Senior Cyber Security Architect Salary upto £80,000 Description: Since our establishment in 1990, Methods has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK. Our mission is to improve and safeguard public-facing services. We apply digital thinking to ensure the future of our public services is centred around our citizens. Our human touch sets us apart from other consultancies, system integrators and software houses - we have a customer-centric value system whereby we focus on delivering what is right for our clients. We passionately support our clients in the success of their projects while working collaboratively to share skill sets and solve problems. At Methods we have fun while working hard; we are not afraid of making mistakes and learning from them. Methods are experts in delivering secure, resilient cyber and information services - keeping systems and data safe. We help reduce risk and vulnerabilities from cyber-attacks by developing a security road-map tailored to your unique needs. We help organisations improve processes such as threat management by building an identity management programme, and establishing prevention, detection and response capabilities to cyber-attacks. Requirements Ability to research, articulate, pitch complex and innovative security advice, at both business and technical levels, for new or existing problems, with the objective to justify and communicate decisions directly to key customer stakeholders including senior management. Able to understand and comprehend the impact of decisions, balancing requirements and deciding between approaches Develop vision, principles and strategy for security for multiple projects or technologies; working in a particular field as subject matter expert, to support a team in delivering engagements at scale, which may require subtle security needs and requirements, contributing to development of information security policy, standards, procedures and guidelines. Effective business acumen and an understanding of the cyber security challenges faced by client, with the objective to develop our cyber assurance practice, by supporting business development and practice management. Experience of identifying and applying security risk and familiarity with common control frameworks, with the ability investigating major breaches of security and recommending appropriate control improvements. Maintaining awareness of key business and industry trends and understanding how they impact responses to cyber risk, with the contribution of the development of our team through training and coaching. Managing, delivering, leading cyber security and cyber risk assignments, with the management of portfolio of clients, across a variety of sectors and locations, including producing documentation, presentation, reports, recommendations and quality assuring, for the work produced by team members and being the point of escalation for lower grade roles. Providing our clients with trusted advice, rooted in a pragmatic and agnostic understanding of their business situation and objectives, to help them navigate complex, risk-driven cyber decisions. Working as a subject matter expert in your particular field, owning and delivering initiatives to embed quality through learning and other activity, working seamlessly and collaboratively with colleagues and clients from other service lines, supporting a team or colleagues to deliver engagements at scale, with the appropriate reach and influence across the teams and communities. Managing diverse teams within an inclusive team culture where people are recognised and encouraged for their contribution. Essential Skills and Experience: An experienced consultant with a background in Cyber Security Minimum 5-7 years of experience in Information Security related positions Minimum 3-5 years of experience in security architecture Cyber Security Certification eg ISC2 CISSP, ISC2 CCSP, ISACA CISM or similar Certification in AWS or Azure for Architecture and Security or similar IASME/Cyber Essentials Plus Certified Expert knowledge of secure network architecture and technical design Experience in creating secure architecture in either AWS and/or Azure Experience providing expert strategy, risk and technical advice, guidance and support on cyber security, both in business-as-usual and for live and planned projects within our clients' business. Expected to be the point of escalation for architects in lower grade roles and lead technical design of systems and services Broad range of cyber and information security skills, knowledge and experience such as security threats and vulnerabilities that impact/and/or emanate from system hardware, software and other infrastructure components, and relevant strategies, controls and activities to prevent, mitigate, detect and resolve security incidents affecting system hardware, software and other infrastructure components. Experience in gap analysis for specific domains, identify gaps in existing capabilities, service maturity. Identify missing cybersecurity and cyber-resiliency capabilities in alignment with changing business needs, threat land scape and technical requirements to increase the quality of the selected solutions also including topics such as products' convergence over time and products decommissioning. Expert knowledge of identifying, developing and communicating threat modelling and understanding the impact of decisions, balancing requirements and deciding between approaches Research and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate subtle design decisions Able to develop vision, principles and strategy for security architects for projects or technologies Demonstrably experienced in working as an effective member of a multi-disciplinary team and reach & influence a wide range of people across larger teams and communities. Excellent stakeholder management, presentation and communication skills, with the ability to interact with senior stakeholders across department and clients Pro-active approach to personal and professional development. Work closely with your peers in the security architecture group, service and solution architects, engineers, project teams. Must hold, or be able to hold, an HMG Security Check (SC) clearance. Ability to apply standards, practices, codes and assessment of certification programmes relevant to the IT industry and the specific organisation or business domain. Experience in writing and creating Cyber Security documents ie Risk Assessments, ESRM, DPIA etc and produce particular patterns and support quality assurance Knowledge of the IT/IS infrastructure (eg databases and LANs) and the IT applications and service processes used within own organisation, including those associated with sustainability and efficiency. Ability to use any tool or system which provides security access control (eg Active Directory) Showing proficiency in the principles and application of cloud/virtualisation (including ownership responsibilities and security implications) and be able to use tools and systems to manage virtualised environments eg Server/desktop virtualisation and SDDC (Software Defined Data Centre). Benefits Holiday: 25 days a year, plus bank holidays, with the option to buy 5 extra days each year Pension: 4% employer contribution and 5% employee contribution Discretionary bonus: based on company and individual performance Life assurance: 4 times base salary Private medical insurance: non-contributory (spouse and dependants included) Worldwide travel insurance: non-contributory (spouse and dependants included) Enhanced maternity and paternity leave after 18 months service Wellness: 24/7 confidential employee assistance programme, including counselling Social: Parties and social events, and commitment to charitable causes Professional development: access to LinkedIn Learning, and discretionary training budget Travel: season ticket loan, cycle to work scheme Development access to LinkedIn Learning, a management development programme and training Wellness 24/7 Confidential employee assistance programme
16/09/2024
Full time
Senior Cyber Security Architect Salary upto £80,000 Description: Since our establishment in 1990, Methods has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK. Our mission is to improve and safeguard public-facing services. We apply digital thinking to ensure the future of our public services is centred around our citizens. Our human touch sets us apart from other consultancies, system integrators and software houses - we have a customer-centric value system whereby we focus on delivering what is right for our clients. We passionately support our clients in the success of their projects while working collaboratively to share skill sets and solve problems. At Methods we have fun while working hard; we are not afraid of making mistakes and learning from them. Methods are experts in delivering secure, resilient cyber and information services - keeping systems and data safe. We help reduce risk and vulnerabilities from cyber-attacks by developing a security road-map tailored to your unique needs. We help organisations improve processes such as threat management by building an identity management programme, and establishing prevention, detection and response capabilities to cyber-attacks. Requirements Ability to research, articulate, pitch complex and innovative security advice, at both business and technical levels, for new or existing problems, with the objective to justify and communicate decisions directly to key customer stakeholders including senior management. Able to understand and comprehend the impact of decisions, balancing requirements and deciding between approaches Develop vision, principles and strategy for security for multiple projects or technologies; working in a particular field as subject matter expert, to support a team in delivering engagements at scale, which may require subtle security needs and requirements, contributing to development of information security policy, standards, procedures and guidelines. Effective business acumen and