. This is a jack of all trades system engineer working on cybersecurity and Windows/networking/end user system administration. They will mainly focus on threat monitoring, incident response, endpoint detection, PowerShell Scripting, and system administration. Responsibilities: Manage and monitor all infrastructure and system installations, including configurations, testing, and maintenance. Support the design, implementation, and maintenance of cybersecurity measures to protect the company's information systems and data Collaborate with senior team members to integrate security solutions into existing infrastructure Assisting in threat monitoring and incident response support Contribute to the development, updating, and enforcement of security policies and procedures. Participate in security audits and risk assessments and collaborate with team members to address security findings. Participate in activities to enhance the overall security awareness of the organization. Implement and maintain backups, security, and redundancy strategies. Identify potential issues and implement the best possible solutions. Craft custom scripts, increasing automation for IT processes. Use expert-level administration and optimization of hosts and Servers to ensure high availability and appropriate resource management. Standardize and automate processes and monitor, using Scripting technology. Install, configure, and patch operating systems, software, and hardware components, and clearly document the design, maintenance, and support procedures for routine tasks. Conduct high-level root-cause analysis for service interruption and establish preventive measures. Create reports and documentation outlining findings and solutions; oversee the overall backup strategy and daily operations for secure backups and restore testing. Manage and monitor all installed systems and infrastructure for the organization to be in line with company guidelines and established standard operating procedures. Install, configure, and test operating systems, application software, and system management tools. Ensure the highest level of systems and infrastructure availability. Plan and implement system automation for increased efficiency. Provide after-hours support on a rotational "on-call" basis and to work "off-hours" as needed. Qualifications: Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or years of experience in a similar position. Experience: Two (2) to Five (5) Years of technology and/or IT experience. Basic understanding of cybersecurity principles, technologies, and best practices. Experience as a Systems Engineer, preferably with a focus on Cybersecurity. Property and casualty industry experience preferred. Identity Access Management (IAM) Experience with vulnerability assessments, patching Servers and devices, and Endpoint Detection & Response (EDR) PowerShell Scripting knowledge Strong AD knowledge with a proficiency in GPO creation/troubleshooting. Experience with Windows Server 2016/2019, & 2022 environments and applications. Experience with AWS, AWS Workspaces, Azure, Entra ID and MS Exchange Online. Experience with Microsoft MECM, Deployment Toolkit, WSUS, SharePoint, SQL, and VMWare. SolarWinds and other network/systems monitoring tools preferred. Relevant certifications such as MSCE, MCSA, CCNA, CISSP, CISM, or CompTIA Security+ preferred but not required.
17/09/2024
Full time
*We are unable to sponsor as this is a permanent Full time role* *Onsite 5 days a week in Tampa Bay, FL.* A prestigious company is looking for a Cybersecurity System Engineer. This is a jack of all trades system engineer working on cybersecurity and Windows/networking/end user system administration. They will mainly focus on threat monitoring, incident response, endpoint detection, PowerShell Scripting, and system administration. Responsibilities: Manage and monitor all infrastructure and system installations, including configurations, testing, and maintenance. Support the design, implementation, and maintenance of cybersecurity measures to protect the company's information systems and data Collaborate with senior team members to integrate security solutions into existing infrastructure Assisting in threat monitoring and incident response support Contribute to the development, updating, and enforcement of security policies and procedures. Participate in security audits and risk assessments and collaborate with team members to address security findings. Participate in activities to enhance the overall security awareness of the organization. Implement and maintain backups, security, and redundancy strategies. Identify potential issues and implement the