E-Frontiers
Farnborough, Hampshire
Job purpose Cyber Security is responsible for discovering vulnerabilities and risks in networks, software systems and hardware with ongoing vulnerability scans, monitoring network data, and ensuring corporate and Datacentre systems are compliant and secure. Key Responsibilities and duties Daily investigation and monitoring of system logs from devices such as Firewalls, Azure, AV/EDR Platforms, Security Information and Event Management (SIEM) systems and the network environment to identify anomalies such as suspicious network traffic, alerts and indications of compromise. If any are identified, investigate any vulnerabilities and escalate resolution to prevent re-occurrence. Conduct investigations and reporting for incoming phishing emails, mitigate infection vector and discover origin in order to block senders. Conduct OSINT (Open Source Intelligence) against senders and liaise with NCSC to expedite cessation of further threats. Use Cyber Threat Intelligence to protect supply chain and partners. Manage the implementation and monitoring of Honeypots to detect intruders inside the network. Administer and monitor the AV/EDR control panel including the creation of new policies to ensure the compliance of all connected machines (Workstations and Servers in all production, EMS, BMS and Security networks). Smarthost Email Gateway administration including monitoring and reacting to Email born threats. Continued improvement works in order to enhance and adapt the Email Gateway's defensive policies. Conduct Phishing tests against employees and departments, collate results and create security awareness training. Administer and monitor the Web Application Firewall Proxy, review website activity and identify potential malicious websites. Assist the IT Security Manager with Cloud Security Assessments on proposed cloud SaaS. PaaS and IaaS solutions. Continual Cyber Security posture testing of the Workstation, Server, EMS/BMS network and CCTV environments, including testing of new vulnerabilities as they are discovered. Assist in the re-certification of IT Security related audits which include ISO 27001 and Cyber Essentials Plus accreditation scheme. Host, assist and remediate actions presented by internal/external auditors. Liaise with the IT Security Manager to conduct intelligence projects into current and evolving threats from various information security websites, dark net forums and Cyber Security groups using inhouse Cyber Threat Intelligence tools. Research new methods and tools which could be used against installed infrastructure, including carrying out internal penetration tests in order to improve the security posture of the organisation. Capture, review and investigation of received malware that bypasses security systems using Sandbox tools. Reverse engineer malware to discover C2 (Command and control Server) origins and ascertain IOC's (Indicators of Compromise) to confirm the infection vector and remediate. Conduct forensics on infected systems and create new security policies to vaccinate against further attacks. Assist Penetration Testers including completing prerequisites prior to arrival, creation and configuration of workspace, agreement on scope of works and technical knowledge of installed infrastructure including assistance where required. Cyber Security Penetration test remediation works including reporting vulnerabilities to the Senior Leadership Team (SLT) and NCSC, remediation of discovered vulnerabilities and proof of work within a strict time frame. Complete security reviews against all external public facing services such as our corporate website, ticketing system and future perimeter services. Liaise with Construction and contractors, implement best practices and build reviews of their hardware that is used within the network infrastructure. Recommend hardening procedures for equipment used in current and new buildings. Assist the IT Security Manager to provide security reports, talks, training and demonstrations in order to confirm Cyber Security posture. Assist the IT team with the patching of the estate including Corporate, Security, BMS and EMS Servers and workstations. This includes 3rd party software being used in the corporate environment. Continue to enhance security posture for the employees and company, introduce new tools and policies, assist with disaster recovery exercises. Assist the IT Security Manager in providing weekly and monthly threat intelligence reports for SLT. Continued survey of software used to ensure no company acquisitions affect ISO 27001 accreditation or security posture. Training and security awareness for all staff, create a security knowledgebase system that all staff can access. Experience, Skills and Qualifications Strong background in Cyber Security, IT and network systems, architectures and applications, such as knowledge of Windows OS, Linux OS, networking, Active Directory, VMWare and Azure. Experience with AV/EDR software, Email Gateway Smarthosts, SIEM, intrusion detection, Firewalls and web application Firewall content filtering. Knowledge of designing secure networks, systems and application architectures. Knowledge of disaster recovery, computer forensic tools, technologies and methods. Professional experience in a system administration role supporting multiple platforms and applications. Ability to obtain relevant security clearance. MSc or BSc in computer science, technology or security subject is an advantage. Cyber Security related certifications such as SANS, AZ-500, Security+ and CEH is an advantage. Access to own vehicle for company travel. We are committed to a hybrid working environment and therefore expectation is attendance at the office, a minimum of 3 days per week.