an understanding of the cyber security challenges faced by client, with the objective to develop our cyber assurance practice, by supporting business development and practice management. Experience of identifying and applying security risk and familiarity with common control frameworks, with the ability investigating major breaches of security and recommending appropriate control improvements. Maintaining awareness of key business and industry trends and understanding how they impact responses to cyber risk, with the contribution of the development of our team through training and coaching. Managing, delivering, leading cyber security and cyber risk assignments, with the management of portfolio of clients, across a variety of sectors and locations, including producing documentation, presentation, reports, recommendations and quality assuring, for the work produced by team members and being the point of escalation for lower grade roles. Providing our clients with trusted advice, rooted in a pragmatic and agnostic understanding of their business situation and objectives, to help them navigate complex, risk-driven cyber decisions. Working as a subject matter expert in your particular field, owning and delivering initiatives to embed quality through learning and other activity, working seamlessly and collaboratively with colleagues and clients from other service lines, supporting a team or colleagues to deliver engagements at scale, with the appropriate reach and influence across the teams and communities. Managing diverse teams within an inclusive team culture where people are recognised and encouraged for their contribution. Essential Skills and Experience: An experienced consultant with a background in Cyber Security Minimum 5-7 years of experience in Information Security related positions Minimum 3-5 years of experience in security architecture Cyber Security Certification eg ISC2 CISSP, ISC2 CCSP, ISACA CISM or similar Certification in AWS or Azure for Architecture and Security or similar IASME/Cyber Essentials Plus Certified Expert knowledge of secure network architecture and technical design Experience in creating secure architecture in either AWS and/or Azure Experience providing expert strategy, risk and technical advice, guidance and support on cyber security, both in business-as-usual and for live and planned projects within our clients' business. Expected to be the point of escalation for architects in lower grade roles and lead technical design of systems and services Broad range of cyber and information security skills, knowledge and experience such as security threats and vulnerabilities that impact/and/or emanate from system hardware, software and other infrastructure components, and relevant strategies, controls and activities to prevent, mitigate, detect and resolve security incidents affecting system hardware, software and other infrastructure components. Experience in gap analysis for specific domains, identify gaps in existing capabilities, service maturity. Identify missing cybersecurity and cyber-resiliency capabilities in alignment with changing business needs, threat land scape and technical requirements to increase the quality of the selected solutions also including topics such as products' convergence over time and products decommissioning. Expert knowledge of identifying, developing and communicating threat modelling and understanding the impact of decisions, balancing requirements and deciding between approaches Research and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate subtle design decisions Able to develop vision, principles and strategy for security architects for projects or technologies Demonstrably experienced in working as an effective member of a multi-disciplinary team and reach & influence a wide range of people across larger teams and communities. Excellent stakeholder management, presentation and communication skills, with the ability to interact with senior stakeholders across department and clients Pro-active approach to personal and professional development. Work closely with your peers in the security architecture group, service and solution architects, engineers, project teams. Must hold, or be able to hold, an HMG Security Check (SC) clearance. Ability to apply standards, practices, codes and assessment of certification programmes relevant to the IT industry and the specific organisation or business domain. Experience in writing and creating Cyber Security documents ie Risk Assessments, ESRM, DPIA etc and produce particular patterns and support quality assurance Knowledge of the IT/IS infrastructure (eg databases and LANs) and the IT applications and service processes used within own organisation, including those associated with sustainability and efficiency. Ability to use any tool or system which provides security access control (eg Active Directory) Showing proficiency in the principles and application of cloud/virtualisation (including ownership responsibilities and security implications) and be able to use tools and systems to manage virtualised environments eg Server/desktop virtualisation and SDDC (Software Defined Data Centre). Benefits Holiday: 25 days a year, plus bank holidays, with the option to buy 5 extra days each year Pension: 4% employer contribution and 5% employee contribution Discretionary bonus: based on company and individual performance Life assurance: 4 times base salary Private medical insurance: non-contributory (spouse and dependants included) Worldwide travel insurance: non-contributory (spouse and dependants included) Enhanced maternity and paternity leave after 18 months service Wellness: 24/7 confidential employee assistance programme, including counselling Social: Parties and social events, and commitment to charitable causes Professional development: access to LinkedIn Learning, and discretionary training budget Travel: season ticket loan, cycle to work scheme Development access to LinkedIn Learning, a management development programme and training Wellness 24/7 Confidential employee assistance programme
Senior Identity and Access Security Manager Birmingham (Hybrid) Key Responsibilities: Ensure robust security practices are in place to protect against identity-related threats by collaborating with architects, security professionals, and both internal and external stakeholders. Establish standards and lead the design and implementation of identity and access management processes and controls to enhance operations and reduce risks. Guide internal business teams on best practices, identify and address any concerns, and serve as the liaison between business and technical teams on all identity and access management (IAM) matters. Contribute to the development and maintenance of the Information Security policy framework in accordance with risk appetite, legislation, and industry best practices. Develop and uphold cyber policies and standards aligned with recognized frameworks such as NIST, FedRamp, SOX, SOC, ISO, SOC2, PCI, ZeroTrust, SaaS Security Framework, and Data Security Foundations. Facilitate the creation of enterprise IT solutions, considering critical factors such as APIs, security, scalability, manageability, and usability, leading to comprehensive and effective outcomes. Act as a Subject Matter Expert (SME) from the user's perspective, assisting in developing functional requirements, processes, and automation. Produce accurate and concise reports, Key Risk Indicators (KRIs)/Key Performance Indicators (KPIs), and executive summaries on Information Security topics and techniques. Contribute threat knowledge to IAM and Privileged Access Management (PAM) requirements. Identify and address security concerns proactively and manage high-risk vulnerabilities. Participate in and contribute to various organizational committees. Skills and Abilities: Understanding of IAM concepts and best practices. Familiarity with security and compliance frameworks such as NIST, FedRamp, SOX, SOC, ISO, SOC2, PCI, ZeroTrust, SaaS Security Framework, and Data Security Foundations. Experience managing multiple demands from various stakeholders while ensuring timely and high-quality delivery. Excellent written and verbal communication skills, with the ability to convey technical and security-related concepts to diverse audiences. Ability to prioritize tasks and deliver results in high-pressure situations through strategic and tactical planning. Capability to manage significant stakeholder interactions, offering expert advice and demonstrating business acumen. Proven ability to build strong relationships across different business units. Confidence and effectiveness in communicating with a range of stakeholders. Self-motivated, autonomous, results-driven, and adaptable in approach. Knowledge of data regulations and requirements in various regions including the UK, US, and globally. Strong grasp of IT security principles, especially related to IAM and PAM. Knowledge and Experience: At least five years of experience in Identity and Access Management. Proven success in developing and executing enterprise identity solutions. Familiarity with IAM concepts and best practices, as well as security and compliance frameworks. Experience with managing vendor IAM and PAM tools such as SailPoint IdentityIQ, CyberArk, CA PAM, Imprivata, and Azure MFA. Exceptional interpersonal skills and the ability to communicate effectively with both technical and non-technical audiences, both verbally and in writing. Capability to manage multiple, competing demands while ensuring timely and high-quality delivery. Demonstrated leadership and influencing skills in a complex environment, with the ability to broker agreements among varying priorities and perspectives. Experience in establishing IAM program KPIs and reporting. Expertise in documenting IAM processes and procedures. Involvement in planning, designing, developing, and testing systems or applications, including cloud-based or Internet-related tools. Eames Consulting is acting as an Employment Agency in relation to this vacancy.
