19 joburi disponibile

Skills and Experience: ITIL Foundation. Educated to postgraduate level (preferably cybersecurity) or equivalent. Recognised qualification in Cyber Security - eg CISMP, CompTIA or equivalent level of work experience and knowledge. Evidence of Continual Professional Development. In depth specialist knowledge of cyber security best practices, standards, certifications, and terminology. Previous experience of working in a dedicated cyber security role. Act as a mentor to junior staff and coordinate work where appropriate. Required to supervise work placements, contractors, and junior staff where appropriate. Deliver and plan specialist training programmes for cyber security. These may be in response to feedback from Trust staff and/or the results of internal cyber security analysis - eg, phishing simulation campaigns. Develop Digital Services staff in cyber security skills and competencies Management of budgets Communicates highly complex information with other cyber security analysts/specialists. Communicates highly complex analytical cyber security matters to non-technical staff and managers across the business, such as undertaking presentations to Quality, Safety & Performance peers and the executive Management Board The Opportunity: My client working within the healthcare sector are currently looking for a Cyber Security Specialist on a permanent basis, you will be required to monitor cyber security systems, respond to cyber security incidents, and develop the policy, processes, and procedures to reduce the likelihood of a cyber security breach. As a senior member of my clients team you will be responsible for the delivery of the Cyber Security Strategic Delivery Plan - this covers a range of cyber and IT security tasks, including (but not limited to) vulnerability scanning, staff education and training, phishing simulation campaigns and the implementation of boundary and internal cyber security defences, Firewalls etc. You will work closely with a range of 3rd parties to review compliance with best practice, you will act as an escalation point for cyber security incidents and provide specialist advice and knowledge across all Digital ICT areas (including networks, systems, and applications) and to support their digital services, as well as developing Cyber Security Training packages for both the team and the organisation. Please call John Noonan here at ISR Recruitment to learn more

IT Network Manager - Cyber Security - Permanent - London (RL7058) Location: London, UK Salary: £65,000 to £75,000 (DOE) + benefits Start Date: ASAP Please note this role unfortunately does not offer sponsorship. The Company Our client provides property development and asset management services to real estate investors in London. The company manages an investment portfolio comprising 2.5 million square feet of premium let-able space in multi-use assets, and a £400 million development pipeline. Their integrated approach spans acquisition, development, construction, leasing, marketing, and asset and property management. Their intimate knowledge of the London property market means they can quickly identify opportunities and realise them through a comprehensive plan for every stage of investment's life cycle. The Role The IT Network Manager will be responsible for the Buildings Network and for managing an outsourced NOC. To be a thought leader in switching, routing and Firewall (Cisco). You will be responsible for managing an outsourced SOC service as well as analysis, definition and assessment of IT and related cyber security risks, threats and issues. As part of the role, you will be responsible for working with colleagues and client's IT service provider(s) to define and implement plans, processes, projects, and programmes to mitigate identified risks and threats. Monitoring and reporting on network projects and programmes to ensure delivery to the highest standard of quality and timeliness will also be a key priority for this role. You will be the Technical Authority on Network & Information Security. In addition to the above, developing and implementing policies & procedures ensuring compliance with key IT and cyber security activity will be another key area of your responsibility. This is an office-based position and therefore the normal hours of work required are from 9:00 am to 5:30 pm, each day of the week from Monday to Friday (inclusive) with one hour for lunch break. You will be responsible for: Ensuring the appropriate life cycle management of all network systems across the client's assets. Ensuring outsourced services for Network Management (NOC) and Cyber Security (SOC) are well managed and represent value for money. Reviewing Cyber Security Incident response plan. To ensure cyber security play books are reviewed and approved by senior stakeholders. Ensuring the application of a standards-based approach to network and Information security management. Developing KPI standards and reporting for Network and Information security management and report on these agreed KPI's quarterly to the board. Identifying and managing external resources (suppliers & services) to ensure delivery of programme and projects and providing progress reports as required. Engagement of suppliers supporting cyclical penetration testing providing reporting on issues of concern and remedial advice requirements. Your main objectives will be: Reviewing client's data and network security; providing recommendations to enhance, and develop a roadmap/programme for implementation. Managing projects arising from these recommendations to the highest standards controlling cost, quality, and time. Currently identified projects include: Developing and managing a rolling programme of penetration testing of Corporate Infrastructure, Applications, Building Infrastructure, and applications. Prioritising and implementing the projects and tasks identified by Managed Service Providers. Identifying need and implementing specific business wide cyber security requirements. Managing projects to develop and secure, its asset infrastructure and networks ensuring performance and security to agreed KPIs. Reviewing monthly vulnerability scans with their security partners to ensure system owners and service partners remediate according to policy. Leading the penetration testing cycle for all networks and applications. Maintaining Cyber Security and Information Governance accreditations. You will have experience in: Degree in IT related discipline or equivalent experience or relevant Cisco network qualifications would be advantageous. ITIL qualified with evidence of successful delivery and management of infrastructure-based projects. Practitioner of Information security best practices Track record and evidence of working with the Cisco security and network technologies like ISE. Previous experience of managing an outsourced network or security services would be advantageous. To apply for this IT Network Manager permanent job, please click the button below and submit your latest CV. Curo Services endeavours to respond to all applications, however this may not always be possible during periods of high volume. Thank you for your patience. Curo Services is a trading name of Curo Resourcing Ltd and acts as an Employment Business for contract and temporary recruitment as well as an Employment Agency in relation to permanent vacancies.

