Ready to join a long-established and trusted Lake District IT & Website Development Company with arguably one of the best office views in the UK? We are looking for a talented 2nd/3rd line engineer to join our amazing engineering team. Role info: 2nd Line/3rd IT Support Engineer Keswick, Lake District/Remote Flexibility - Accessible from Carlisle, Cockermouth, Penrith Workington & Windermere £30,000 - £37,000 depending on experience Culture: Providing Professional Services with Integrity Through Teamwork and Continuous Learning Company: Established Proactive IT Support & Bespoke Website Design. Your Background: IT Support, User Desktop Support, Server and Cloud Service Support, IP Networks, Windows Servers, MSP Sectors: IT, Customer Support, IT Support Who we are: We are an IT & Digital Services company, covering managed services contracts, Servers and network installations, wired & wireless networks, VOIP and website design and hosting. KCS offices are located in the Lake District National Park, with stunning views overlooking the breath-taking Skiddaw Massif and beyond. The area is a hub for top-class outdoor activities with some of the finest walks and outdoor goings-on in the country. This role is physically based at our office just outside Keswick and there is flexibility to allow for 1 to 2 days of remote working. The 2nd/3rd Line IT Support Engineer role: A Managed Service Provider (MSP) is a special type of IT support company. Unlike a network administrator who may get to perform one network upgrade every three years, our engineering team performs multiple network upgrade projects every year. It is essential that our team keep current with the latest industry software and cloud services stacks and can complete these network projects on time and on budget. You will be working within a Team supporting a wide range of Servers, networks and services from small to medium-sized businesses whilst keeping up to date with IT technologies. The position also involves supporting peers and juniors in their roles. Key Responsibilities: + Designing, quoting, implementing and supporting of Windows Server infrastructures and associated networks/backup solutions including cloud solutions when required. + Contracting incident/change support for our regional Cumbrian and further afield client base involving support via telephone, remote and on-site methods. + Working to NCSC's Cyber Essentials v3 specification as a minimum-security standard. About you: Essential Technical Experience: + Three or more years of IT support experience. + Demonstrable troubleshooting skills that range from user desktop support to server and cloud services. + Experience with Windows Server 2016/19/22, Remote Desktop Services, Hyper-V, and Active Directory. + Desktop support including email clients, and Internet connection troubleshooting. + Office software, printer installations, and general problem diagnostics procedures. + Use of currently supported Microsoft Desktop and Server Operating Systems and M365 cloud platforms. + Backup, Continuity and Disaster Recovery (BCDR) solutions and restoration procedures. + Fundamental knowledge of IP Networks. Desired Technical Experience: + Experience with MSP software such as ConnectWise Manage/Ninja RMM. + Exposure to HP desktop/laptop and server platforms. Hands-on working knowledge of server hardware, RAID etc. + Wi-Fi networks including point-to-point Wi-Fi links. + VoIP telecommunications exposure. + Knowledge of IP Networks. + Knowledge of one of the mainstream Firewall/networking brands - Draytek, Fortinet, Cisco, Ubiquiti etc. + Knowledge of Veeam, ShadowProtect, Datto, and ESET solutions would be a bonus. Non-Technical Skills: Essential Skills: + Good planning, follow-through, and documentation skills. + Adaptable interpersonal skills as you will be dealing with customers in all positions from the board level downwards. + Capability to autonomously self-assign workloads and schedule others as part of the team. + Well presented alongside good written and verbal English skills. + Full valid UK driver's licence. Desired Skills: + Ability to work from home using equipment assigned by us. + Recent Microsoft or industry certifications and a willingness to upgrade certifications and partake in continued personal development. Interested? Apply here for a fast-track path to the Hiring Manager Your Previous Experience/Background Might Include: IT Support Technician, Technical Support Analyst, Helpdesk Support Technician, Associate IT Support Engineer, IT Support Specialist, Desktop Support, Desktop Support Engineer. Application notice We take your privacy seriously. When you apply, we shall process your details and pass your application to our client for review for this vacancy only. As you might expect we may contact you by email, text or telephone. Your data is processed on the basis of our legitimate interests in fulfilling the recruitment process. Please refer to our Data Privacy Policy & Notice on our website for further details. If you have any pre-application questions please contact us first quoting the job title & ref. Good luck, Team RR.