Job purpose Cyber Security is responsible for discovering vulnerabilities and risks in networks, software systems and hardware with ongoing vulnerability scans, monitoring network data, and ensuring corporate and Datacentre systems are compliant and secure. Key Responsibilities and duties Daily investigation and monitoring of system logs from devices such as Firewalls, Azure, AV/EDR Platforms, Security Information and Event Management (SIEM) systems and the network environment to identify anomalies such as suspicious network traffic, alerts and indications of compromise. If any are identified, investigate any vulnerabilities and escalate resolution to prevent re-occurrence. Conduct investigations and reporting for incoming phishing emails, mitigate infection vector and discover origin in order to block senders. Conduct OSINT (Open Source Intelligence) against senders and liaise with NCSC to expedite cessation of further threats. Use Cyber Threat Intelligence to protect supply chain and partners. Manage the implementation and monitoring of Honeypots to detect intruders inside the network. Administer and monitor the AV/EDR control panel including the creation of new policies to ensure the compliance of all connected machines (Workstations and Servers in all production, EMS, BMS and Security networks). Smarthost Email Gateway administration including monitoring and reacting to Email born threats. Continued improvement works in order to enhance and adapt the Email Gateway's defensive policies. Conduct Phishing tests against employees and departments, collate results and create security awareness training. Administer and monitor the Web Application Firewall Proxy, review website activity and identify potential malicious websites. Assist the IT Security Manager with Cloud Security Assessments on proposed cloud SaaS. PaaS and IaaS solutions. Continual Cyber Security posture testing of the Workstation, Server, EMS/BMS network and CCTV environments, including testing of new vulnerabilities as they are discovered. Assist in the re-certification of IT Security related audits which include ISO 27001 and Cyber Essentials Plus accreditation scheme. Host, assist and remediate actions presented by internal/external auditors. Liaise with the IT Security Manager to conduct intelligence projects into current and evolving threats from various information security websites, dark net forums and Cyber Security groups using inhouse Cyber Threat Intelligence tools. Research new methods and tools which could be used against installed infrastructure, including carrying out internal penetration tests in order to improve the security posture of the organisation. Capture, review and investigation of received malware that bypasses security systems using Sandbox tools. Reverse engineer malware to discover C2 (Command and control Server) origins and ascertain IOC's (Indicators of Compromise) to confirm the infection vector and remediate. Conduct forensics on infected systems and create new security policies to vaccinate against further attacks. Assist Penetration Testers including completing prerequisites prior to arrival, creation and configuration of workspace, agreement on scope of works and technical knowledge of installed infrastructure including assistance where required. Cyber Security Penetration test remediation works including reporting vulnerabilities to the Senior Leadership Team (SLT) and NCSC, remediation of discovered vulnerabilities and proof of work within a strict time frame. Complete security reviews against all external public facing services such as our corporate website, ticketing system and future perimeter services. Liaise with Construction and contractors, implement best practices and build reviews of their hardware that is used within the network infrastructure. Recommend hardening procedures for equipment used in current and new buildings. Assist the IT Security Manager to provide security reports, talks, training and demonstrations in order to confirm Cyber Security posture. Assist the IT team with the patching of the estate including Corporate, Security, BMS and EMS Servers and workstations. This includes 3rd party software being used in the corporate environment. Continue to enhance security posture for the employees and company, introduce new tools and policies, assist with disaster recovery exercises. Assist the IT Security Manager in providing weekly and monthly threat intelligence reports for SLT. Continued survey of software used to ensure no company acquisitions affect ISO 27001 accreditation or security posture. Training and security awareness for all staff, create a security knowledgebase system that all staff can access. Experience, Skills and Qualifications Strong background in Cyber Security, IT and network systems, architectures and applications, such as knowledge of Windows OS, Linux OS, networking, Active Directory, VMWare and Azure. Experience with AV/EDR software, Email Gateway Smarthosts, SIEM, intrusion detection, Firewalls and web application Firewall content filtering. Knowledge of designing secure networks, systems and application architectures. Knowledge of disaster recovery, computer forensic tools, technologies and methods. Professional experience in a system administration role supporting multiple platforms and applications. Ability to obtain relevant security clearance. MSc or BSc in computer science, technology or security subject is an advantage. Cyber Security related certifications such as SANS, AZ-500, Security+ and CEH is an advantage. Access to own vehicle for company travel. We are committed to a hybrid working environment and therefore expectation is attendance at the office, a minimum of 3 days per week.