Cyber Security Manager Salary: $150k-$160k + 15% bonus Location: Chicago, IL Hybrid: 3 days in-office, 2 days remote *We are unable to provide sponsorship for this role* Qualifications 3+ years of information security experience, preferably in the financial services industry. 2+ years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response 1+ year in a leadership role or team/project lead capacity. Familiarity with computer network exploitation and network attack methodologies. Application and database security experience Network and security engineering experience, including log and network traffic capture analysis. Experience with assessing system hardening procedures for Windows, Linux Security policy, standards, governance, privacy, and regulatory experience (eg, NIST, COBIT). Knowledge of BYOD and Mobile Device Management platforms. Securing cloud-based platforms (Microsoft Azure, Amazon AWS, etc.). Responsibilities Lead 3-5 employees and contingent labor professional for the cyber systems function within Cyber Defense. Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Manage security tools including appliances, hosted systems, and SaaS - including health checks, version updates, and content development. Validate content changes to security tools are appropriate from other analysts and teams.

NO SPONSORSHIP Director of Cyber Security Architecture and Forensics SALARY: $240k - $300k plus plus 10% bonus LOCATION: Chicago, IL Hybrid 2 days remote and 3 days onsite Looking for a high level enterprise architecture and forensics investigations activities and third level threat hunting. four architects 3-4 forensics engineers 2-3rd level threat hunters report up to this person This team leads in protecting the firm from Cyber and Physical threats, and assists with assuring compliance to contractual, legal, and ethical requirements. Risk to the firm is reduced by providing clear direction for the secure delivery of technology, active identification of risks, and rapid response to threats. The CSO reports to the CAO and works directly with the firm's General Counsel. As part of the CSO's management team the Director of Cyber Security Architecture and Forensics has the following firmwide responsibilities: Leading cross-functionally with IT and other key stakeholders to develop and deliver firmwide and cyber security strategy. Defining security reference architecture. Managing technology assessment and implementation choices. Ensuring delivery of project goals and strong hand over practices to operational teams. Assisting with the assessment of enterprise cyber risk. Directing internal Threat Hunting activities. Overseeing level III cyber investigations and forensics activities. Overseeing level III operational support of security tools and capabilities. Qualifications & Requirements Experience Minimum 10 years experience working in Information Security Running teams of architects that design cyber security solutions for both on premise and cloud-based platforms and applications. Developing and leading cross-functional teams of technologists. Prior experience leading Forensics, Incident response and/or Threat Hunting teams Hiring, developing, and recognizing talent. Understanding of industry standard frameworks such as ISO 27001, NIST 800-53, CSF, ATT&CK Matrix. Aligning projects to business priorities. Proven change management skills. Leading a product as a Product Owner or Product Manager. Education & Professional Certification Bachelor's degree or better in Cyber Security or similar is preferred. CISSP, CISM and technically focused certifications is preferred.

*Position is bonus eligible* Prestigious Financial Company is currently seeking a Cyber Threat and Vulnerabilities Defense Manager. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security technology implementations and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. Responsibilities: Manage security tools including appliances, hosted systems, and SaaS including health checks, version updates, and content development. Validate content changes to security tools are appropriate from other analysts and teams. Report on and enhance current metrics surrounding security tool capabilities and efficacy. Take a lead role in the systems life cycle performing upgrades, implementation of new technologies, and enhancement identification. Lead 3-5 employees and contingent labor professional for the cyber systems function within Cyber Defense. Manage team effectively in delivery of incident resolution, project tasks, compliance milestones, and systems implementations. Perform talent management functions across the team, including performance reviews, direct feedback, and other administrative functions as required. Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Supervisory Responsibilities: Manages all members of the Cybersecurity team within Security Services. Assigns personnel to projects, directs their activities, and performs personnel actions (hiring, promotions, terminations, etc.) Confer with and advise subordinates on administrative policies and procedures, technical problems, priorities, and methods. Promote employee development by conducting career-planning sessions with staff and selecting and scheduling employee training classes, conferences, and seminars Qualifications : Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. SIEM solutions Experience with Crowdstrike solutions Forensic analysis tools (Axiom, EnCase, FTK) Malware analysis tools (dynamic and static) Secure Web Gateway (BlueCoat, Microsoft Forefront) solutions Network sniffers and packet tracing tools (DSS, Ethereal and tcpdump, WireShark). Intrusion Detection & Prevention Tools such as SNORT/Sourcefire, Palo Alto, etc.) Encryption technologies (PGP, PKI and X.509) Hands on experience with network architecture, including network security. Hands on experience with Active Directory Security, including scans, best practices and security configuration. Hands on experience with Application Security controls including design, dynamic scans, static code analysis. Hands on experience with Incident Reponses process, procedures and Tools Identity and access management (I&AM) experience with Active Directory, NTFS permissions, LDAP and Single Sign On (SSO) solutions. Industry-standard metrics and measurements for SOC effectiveness Risk management in the context of the NIST CSF or another industry-standard framework Passion for creating tools and automating processes. Standard technical writing tools including MS Word, Excel, Project and Visio Industry-standard operating systems and environments such as Microsoft Windows and Linux distributions, in data center and cloud environments. LAN/WAN routing and high availability (OSPF, BGP4/iBGP, EIGRP and NSRP) Fundamental understanding of the underlying protocols and data used as the basis for the security monitoring service, including: HTTP, HTTPS, SQL, TCP/IP, Active Directory Application and database security experience Network and security engineering experience, including log and network traffic capture analysis. Experience with assessing system hardening procedures for Windows, Linux Security policy, standards, governance, privacy and regulatory experience (eg, NIST, COBIT). Knowledge of BYOD and Mobile Device Management platforms. Securing cloud based platforms (Microsoft Azure, Amazon AWS, etc.). Minimum three years of information security experience, preferably in the financial services industry. Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Industry knowledge of leading-edge security technologies and methods working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities Professional security certifications is a plus (ie, GIAC, CISSP, CISA, CISM, CRISC)