16/09/2024
Full time
Senior Identity and Access Security Manager Birmingham (Hybrid) Key Responsibilities: Ensure robust security practices are in place to protect against identity-related threats by collaborating with architects, security professionals, and both internal and external stakeholders. Establish standards and lead the design and implementation of identity and access management processes and controls to enhance operations and reduce risks. Guide internal business teams on best practices, identify and address any concerns, and serve as the liaison between business and technical teams on all identity and access management (IAM) matters. Contribute to the development and maintenance of the Information Security policy framework in accordance with risk appetite, legislation, and industry best practices. Develop and uphold cyber policies and standards aligned with recognized frameworks such as NIST, FedRamp, SOX, SOC, ISO, SOC2, PCI, ZeroTrust, SaaS Security Framework, and Data Security Foundations. Facilitate the creation of enterprise IT solutions, considering critical factors such as APIs, security, scalability, manageability, and usability, leading to comprehensive and effective outcomes. Act as a Subject Matter Expert (SME) from the user's perspective, assisting in developing functional requirements, processes, and automation. Produce accurate and concise reports, Key Risk Indicators (KRIs)/Key Performance Indicators (KPIs), and executive summaries on Information Security topics and techniques. Contribute threat knowledge to IAM and Privileged Access Management (PAM) requirements. Identify and address security concerns proactively and manage high-risk vulnerabilities. Participate in and contribute to various organizational committees. Skills and Abilities: Understanding of IAM concepts and best practices. Familiarity with security and compliance frameworks such as NIST, FedRamp, SOX, SOC, ISO, SOC2, PCI, ZeroTrust, SaaS Security Framework, and Data Security Foundations. Experience managing multiple demands from various stakeholders while ensuring timely and high-quality delivery. Excellent written and verbal communication skills, with the ability to convey technical and security-related concepts to diverse audiences. Ability to prioritize tasks and deliver results in high-pressure situations through strategic and tactical planning. Capability to manage significant stakeholder interactions, offering expert advice and demonstrating business acumen. Proven ability to build strong relationships across different business units. Confidence and effectiveness in communicating with a range of stakeholders. Self-motivated, autonomous, results-driven, and adaptable in approach. Knowledge of data regulations and requirements in various regions including the UK, US, and globally. Strong grasp of IT security principles, especially related to IAM and PAM. Knowledge and Experience: At least five years of experience in Identity and Access Management. Proven success in developing and executing enterprise identity solutions. Familiarity with IAM concepts and best practices, as well as security and compliance frameworks. Experience with managing vendor IAM and PAM tools such as SailPoint IdentityIQ, CyberArk, CA PAM, Imprivata, and Azure MFA. Exceptional interpersonal skills and the ability to communicate effectively with both technical and non-technical audiences, both verbally and in writing. Capability to manage multiple, competing demands while ensuring timely and high-quality delivery. Demonstrated leadership and influencing skills in a complex environment, with the ability to broker agreements among varying priorities and perspectives. Experience in establishing IAM program KPIs and reporting. Expertise in documenting IAM processes and procedures. Involvement in planning, designing, developing, and testing systems or applications, including cloud-based or Internet-related tools. Eames Consulting is acting as an Employment Agency in relation to this vacancy.
Job Title: Information Security Manager Type: Full-Time - Hybrid Up to £60,000 + company benefits Start Date - ASAP 2024 Location - London (Hybrid) JOB DESCRIPTION: The purpose of the role is to manage all aspects of information security within IT. The role will include maintaining security systems, overseeing vulnerability testing, and penetration tests to identify and address risks and vulnerabilities. The role will lead on best security practices across the business and provide hands-on technical experience to resolve security vulnerabilities, including MS 365 and Azure. The candidate will be effective in deploying and maintaining security infrastructure, applications, services and driving the business towards Cyber Essentials PLUS and ISO 27001 accreditation. EXPERIENCE: Experience as an information security manager. Experience in security concepts related to routing, DNS, VPN, authentication, DDOS mitigation technologies/tools and Proxy services Experiencing managing cloud security (MS Azure) improving security scores and reducing exposure scores to the right level Experience in deploying and overseeing intrusion prevention and detection protocols Experience in overseeing and driving security standards and policies across dispersed locations across the UK Experience in implementing and overseeing ISO27001 standards/controls and data protection standards SKILLS REQUIRED: Networking concepts related to TCP/IP, switching and routing, Firewall, forcepoint, MS Defender, and other Endpoint Security Excellent attention to detail with technical capabilities Highly motivated and able to work autonomously and alongside an agile IT team Advanced analytical and communication skills Strong IT skills, able to use all Microsoft Office applications and other systems/databases required as part of the role. Understanding of health technology, clinical applications, data, and security architecture is highly desirable. Certified Information Systems Security Professional (CISSP) is desirable Networking People (UK) is acting as an Employment Agency in relation to this vacancy.