best possible solutions. Craft custom scripts, increasing automation for IT processes. Use expert-level administration and optimization of hosts and Servers to ensure high availability and appropriate resource management. Standardize and automate processes and monitor, using Scripting technology. Install, configure, and patch operating systems, software, and hardware components, and clearly document the design, maintenance, and support procedures for routine tasks. Conduct high-level root-cause analysis for service interruption and establish preventive measures. Create reports and documentation outlining findings and solutions; oversee the overall backup strategy and daily operations for secure backups and restore testing. Manage and monitor all installed systems and infrastructure for the organization to be in line with company guidelines and established standard operating procedures. Install, configure, and test operating systems, application software, and system management tools. Ensure the highest level of systems and infrastructure availability. Plan and implement system automation for increased efficiency. Provide after-hours support on a rotational "on-call" basis and to work "off-hours" as needed. Qualifications: Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or years of experience in a similar position. Experience: Two (2) to Five (5) Years of technology and/or IT experience. Basic understanding of cybersecurity principles, technologies, and best practices. Experience as a Systems Engineer, preferably with a focus on Cybersecurity. Property and casualty industry experience preferred. Identity Access Management (IAM) Experience with vulnerability assessments, patching Servers and devices, and Endpoint Detection & Response (EDR) PowerShell Scripting knowledge Strong AD knowledge with a proficiency in GPO creation/troubleshooting. Experience with Windows Server 2016/2019, & 2022 environments and applications. Experience with AWS, AWS Workspaces, Azure, Entra ID and MS Exchange Online. Experience with Microsoft MECM, Deployment Toolkit, WSUS, SharePoint, SQL, and VMWare. SolarWinds and other network/systems monitoring tools preferred. Relevant certifications such as MSCE, MCSA, CCNA, CISSP, CISM, or CompTIA Security+ preferred but not required.
Contract - Cybersecurity Infrastructure Engineer/Architect Rate: Open Location: Remote in the United States *We are unable to provide sponsorship for this role* Qualifications 8+ years of Security Infrastructure focus with an emphasis on the following: Security Design, Infrastructure security, Cloud migration, Citrix cloud, SDWAN security, VPN, GitHub security, MS Power platform, MS co-pilot Experienced in large enterprise environments is a must Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of identity and access management controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Responsibilities Contributes to a team that ensures the security of enterprise data and systems by developing enterprise information security solutions. Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats. Researches, designs, and develops new enterprise technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Serves as a security expert in one or more of application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture. Engages with security specialists and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements. Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks.
17/09/2024
Project-based
Contract - Cybersecurity Infrastructure Engineer/Architect Rate: Open Location: Remote in the United States *We are unable to provide sponsorship for this role* Qualifications 8+ years of Security Infrastructure focus with an emphasis on the following: Security Design, Infrastructure security, Cloud migration, Citrix cloud, SDWAN security, VPN, GitHub security, MS Power platform, MS co-pilot Experienced in large enterprise environments is a must Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of identity and access management controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Responsibilities Contributes to a team that ensures the security of enterprise data and systems by developing enterprise information security solutions. Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats. Researches, designs, and develops new enterprise technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Serves as a security expert in one or more of application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture. Engages with security specialists and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements. Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks.