*We are unable to sponsor as this is a permanent Full time role* *Fully remote position* A prestigious company is looking for a Manager of Cyber Security Incident Response. This person will manage a team of 4 people and will focus on the whole incident response practice. They will be responsible for threat management, threat hunting, cyber risk event triage and analysis, and automation. They will work with Splunk and MITRE frameworks. RESPONSIBILITIES Collaborate on the evolution of a best-in-class security threat management program, incorporating cutting edge techniques in automation, machine learning, and distributed threat protection to broaden, deepen, and sharpen our capabilities to rapidly identify and eradicate cyber security threats. Work with cross-functional stakeholders from legal, corporate communications, privacy, compliance, facilities, and business continuity planning to mature enterprise end-to-end incident response and recovery plans and develop targeted playbooks to address emergent threats to the business. Sustain an agile, threat intelligence-driven continuous improvement process that leverages micro-purple testing techniques, hypothesis-based threat hunting, and the MITRE ATT&CK framework to identify missing or ineffective telemetry, detection capabilities, and response playbooks required to detect, prevent, and respond to cyber risk events originating from threat actors that are targeting the company. Define the strategy for cyber threat management services, including the maintenance of the roadmap of process architectures that document the target and working states of cyber risk event management services and a multi-year plan to close gaps against the target state while keeping current with changes to technology and threat landscapes. Develop strong working relationships with other leaders in the information technology organization by providing continuous assistance and thought leadership. Establish and maintain relationships with suppliers and business partners in the information security industry. QUALIFICATIONS Experience defending heterogenous enterprise environments. Red teaming or other offence-oriented experience a plus. History of working with cross-functional teams that include stakeholders outside of the technology organization. Experience with one or more of the following: cyber threat intelligence, threat hunting, detection content development, cyber risk event triage and analysis, security incident response. Demonstrated skill in developing and presenting on cyber risk concepts to non-technical audiences, including project and product managers and non-technical leadership. Experience in authoring, reviewing, and presenting technical and process documentation including requirements, architecture diagrams and sequence/flow diagrams. Previous experience with a major cloud platform, such as AWS or Azure.

We are looking for a talented Security Event Manager who is smart, curious and prospers against the challenge of working closely with a small business to solve complex and challenging problems across the Public Sector landscape. You'll have the freedoms to be truly innovative to roll up your sleeves, get stuck into the detail of systems, and generally do what it takes to achieve incredible technical solutions to our customer's complex problems. The selected candidate will play a pivotal role in safeguarding our critical greenfield information technology infrastructure by monitoring, analysing, and responding to security events and incidents. Responsibilities: Security Event Monitoring: * Utilise advanced security monitoring tools and technologies to monitor the IT Infrastructure platform for security events and anomalies. * Conduct Real Time analysis of security alerts, logs, and data to identify potential security incidents and threats. * Escalate and prioritise security incidents based on their severity and potential impact. Incident Response: * Lead the incident response process, coordinating with relevant teams to contain, investigate, and resolve security incidents promptly. * Perform in-depth analysis of security incidents to understand attack vectors, determine root causes, and recommend remediation actions. * Develop and maintain incident response playbooks and guidelines for different types of security incidents. Security Reporting: * Prepare and deliver regular security reports to key stakeholders, providing insights into security event trends, incident metrics, and lessons learned. Vulnerability Management: * Collaborate with the IT team to identify, prioritise, and remediate security vulnerabilities in the IT infrastructure. * Monitor and report on the status of vulnerability assessments and patch management efforts. Continuous Improvement: * Proactively identify areas for security process improvement and efficiency enhancement within the security event management function. * Participate in security awareness and training initiatives to promote a security-conscious culture within the organization. Our Ideal Candidate: * Extensive experience in security event management, incident response, and threat intelligence analysis within the information technology sector. * Strong knowledge of security frameworks, best practices, and standards (eg, ISO 27001, NIST, CIS). * Proficiency in using security information and event management (SIEM) tools and other security monitoring solutions. * Demonstrated ability to lead and coordinate incident response efforts effectively. * Analytical mindset with the capability to perform detailed security event analysis and forensics. * Excellent written and verbal communication skills for effective reporting and collaboration with cross-functional teams. * Familiarity with Defence security regulations and requirements relevant to the IT systems (eg JSP440, JSP604 etc). * Have demonstrable sector knowledge or experience within UK Defence (Army, Air force or Royal Navy). * Ability to hold a minimum of UK Security Clearance (SC). * Hold a UK Driving Licence and have a willingness to travel to client sites Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 10 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