27/09/2023
Full time
Ready to join a long-established and trusted Lake District IT & Website Development Company with arguably one of the best office views in the UK? We are looking for a talented 2nd/3rd line engineer to join our amazing engineering team. Role info: 2nd Line/3rd IT Support Engineer Keswick, Lake District/Remote Flexibility - Accessible from Carlisle, Cockermouth, Penrith Workington & Windermere £30,000 - £37,000 depending on experience Culture: Providing Professional Services with Integrity Through Teamwork and Continuous Learning Company: Established Proactive IT Support & Bespoke Website Design. Your Background: IT Support, User Desktop Support, Server and Cloud Service Support, IP Networks, Windows Servers, MSP Sectors: IT, Customer Support, IT Support Who we are: We are an IT & Digital Services company, covering managed services contracts, Servers and network installations, wired & wireless networks, VOIP and website design and hosting. KCS offices are located in the Lake District National Park, with stunning views overlooking the breath-taking Skiddaw Massif and beyond. The area is a hub for top-class outdoor activities with some of the finest walks and outdoor goings-on in the country. This role is physically based at our office just outside Keswick and there is flexibility to allow for 1 to 2 days of remote working. The 2nd/3rd Line IT Support Engineer role: A Managed Service Provider (MSP) is a special type of IT support company. Unlike a network administrator who may get to perform one network upgrade every three years, our engineering team performs multiple network upgrade projects every year. It is essential that our team keep current with the latest industry software and cloud services stacks and can complete these network projects on time and on budget. You will be working within a Team supporting a wide range of Servers, networks and services from small to medium-sized businesses whilst keeping up to date with IT technologies. The position also involves supporting peers and juniors in their roles. Key Responsibilities: + Designing, quoting, implementing and supporting of Windows Server infrastructures and associated networks/backup solutions including cloud solutions when required. + Contracting incident/change support for our regional Cumbrian and further afield client base involving support via telephone, remote and on-site methods. + Working to NCSC's Cyber Essentials v3 specification as a minimum-security standard. About you: Essential Technical Experience: + Three or more years of IT support experience. + Demonstrable troubleshooting skills that range from user desktop support to server and cloud services. + Experience with Windows Server 2016/19/22, Remote Desktop Services, Hyper-V, and Active Directory. + Desktop support including email clients, and Internet connection troubleshooting. + Office software, printer installations, and general problem diagnostics procedures. + Use of currently supported Microsoft Desktop and Server Operating Systems and M365 cloud platforms. + Backup, Continuity and Disaster Recovery (BCDR) solutions and restoration procedures. + Fundamental knowledge of IP Networks. Desired Technical Experience: + Experience with MSP software such as ConnectWise Manage/Ninja RMM. + Exposure to HP desktop/laptop and server platforms. Hands-on working knowledge of server hardware, RAID etc. + Wi-Fi networks including point-to-point Wi-Fi links. + VoIP telecommunications exposure. + Knowledge of IP Networks. + Knowledge of one of the mainstream Firewall/networking brands - Draytek, Fortinet, Cisco, Ubiquiti etc. + Knowledge of Veeam, ShadowProtect, Datto, and ESET solutions would be a bonus. Non-Technical Skills: Essential Skills: + Good planning, follow-through, and documentation skills. + Adaptable interpersonal skills as you will be dealing with customers in all positions from the board level downwards. + Capability to autonomously self-assign workloads and schedule others as part of the team. + Well presented alongside good written and verbal English skills. + Full valid UK driver's licence. Desired Skills: + Ability to work from home using equipment assigned by us. + Recent Microsoft or industry certifications and a willingness to upgrade certifications and partake in continued personal development. Interested? Apply here for a fast-track path to the Hiring Manager Your Previous Experience/Background Might Include: IT Support Technician, Technical Support Analyst, Helpdesk Support Technician, Associate IT Support Engineer, IT Support Specialist, Desktop Support, Desktop Support Engineer. Application notice We take your privacy seriously. When you apply, we shall process your details and pass your application to our client for review for this vacancy only. As you might expect we may contact you by email, text or telephone. Your data is processed on the basis of our legitimate interests in fulfilling the recruitment process. Please refer to our Data Privacy Policy & Notice on our website for further details. If you have any pre-application questions please contact us first quoting the job title & ref. Good luck, Team RR.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking a Incident Response SIEM Cyber Defense Engineer. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security initiatives and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. Responsibilities: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Lead the development and enhancement of current threat and situational intelligence sources leveraging proprietary enterprise data, as well as a variety of external sources and open source data. Actively monitor and research cyber threats with a direct or indirect impact to the brand, business operations, or technology infrastructure. Develop and support briefings to Security management as a cyber intelligence subject matter expert. Create and conduct presentations on current threats and related IT Security topics. Oversee process of monthly reporting to Security management on Threat, Vulnerability, and Incident management metrics. Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives. Lead various teams to operationalize remediation efforts for gaps identified. Develop and implement security monitoring roadmaps for technologies, applications, SaaS, and other cloud-hosted solutions. These roadmaps will direct efforts on implementation of monitoring use cases and measurement of monitoring capabilities. Manage, implement, and validate security monitoring use cases, mapping to frameworks, technical configuration for security tools, etc. Security Device Administration Manage security tools including appliances, hosted systems, and SaaS including health checks, version updates, and content development. Validate content changes to security tools are appropriate from other analysts and teams. Report on and enhance current metrics surrounding security tool capabilities and efficacy. Take a lead role in the systems life cycle performing upgrades, implementation of new technologies, and enhancement identification. Qualifications : Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Proficient with Security related service and process assessments and evaluations based on NIST, COBIT, ISO and/or ITIL standards. Knowledge and experience implementing controls based on security regulation. eg NIST Cyber Security Framework Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Proven experience in developing and providing threat and situational intelligence from a variety of internal and external sources. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. Technical Skills: Implementation and maintenance of SIEM (Splunk, ArcSight, IBM QRadar, etc.) Vulnerability assessment tools (Qualys, Nessus, nmap, etc.) Incident Response playbook development managing incident analysis and remediation Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Other Security preventative and detective technologies (EDR, network-based analysis, etc.) Encryption technologies (PGP, PKI and X.509) Standard technical writing tools including MS Word, Excel, Project and Visio Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Proxy and caching services. Client Server platforms including Sun Solaris, Windows, Linux. Operating system hardening procedures (Solaris, Linux, Windows, etc.) LAN/WAN routing and high availability (OSPF, BGP4/iBGP, EIGRP and NSRP). Web Application Firewalls. Cloud based security tools and techniques (AWS, Azure, Google Cloud Platform, etc.) Security Orchestration and Automated Response tools and concepts. Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices Bachelors degree in Computer Science, Engineering, or another related field. Minimum six years of information security experience, preferably in the financial services industry. Minimum three years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Industry knowledge of leading-edge security technologies and methods Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities Previous people/project management experience is a plus. Certificates or Licenses: Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CCE, CFE
25/09/2023
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking a Incident Response SIEM Cyber Defense Engineer. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security initiatives and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. Responsibilities: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Lead the development and enhancement of current threat and situational intelligence sources leveraging proprietary enterprise data, as well as a variety of external sources and open source data. Actively monitor and research cyber threats with a direct or indirect impact to the brand, business operations, or technology infrastructure. Develop and support briefings to Security management as a cyber intelligence subject matter expert. Create and conduct presentations on current threats and related IT Security topics. Oversee process of monthly reporting to Security management on Threat, Vulnerability, and Incident management metrics. Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives. Lead various teams to operationalize remediation efforts for gaps identified. Develop and implement security monitoring roadmaps for technologies, applications, SaaS, and other cloud-hosted solutions. These roadmaps will direct efforts on implementation of monitoring use cases and measurement of monitoring capabilities. Manage, implement, and validate security monitoring use cases, mapping to frameworks, technical configuration for security tools, etc. Security Device Administration Manage security tools including appliances, hosted systems, and SaaS including health checks, version updates, and content development. Validate content changes to security tools are appropriate from other analysts and teams. Report on and enhance current metrics surrounding security tool capabilities and efficacy. Take a lead role in the systems life cycle performing upgrades, implementation of new technologies, and enhancement identification. Qualifications : Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Proficient with Security related service and process assessments and evaluations based on NIST, COBIT, ISO and/or ITIL standards. Knowledge and experience implementing controls based on security regulation. eg NIST Cyber Security Framework Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Proven experience in developing and providing threat and situational intelligence from a variety of internal and external sources. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. Technical Skills: Implementation and maintenance of SIEM (Splunk, ArcSight, IBM QRadar, etc.) Vulnerability assessment tools (Qualys, Nessus, nmap, etc.) Incident Response playbook development managing incident analysis and remediation Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Other Security preventative and detective technologies (EDR, network-based analysis, etc.) Encryption technologies (PGP, PKI and X.509) Standard technical writing tools including MS Word, Excel, Project and Visio Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Proxy and caching services. Client Server platforms including Sun Solaris, Windows, Linux. Operating system hardening procedures (Solaris, Linux, Windows, etc.) LAN/WAN routing and high availability (OSPF, BGP4/iBGP, EIGRP and NSRP). Web Application Firewalls. Cloud based security tools and techniques (AWS, Azure, Google Cloud Platform, etc.) Security Orchestration and Automated Response tools and concepts. Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices Bachelors degree in Computer Science, Engineering, or another related field. Minimum six years of information security experience, preferably in the financial services industry. Minimum three years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Industry knowledge of leading-edge security technologies and methods Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities Previous people/project management experience is a plus. Certificates or Licenses: Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CCE, CFE
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking a Incident Response SIEM Cyber Defense Engineer. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security initiatives and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. Responsibilities: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Lead the development and enhancement of current threat and situational intelligence sources leveraging proprietary enterprise data, as well as a variety of external sources and open source data. Actively monitor and research cyber threats with a direct or indirect impact to the brand, business operations, or technology infrastructure. Develop and support briefings to Security management as a cyber intelligence subject matter expert. Create and conduct presentations on current threats and related IT Security topics. Oversee process of monthly reporting to Security management on Threat, Vulnerability, and Incident management metrics. Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives. Lead various teams to operationalize remediation efforts for gaps identified. Develop and implement security monitoring roadmaps for technologies, applications, SaaS, and other cloud-hosted solutions. These roadmaps will direct efforts on implementation of monitoring use cases and measurement of monitoring capabilities. Manage, implement, and validate security monitoring use cases, mapping to frameworks, technical configuration for security tools, etc. Security Device Administration Manage security tools including appliances, hosted systems, and SaaS including health checks, version updates, and content development. Validate content changes to security tools are appropriate from other analysts and teams. Report on and enhance current metrics surrounding security tool capabilities and efficacy. Take a lead role in the systems life cycle performing upgrades, implementation of new technologies, and enhancement identification. Qualifications : Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Proficient with Security related service and process assessments and evaluations based on NIST, COBIT, ISO and/or ITIL standards. Knowledge and experience implementing controls based on security regulation. eg NIST Cyber Security Framework Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Proven experience in developing and providing threat and situational intelligence from a variety of internal and external sources. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. Technical Skills: Implementation and maintenance of SIEM (Splunk, ArcSight, IBM QRadar, etc.) Vulnerability assessment tools (Qualys, Nessus, nmap, etc.) Incident Response playbook development managing incident analysis and remediation Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Other Security preventative and detective technologies (EDR, network-based analysis, etc.) Encryption technologies (PGP, PKI and X.509) Standard technical writing tools including MS Word, Excel, Project and Visio Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Proxy and caching services. Client Server platforms including Sun Solaris, Windows, Linux. Operating system hardening procedures (Solaris, Linux, Windows, etc.) LAN/WAN routing and high availability (OSPF, BGP4/iBGP, EIGRP and NSRP). Web Application Firewalls. Cloud based security tools and techniques (AWS, Azure, Google Cloud Platform, etc.) Security Orchestration and Automated Response tools and concepts. Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices Bachelors degree in Computer Science, Engineering, or another related field. Minimum six years of information security experience, preferably in the financial services industry. Minimum three years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Industry knowledge of leading-edge security technologies and methods Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities Previous people/project management experience is a plus. Certificates or Licenses: Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CCE, CFE
25/09/2023
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking a Incident Response SIEM Cyber Defense Engineer. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security initiatives and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. Responsibilities: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Lead the development and enhancement of current threat and situational intelligence sources leveraging proprietary enterprise data, as well as a variety of external sources and open source data. Actively monitor and research cyber threats with a direct or indirect impact to the brand, business operations, or technology infrastructure. Develop and support briefings to Security management as a cyber intelligence subject matter expert. Create and conduct presentations on current threats and related IT Security topics. Oversee process of monthly reporting to Security management on Threat, Vulnerability, and Incident management metrics. Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives. Lead various teams to operationalize remediation efforts for gaps identified. Develop and implement security monitoring roadmaps for technologies, applications, SaaS, and other cloud-hosted solutions. These roadmaps will direct efforts on implementation of monitoring use cases and measurement of monitoring capabilities. Manage, implement, and validate security monitoring use cases, mapping to frameworks, technical configuration for security tools, etc. Security Device Administration Manage security tools including appliances, hosted systems, and SaaS including health checks, version updates, and content development. Validate content changes to security tools are appropriate from other analysts and teams. Report on and enhance current metrics surrounding security tool capabilities and efficacy. Take a lead role in the systems life cycle performing upgrades, implementation of new technologies, and enhancement identification. Qualifications : Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Proficient with Security related service and process assessments and evaluations based on NIST, COBIT, ISO and/or ITIL standards. Knowledge and experience implementing controls based on security regulation. eg NIST Cyber Security Framework Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Proven experience in developing and providing threat and situational intelligence from a variety of internal and external sources. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. Technical Skills: Implementation and maintenance of SIEM (Splunk, ArcSight, IBM QRadar, etc.) Vulnerability assessment tools (Qualys, Nessus, nmap, etc.) Incident Response playbook development managing incident analysis and remediation Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Other Security preventative and detective technologies (EDR, network-based analysis, etc.) Encryption technologies (PGP, PKI and X.509) Standard technical writing tools including MS Word, Excel, Project and Visio Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Proxy and caching services. Client Server platforms including Sun Solaris, Windows, Linux. Operating system hardening procedures (Solaris, Linux, Windows, etc.) LAN/WAN routing and high availability (OSPF, BGP4/iBGP, EIGRP and NSRP). Web Application Firewalls. Cloud based security tools and techniques (AWS, Azure, Google Cloud Platform, etc.) Security Orchestration and Automated Response tools and concepts. Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices Bachelors degree in Computer Science, Engineering, or another related field. Minimum six years of information security experience, preferably in the financial services industry. Minimum three years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Industry knowledge of leading-edge security technologies and methods Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities Previous people/project management experience is a plus. Certificates or Licenses: Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CCE, CFE