Network Infrastructure Engineer Permanent £40,000 - £55,000 Depending on experience Full time onsite to begin - Hybrid working after probation My client are seeking a talented and ambitious Network Engineer to join them on a permanent basis where you will play a crucial role in ensuring the smooth operation of the network infrastructure and supporting Back Office systems. This role requires a combination of technical expertise in networking, IT systems and some cybersecurity, as well as strong problem-solving and communication skills. Network Infrastructure Support: Implement and maintain the company's network infrastructure, including Routers, Switches, Firewalls, and wireless access points. Configure and optimize network protocols and services, such as TCP/IP, VLANs, VPNs, and DHCP. Conduct, in collaboration with the InfoSec team, regular network audits and security assessments to identify vulnerabilities and ensure compliance with cybersecurity best practices and industry standards. Implement and maintain cybersecurity technical measures to protect the organization's network infrastructure and data assets. Configure and manage security devices such as Firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection solutions. Monitor network traffic and security logs to detect unauthorized access or suspicious activity, and respond promptly to security incidents. Required skills, knowledge and experience: Strong experience in network engineering. Good experience in general IT Infrastructure Some knowledge and experience in cybersecurity. Strong knowledge of networking concepts, protocols, and technologies, such as TCP/IP, DNS, DHCP, VLANS, and routing protocols. Hands-on experience with network security technologies and tools, such as Firewalls, IDS/IPS, SIEM solutions, and antivirus software. Proficiency in managing Windows and Linux server environments, including ctive Directory, Exchange, and SQL Server, Experience with cybersecurity frameworks and compliance standards (eg, NIST, ISO 27001, GDPR). Excellent problem-solving skills and attention to detail with the ability to prioritize and manage multiple tasks in a fast-paced environment. Strong communication and interpersonal skills, with the ability to work effectively both independently and as part of a team. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
17/09/2024
Full time
Network Infrastructure Engineer Permanent £40,000 - £55,000 Depending on experience Full time onsite to begin - Hybrid working after probation My client are seeking a talented and ambitious Network Engineer to join them on a permanent basis where you will play a crucial role in ensuring the smooth operation of the network infrastructure and supporting Back Office systems. This role requires a combination of technical expertise in networking, IT systems and some cybersecurity, as well as strong problem-solving and communication skills. Network Infrastructure Support: Implement and maintain the company's network infrastructure, including Routers, Switches, Firewalls, and wireless access points. Configure and optimize network protocols and services, such as TCP/IP, VLANs, VPNs, and DHCP. Conduct, in collaboration with the InfoSec team, regular network audits and security assessments to identify vulnerabilities and ensure compliance with cybersecurity best practices and industry standards. Implement and maintain cybersecurity technical measures to protect the organization's network infrastructure and data assets. Configure and manage security devices such as Firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection solutions. Monitor network traffic and security logs to detect unauthorized access or suspicious activity, and respond promptly to security incidents. Required skills, knowledge and experience: Strong experience in network engineering. Good experience in general IT Infrastructure Some knowledge and experience in cybersecurity. Strong knowledge of networking concepts, protocols, and technologies, such as TCP/IP, DNS, DHCP, VLANS, and routing protocols. Hands-on experience with network security technologies and tools, such as Firewalls, IDS/IPS, SIEM solutions, and antivirus software. Proficiency in managing Windows and Linux server environments, including ctive Directory, Exchange, and SQL Server, Experience with cybersecurity frameworks and compliance standards (eg, NIST, ISO 27001, GDPR). Excellent problem-solving skills and attention to detail with the ability to prioritize and manage multiple tasks in a fast-paced environment. Strong communication and interpersonal skills, with the ability to work effectively both independently and as part of a team. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
My client is looking for an experienced IT Infrastructure engineer to oversee and manager the day-to-day operation of their IT infrastructure. The role requires strong technical knowledge, collaboration with third-party support providers, and the ability to drive continuous improvements to our systems. You will be integral in maintaining the security, performance, and availability of the infrastructure, ensuring it meets the needs of the business. Key Responsibilities : Infrastructure Management : Oversee and support the daily operations of the organisation's IT infrastructure, working with external IT service partners. Monitor system performance to ensure efficient service delivery and coordinate system upgrades in line with change management processes. IT Service & Support : Provide second and third-line support to internal teams and external IT service partners, resolving issues effectively. Manage user access to infrastructure and applications