*We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Senior Manager, Business Continuity. This Sr. Manager will focus on all business continuity globally, not just IT. They will focus on risk assessments, business impact analysis, change management, disaster recovery planning, BC exercise, and will manage/lead the whole business continuity program within the firm. Responsibilities: Management and delivery of the program that addresses business recovery and emergency response management. Work with crisis management and staff leads to align the Firms' emergency management plan with established best practices and community standards. Develop and maintain business recovery plans and procedures; reviews, revises, and expands existing plans and protocols. Lead and facilitate execution of the plan and support plan navigation for the business at the time of an event which includes supporting the crisis management lead with critical components of the plan in order that they can make critical decisions, provide visibility and reporting to the crisis management lead/team on the critical functions, individuals, and infrastructure within the business plans. Conduct risk assessments for various departments and functions, analysing potential business impact of unpredictable business interruptions such as natural disasters, security breach, and other disruptions. Collaborate with IT staff to develop and implement best practices to protect and restore data and systems in the event of natural disasters, viruses, and hackers. Identify and implement recovery operations and methods to allow the company to function at limited or partial capacity if services or infrastructure is degraded or down. Create and facilitate practice drills for plan execution. Develop and/or lead change management efforts across all phases of projects and initiatives to drive the Firm's culture of continuous improvement Develop and provide staff training on Business Continuity risk management and disaster recovery. Perform other related duties as assigned. Qualifications & Requirements Bachelor's degree in business administration, Finance, or similar field required; master's degree preferred. Minimum of eight years of hands-on business continuity experience with at least five years managing the program and team is required. Experience in performing BC audits or in managing and coordinating the response to a major, unplanned disruptive event that required activation of the BC/DR/Incident or Crisis Management Plans is required. Experience in Business Resumption Planning, Crisis Management Planning, Incident Response Planning, Disaster Recovery Planning, Plan Exercising/Testing, Conducting BIAs is required. Ability to collaborate with others to develop an emergency plan. Proficient with Microsoft Office Suite or related software. Hands-on experience implementing business continuity management software is a plus. Strong knowledge of technology and business concepts, life cycles and processes. Relevant Business Continuity, Disaster Recovery, Risk or Audit certifications preferred.

*We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Senior Manager, Business Continuity. This Sr. Manager will focus on all business continuity globally, not just IT. They will focus on risk assessments, business impact analysis, change management, disaster recovery planning, BC exercise, and will manage/lead the whole business continuity program within the firm. Responsibilities: Management and delivery of the program that addresses business recovery and emergency response management. Work with crisis management and staff leads to align the Firms' emergency management plan with established best practices and community standards. Develop and maintain business recovery plans and procedures; reviews, revises, and expands existing plans and protocols. Lead and facilitate execution of the plan and support plan navigation for the business at the time of an event which includes supporting the crisis management lead with critical components of the plan in order that they can make critical decisions, provide visibility and reporting to the crisis management lead/team on the critical functions, individuals, and infrastructure within the business plans. Conduct risk assessments for various departments and functions, analysing potential business impact of unpredictable business interruptions such as natural disasters, security breach, and other disruptions. Collaborate with IT staff to develop and implement best practices to protect and restore data and systems in the event of natural disasters, viruses, and hackers. Identify and implement recovery operations and methods to allow the company to function at limited or partial capacity if services or infrastructure is degraded or down. Create and facilitate practice drills for plan execution. Develop and/or lead change management efforts across all phases of projects and initiatives to drive the Firm's culture of continuous improvement Develop and provide staff training on Business Continuity risk management and disaster recovery. Perform other related duties as assigned. Qualifications & Requirements Bachelor's degree in business administration, Finance, or similar field required; master's degree preferred. Minimum of eight years of hands-on business continuity experience with at least five years managing the program and team is required. Experience in performing BC audits or in managing and coordinating the response to a major, unplanned disruptive event that required activation of the BC/DR/Incident or Crisis Management Plans is required. Experience in Business Resumption Planning, Crisis Management Planning, Incident Response Planning, Disaster Recovery Planning, Plan Exercising/Testing, Conducting BIAs is required. Ability to collaborate with others to develop an emergency plan. Proficient with Microsoft Office Suite or related software. Hands-on experience implementing business continuity management software is a plus. Strong knowledge of technology and business concepts, life cycles and processes. Relevant Business Continuity, Disaster Recovery, Risk or Audit certifications preferred.

*We are unable to sponsor for this permanent Full time role* *Position is Bonus eligible* Prestigious Global Firm is currently seeking a Director of Cyber Security Architecture and Forensics. Candidate will lead a team that is protecting the firm from Cyber and Physical threats, and assists with assuring compliance to contractual, legal, and ethical requirements. Responsibilities: Leading cross-functionally with IT and other key stakeholders to develop and deliver firmwide and cyber security strategy. Defining security reference architecture. Managing technology assessment and implementation choices. Ensuring delivery of project goals and strong hand over practices to operational teams. Assisting with the assessment of enterprise cyber risk. Directing internal Threat Hunting activities. Overseeing level III cyber investigations and forensics activities. Overseeing level III operational support of security tools and capabilities. Developing organizational mission, objectives, milestones, and plans with little supervision. Independent and persuasive business writing, probing key issues, drawing customer to issue identification. Create presentations that are viewed as constructive dialogues sharing customer-focused vision to employees on a regular basis. Can create and deliver performance reviews, improvement plans and career plans. Has developed active listening skills. Produces effective and practical decisions and problem solutions based on a mixture of analysis, experience, and judgment. Provides innovative and insightful ideas. Perceives the cross impact on other engagements. Determines personnel needs and staffing. Capable of defusing complex interpersonal issues effectively while managing customer expectations. Negotiates skillfully in very difficult situations with both internal and external groups. Inspires and motivates. Recognized as a positive and motivational leader by the team. Builds strategy and focuses on six month to one-year plans. Contributes individually or through others on complex issues or initiatives. Facilitates group progress on complex issues and initiatives. Develop and/or lead change management efforts across all phases of projects and initiatives to drive the Firm's culture of continuous improvement Spearheads complex programs that span multiple inter-organizational units. Interfaces with senior management. Qualifications: Minimum 10 years experience working in Information Security Running teams of architects that design cyber security solutions for both on premise and cloud-based platforms and applications. Developing and leading cross-functional teams of technologists. Prior experience leading Forensics, Incident response and/or Threat Hunting teams Hiring, developing, and recognizing talent. Understanding of industry standard frameworks such as ISO 27001, NIST 800-53, CSF, ATT&CK Matrix. Aligning projects to business priorities. Proven change management skills. Leading a product as a Product Owner or Product Manager. Bachelor's degree or better in Cyber Security or similar is preferred. CISSP, CISM and technically focused certifications is preferred.

*We are unable to sponsor for this permanent Full time role* *Candidate will need to be open to work in Austin, TX or Chicago, IL* *Position is Bonus eligible* Prestigious Global Firm is currently seeking a Senior Manager of Business Continuity. Candidate is responsible for the framework and methodology to manage all business continuity life cycle activities, including risk assessment, business impact analysis, strategy development, implementation, testing and review, plan maintenance, updates, training, and communications. The Senior Manager will lead and support the development and management of a comprehensive business continuity program to enable the Firm to manage a crisis event as well as meet compliance requirements for BC planning. Responsibilities: Management and delivery of the program that addresses business recovery and emergency response management. Work with crisis management and staff leads to align the Firms' emergency management plan with established best practices and community standards. Develop and maintain business recovery plans and procedures; reviews, revises, and expands existing plans and protocols. Lead and facilitate execution of the plan and support plan navigation for the business at the time of an event which includes supporting the crisis management lead with critical components of the plan in order that they can make critical decisions, provide visibility and reporting to the crisis management lead/team on the critical functions, individuals, and infrastructure within the business plans. Conduct risk assessments for various departments and functions, analysing potential business impact of unpredictable business interruptions such as natural disasters, security breach, and other disruptions. Collaborate with IT staff to develop and implement best practices to protect and restore data and systems in the event of natural disasters, viruses, and hackers. Identify and implement recovery operations and methods to allow the company to function at limited or partial capacity if services or infrastructure is degraded or down. Create and facilitate practice drills for plan execution. Develop and/or lead change management efforts across all phases of projects and initiatives to drive the Firm's culture of continuous improvement Develop and provide staff training on Business Continuity risk management and disaster recovery. Perform other related duties as assigned. Qualifications: Bachelor's degree in business administration, Finance, or similar field required; master's degree preferred. Minimum of eight years of hands-on business continuity experience with at least five years managing the program and team is required. Experience in performing BC audits or in managing and coordinating the response to a major, unplanned disruptive event that required activation of the BC/DR/Incident or Crisis Management Plans is required. Experience in Business Resumption Planning, Crisis Management Planning, Incident Response Planning, Disaster Recovery Planning, Plan Exercising/Testing, Conducting BIAs is required. Ability to interact with a variety of internal and external people in a professional manner that creates confidence in his/her knowledge and abilities and helps foster mutually satisfactory resolution to control gaps and issues. Demonstrate the ability to think strategically and drive tactical execution. Excellent strategic, problem solving, and analytical skills. Proven change management skills. Excellent communication skills; presentation, verbal and written. Ability to collaborate with others to develop an emergency plan. Proficient with Microsoft Office Suite or related software. Hands-on experience implementing business continuity management software is a plus. Strong knowledge of technology and business concepts, life cycles and processes. Self-starter with the ability to both work with a degree of autonomy and at the direction of leadership. Relevant Business Continuity, Disaster Recovery, Risk or Audit certifications preferred.

*We are unable to sponsor for this permanent Full time role* *Candidate will need to be open to work in Austin, TX or Chicago, IL* *Position is Bonus eligible* Prestigious Global Firm is currently seeking a Senior Manager of Business Continuity. Candidate is responsible for the framework and methodology to manage all business continuity life cycle activities, including risk assessment, business impact analysis, strategy development, implementation, testing and review, plan maintenance, updates, training, and communications. The Senior Manager will lead and support the development and management of a comprehensive business continuity program to enable the Firm to manage a crisis event as well as meet compliance requirements for BC planning. Responsibilities: Management and delivery of the program that addresses business recovery and emergency response management. Work with crisis management and staff leads to align the Firms' emergency management plan with established best practices and community standards. Develop and maintain business recovery plans and procedures; reviews, revises, and expands existing plans and protocols. Lead and facilitate execution of the plan and support plan navigation for the business at the time of an event which includes supporting the crisis management lead with critical components of the plan in order that they can make critical decisions, provide visibility and reporting to the crisis management lead/team on the critical functions, individuals, and infrastructure within the business plans. Conduct risk assessments for various departments and functions, analysing potential business impact of unpredictable business interruptions such as natural disasters, security breach, and other disruptions. Collaborate with IT staff to develop and implement best practices to protect and restore data and systems in the event of natural disasters, viruses, and hackers. Identify and implement recovery operations and methods to allow the company to function at limited or partial capacity if services or infrastructure is degraded or down. Create and facilitate practice drills for plan execution. Develop and/or lead change management efforts across all phases of projects and initiatives to drive the Firm's culture of continuous improvement Develop and provide staff training on Business Continuity risk management and disaster recovery. Perform other related duties as assigned. Qualifications: Bachelor's degree in business administration, Finance, or similar field required; master's degree preferred. Minimum of eight years of hands-on business continuity experience with at least five years managing the program and team is required. Experience in performing BC audits or in managing and coordinating the response to a major, unplanned disruptive event that required activation of the BC/DR/Incident or Crisis Management Plans is required. Experience in Business Resumption Planning, Crisis Management Planning, Incident Response Planning, Disaster Recovery Planning, Plan Exercising/Testing, Conducting BIAs is required. Ability to interact with a variety of internal and external people in a professional manner that creates confidence in his/her knowledge and abilities and helps foster mutually satisfactory resolution to control gaps and issues. Demonstrate the ability to think strategically and drive tactical execution. Excellent strategic, problem solving, and analytical skills. Proven change management skills. Excellent communication skills; presentation, verbal and written. Ability to collaborate with others to develop an emergency plan. Proficient with Microsoft Office Suite or related software. Hands-on experience implementing business continuity management software is a plus. Strong knowledge of technology and business concepts, life cycles and processes. Self-starter with the ability to both work with a degree of autonomy and at the direction of leadership. Relevant Business Continuity, Disaster Recovery, Risk or Audit certifications preferred.

Manager, Cyber Defense Threats and Vulnerabilities SALARY: $160k plus 15% LOCATION: Chicago, IL Hybrid 3 days remote 2 days onsite Looking for a Manager over Cyber defense threats & vulnerabilities. You will manage security tools and lead 3-5 employees. Cyber threats digital forensics incident response application security operating systems cryptographic networking 24/7 on-call support SIEM crowdstrike axiom encase FTX blue coat forefront DSS wireshark snort Active Directory security IAM permissions LDAP SSO The Manager, Cyber Defense will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security technology implementations and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. Manage security tools including appliances, hosted systems, and SaaS - including health checks, version updates, and content development. Validate content changes to security tools are appropriate from other analysts and teams. Report on and enhance current metrics surrounding security tool capabilities and efficacy. Take a lead role in the systems life cycle performing upgrades, implementation of new technologies, and enhancement identification. Team Management Lead 3-5 employees and contingent labor professional for the cyber systems function within Cyber Defense. Manage team effectively in delivery of incident resolution, project tasks, compliance milestones, and systems implementations. Perform talent management functions across the team, including performance reviews, direct feedback, and other administrative functions as required. Incident Management and Security Response Actions: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Supervisory Responsibilities: Manages all members of the Cybersecurity team within Security Services. Assigns personnel to projects, directs their activities, and performs personnel actions (hiring, promotions, terminations, etc.) Confer with and advise subordinates on administrative policies and procedures, technical problems, priorities, and methods. Promote employee development by conducting career-planning sessions with staff and selecting and scheduling employee training classes, conferences, and seminars Qualifications : Technical Skills: SIEM solutions Experience with Crowdstrike solutions Forensic analysis tools (Axiom, EnCase, FTK) Malware analysis tools (dynamic and static) Secure Web Gateway (BlueCoat, Microsoft Forefront) solutions Network sniffers and packet tracing tools (DSS, Ethereal and tcpdump, WireShark). Intrusion Detection & Prevention Tools such as SNORT/Sourcefire, Palo Alto, etc.) Encryption technologies (PGP, PKI and X.509) Hands on experience with network architecture, including network security. Hands on experience with Active Directory Security, including scans, best practices and security configuration. Hands on experience with Application Security controls including design, dynamic scans, static code analysis. Hands on experience with Incident Reponses process, procedures and Tools Identity and access management (I&AM) experience with Active Directory, NTFS permissions, LDAP and Single Sign On (SSO) solutions. Industry-standard metrics and measurements for SOC effectiveness Risk management in the context of the NIST CSF or another industry-standard framework Passion for creating tools and automating processes. Standard technical writing tools including MS Word, Excel, Project and Visio Familiarity with: Industry-standard operating systems and environments such as Microsoft Windows and Linux distributions, in data center and cloud environments. LAN/WAN routing and high availability (OSPF, BGP4/iBGP, EIGRP and NSRP) Fundamental understanding of the underlying protocols and data used as the basis for the security monitoring service, including: HTTP, HTTPS, SQL, TCP/IP, Active Directory Application and database security experience Network and security engineering experience, including log and network traffic capture analysis. Experience with assessing system hardening procedures for Windows, Linux Security policy, standards, governance, privacy and regulatory experience (eg, NIST, COBIT). Knowledge of BYOD and Mobile Device Management platforms. Securing cloud based platforms (Microsoft Azure, Amazon AWS, etc.). Education and/or Experience: Minimum three years of information security experience, preferably in the financial services industry. Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Industry knowledge of leading-edge security technologies and methods working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities

*We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Director of Cyber Security Architecture and Forensics. This position will focus on high level enterprise architecture and forensics. There will be 4 architects, 3-4 engineers, and 2 threat hunters reporting to them. They will focus on all cyber and forensics threats security architecture. Responsibilities: Leading cross-functionally with IT and other key stakeholders to develop and deliver firmwide and cyber security strategy. Defining security reference architecture. Managing technology assessment and implementation choices. Ensuring delivery of project goals and strong hand over practices to operational teams. Assisting with the assessment of enterprise cyber risk. Directing internal Threat Hunting activities. Overseeing level III cyber investigations and forensics activities. Overseeing level III operational support of security tools and capabilities. Builds strategy and focuses on six month to one-year plans. Contributes individually or through others on complex issues or initiatives. Facilitates group progress on complex issues and initiatives. Develop and/or lead change management efforts across all phases of projects and initiatives to drive the Firm's culture of continuous improvement Program/Project Management Interfaces with senior management. Qualifications & Requirements Bachelor's degree or better in Cyber Security or similar is preferred. CISSP, CISM and technically focused certifications is preferred. Minimum 10 years experience working in Information Security Running teams of architects that design cyber security solutions for both on premise and cloud-based platforms and applications. Developing and leading cross-functional teams of technologists. Prior experience leading Forensics, Incident response and/or Threat Hunting teams Hiring, developing, and recognizing talent. Understanding of industry standard frameworks such as ISO 27001, NIST 800-53, CSF, ATT&CK Matrix. Leading a product as a Product Owner or Product Manager.

*Position is bonus eligible* Prestigious Financial Company is currently seeking a Cyber Threat and Vulnerabilities Defense Manager. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security technology implementations and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. Responsibilities: Manage security tools including appliances, hosted systems, and SaaS including health checks, version updates, and content development. Validate content changes to security tools are appropriate from other analysts and teams. Report on and enhance current metrics surrounding security tool capabilities and efficacy. Take a lead role in the systems life cycle performing upgrades, implementation of new technologies, and enhancement identification. Lead 3-5 employees and contingent labor professional for the cyber systems function within Cyber Defense. Manage team effectively in delivery of incident resolution, project tasks, compliance milestones, and systems implementations. Perform talent management functions across the team, including performance reviews, direct feedback, and other administrative functions as required. Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Supervisory Responsibilities: Manages all members of the Cybersecurity team within Security Services. Assigns personnel to projects, directs their activities, and performs personnel actions (hiring, promotions, terminations, etc.) Confer with and advise subordinates on administrative policies and procedures, technical problems, priorities, and methods. Promote employee development by conducting career-planning sessions with staff and selecting and scheduling employee training classes, conferences, and seminars Qualifications : Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. SIEM solutions Experience with Crowdstrike solutions Forensic analysis tools (Axiom, EnCase, FTK) Malware analysis tools (dynamic and static) Secure Web Gateway (BlueCoat, Microsoft Forefront) solutions Network sniffers and packet tracing tools (DSS, Ethereal and tcpdump, WireShark). Intrusion Detection & Prevention Tools such as SNORT/Sourcefire, Palo Alto, etc.) Encryption technologies (PGP, PKI and X.509) Hands on experience with network architecture, including network security. Hands on experience with Active Directory Security, including scans, best practices and security configuration. Hands on experience with Application Security controls including design, dynamic scans, static code analysis. Hands on experience with Incident Reponses process, procedures and Tools Identity and access management (I&AM) experience with Active Directory, NTFS permissions, LDAP and Single Sign On (SSO) solutions. Industry-standard metrics and measurements for SOC effectiveness Risk management in the context of the NIST CSF or another industry-standard framework Passion for creating tools and automating processes. Standard technical writing tools including MS Word, Excel, Project and Visio Industry-standard operating systems and environments such as Microsoft Windows and Linux distributions, in data center and cloud environments. LAN/WAN routing and high availability (OSPF, BGP4/iBGP, EIGRP and NSRP) Fundamental understanding of the underlying protocols and data used as the basis for the security monitoring service, including: HTTP, HTTPS, SQL, TCP/IP, Active Directory Application and database security experience Network and security engineering experience, including log and network traffic capture analysis. Experience with assessing system hardening procedures for Windows, Linux Security policy, standards, governance, privacy and regulatory experience (eg, NIST, COBIT). Knowledge of BYOD and Mobile Device Management platforms. Securing cloud based platforms (Microsoft Azure, Amazon AWS, etc.). Minimum three years of information security experience, preferably in the financial services industry. Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Industry knowledge of leading-edge security technologies and methods working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities Professional security certifications is a plus (ie, GIAC, CISSP, CISA, CISM, CRISC)

*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Manager of Incident Response. Candidate will lead the team responsible for predicting, detecting, and responding to cyber risk events corresponding to security and appropriate use threats. The primary objectives for the role will be to sustain a high degree of operational maturity in executing risk event management processes, to establish and maintain cross-functional relationships that enable end-to-end enterprise incident response, and to drive the adoption of innovative practices that proactively improve our ability to prevent, detect, disrupt, investigate, respond to, and recover from sophisticated threats. RESPONSIBILITIES Collaborate on the evolution of a best-in-class security threat management program, incorporating cutting edge techniques in automation, machine learning, and distributed threat protection to broaden, deepen, and sharpen our capabilities to rapidly identify and eradicate cyber security threats. Work with cross-functional stakeholders from legal, corporate communications, privacy, compliance, facilities, and business continuity planning to mature enterprise end-to-end incident response and recovery plans and develop targeted playbooks to address emergent threats to the business. Sustain an agile, threat intelligence-driven continuous improvement process that leverages micro-purple testing techniques, hypothesis-based threat hunting, and the MITRE ATT&CK framework to identify missing or ineffective telemetry, detection capabilities, and response playbooks required to detect, prevent, and respond to cyber risk events originating from threat actors. Define the strategy for cyber threat management services, including the maintenance of the roadmap of process architectures that document the target and working states of cyber risk event management services and a multi-year plan to close gaps against the target state while keeping current with changes to technology and threat landscapes. Develop strong working relationships with other leaders in the information technology organization by providing continuous assistance and thought leadership. Establish and maintain relationships with suppliers and business partners in the information security industry. Educate, coach, and mentor a team on technical, interpersonal, and team dynamics, company policy & procedures, and other topics. QUALIFICATIONS Experience defending heterogenous enterprise environments. Red teaming or other offence-oriented experience a plus. History of working with cross-functional teams that include stakeholders outside of the technology organization. Experience with one or more of the following: cyber threat intelligence, threat hunting, detection content development, cyber risk event triage and analysis, security incident response. Demonstrated skill in developing and presenting on cyber risk concepts to non-technical audiences, including project and product managers and non-technical leadership. Experience in authoring, reviewing, and presenting technical and process documentation including requirements, architecture diagrams and sequence/flow diagrams. Previous experience with a major cloud platform, such as AWS or Azure.

*We are unable to sponsor as this is a permanent Full time role* *Fully remote position* A prestigious company is looking for a Manager of Cyber Security Incident Response. This person will manage a team of 4 people and will focus on the whole incident response practice. They will be responsible for threat management, threat hunting, cyber risk event triage and analysis, and automation. They will work with Splunk and MITRE frameworks. RESPONSIBILITIES Collaborate on the evolution of a best-in-class security threat management program, incorporating cutting edge techniques in automation, machine learning, and distributed threat protection to broaden, deepen, and sharpen our capabilities to rapidly identify and eradicate cyber security threats. Work with cross-functional stakeholders from legal, corporate communications, privacy, compliance, facilities, and business continuity planning to mature enterprise end-to-end incident response and recovery plans and develop targeted playbooks to address emergent threats to the business. Sustain an agile, threat intelligence-driven continuous improvement process that leverages micro-purple testing techniques, hypothesis-based threat hunting, and the MITRE ATT&CK framework to identify missing or ineffective telemetry, detection capabilities, and response playbooks required to detect, prevent, and respond to cyber risk events originating from threat actors that are targeting the company. Define the strategy for cyber threat management services, including the maintenance of the roadmap of process architectures that document the target and working states of cyber risk event management services and a multi-year plan to close gaps against the target state while keeping current with changes to technology and threat landscapes. Develop strong working relationships with other leaders in the information technology organization by providing continuous assistance and thought leadership. Establish and maintain relationships with suppliers and business partners in the information security industry. QUALIFICATIONS Experience defending heterogenous enterprise environments. Red teaming or other offence-oriented experience a plus. History of working with cross-functional teams that include stakeholders outside of the technology organization. Experience with one or more of the following: cyber threat intelligence, threat hunting, detection content development, cyber risk event triage and analysis, security incident response. Demonstrated skill in developing and presenting on cyber risk concepts to non-technical audiences, including project and product managers and non-technical leadership. Experience in authoring, reviewing, and presenting technical and process documentation including requirements, architecture diagrams and sequence/flow diagrams. Previous experience with a major cloud platform, such as AWS or Azure.

*Hybrid, 3 days onsite, 2 days remote* A prestigious financial company is looking for a Cyber Defense Manager. This manager will lead a team of 3-5 individuals who will investigate threats and vulnerabilities related to digital forensics, incident response, application security, operating systems, networking, etc. Responsibilities: Manage security tools including appliances, hosted systems, and SaaS - including health checks, version updates, and content development. Take a lead role in the systems life cycle performing upgrades, implementation of new technologies, and enhancement identification. Lead 3-5 employees and contingent labor professional for the cyber systems function within Cyber Defense. Manage team effectively in delivery of incident resolution, project tasks, compliance milestones, and systems implementations. Manages all members of the Cybersecurity team within Security Services. Assigns personnel to projects, directs their activities, and performs personnel actions (hiring, promotions, terminations, etc.) Perform talent management functions across the team, including performance reviews, direct feedback, and other administrative functions as required. Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Qualifications: Minimum three years of information security experience, preferably in the financial services industry. Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Industry knowledge of leading-edge security technologies and methods working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities Professional security certifications is a plus (ie, GIAC, CISSP, CISA, CISM, CRISC) SIEM solutions Experience with Crowdstrike solutions Forensic analysis tools (Axiom, EnCase, FTK) Malware analysis tools (dynamic and static) Secure Web Gateway (BlueCoat, Microsoft Forefront) solutions Network sniffers and packet tracing tools (DSS, Ethereal and tcpdump, WireShark). Intrusion Detection & Prevention Tools such as SNORT/Sourcefire, Palo Alto, etc.) Encryption technologies (PGP, PKI and X.509) Hands on experience with network architecture, including network security. Hands on experience with Active Directory Security, including scans, best practices and security configuration. Hands on experience with Application Security controls including design, dynamic scans, static code analysis. Hands on experience with Incident Reponses process, procedures and Tools Identity and access management (I&AM) experience with Active Directory, NTFS permissions, LDAP and Single Sign On (SSO) solutions. Industry-standard metrics and measurements for SOC effectiveness Risk management in the context of the NIST CSF or another industry-standard framework Passion for creating tools and automating processes. Securing cloud based platforms (Microsoft Azure, Amazon AWS, etc.).