16/09/2024
Full time
Job Title: Information Security Manager Type: Full-Time - Hybrid Up to £60,000 + company benefits Start Date - ASAP 2024 Location - London (Hybrid) JOB DESCRIPTION: The purpose of the role is to manage all aspects of information security within IT. The role will include maintaining security systems, overseeing vulnerability testing, and penetration tests to identify and address risks and vulnerabilities. The role will lead on best security practices across the business and provide hands-on technical experience to resolve security vulnerabilities, including MS 365 and Azure. The candidate will be effective in deploying and maintaining security infrastructure, applications, services and driving the business towards Cyber Essentials PLUS and ISO 27001 accreditation. EXPERIENCE: Experience as an information security manager. Experience in security concepts related to routing, DNS, VPN, authentication, DDOS mitigation technologies/tools and Proxy services Experiencing managing cloud security (MS Azure) improving security scores and reducing exposure scores to the right level Experience in deploying and overseeing intrusion prevention and detection protocols Experience in overseeing and driving security standards and policies across dispersed locations across the UK Experience in implementing and overseeing ISO27001 standards/controls and data protection standards SKILLS REQUIRED: Networking concepts related to TCP/IP, switching and routing, Firewall, forcepoint, MS Defender, and other Endpoint Security Excellent attention to detail with technical capabilities Highly motivated and able to work autonomously and alongside an agile IT team Advanced analytical and communication skills Strong IT skills, able to use all Microsoft Office applications and other systems/databases required as part of the role. Understanding of health technology, clinical applications, data, and security architecture is highly desirable. Certified Information Systems Security Professional (CISSP) is desirable Networking People (UK) is acting as an Employment Agency in relation to this vacancy.
Cloud Security Engineer Akkodis are currently working in partnership with a leading service provider to recruit an experienced Cloud Security Engineer who will provide security expertise for the cloud infrastructure. You will collaborate with DevOps and engineering teams to design, build, and maintain security services, ensuring compliance with relevant regulations and industry standards. Please note this is a hybrid role with flexibility around working from home. The Role As a Cloud Security Engineer you will improve security monitoring and automation across AWS and Azure infrastructure and support ongoing security operations. You will also proactively assess systems for vulnerabilities and work with stakeholders to embed security standards and best practices. The Responsibilities Responsible for the continued development and improvement of cloud security posture; by providing security expertise and guidance on cloud infrastructure Work with the Cloud Infrastructure team - AWS and Azure to ensure secure practices on AWS Organisation and Azure cloud tenants. Conduct periodic assessments and technical audits challenging the security posture. Assist in Cloud Security related incidents and events investigation and response as required. Work with cross-functional teams to respond to incidents - be they an escalated security event or remediating a critical vulnerability - when the need arises Contribute effectively to the establishment and maintenance of the IT Security knowledge base, documenting clear instructions and known fixes. Work on IT security projects as assigned and contribute to projects on the security technical roadmap via security and continuous improvement initiatives. Work with the rest of the Security team and cross-functional teams to manage cloud security risks and remediate vulnerabilities Get involved in raising awareness and promoting a security-conscious culture through security guidance and training to staff members when required. Create and maintain documentation and diagrams of internal security solutions. Collaborate and build relationships with a diverse set of teams including Platform Ops, Data Engineering, Architecture, Development, and operations. Work closely with stakeholders to embed standards and tools and drive the adoption of security best practices. Operate and maintain cloud security tools, solutions, and processes. The Requirements Proven experience in a Cloud administrative role/Security administration role in security or engineering fields in cloud or technology. Proven experience in securing and administering AWS and Azure cloud network and storage infrastructures - deploying and maintaining cloud security policies, products, and controls. Any relevant Azure/AWS Certifications are desirable, especially AWS Cloud Practitioner (Foundational), AWS Security (Speciality), SC-200, AZ-500, SC-900. Cloud native security solutions such as GuardDuty and the Microsoft Defender suite of products Content Delivery Networks and Web Application Firewalls. Experience with vulnerability management. A broad technical knowledge of server, endpoint, and networking hardware and related security configurations. A strong technical knowledge of modern cloud offerings and good understanding of cloud architecture frameworks. If you are looking for an exciting new challenge to join a leading team please apply now. Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
13/09/2024
Full time
Cloud Security Engineer Akkodis are currently working in partnership with a leading service provider to recruit an experienced Cloud Security Engineer who will provide security expertise for the cloud infrastructure. You will collaborate with DevOps and engineering teams to design, build, and maintain security services, ensuring compliance with relevant regulations and industry standards. Please note this is a hybrid role with flexibility around working from home. The Role As a Cloud Security Engineer you will improve security monitoring and automation across AWS and Azure infrastructure and support ongoing security operations. You will also proactively assess systems for vulnerabilities and work with stakeholders to embed security standards and best practices. The Responsibilities Responsible for the continued development and improvement of cloud security posture; by providing security expertise and guidance on cloud infrastructure Work with the Cloud Infrastructure team - AWS and Azure to ensure secure practices on AWS Organisation and Azure cloud tenants. Conduct periodic assessments and technical audits challenging the security posture. Assist in Cloud Security related incidents and events investigation and response as required. Work with cross-functional teams to respond to incidents - be they an escalated security event or remediating a critical vulnerability - when the need arises Contribute effectively to the establishment and maintenance of the IT Security knowledge base, documenting clear instructions and known fixes. Work on IT security projects as assigned and contribute to projects on the security technical roadmap via security and continuous improvement initiatives. Work with the rest of the Security team and cross-functional teams to manage cloud security risks and remediate vulnerabilities Get involved in raising awareness and promoting a security-conscious culture through security guidance and training to staff members when required. Create and maintain documentation and diagrams of internal security solutions. Collaborate and build relationships with a diverse set of teams including Platform Ops, Data Engineering, Architecture, Development, and operations. Work closely with stakeholders to embed standards and tools and drive the adoption of security best practices. Operate and maintain cloud security tools, solutions, and processes. The Requirements Proven experience in a Cloud administrative role/Security administration role in security or engineering fields in cloud or technology. Proven experience in securing and administering AWS and Azure cloud network and storage infrastructures - deploying and maintaining cloud security policies, products, and controls. Any relevant Azure/AWS Certifications are desirable, especially AWS Cloud Practitioner (Foundational), AWS Security (Speciality), SC-200, AZ-500, SC-900. Cloud native security solutions such as GuardDuty and the Microsoft Defender suite of products Content Delivery Networks and Web Application Firewalls. Experience with vulnerability management. A broad technical knowledge of server, endpoint, and networking hardware and related security configurations. A strong technical knowledge of modern cloud offerings and good understanding of cloud architecture frameworks. If you are looking for an exciting new challenge to join a leading team please apply now. Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Senior Director Network Infrastructure Architecture. Candidate will provide top level design and integration of infrastructure related platform areas: End user supporting services Responsible for core infrastructure from perimeter to virtual edge (excludes clusters, service mesh, containers, and virtualized hosting) Core Network Services (Routing, Switching, Wi-Fi, Data Center, and End User Connectivity) Enterprise SDN/SDWAN Strategy Zero Trust Strategy and Roadmap Perimeter Security & Operations Network based services (DNS, Directory, IP Management, Proxies, Load Balancers) Automation COE (FN - This should be a discussion point) In addition, as a direct report you will provide oversight of special programs in progress (ie Operational Automation, Secure File Transfer). Team is comprised of 60+ FTEs, enterprise vendor contracts, software licensing and significant component and hardware assets. This role requires strong leadership, communication, influencing skills, technical and operational capabilities. This leader will be accountable to participate in the design and documentation of Enterprise Operations & Technology EOT) technology strategy. The candidate needs to establish strong relationship with their functional counterparts. You will be responsible for all enterprise administrative duties: Risk and Controls, Workforce Management (Performance, Recruiting, Training, Succession, Program Management and Financial). Responsibilities: Mentor existing team managers as the company embarks on building technology service automation to lead Technology delivery and Operations to improve efficiency Adopt and champion Agile methodologies to improve workflow velocity and improve leadership insight into project timelines and efficiency Standardize and automate processes aligned with enterprise frameworks to ensure sustainability and consistency Define and document high level understanding of division application workstreams Collaboration with IT teams to drive workflow efficiency in partnership with division COO organization Drive and adopt a culture driven by data - where key performance indicators are gathered from top to bottom and fed to automated tooling to improve system reliability and performance Prototype new tools & technologies based on organizational strategy and evolving threats while looking for opportunities to optimize, consolidate and manage out tools that no longer meet company needs Keep a critical eye towards what's working and what's not optimal to drive improvements Qualifications: The candidate must have implementation and operations of Software Defined Infrastructure, concepts in cloud technology and software defined architectures The candidate must understand how to design service taxonomy and develop Middleware/glue ware components to support self-service and dynamic binding of services developed by other functional areas 15+ years of Technology Management experience of large technology areas Lead and contribute to technology direction Lead and contribute to team development and workforce strategy 15+ years in running technology operations Core Network Services (Routing, Switching, Wi-Fi, Data Center and End User Connectivity) Enterprise SDN/SDWAN Strategy Zero Trust Strategy and Roadmap Perimeter Security Expert in networking design or operations Experience in vendor management. Experience in Operational Risk Management and three lines of defense operating models. Development experience a plus. Experience designing and implementing self-service capabilities via automation for the technology services under their remit. Experience participating in discussions with senior leadership to understand the vision and strategic goals being supported by the team. Experience with communicating and influencing senior business leaders in operational and risk management of their IAM landscape Experience communicating project and budget status to senior leadership on regular, defined intervals. Experience with business financial management, compliance and regulatory requirements, program management, change management and risk management Degree in Computer Science, Engineering, or relative experience
12/09/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Senior Director Network Infrastructure Architecture. Candidate will provide top level design and integration of infrastructure related platform areas: End user supporting services Responsible for core infrastructure from perimeter to virtual edge (excludes clusters, service mesh, containers, and virtualized hosting) Core Network Services (Routing, Switching, Wi-Fi, Data Center, and End User Connectivity) Enterprise SDN/SDWAN Strategy Zero Trust Strategy and Roadmap Perimeter Security & Operations Network based services (DNS, Directory, IP Management, Proxies, Load Balancers) Automation COE (FN - This should be a discussion point) In addition, as a direct report you will provide oversight of special programs in progress (ie Operational Automation, Secure File Transfer). Team is comprised of 60+ FTEs, enterprise vendor contracts, software licensing and significant component and hardware assets. This role requires strong leadership, communication, influencing skills, technical and operational capabilities. This leader will be accountable to participate in the design and documentation of Enterprise Operations & Technology EOT) technology strategy. The candidate needs to establish strong relationship with their functional counterparts. You will be responsible for all enterprise administrative duties: Risk and Controls, Workforce Management (Performance, Recruiting, Training, Succession, Program Management and Financial). Responsibilities: Mentor existing team managers as the company embarks on building technology service automation to lead Technology delivery and Operations to improve efficiency Adopt and champion Agile methodologies to improve workflow velocity and improve leadership insight into project timelines and efficiency Standardize and automate processes aligned with enterprise frameworks to ensure sustainability and consistency Define and document high level understanding of division application workstreams Collaboration with IT teams to drive workflow efficiency in partnership with division COO organization Drive and adopt a culture driven by data - where key performance indicators are gathered from top to bottom and fed to automated tooling to improve system reliability and performance Prototype new tools & technologies based on organizational strategy and evolving threats while looking for opportunities to optimize, consolidate and manage out tools that no longer meet company needs Keep a critical eye towards what's working and what's not optimal to drive improvements Qualifications: The candidate must have implementation and operations of Software Defined Infrastructure, concepts in cloud technology and software defined architectures The candidate must understand how to design service taxonomy and develop Middleware/glue ware components to support self-service and dynamic binding of services developed by other functional areas 15+ years of Technology Management experience of large technology areas Lead and contribute to technology direction Lead and contribute to team development and workforce strategy 15+ years in running technology operations Core Network Services (Routing, Switching, Wi-Fi, Data Center and End User Connectivity) Enterprise SDN/SDWAN Strategy Zero Trust Strategy and Roadmap Perimeter Security Expert in networking design or operations Experience in vendor management. Experience in Operational Risk Management and three lines of defense operating models. Development experience a plus. Experience designing and implementing self-service capabilities via automation for the technology services under their remit. Experience participating in discussions with senior leadership to understand the vision and strategic goals being supported by the team. Experience with communicating and influencing senior business leaders in operational and risk management of their IAM landscape Experience communicating project and budget status to senior leadership on regular, defined intervals. Experience with business financial management, compliance and regulatory requirements, program management, change management and risk management Degree in Computer Science, Engineering, or relative experience
NO SPONSORSHIP - C Security Engineering/Architect - Controls Rate: Open C2C LOCATION: Remote if in: IL, TX, FL, GA, MA, MD, MN, NC, NJ, NY, DC, WI Looking for a candidate with security architecture, security controls, cloud on premise design implementation. Application security control implementation, control validation adversarial testing windows services end users NIST CSF FFIEC OWASP IAM network access control PKI Firewalls IPS AWS COBIT NIST NIST CSF ISO experience working with regulatory frameworks SCI CFTC 99.18 etc. Description: This position will support the Security Architecture team responsible for architecture of the security controls environment in the cloud and on-premise and ensuring that security requirements are met in systems design and implementation. This individual will work with the Security Architecture team to problem solve, define requirements and scope for application security, Control implementation, control validation and adversarial testing. The position will include extensive interaction with IT, Security Engineering, Security Assurance, EPMO, Windows services, and end-users for the duration of the engagement. Conduct architectural Security control validation testing processes Define security requirements aligned with current threat intelligence and industry standards such as the NIST CSF, CSA, FFIEC, OWASP Review current system security measures and recommending and implementing enhancements. Conduct market surveys of security tooling to identify potential replacements or upgrades to enhance security and resilience Partnering with IT department to design and implement effective Embedded security capabilities Drive the maturation and automation of Security information dissemination and oversight processes Support Security Assurance in assessing the effectiveness of planned remediations for identified security defects Produce reporting and documentation artifacts for leadership and staff relating to security related activities Ensure alignment of security controls and supporting services and related policies and procedures with applicable regulations and industry standard best practices Assists Security Analysts, transferring technical and risk management knowledge Assist in project planning, program development, and process formalization. Perform other duties as assigned SKILL AND EXPERIENCE REQUIRED: Bachelor degree in Computer Science, Management Information Systems, Statistics & Quantitative Modeling, Mathematics a plus or the equivalent combination of education and/or relevant experience. 