Request Technology - Craig Johnson
Oakland, California
*We are unable to sponsor for this Remote permanent role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Lead Cyber Security Penetration & Vulnerability Tester. Candidate will provide domain expertise in Penetration testing of Infrastructure and Networks, Web Applications, Cloud and Social engineering! In this role, the candidate will provide improved vulnerability analysis and contextual feedback to stakeholders to support the resolution of discovered vulnerabilities and facilitate risk awareness. Responsibilities: Penetration Testing and Red Team assessments Perform internal and external penetration testing of network infrastructure and applications Red team assessments including physical, social engineering, and network exploitation Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases Perform network reconnaissance, OSINT, social engineering, and physical security reviews Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards Effectively communicate findings and strategy to stakeholders, including technical staff and executive leadership Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement Purple Team and Adversary simulations Participate in regular Purple team exercises and perform adversary simulations to test defense controls Assist with scoping prospective engagements, leading engagements from kickoff through remediation Work closely with Blue team to test efficacy of existing alerts and help create new detection. Create findings reports and communicate to stakeholders Contribute to enhancing the team's toolkit Write custom scripts to automate tasks related to finding new vulnerabilities Maintain runbooks to continually improve penetration testing methodologies and threat modelling. The Red team is responsible for testing the overall strength of our organization's defenses (the technology, the processes, and the people) by simulating the objectives and actions of an attacker! This role provides domain expertise in Penetration testing of Infrastructure and Networks, Web Applications, Cloud and Social engineering, as well as Red Team and Purple Team internal engagements. Additionally, you will provide improved vulnerability analysis and contextual feedback to partners to support the resolution of discovered vulnerabilities and facilitate risk awareness. Qualifications : 8-10 years of experience in Penetration testing, Red Team and Purple Team Bachelor of Science in Engineering, Computer Science, Information Technology, or equivalent work experience Advanced knowledge in common penetration testing tools (Metasploit, Burp Suite, Cobalt Strike, Empire, KALI Linux etc.) Must have a demonstrable understanding of voice and data networks, major operating systems, Active Directory, cloud technologies Must demonstrate knowledge of MITRE's ATT&CK framework, execute and chain TTP's Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms. Ability to optimally code in a Scripting language (Python, Bash, PowerShell, Perl, etc.) OSCP 7+ to 10 years experience Seniority Level - Other Management Experience Required - No Minimum Education - Bachelor's Degree Willingness to Travel - Never
*We are unable to sponsor for this Remote permanent role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Lead Cyber Security Penetration & Vulnerability Tester. Candidate will provide domain expertise in Penetration testing of Infrastructure and Networks, Web Applications, Cloud and Social engineering! In this role, the candidate will provide improved vulnerability analysis and contextual feedback to stakeholders to support the resolution of discovered vulnerabilities and facilitate risk awareness. Responsibilities: Penetration Testing and Red Team assessments Perform internal and external penetration testing of network infrastructure and applications Red team assessments including physical, social engineering, and network exploitation Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases Perform network reconnaissance, OSINT, social engineering, and physical security reviews Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards Effectively communicate findings and strategy to stakeholders, including technical staff and executive leadership Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement Purple Team and Adversary simulations Participate in regular Purple team exercises and perform adversary simulations to test defense controls Assist with scoping prospective engagements, leading engagements from kickoff through remediation Work closely with Blue team to test efficacy of existing alerts and help create new detection. Create findings reports and communicate to stakeholders Contribute to enhancing the team's toolkit Write custom scripts to automate tasks related to finding new vulnerabilities Maintain runbooks to continually improve penetration testing methodologies and threat modelling. The Red team is responsible for testing the overall strength of our organization's defenses (the technology, the processes, and the people) by simulating the objectives and actions of an attacker! This role provides domain expertise in Penetration testing of Infrastructure and Networks, Web Applications, Cloud and Social engineering, as well as Red Team and Purple Team internal engagements. Additionally, you will provide improved vulnerability analysis and contextual feedback to partners to support the resolution of discovered vulnerabilities and facilitate risk awareness. Qualifications : 8-10 years of experience in Penetration testing, Red Team and Purple Team Bachelor of Science in Engineering, Computer Science, Information Technology, or equivalent work experience Advanced knowledge in common penetration testing tools (Metasploit, Burp Suite, Cobalt Strike, Empire, KALI Linux etc.) Must have a demonstrable understanding of voice and data networks, major operating systems, Active Directory, cloud technologies Must demonstrate knowledge of MITRE's ATT&CK framework, execute and chain TTP's Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms. Ability to optimally code in a Scripting language (Python, Bash, PowerShell, Perl, etc.) OSCP 7+ to 10 years experience Seniority Level - Other Management Experience Required - No Minimum Education - Bachelor's Degree Willingness to Travel - Never