in line with company policies. Vendor and Supplier Management : Collaborate with third-party vendors to ensure project deadlines and deliverables are met. Provide support to IT service desks and escalate issues to external experts when necessary. Information Security : Maintain and deliver Cyber Essentials certification. Monitor the organisation's M365 security score, implement improvements, and manage configuration and policies in Microsoft Intune. Oversee endpoint vulnerability management, Firewall settings, antivirus deployments, and email security. Cloud Services : Ensure that all third-party cloud services are aligned with the company's security policies and risk management frameworks. Project Management : Report on project progress, including milestone achievements and budget considerations. Lead IT infrastructure projects in line with the overall technology strategy. Software Management : Maintain and develop SharePoint environments, manage SSO integrations, and oversee the group's telephony and mobile infrastructure, ensuring that policies are consistently applied across all devices. Business Continuity and Disaster Recovery : Ensure that data backup solutions are in place, regularly tested, and fully operational. Lead disaster recovery testing efforts and contribute to business continuity planning. Ideal Candidate Profile : Qualifications such as MCSE, MCP, or CCNA, and ideally a degree or equivalent in IT. Experience delivering proactive IT support, particularly in Office 365 and Azure environments. Familiarity with regulated environments or frameworks such as ITIL or Cyber Essentials. Hands-on experience with Active Directory (O365 environment), Microsoft Intune, Defender, LAN/WAN, Firewalls, routing, and email/web security systems. Working knowledge of Cisco or Meraki networking equipment. Experience managing structured service environments, including incident, change, and problem management with SLA commitments. Personal Skills : Excellent verbal and written communication skills, with the ability to translate complex technical issues into accessible language. Self-motivated and driven to achieve high standards, with the ability to work autonomously. Strong team player, able to work collaboratively to achieve shared goals. Methodical approach to technical tasks, with a focus on effective implementation.
16/09/2024
Full time
My client is looking for an experienced IT Infrastructure engineer to oversee and manager the day-to-day operation of their IT infrastructure. The role requires strong technical knowledge, collaboration with third-party support providers, and the ability to drive continuous improvements to our systems. You will be integral in maintaining the security, performance, and availability of the infrastructure, ensuring it meets the needs of the business. Key Responsibilities : Infrastructure Management : Oversee and support the daily operations of the organisation's IT infrastructure, working with external IT service partners. Monitor system performance to ensure efficient service delivery and coordinate system upgrades in line with change management processes. IT Service & Support : Provide second and third-line support to internal teams and external IT service partners, resolving issues effectively. Manage user access to infrastructure and applications in line with company policies. Vendor and Supplier Management : Collaborate with third-party vendors to ensure project deadlines and deliverables are met. Provide support to IT service desks and escalate issues to external experts when necessary. Information Security : Maintain and deliver Cyber Essentials certification. Monitor the organisation's M365 security score, implement improvements, and manage configuration and policies in Microsoft Intune. Oversee endpoint vulnerability management, Firewall settings, antivirus deployments, and email security. Cloud Services : Ensure that all third-party cloud services are aligned with the company's security policies and risk management frameworks. Project Management : Report on project progress, including milestone achievements and budget considerations. Lead IT infrastructure projects in line with the overall technology strategy. Software Management : Maintain and develop SharePoint environments, manage SSO integrations, and oversee the group's telephony and mobile infrastructure, ensuring that policies are consistently applied across all devices. Business Continuity and Disaster Recovery : Ensure that data backup solutions are in place, regularly tested, and fully operational. Lead disaster recovery testing efforts and contribute to business continuity planning. Ideal Candidate Profile : Qualifications such as MCSE, MCP, or CCNA, and ideally a degree or equivalent in IT. Experience delivering proactive IT support, particularly in Office 365 and Azure environments. Familiarity with regulated environments or frameworks such as ITIL or Cyber Essentials. Hands-on experience with Active Directory (O365 environment), Microsoft Intune, Defender, LAN/WAN, Firewalls, routing, and email/web security systems. Working knowledge of Cisco or Meraki networking equipment. Experience managing structured service environments, including incident, change, and problem management with SLA commitments. Personal Skills : Excellent verbal and written communication skills, with the ability to translate complex technical issues into accessible language. Self-motivated and driven to achieve high standards, with the ability to work autonomously. Strong team player, able to work collaboratively to achieve shared goals. Methodical approach to technical tasks, with a focus on effective implementation.