10 years hands-on Information Security architecture or engineering Experience with design and specification of security control technologies such as IAM, Network Access Controls, PKI, Firewalls, IPS Experience with AWS and cloud-native tools desired; training provided as needed. Advanced understanding of information related frameworks and standards such as COBIT, NIST 800-53, NIST CSF, ISO etc. Experience in security risk management principles and practices. Experience in working with regulatory frameworks and requirements relevant to OCC such as, Reg SCI, CFTC 99.18, etc. Professional security certifications a plus (ie, AWS, CSA, GIAC, CISSP, CISA, CISM, CRISC)
12/09/2024
Project-based
NO SPONSORSHIP - C Security Engineering/Architect - Controls Rate: Open C2C LOCATION: Remote if in: IL, TX, FL, GA, MA, MD, MN, NC, NJ, NY, DC, WI Looking for a candidate with security architecture, security controls, cloud on premise design implementation. Application security control implementation, control validation adversarial testing windows services end users NIST CSF FFIEC OWASP IAM network access control PKI Firewalls IPS AWS COBIT NIST NIST CSF ISO experience working with regulatory frameworks SCI CFTC 99.18 etc. Description: This position will support the Security Architecture team responsible for architecture of the security controls environment in the cloud and on-premise and ensuring that security requirements are met in systems design and implementation. This individual will work with the Security Architecture team to problem solve, define requirements and scope for application security, Control implementation, control validation and adversarial testing. The position will include extensive interaction with IT, Security Engineering, Security Assurance, EPMO, Windows services, and end-users for the duration of the engagement. Conduct architectural Security control validation testing processes Define security requirements aligned with current threat intelligence and industry standards such as the NIST CSF, CSA, FFIEC, OWASP Review current system security measures and recommending and implementing enhancements. Conduct market surveys of security tooling to identify potential replacements or upgrades to enhance security and resilience Partnering with IT department to design and implement effective Embedded security capabilities Drive the maturation and automation of Security information dissemination and oversight processes Support Security Assurance in assessing the effectiveness of planned remediations for identified security defects Produce reporting and documentation artifacts for leadership and staff relating to security related activities Ensure alignment of security controls and supporting services and related policies and procedures with applicable regulations and industry standard best practices Assists Security Analysts, transferring technical and risk management knowledge Assist in project planning, program development, and process formalization. Perform other duties as assigned SKILL AND EXPERIENCE REQUIRED: Bachelor degree in Computer Science, Management Information Systems, Statistics & Quantitative Modeling, Mathematics a plus or the equivalent combination of education and/or relevant experience. 10 years hands-on Information Security architecture or engineering Experience with design and specification of security control technologies such as IAM, Network Access Controls, PKI, Firewalls, IPS Experience with AWS and cloud-native tools desired; training provided as needed. Advanced understanding of information related frameworks and standards such as COBIT, NIST 800-53, NIST CSF, ISO etc. Experience in security risk management principles and practices. Experience in working with regulatory frameworks and requirements relevant to OCC such as, Reg SCI, CFTC 99.18, etc. Professional security certifications a plus (ie, AWS, CSA, GIAC, CISSP, CISA, CISM, CRISC)
Request Technology - Craig Johnson
San Francisco, California
*We are unable to sponsor for this 6+ month straight contract role, no 3rd party candidates will be considered* Prestigious Enterprise Company is currently seeking a Cyber Security Infrastructure Engineer and Architect with Azure experience. Candidate will be responsible for the planning, development and implementation of enterprise information security solutions (such as authentication and authorization, public key infrastructure, data loss prevention, and security event information management) to address the current and emerging security needs of the business. This role requires the solution of complex enterprise-scale information security problems. The role will design and develop new technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Responsibilities: Contributes to a team that ensures the security of enterprise data and systems by developing enterprise information security solutions. Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats. Researches, designs, and develops new enterprise technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Serves as a security expert in one or more of application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture. Engages with security specialists and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements. Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks. Serves as an expert in one or more of platform, application, storage, network, virtualization, cloud and mobile security best practices. Cloud Security: Shared Responsibility model Secure services in the cloud Infrastructure security in the cloud Secure boundaries Authentication & Authorization security services in the Cloud Cloud Native VS Third party security capabilities Container Security Container security life cycle Image scanning Qualifications: Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of identity and access management controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Preferred Skills: The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications ability to lead the exercise of collecting the required data to produce the deliverables Ability to articulate the requirements in technical and non technical language Ability to defend secure design and support it with real life scenarios Ability to articulate the risk and findings in business language Explain vulnerabilities and threats Threat modelling Recent attacks Application Security Focus Areas Secure Code Development Secure SDLC Secure Agile development Testing Security requirements Writing security stories Web Application Security Owasp 10 SAST and DAST Scan API Security CI/CD pipeline Integrate security tools Security testing
10/09/2024
Project-based
*We are unable to sponsor for this 6+ month straight contract role, no 3rd party candidates will be considered* Prestigious Enterprise Company is currently seeking a Cyber Security Infrastructure Engineer and Architect with Azure experience. Candidate will be responsible for the planning, development and implementation of enterprise information security solutions (such as authentication and authorization, public key infrastructure, data loss prevention, and security event information management) to address the current and emerging security needs of the business. This role requires the solution of complex enterprise-scale information security problems. The role will design and develop new technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Responsibilities: Contributes to a team that ensures the security of enterprise data and systems by developing enterprise information security solutions. Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats. Researches, designs, and develops new enterprise technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Serves as a security expert in one or more of application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture. Engages with security specialists and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements. Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks. Serves as an expert in one or more of platform, application, storage, network, virtualization, cloud and mobile security best practices. Cloud Security: Shared Responsibility model Secure services in the cloud Infrastructure security in the cloud Secure boundaries Authentication & Authorization security services in the Cloud Cloud Native VS Third party security capabilities Container Security Container security life cycle Image scanning Qualifications: Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of identity and access management controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Preferred Skills: The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications ability to lead the exercise of collecting the required data to produce the deliverables Ability to articulate the requirements in technical and non technical language Ability to defend secure design and support it with real life scenarios Ability to articulate the risk and findings in business language Explain vulnerabilities and threats Threat modelling Recent attacks Application Security Focus Areas Secure Code Development Secure SDLC Secure Agile development Testing Security requirements Writing security stories Web Application Security Owasp 10 SAST and DAST Scan API Security CI/CD pipeline Integrate security tools Security testing
Long term contract role - remote rate is around $115 c2c CYBERSECURITY ENGINEER/ARCHITECT Must have very clear communication skills Mandatory Technical Skills: Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of IAM controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Additional Technical Skills: Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Desired Skills: Architecture Skills The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications ability to lead the exercise of collecting the required data to produce the deliverables Ability to articulate the requirements in technical and non technical language Ability to defend secure design and support it with real life scenarios Ability to articulate the risk and findings in business language Explain vulnerabilities and threats Threat modelling Recent attacks Application Security Focus Areas Secure Code Development Secure SDLC Secure Agile development Testing Security requirements Writing security stories Web Application Security Owasp 10 SAST and DAST Scan API Security CI/CD pipeline Integrate security tools Security testing Cloud Security Focus Area Shared Responsibility model Secure services in the cloud Infrastructure security in the cloud Secure boundaries Authentication & Authorization security services in the Cloud Cloud Native VS Third party security capabilities Container Security Container security life cycle Image scanning
10/09/2024
Project-based
Long term contract role - remote rate is around $115 c2c CYBERSECURITY ENGINEER/ARCHITECT Must have very clear communication skills Mandatory Technical Skills: Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of IAM controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Additional Technical Skills: Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Desired Skills: Architecture Skills The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications ability to lead the exercise of collecting the required data to produce the deliverables Ability to articulate the requirements in technical and non technical language Ability to defend secure design and support it with real life scenarios Ability to articulate the risk and findings in business language Explain vulnerabilities and threats Threat modelling Recent attacks Application Security Focus Areas Secure Code Development Secure SDLC Secure Agile development Testing Security requirements Writing security stories Web Application Security Owasp 10 SAST and DAST Scan API Security CI/CD pipeline Integrate security tools Security testing Cloud Security Focus Area Shared Responsibility model Secure services in the cloud Infrastructure security in the cloud Secure boundaries Authentication & Authorization security services in the Cloud Cloud Native VS Third party security capabilities Container Security Container security life cycle Image scanning
Contract - Cybersecurity Infrastructure Engineer/Architect Rate: Open Location: Remote in the United States *We are unable to provide sponsorship for this role* Qualifications 8+ years of Security Infrastructure focus with an emphasis on the following: Security Design, Infrastructure security, Cloud migration, Citrix cloud, SDWAN security, VPN, GitHub security, MS Power platform, MS co-pilot Experienced in large enterprise environments is a must Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of identity and access management controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Responsibilities Contributes to a team that ensures the security of enterprise data and systems by developing enterprise information security solutions. Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats. Researches, designs, and develops new enterprise technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Serves as a security expert in one or more of application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture. Engages with security specialists and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements. Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks.
10/09/2024
Project-based
Contract - Cybersecurity Infrastructure Engineer/Architect Rate: Open Location: Remote in the United States *We are unable to provide sponsorship for this role* Qualifications 8+ years of Security Infrastructure focus with an emphasis on the following: Security Design, Infrastructure security, Cloud migration, Citrix cloud, SDWAN security, VPN, GitHub security, MS Power platform, MS co-pilot Experienced in large enterprise environments is a must Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of identity and access management controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Responsibilities Contributes to a team that ensures the security of enterprise data and systems by developing enterprise information security solutions. Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats. Researches, designs, and develops new enterprise technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Serves as a security expert in one or more of application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture. Engages with security specialists and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements. Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Senior Director Network Infrastructure Architecture. Candidate will provide top level design and integration of infrastructure related platform areas: End user supporting services Responsible for core infrastructure from perimeter to virtual edge (excludes clusters, service mesh, containers, and virtualized hosting) Core Network Services (Routing, Switching, Wi-Fi, Data Center, and End User Connectivity) Enterprise SDN/SDWAN Strategy Zero Trust Strategy and Roadmap Perimeter Security & Operations Network based services (DNS, Directory, IP Management, Proxies, Load Balancers) Automation COE (FN - This should be a discussion point) In addition, as a direct report you will provide oversight of special programs in progress (ie Operational Automation, Secure File Transfer). Team is comprised of 60+ FTEs, enterprise vendor contracts, software licensing and significant component and hardware assets. This role requires strong leadership, communication, influencing skills, technical and operational capabilities. This leader will be accountable to participate in the design and documentation of Enterprise Operations & Technology EOT) technology strategy. The candidate needs to establish strong relationship with their functional counterparts. You will be responsible for all enterprise administrative duties: Risk and Controls, Workforce Management (Performance, Recruiting, Training, Succession, Program Management and Financial). Responsibilities: Mentor existing team managers as the company embarks on building technology service automation to lead Technology delivery and Operations to improve efficiency Adopt and champion Agile methodologies to improve workflow velocity and improve leadership insight into project timelines and efficiency Standardize and automate processes aligned with enterprise frameworks to ensure sustainability and consistency Define and document high level understanding of division application workstreams Collaboration with IT teams to drive workflow efficiency in partnership with division COO organization Drive and adopt a culture driven by data - where key performance indicators are gathered from top to bottom and fed to automated tooling to improve system reliability and performance Prototype new tools & technologies based on organizational strategy and evolving threats while looking for opportunities to optimize, consolidate and manage out tools that no longer meet company needs Keep a critical eye towards what's working and what's not optimal to drive improvements Qualifications: The candidate must have implementation and operations of Software Defined Infrastructure, concepts in cloud technology and software defined architectures The candidate must understand how to design service taxonomy and develop Middleware/glue ware components to support self-service and dynamic binding of services developed by other functional areas 15+ years of Technology Management experience of large technology areas Lead and contribute to technology direction Lead and contribute to team development and workforce strategy 15+ years in running technology operations Core Network Services (Routing, Switching, Wi-Fi, Data Center and End User Connectivity) Enterprise SDN/SDWAN Strategy Zero Trust Strategy and Roadmap Perimeter Security Expert in networking design or operations Experience in vendor management. Experience in Operational Risk Management and three lines of defense operating models. Development experience a plus. Experience designing and implementing self-service capabilities via automation for the technology services under their remit. Experience participating in discussions with senior leadership to understand the vision and strategic goals being supported by the team. Experience with communicating and influencing senior business leaders in operational and risk management of their IAM landscape Experience communicating project and budget status to senior leadership on regular, defined intervals. Experience with business financial management, compliance and regulatory requirements, program management, change management and risk management Degree in Computer Science, Engineering, or relative experience
04/09/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Senior Director Network Infrastructure Architecture. Candidate will provide top level design and integration of infrastructure related platform areas: End user supporting services Responsible for core infrastructure from perimeter to virtual edge (excludes clusters, service mesh, containers, and virtualized hosting) Core Network Services (Routing, Switching, Wi-Fi, Data Center, and End User Connectivity) Enterprise SDN/SDWAN Strategy Zero Trust Strategy and Roadmap Perimeter Security & Operations Network based services (DNS, Directory, IP Management, Proxies, Load Balancers) Automation COE (FN - This should be a discussion point) In addition, as a direct report you will provide oversight of special programs in progress (ie Operational Automation, Secure File Transfer). Team is comprised of 60+ FTEs, enterprise vendor contracts, software licensing and significant component and hardware assets. This role requires strong leadership, communication, influencing skills, technical and operational capabilities. This leader will be accountable to participate in the design and documentation of Enterprise Operations & Technology EOT) technology strategy. The candidate needs to establish strong relationship with their functional counterparts. You will be responsible for all enterprise administrative duties: Risk and Controls, Workforce Management (Performance, Recruiting, Training, Succession, Program Management and Financial). Responsibilities: Mentor existing team managers as the company embarks on building technology service automation to lead Technology delivery and Operations to improve efficiency Adopt and champion Agile methodologies to improve workflow velocity and improve leadership insight into project timelines and efficiency Standardize and automate processes aligned with enterprise frameworks to ensure sustainability and consistency Define and document high level understanding of division application workstreams Collaboration with IT teams to drive workflow efficiency in partnership with division COO organization Drive and adopt a culture driven by data - where key performance indicators are gathered from top to bottom and fed to automated tooling to improve system reliability and performance Prototype new tools & technologies based on organizational strategy and evolving threats while looking for opportunities to optimize, consolidate and manage out tools that no longer meet company needs Keep a critical eye towards what's working and what's not optimal to drive improvements Qualifications: The candidate must have implementation and operations of Software Defined Infrastructure, concepts in cloud technology and software defined architectures The candidate must understand how to design service taxonomy and develop Middleware/glue ware components to support self-service and dynamic binding of services developed by other functional areas 15+ years of Technology Management experience of large technology areas Lead and contribute to technology direction Lead and contribute to team development and workforce strategy 15+ years in running technology operations Core Network Services (Routing, Switching, Wi-Fi, Data Center and End User Connectivity) Enterprise SDN/SDWAN Strategy Zero Trust Strategy and Roadmap Perimeter Security Expert in networking design or operations Experience in vendor management. Experience in Operational Risk Management and three lines of defense operating models. Development experience a plus. Experience designing and implementing self-service capabilities via automation for the technology services under their remit. Experience participating in discussions with senior leadership to understand the vision and strategic goals being supported by the team. Experience with communicating and influencing senior business leaders in operational and risk management of their IAM landscape Experience communicating project and budget status to senior leadership on regular, defined intervals. Experience with business financial management, compliance and regulatory requirements, program management, change management and risk management Degree in Computer Science, Engineering, or relative experience
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a Senior Identity and Access Management Engineer with strong ForgeRock experience. Candidate will be integrating internal applications with ForgeRock Identity suite using OAuth methodologies and custom scopes, coordinating directly with application development teams and enterprise architecture. Team Members collaborate daily for IAM System design and implementation, as well as assist with operational support in Identity and Access related functions. Responsibilities: Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned. Qualifications: Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS) Basic knowledge of Controls, Risk Ranking/mapping, Remediation items and general IT audit Preferred (nice to have) Sailpoint Identity IQ administration or experience E-GRC/Archer ServiceNow Mainframe architecture CA-ACF2 Mainframe access control facilities Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Bachelor's degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience preferred Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc)
03/09/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a Senior Identity and Access Management Engineer with strong ForgeRock experience. Candidate will be integrating internal applications with ForgeRock Identity suite using OAuth methodologies and custom scopes, coordinating directly with application development teams and enterprise architecture. Team Members collaborate daily for IAM System design and implementation, as well as assist with operational support in Identity and Access related functions. Responsibilities: Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned. Qualifications: Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS) Basic knowledge of Controls, Risk Ranking/mapping, Remediation items and general IT audit Preferred (nice to have) Sailpoint Identity IQ administration or experience E-GRC/Archer ServiceNow Mainframe architecture CA-ACF2 Mainframe access control facilities Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Bachelor's degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience preferred Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc)
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a Senior Identity and Access Management Engineer with strong ForgeRock experience. Candidate will be integrating internal applications with ForgeRock Identity suite using OAuth methodologies and custom scopes, coordinating directly with application development teams and enterprise architecture. Team Members collaborate daily for IAM System design and implementation, as well as assist with operational support in Identity and Access related functions. Responsibilities: Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned. Qualifications: Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS) Basic knowledge of Controls, Risk Ranking/mapping, Remediation items and general IT audit Preferred (nice to have) Sailpoint Identity IQ administration or experience E-GRC/Archer ServiceNow Mainframe architecture CA-ACF2 Mainframe access control facilities Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Bachelors degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience preferred Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc)
03/09/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a Senior Identity and Access Management Engineer with strong ForgeRock experience. Candidate will be integrating internal applications with ForgeRock Identity suite using OAuth methodologies and custom scopes, coordinating directly with application development teams and enterprise architecture. Team Members collaborate daily for IAM System design and implementation, as well as assist with operational support in Identity and Access related functions. Responsibilities: Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned. Qualifications: Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS) Basic knowledge of Controls, Risk Ranking/mapping, Remediation items and general IT audit Preferred (nice to have) Sailpoint Identity IQ administration or experience E-GRC/Archer ServiceNow Mainframe architecture CA-ACF2 Mainframe access control facilities Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Bachelors degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience preferred Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc)