My client, a tech start up in London, are looking for an Information Security Analyst to join their growing team. About the Information Security Analyst role: Reporting to the CISO, you will be responsible for helping to define and deliver upon their security roadmap. You will be responsible for auditing, implementing, and extending security functionality within their services and the platform upon which they run. The successful candidate will have a holistic view of information security and have broad experience across multiple applicable disciplines. Responsibilities: - Assume ownership of an existing backlog of technical security improvements - Play a leading role within a small but effective security engineering team - Contribute to the security incident response process and play an active role in it - Support the CISO in defining and delivering upon a broad, company-wide security roadmap, including training, physical/cyber/information security, compliance, policies, etc . Requirements: - Knowledge of CyberSecurity Frameworks (NIST, CIS, ISO27001) - Experience with detection and exploitation of security vulnerabilities - Knowledge of the principles of Linux OS - Knowledge of risk assessment tools, technologies and methods - Experience designing secure networks, systems and application. Experience planning, researching and developing security policies, standards and procedures - Experience in privacy and cyber governance, risk and compliance frameworks and controls - Able to develop privacy guidelines & architectures in areas such as governance, consent management, privacy-by-design -Proven ability to identify and assess complex risks and understand the mechanisms (people, process, technology) available to manage those risks - A high-level understanding of modern cryptography, including cryptographic primitives Non-technical: - Exemplary communication skills, especially in dealing with multiple stakeholders - Able to take a risk-based approach and effectively prioritise many competing demands If the above is of interest to you please call me to find out more. Alternatively please respond to this ad and I will be able to view your CV on-line.
19/09/2020
Full time
My client, a tech start up in London, are looking for an Information Security Analyst to join their growing team. About the Information Security Analyst role: Reporting to the CISO, you will be responsible for helping to define and deliver upon their security roadmap. You will be responsible for auditing, implementing, and extending security functionality within their services and the platform upon which they run. The successful candidate will have a holistic view of information security and have broad experience across multiple applicable disciplines. Responsibilities: - Assume ownership of an existing backlog of technical security improvements - Play a leading role within a small but effective security engineering team - Contribute to the security incident response process and play an active role in it - Support the CISO in defining and delivering upon a broad, company-wide security roadmap, including training, physical/cyber/information security, compliance, policies, etc . Requirements: - Knowledge of CyberSecurity Frameworks (NIST, CIS, ISO27001) - Experience with detection and exploitation of security vulnerabilities - Knowledge of the principles of Linux OS - Knowledge of risk assessment tools, technologies and methods - Experience designing secure networks, systems and application. Experience planning, researching and developing security policies, standards and procedures - Experience in privacy and cyber governance, risk and compliance frameworks and controls - Able to develop privacy guidelines & architectures in areas such as governance, consent management, privacy-by-design -Proven ability to identify and assess complex risks and understand the mechanisms (people, process, technology) available to manage those risks - A high-level understanding of modern cryptography, including cryptographic primitives Non-technical: - Exemplary communication skills, especially in dealing with multiple stakeholders - Able to take a risk-based approach and effectively prioritise many competing demands If the above is of interest to you please call me to find out more. Alternatively please respond to this ad and I will be able to view your CV on-line.
Request Technology - Craig Johnson
Oakland, California, United States
*We are unable to sponsor for this permanent Full time role* *This role can be a remote role for the right candidate* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Senior Incident Response Threat Engineer with strong Splunk experience. Candidate is responsible for all aspects of security threat management. This hands-on technical role shares responsibilities across the team in conducting cyber threat intelligence, executing threat hunts, participating and leading incident response efforts, performing digital forensics, and implementing threat protection across the enterprise. Candidate will be responsible for building, maintaining, and improving the engine that powers large-scale security threat management capabilities that protect, detect, and respond to emerging threats and sophisticated attacks on enterprise networks. The person in this role reviews and analyzes large and highly complex data-sets and information to provide content, conclusions, and actionable recommendations to mitigate risk and stop attackers cold. Candidate should have an applied and in-depth understanding of malware, attacker tactics, techniques, and procedures and experience defending organizations from these threats. In addition to having a breadth of technical experience, the candidate should have leadership and customer communication experience Responsibilities: Design, build, run, and own infrastructure and automation to detect, contain, and eradicate security threats. Develop new and novel defense techniques to identify and stop advanced adversary tactics and techniques. Perform forensics on network, host, memory, and other artifacts originating from multiple operating systems, applications, or networks and extract IOCs (Indicators of Compromise) and TTP (Tactics, Techniques, and Procedures). Collect, analyze, assess, and disseminate information about cyber threats and potential attacks. Conduct human-driven, proactive, and iterative hunts through enterprise networks, endpoints, or datasets to detect malicious, suspicious, or risky activities that have evaded detection by existing tools. Lead the Computer Incident Response Team (CIRT) in responding to active and time-sensitive threats including communications and coordination across different teams. Work closely with other members of the Information Security team to lead changes in the company's defense posture. Qualifications: BS/MS in Computer Science or equivalent work experience. 7+ years of experience in information security. Possession of a holistic view of the threat, vulnerability, and risk as well as their relationship. Deep understanding of internals and constructs of at least two main modern operation systems. Relevant security certifications (OSCP, OSCE, GPEN, GXPN, GREM, GNFA, GCFA). Applied experience with application and business logic Embedded in business systems. Knowledge of open security testing standards and projects, including OWASP. Proficiency with at least one interpreted programming language (Python, Ruby, etc.). Advanced knowledge of TCP/IP Networking, and network services such as DNS, SMTP, DHCP, etc. In-depth understanding of authentication protocols, applied cryptography, key management, PKI and SSL/TLS. Experience employing phishing and other social engineering tactics. Experience using multiple command and control channels, including DNS and HTTPS.
19/09/2020
Full time
*We are unable to sponsor for this permanent Full time role* *This role can be a remote role for the right candidate* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Senior Incident Response Threat Engineer with strong Splunk experience. Candidate is responsible for all aspects of security threat management. This hands-on technical role shares responsibilities across the team in conducting cyber threat intelligence, executing threat hunts, participating and leading incident response efforts, performing digital forensics, and implementing threat protection across the enterprise. Candidate will be responsible for building, maintaining, and improving the engine that powers large-scale security threat management capabilities that protect, detect, and respond to emerging threats and sophisticated attacks on enterprise networks. The person in this role reviews and analyzes large and highly complex data-sets and information to provide content, conclusions, and actionable recommendations to mitigate risk and stop attackers cold. Candidate should have an applied and in-depth understanding of malware, attacker tactics, techniques, and procedures and experience defending organizations from these threats. In addition to having a breadth of technical experience, the candidate should have leadership and customer communication experience Responsibilities: Design, build, run, and own infrastructure and automation to detect, contain, and eradicate security threats. Develop new and novel defense techniques to identify and stop advanced adversary tactics and techniques. Perform forensics on network, host, memory, and other artifacts originating from multiple operating systems, applications, or networks and extract IOCs (Indicators of Compromise) and TTP (Tactics, Techniques, and Procedures). Collect, analyze, assess, and disseminate information about cyber threats and potential attacks. Conduct human-driven, proactive, and iterative hunts through enterprise networks, endpoints, or datasets to detect malicious, suspicious, or risky activities that have evaded detection by existing tools. Lead the Computer Incident Response Team (CIRT) in responding to active and time-sensitive threats including communications and coordination across different teams. Work closely with other members of the Information Security team to lead changes in the company's defense posture. Qualifications: BS/MS in Computer Science or equivalent work experience. 7+ years of experience in information security. Possession of a holistic view of the threat, vulnerability, and risk as well as their relationship. Deep understanding of internals and constructs of at least two main modern operation systems. Relevant security certifications (OSCP, OSCE, GPEN, GXPN, GREM, GNFA, GCFA). Applied experience with application and business logic Embedded in business systems. Knowledge of open security testing standards and projects, including OWASP. Proficiency with at least one interpreted programming language (Python, Ruby, etc.). Advanced knowledge of TCP/IP Networking, and network services such as DNS, SMTP, DHCP, etc. In-depth understanding of authentication protocols, applied cryptography, key management, PKI and SSL/TLS. Experience employing phishing and other social engineering tactics. Experience using multiple command and control channels, including DNS and HTTPS.
We are running an exclusive search for a Head of Cyber Research and Development - Cyber Labs Manager This is a leadership role to support the cyber practice line of business covering security, intelligence and governance, risk and compliance. This management role will be responsible for all professional services activities within cyber labs.. You will also be responsible for Cyber Labs research initiatives, presenting at conferences as well as being a known authority within the industry. You will be working within an industry-leading team of cyber security consultants providing research for major clients, both blue chip and in the government sector. The role will act as a brand ambassador including: Media engagement Talks at conference New CVE reporting against hardware and software White papers on cyber trends, products, new threats and CVEs Community out reach Partnership with other research with organisations As a business unit you will be able to produce your own service and products for clients in the future around: Education and board cyber immersion programmes Product or hardware testing for potential clients Research for existing clients Malware reverse engineering as a service The Cyber Labs/Cyber Research business will support the lines of business through: Collection Intelligence from across the customer set Incidence response lab Maintaining the red team platform and toolset Helping with thought leadership around capabilities through proof of concepts of new technologies Additional Responsibilities Include: Thought leadership through publications, common vulnerability exposure research and speaking at media engagements Development of a service portfolio for the lab that will deliver a revenue stream and product testing capability Defining, prioritising and leading multiple Cyber research and development projects Building a long-term Cyber Security research and development road-map Identifying key Security trends and its potential business impact Oversee lab management and red team and incident response kit development and maintenance Leading a team of cyber researchers and black hats To apply for this role you must have at least 4 years' experience and be eligible to work in the UK. Networking People (UK) is acting as an Employment Agency in relation to this vacancy.
18/09/2020
Full time
We are running an exclusive search for a Head of Cyber Research and Development - Cyber Labs Manager This is a leadership role to support the cyber practice line of business covering security, intelligence and governance, risk and compliance. This management role will be responsible for all professional services activities within cyber labs.. You will also be responsible for Cyber Labs research initiatives, presenting at conferences as well as being a known authority within the industry. You will be working within an industry-leading team of cyber security consultants providing research for major clients, both blue chip and in the government sector. The role will act as a brand ambassador including: Media engagement Talks at conference New CVE reporting against hardware and software White papers on cyber trends, products, new threats and CVEs Community out reach Partnership with other research with organisations As a business unit you will be able to produce your own service and products for clients in the future around: Education and board cyber immersion programmes Product or hardware testing for potential clients Research for existing clients Malware reverse engineering as a service The Cyber Labs/Cyber Research business will support the lines of business through: Collection Intelligence from across the customer set Incidence response lab Maintaining the red team platform and toolset Helping with thought leadership around capabilities through proof of concepts of new technologies Additional Responsibilities Include: Thought leadership through publications, common vulnerability exposure research and speaking at media engagements Development of a service portfolio for the lab that will deliver a revenue stream and product testing capability Defining, prioritising and leading multiple Cyber research and development projects Building a long-term Cyber Security research and development road-map Identifying key Security trends and its potential business impact Oversee lab management and red team and incident response kit development and maintenance Leading a team of cyber researchers and black hats To apply for this role you must have at least 4 years' experience and be eligible to work in the UK. Networking People (UK) is acting as an Employment Agency in relation to this vacancy.
2nd Line Infrastructure Support Engineer Location - Basingstoke, UK Salary - £26,000 plus benefits, excellent training and career progression. One of the Worlds leading technology companies is looking for an experienced 2nd Line Support Engineer to join their investigative response teams based in Basingstoke. The teams provide a range of services to a number of MOD and central Government clients so any prior experience of working within a secure environment or knowledge of MOD infrastructures is highly desirable. This is a great opportunity for an engineer who is looking for the chance to advance their career as you will work closely with 3rd Line teams, gaining extensive training and exposure to a range of technologies and tools, with a view to moving into a more Senior role very quickly should you wish. As a 2nd Line Engineer, you will demonstrate the following Excellent communication skills Knowledge of IT support and incident resolution of secure infrastructures. Experience of troubleshooting a range of Windows faults Experience with Windows Server 2008 & 2012 Knowledge of Active Directory Good experience with VM Ware, including rebooting, checking Servers and deploying patches. Highly desirable skills Understanding of or experience with Systems Centre Configuration Manager (ideally 2012) Understanding of or experience with Systems Centre Operations Manager (ideally 2012) Please be aware that applicants must be eligible for and prepared to undergo go high level UK Government Security vetting.
18/09/2020
Full time
2nd Line Infrastructure Support Engineer Location - Basingstoke, UK Salary - £26,000 plus benefits, excellent training and career progression. One of the Worlds leading technology companies is looking for an experienced 2nd Line Support Engineer to join their investigative response teams based in Basingstoke. The teams provide a range of services to a number of MOD and central Government clients so any prior experience of working within a secure environment or knowledge of MOD infrastructures is highly desirable. This is a great opportunity for an engineer who is looking for the chance to advance their career as you will work closely with 3rd Line teams, gaining extensive training and exposure to a range of technologies and tools, with a view to moving into a more Senior role very quickly should you wish. As a 2nd Line Engineer, you will demonstrate the following Excellent communication skills Knowledge of IT support and incident resolution of secure infrastructures. Experience of troubleshooting a range of Windows faults Experience with Windows Server 2008 & 2012 Knowledge of Active Directory Good experience with VM Ware, including rebooting, checking Servers and deploying patches. Highly desirable skills Understanding of or experience with Systems Centre Configuration Manager (ideally 2012) Understanding of or experience with Systems Centre Operations Manager (ideally 2012) Please be aware that applicants must be eligible for and prepared to undergo go high level UK Government Security vetting.
Request Technology - Kyle Honn
Elk Grove Village, Illinois
Lead Security Engineer Responsibilities Collaborate with other teams as necessary to ensure customer service levels are met Design and development of Security Solutions to protect Company IT assets (Americas) Work closely with Infrastructure OR Software Delivery engineering teams to ensure security requirements are understood and built into the design of other entreprise services Forecast and Establish technical requirements in concert with Architecture and Risk Management for Connectivity (intra and intercompany), Internet facing solutions, Infrastructure, Application, eCommerce, Mobility, Cloud, etc. Lead the execution of more complex multi-platform changes Participate in projects as required; analyze, design, develop and implement security solutions which protect the information assets while enabling business functionality Lead/direct IT infrastructure OR application penetration testing using standard tools and procedures Perform Root Cause analysis for security or availability failure annd direct the remediation of Security related causes Provide subject matter expertise for Architecture, Planning and Roadmap sessions Research, evaluate, design, test, recommend and plan the implementation of new or updated information security technologies Document solutions engineered to be handed off to SOC, and other Engineering support organizations Own Security aspects of Software OR Infrastructure Delivery life cycle Perform product and solution life cycle management ensuring capacity, integrity and availability of all systems. Qualifications Bachelors degree in Information Systems or related degree, or equivalent job experience. 2+ years of experience in Security solution design, implementation and troubleshooting across all computer platforms. 5+ years of experience in Security technology implementation and troubleshooting across all computer platforms 5+ or more years required of combined IT and security work experience with a broad exposure to infrastructure/network and multi-platform environments. Experience and hands-on working knowledge with a variety of security technologies and processes including but not limited to Firewall (such as Check Point, Fortinet, Cisco ASA, Palo Alto, Juniper), VPN, SEIM, IDS/IPS (such as SourceFire, HP TippingPoint), HIDS, malware analysis and protection, content filtering, logical access controls, data loss prevention (such as Symantec, RSA, McAfee), content filtering technologies, application Firewalls (such as F5, Imperva), vulnerability scanners, forensics software, and security incident response. Understanding of Cloud solution best practices and integration techniques GIAC and ISC2 certifications such as CISSP are highly preferred. Good understanding of Risk and Compliance framework, regulatory compliance (Sarbanes-Oxley (SOX) and PCI-DSS) Solid understanding of standard business processes including Change Management, Problem Management, Work Prioritization, Quality Assurance, and Continuous Improvement best practices, etc. If this is an opportunity that you're interested in please email your resume (see below)
18/09/2020
Full time
Lead Security Engineer Responsibilities Collaborate with other teams as necessary to ensure customer service levels are met Design and development of Security Solutions to protect Company IT assets (Americas) Work closely with Infrastructure OR Software Delivery engineering teams to ensure security requirements are understood and built into the design of other entreprise services Forecast and Establish technical requirements in concert with Architecture and Risk Management for Connectivity (intra and intercompany), Internet facing solutions, Infrastructure, Application, eCommerce, Mobility, Cloud, etc. Lead the execution of more complex multi-platform changes Participate in projects as required; analyze, design, develop and implement security solutions which protect the information assets while enabling business functionality Lead/direct IT infrastructure OR application penetration testing using standard tools and procedures Perform Root Cause analysis for security or availability failure annd direct the remediation of Security related causes Provide subject matter expertise for Architecture, Planning and Roadmap sessions Research, evaluate, design, test, recommend and plan the implementation of new or updated information security technologies Document solutions engineered to be handed off to SOC, and other Engineering support organizations Own Security aspects of Software OR Infrastructure Delivery life cycle Perform product and solution life cycle management ensuring capacity, integrity and availability of all systems. Qualifications Bachelors degree in Information Systems or related degree, or equivalent job experience. 2+ years of experience in Security solution design, implementation and troubleshooting across all computer platforms. 5+ years of experience in Security technology implementation and troubleshooting across all computer platforms 5+ or more years required of combined IT and security work experience with a broad exposure to infrastructure/network and multi-platform environments. Experience and hands-on working knowledge with a variety of security technologies and processes including but not limited to Firewall (such as Check Point, Fortinet, Cisco ASA, Palo Alto, Juniper), VPN, SEIM, IDS/IPS (such as SourceFire, HP TippingPoint), HIDS, malware analysis and protection, content filtering, logical access controls, data loss prevention (such as Symantec, RSA, McAfee), content filtering technologies, application Firewalls (such as F5, Imperva), vulnerability scanners, forensics software, and security incident response. Understanding of Cloud solution best practices and integration techniques GIAC and ISC2 certifications such as CISSP are highly preferred. Good understanding of Risk and Compliance framework, regulatory compliance (Sarbanes-Oxley (SOX) and PCI-DSS) Solid understanding of standard business processes including Change Management, Problem Management, Work Prioritization, Quality Assurance, and Continuous Improvement best practices, etc. If this is an opportunity that you're interested in please email your resume (see below)
Security Incident Response Engineer - Luxembourg Languages : ENGLISH only. Skills and Experience : Experience with Splunk or the science of log file analytics and log file mechanics. Experience with incident response, pentesting, red-teaming and SOC. Knowledge and understanding of and experience with the security elements of Cloud offerings by Amazon or Microsoft (preferably both). Knowledge and understanding of and experience with the security elements of container security using K8s/Docker. Knowledge of technical elements around information system security in hybrid cloud environments. Knowledge and understanding of cloud-native technologies, logging and log analytics, incident response and incident response processes. Description of work : Build and improve SOC/CSIRT workflows, processes, integrations and playbooks. Research, propose and conceptualize incident detection methods. Design, contribute to or review the implementation of security services in cloud, following the internal project management methodology (PM2). Build, integrate and automate cloud security services with on-premise/hybrid security services and tools. Assist with the design, planning and architecture phases of cloud security services. Participate to the designing of the overall cloud security architecture and reference architecture templates. Drafting high to low level documentation, including regular project progress reports. Participation in project-related activities including, but not limited to, preparation of presentations in project meetings, dissemination materials and cloud security best practices. Contributing to a technical cloud security wiki. Responsible for building and continuously improving the services of SOC and Incident Response in cloud environments in a heterogeneous technical landscape working for the agile project team building these services for the SOC and CSIRT. Please send your CV to Navaid Faiz and call to discuss further. We are an equal opportunities employment agency and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation or age. We champion difference in the world of technology recruitment and work with clients who actively wish to diversify their talent force - ALL applicants welcome to apply
17/09/2020
Project-based
Security Incident Response Engineer - Luxembourg Languages : ENGLISH only. Skills and Experience : Experience with Splunk or the science of log file analytics and log file mechanics. Experience with incident response, pentesting, red-teaming and SOC. Knowledge and understanding of and experience with the security elements of Cloud offerings by Amazon or Microsoft (preferably both). Knowledge and understanding of and experience with the security elements of container security using K8s/Docker. Knowledge of technical elements around information system security in hybrid cloud environments. Knowledge and understanding of cloud-native technologies, logging and log analytics, incident response and incident response processes. Description of work : Build and improve SOC/CSIRT workflows, processes, integrations and playbooks. Research, propose and conceptualize incident detection methods. Design, contribute to or review the implementation of security services in cloud, following the internal project management methodology (PM2). Build, integrate and automate cloud security services with on-premise/hybrid security services and tools. Assist with the design, planning and architecture phases of cloud security services. Participate to the designing of the overall cloud security architecture and reference architecture templates. Drafting high to low level documentation, including regular project progress reports. Participation in project-related activities including, but not limited to, preparation of presentations in project meetings, dissemination materials and cloud security best practices. Contributing to a technical cloud security wiki. Responsible for building and continuously improving the services of SOC and Incident Response in cloud environments in a heterogeneous technical landscape working for the agile project team building these services for the SOC and CSIRT. Please send your CV to Navaid Faiz and call to discuss further. We are an equal opportunities employment agency and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation or age. We champion difference in the world of technology recruitment and work with clients who actively wish to diversify their talent force - ALL applicants welcome to apply
*This is a permanent full time role* A prestigious company is on the search for a Security Incident Response Engineer. This role is REMOTE. This role is a hands on position that will have shared responsibilities across the team in conducting cyber threat intelligence, leading incident response efforts, performing digital forensics, executing threat hunts, and implementing threat protection across the enterprise. The Security Incident Response Logging and Event Engineer is responsible for building, maintaining, and improving the engine that powers large-scale security threat management capabilities that protect, detect, and respond to emerging threats and sophisticated attacks on enterprise networks. This person must have experience with Splunk and not just being a user but have experience adjusting logs and formatting logs. Also needed is the ability to customize the Splunk infrastructure. The client wants someone who will be certified in Splunk administration/enterprise security. Responsibilities: Work with application development teams and third-party vendors to develop data for enterprise applications in order to create appropriate logs and events Create logging configuration standards for all IT infrastructure and instructs IT on how to configure systems to log appropriately Create event dashboards and metrics and establishes threshold standards Perform centralized data onboarding and log ingestion into the Splunk platform to improve the visibility of security threat management at Company Administer Splunk Enterprise Security solution in a highly available, redundant, distributed multi-site clustered environment Create and optimize correlation searches for the Security Operations Center (SOC) analysts Assist in the operations, performance, and troubleshooting of Splunk, Search Heads, Indexers, Heavy Forwarders, Deployment Server, Splunk Apps/TAs and Data Models Provide recommendations and implement changes to optimize the Splunk platform Reproduce issues, file bug reports, and escalate cases to Splunk support as necessary Performs log audits and actively works to improve log management compliance Ensures data retention of logs and alerts meets corporate standards Maintain Splunk systems internal documentation, including SOP's and design documents Create technical documentation related to system configurations, process, procedure, and knowledgebase articles. Support defensive tools and solutions that identify and stop advanced adversary tactics and techniques. Participate in Computer Incident Response Team (CIRT) responses to active and time-sensitive threats including communications and coordination across different teams. Work closely with other members of the Cyber Risk Management team to lead changes in the company's defense posture. Qualifications: 5+ years of experience in information security 2+ years of hands-on experience with Splunk Enterprise Security Certified Splunk Administrator/Enterprise Security Relevant security certifications (OSCP, OSCE, GPEN, GXPN, GREM, GNFA, GCFA) Experience administrating and operating Splunk in an enterprise environment Knowledge and experience working with the Splunk API Understands the security incident response discipline, including threat hunting, forensics, intrusion detection, and threat intelligence Experience with at least one interpreted programming language (Python, Ruby, etc.) Proficiency in PowerShell and/or Bash Understanding of TCP/IP Networking, and network services such as DNS, SMTP, DHCP, etc. Experience in common phishing and other social engineering tactics Familiarity with malware, command and control channels, and attacker tactics, techniques, and procedures Teamwork and ability to promote a working environment that increases collaboration, predictability, transparency and promotes a culture of experimentation and innovation Effective and consistent collaboration through available mediums that enable remote team communication Ability to work effectively in a diverse team and promote team diversity
17/09/2020
Full time
*This is a permanent full time role* A prestigious company is on the search for a Security Incident Response Engineer. This role is REMOTE. This role is a hands on position that will have shared responsibilities across the team in conducting cyber threat intelligence, leading incident response efforts, performing digital forensics, executing threat hunts, and implementing threat protection across the enterprise. The Security Incident Response Logging and Event Engineer is responsible for building, maintaining, and improving the engine that powers large-scale security threat management capabilities that protect, detect, and respond to emerging threats and sophisticated attacks on enterprise networks. This person must have experience with Splunk and not just being a user but have experience adjusting logs and formatting logs. Also needed is the ability to customize the Splunk infrastructure. The client wants someone who will be certified in Splunk administration/enterprise security. Responsibilities: Work with application development teams and third-party vendors to develop data for enterprise applications in order to create appropriate logs and events Create logging configuration standards for all IT infrastructure and instructs IT on how to configure systems to log appropriately Create event dashboards and metrics and establishes threshold standards Perform centralized data onboarding and log ingestion into the Splunk platform to improve the visibility of security threat management at Company Administer Splunk Enterprise Security solution in a highly available, redundant, distributed multi-site clustered environment Create and optimize correlation searches for the Security Operations Center (SOC) analysts Assist in the operations, performance, and troubleshooting of Splunk, Search Heads, Indexers, Heavy Forwarders, Deployment Server, Splunk Apps/TAs and Data Models Provide recommendations and implement changes to optimize the Splunk platform Reproduce issues, file bug reports, and escalate cases to Splunk support as necessary Performs log audits and actively works to improve log management compliance Ensures data retention of logs and alerts meets corporate standards Maintain Splunk systems internal documentation, including SOP's and design documents Create technical documentation related to system configurations, process, procedure, and knowledgebase articles. Support defensive tools and solutions that identify and stop advanced adversary tactics and techniques. Participate in Computer Incident Response Team (CIRT) responses to active and time-sensitive threats including communications and coordination across different teams. Work closely with other members of the Cyber Risk Management team to lead changes in the company's defense posture. Qualifications: 5+ years of experience in information security 2+ years of hands-on experience with Splunk Enterprise Security Certified Splunk Administrator/Enterprise Security Relevant security certifications (OSCP, OSCE, GPEN, GXPN, GREM, GNFA, GCFA) Experience administrating and operating Splunk in an enterprise environment Knowledge and experience working with the Splunk API Understands the security incident response discipline, including threat hunting, forensics, intrusion detection, and threat intelligence Experience with at least one interpreted programming language (Python, Ruby, etc.) Proficiency in PowerShell and/or Bash Understanding of TCP/IP Networking, and network services such as DNS, SMTP, DHCP, etc. Experience in common phishing and other social engineering tactics Familiarity with malware, command and control channels, and attacker tactics, techniques, and procedures Teamwork and ability to promote a working environment that increases collaboration, predictability, transparency and promotes a culture of experimentation and innovation Effective and consistent collaboration through available mediums that enable remote team communication Ability to work effectively in a diverse team and promote team diversity
Job Title: Cyber Security Engineer Job Type: Contract Job Location: Luxembourg Contract Rate: Euro 700 per day Contract Length: 12 Months with Multiple extensions CUSTOMER REQUIRES EU NATIONALS Our Client, one of the world's foremost IT Consultancies, is looking to recruit a Contract Cyber Security Engineer to join their client in Luxembourg. a Cyber Security Service Engineer to function as a CyberSecurity Cloud Security Service Engineer. The engineer will need specific expertise in (as many as possible and as in-depth as possible): Knowledge and understanding of and experience with the security elements of cloud offerings by Amazon or Microsoft, preferably both. Knowledge and understanding of and experience with the security elements of container security using K8s/Docker Experience with Splunk or the science of log file analytics and log file mechanics Experience with cloud platform integration with on-premise tools and services would be an advantage; Experience building security workflows and processes and writing playbooks/runbooks would be an advantage Experience in scripting and automation, DevOps development experience would be an additional bonus; Expert field knowledge of the technical elements around information system security in hybrid cloud environments. Experience with incident response, pentesting, red-teaming and SOC Experience with pentesting or red-teaming will be considered an advantage Experience with cloud security automation and orchestration (IaaS, PaaS, and SaaS), including cloud solutions for security monitoring and incident response will considered an advantage Specific expertise (Mandatory Requirements) not specified in the Compliancy Matrix Remark: (Maximum 3 Mandatory Requirements) The service provider must have a solid, proven specific expertise in: Understanding of cloud-native technologies Understanding of logging and log analytics Understanding of incident response and incident response processes The service provider must present a portfolio of own activities, projects and/or publications related to security service development and deployment and integration with cloud services.
17/09/2020
Project-based
Job Title: Cyber Security Engineer Job Type: Contract Job Location: Luxembourg Contract Rate: Euro 700 per day Contract Length: 12 Months with Multiple extensions CUSTOMER REQUIRES EU NATIONALS Our Client, one of the world's foremost IT Consultancies, is looking to recruit a Contract Cyber Security Engineer to join their client in Luxembourg. a Cyber Security Service Engineer to function as a CyberSecurity Cloud Security Service Engineer. The engineer will need specific expertise in (as many as possible and as in-depth as possible): Knowledge and understanding of and experience with the security elements of cloud offerings by Amazon or Microsoft, preferably both. Knowledge and understanding of and experience with the security elements of container security using K8s/Docker Experience with Splunk or the science of log file analytics and log file mechanics Experience with cloud platform integration with on-premise tools and services would be an advantage; Experience building security workflows and processes and writing playbooks/runbooks would be an advantage Experience in scripting and automation, DevOps development experience would be an additional bonus; Expert field knowledge of the technical elements around information system security in hybrid cloud environments. Experience with incident response, pentesting, red-teaming and SOC Experience with pentesting or red-teaming will be considered an advantage Experience with cloud security automation and orchestration (IaaS, PaaS, and SaaS), including cloud solutions for security monitoring and incident response will considered an advantage Specific expertise (Mandatory Requirements) not specified in the Compliancy Matrix Remark: (Maximum 3 Mandatory Requirements) The service provider must have a solid, proven specific expertise in: Understanding of cloud-native technologies Understanding of logging and log analytics Understanding of incident response and incident response processes The service provider must present a portfolio of own activities, projects and/or publications related to security service development and deployment and integration with cloud services.
Security Engineer Responsibilities Ability to assess technology projects, initiatives, or strategic direction and serve as a collaborative and strategic cybersecurity partner in identifying complex, multi-faceted or new cybersecurity solutions required to support the desired goals. Full understanding of industry standard security frameworks such as ISO, NIST SP 800-53, HIPAA, PCI, CIS, HITRUST, or NIST CSF and how to confirm security alignment operationally and in consulting or solution engineering. Partner and design changes in the cybersecurity Landscape based on results from analysis received from Risk & Compliance, Internal Audit, External Audit and other functions as deemed appropriate. Actively engage with Security Operations to assess overall data points being tracked, reported, and monitored and collaborate on better methods, metrics, data sources, or a combination thereof to increase effectiveness and value in security alerting and monitoring. Provides expert advice into the conceptual and technical design/execution of the enterprise wide cybersecurity solutions. (Windows, UNIX, Network, Web, TCP/IP, etc.) Ability to manage internal cybersecurity-related projects including; documented scoping, assessments, milestones and key deliverables, timeline and reporting. Provide service-oriented and value add cybersecurity guidance across all Information Technology Manage and optimize existing cybersecurity tool investments, proactively assess, evaluate and provide guidance on effectiveness to Company's cybersecurity posture. Serve as the driver in our security posture visibility and alerting maturity through partnered and purposeful analysis efforts; drive maturity beyond alerts, incidents and tickets into proactive analysis. Provide supportfor escalated incidents; Perform root cause analysis for cybersecurity, availability failure, and direct the remediation of cybersecurity related causes. Assist in the maturity and growth of the team by sharing knowledge, insight and mentoring the team to help expand overall capabilities. Serve as advisory resources to projects led by cybersecurity architecture and operations. Qualifications Bachelor's Degree in Information Security, Computer Science, Engineering, or equivalent related work experience 2 years of experience in a security related field. Operation Framework models such as DevOps, SecDevOps, SDLC, ITIL Scripting technologies such as Bash, Python, Ruby, PowerShell Cybersecurity practices around orchestration and automation technologies Securing container technologies, platform hardening and incident response Application security testing technologies such as IAST, DAST, RAST and SAST Cloud security including cloud native solutions, IaaS, PaaS, SaaS, Etc. Next-generation Firewalls and Web Application Firewalls Any Security related certifications are preferred (CEH, CISSP, CISA, GIAC, COMPTIA, etc.) If this is an opportunity that you're interested in please email your resume to: (see below)
16/09/2020
Full time
Security Engineer Responsibilities Ability to assess technology projects, initiatives, or strategic direction and serve as a collaborative and strategic cybersecurity partner in identifying complex, multi-faceted or new cybersecurity solutions required to support the desired goals. Full understanding of industry standard security frameworks such as ISO, NIST SP 800-53, HIPAA, PCI, CIS, HITRUST, or NIST CSF and how to confirm security alignment operationally and in consulting or solution engineering. Partner and design changes in the cybersecurity Landscape based on results from analysis received from Risk & Compliance, Internal Audit, External Audit and other functions as deemed appropriate. Actively engage with Security Operations to assess overall data points being tracked, reported, and monitored and collaborate on better methods, metrics, data sources, or a combination thereof to increase effectiveness and value in security alerting and monitoring. Provides expert advice into the conceptual and technical design/execution of the enterprise wide cybersecurity solutions. (Windows, UNIX, Network, Web, TCP/IP, etc.) Ability to manage internal cybersecurity-related projects including; documented scoping, assessments, milestones and key deliverables, timeline and reporting. Provide service-oriented and value add cybersecurity guidance across all Information Technology Manage and optimize existing cybersecurity tool investments, proactively assess, evaluate and provide guidance on effectiveness to Company's cybersecurity posture. Serve as the driver in our security posture visibility and alerting maturity through partnered and purposeful analysis efforts; drive maturity beyond alerts, incidents and tickets into proactive analysis. Provide supportfor escalated incidents; Perform root cause analysis for cybersecurity, availability failure, and direct the remediation of cybersecurity related causes. Assist in the maturity and growth of the team by sharing knowledge, insight and mentoring the team to help expand overall capabilities. Serve as advisory resources to projects led by cybersecurity architecture and operations. Qualifications Bachelor's Degree in Information Security, Computer Science, Engineering, or equivalent related work experience 2 years of experience in a security related field. Operation Framework models such as DevOps, SecDevOps, SDLC, ITIL Scripting technologies such as Bash, Python, Ruby, PowerShell Cybersecurity practices around orchestration and automation technologies Securing container technologies, platform hardening and incident response Application security testing technologies such as IAST, DAST, RAST and SAST Cloud security including cloud native solutions, IaaS, PaaS, SaaS, Etc. Next-generation Firewalls and Web Application Firewalls Any Security related certifications are preferred (CEH, CISSP, CISA, GIAC, COMPTIA, etc.) If this is an opportunity that you're interested in please email your resume to: (see below)
This is a fantastic opportunity to work as a Senior DevOps Engineer on a high profile project for a blue chip client, based in Corsham. This role will be fully remote for the foreseeable future. In this Senior DevOps Engineer position, you will champion operational and service management requirements within the Continuous Delivery practice, seeking ways to enhance what is done through automation, including environment and network provisioning (internal and public cloud), backup and DR needs, log management, monitoring, alerting, security patching, service reporting and incident response, etc. The key skills required for this Senior DevOps Engineer role are: AWS - EC2/S3/Cloudformation/Terraform/S3 in particular Puppet Git Octopus Team City Kubernetes Experience deploying from Gitlab (not local machines) You will also get exposure and training to Sensu monitoring and Splunk in this Senior DevOps Engineer position too. If you do have the relevant experience for this Senior DevOps Engineer position, please do apply.
16/09/2020
Full time
This is a fantastic opportunity to work as a Senior DevOps Engineer on a high profile project for a blue chip client, based in Corsham. This role will be fully remote for the foreseeable future. In this Senior DevOps Engineer position, you will champion operational and service management requirements within the Continuous Delivery practice, seeking ways to enhance what is done through automation, including environment and network provisioning (internal and public cloud), backup and DR needs, log management, monitoring, alerting, security patching, service reporting and incident response, etc. The key skills required for this Senior DevOps Engineer role are: AWS - EC2/S3/Cloudformation/Terraform/S3 in particular Puppet Git Octopus Team City Kubernetes Experience deploying from Gitlab (not local machines) You will also get exposure and training to Sensu monitoring and Splunk in this Senior DevOps Engineer position too. If you do have the relevant experience for this Senior DevOps Engineer position, please do apply.
Our Client, a global Financial House has engaged Costello & Reyes Group to identify two WSS Deployment consultants to support the ongoing Security operations of the firm. This is only suitable for someone who has deployed and configured a CloudSOC. This is for an initial 3 month engagement but is part of a two year programme of work so should you be making the correct contribution you will be extended. The type of skills and experience you will need to have to be considered are: Search for vulnerabilities and risks in hardware and software. Manage and monitor any attacks and intrusions. Recognise the potential threat or attempted breach by closing off the security vulnerability. Design various strategies and defensive systems against intruders. Conduct counteractive protocols and report incidents. Create new defensive systems and protocols. Develop new layers of protection and update the security systems. Grant permissions and privileges to authorised users. Examine the defensive systems and provide reports based on test results. Run diagnostics on any changes in the information to verify any undetected breaches. Analyse new methods of intrusion. Prevent any attacks to access information without proper credentials. Document any breakthrough firewalls and other security applications. Develop and implement information security standards, guidelines, and procedures. Maintain IT security controls documentation. Recognise security gaps and prepare an action plan. Suggest recommendations, create security policies and ensure they are implemented with support and mitigation during implementation. Monitor emerging threats through the IDS/IPS systems. Create awareness about security policy and security issues. Oversights cyber security projects and makes sure they meet cyber security objectives. Work in close coordination with the stakeholders and other groups related to Cyber Security related matters. Offer cyber security operations such as process re-engineering, automation, and documentation. Recognise cyber security issues, devise and drive effective mitigation. Offer standby support for cyber security incident response. Conduct customised application security assessments for client-based asset risk and corporate policy. Implement vulnerability assessment, configuration audit of operating systems, web Servers and databases. Detects comprisable patterns, insecure features, and malicious activities in the infrastructure. In-depth understanding of OWASP testing methodology. Execute projects in Dynamic Application Security Testing. Customise application security assessments for the client. Conduct personalized ASP.NET/JAVA application code reviews for clients. Take care of projects in security code reviews/Static Application Security Testing of applications. Monitor application security projects such as quality and timely delivery. Organise closure meetings to verify customer queries and confirm acceptance of project deliverables. Provide reports and compare multiple vulnerabilities and different automated tools. Provide customised risk rating for vulnerabilities based on company policies. Deal with client concerns related to project execution, the impact to production services and quality of deliverables. Track vulnerabilities and collaborate with internal network teams to ensure closure of vulnerabilities. Well-versed with various security tools such as Burp Suite, Nmap, Nessus, Qualys, Metaspolit, etc. This is an urgent need so which the client is looking to move quickly on so, should you be interested in the above position, please feel free to submit your CV and call for further information. Costello & Reyes Group Limited is one of the UK's leading providers of recruitment advice and services and acts as a recruiter on behalf of our client.
16/09/2020
Project-based
Our Client, a global Financial House has engaged Costello & Reyes Group to identify two WSS Deployment consultants to support the ongoing Security operations of the firm. This is only suitable for someone who has deployed and configured a CloudSOC. This is for an initial 3 month engagement but is part of a two year programme of work so should you be making the correct contribution you will be extended. The type of skills and experience you will need to have to be considered are: Search for vulnerabilities and risks in hardware and software. Manage and monitor any attacks and intrusions. Recognise the potential threat or attempted breach by closing off the security vulnerability. Design various strategies and defensive systems against intruders. Conduct counteractive protocols and report incidents. Create new defensive systems and protocols. Develop new layers of protection and update the security systems. Grant permissions and privileges to authorised users. Examine the defensive systems and provide reports based on test results. Run diagnostics on any changes in the information to verify any undetected breaches. Analyse new methods of intrusion. Prevent any attacks to access information without proper credentials. Document any breakthrough firewalls and other security applications. Develop and implement information security standards, guidelines, and procedures. Maintain IT security controls documentation. Recognise security gaps and prepare an action plan. Suggest recommendations, create security policies and ensure they are implemented with support and mitigation during implementation. Monitor emerging threats through the IDS/IPS systems. Create awareness about security policy and security issues. Oversights cyber security projects and makes sure they meet cyber security objectives. Work in close coordination with the stakeholders and other groups related to Cyber Security related matters. Offer cyber security operations such as process re-engineering, automation, and documentation. Recognise cyber security issues, devise and drive effective mitigation. Offer standby support for cyber security incident response. Conduct customised application security assessments for client-based asset risk and corporate policy. Implement vulnerability assessment, configuration audit of operating systems, web Servers and databases. Detects comprisable patterns, insecure features, and malicious activities in the infrastructure. In-depth understanding of OWASP testing methodology. Execute projects in Dynamic Application Security Testing. Customise application security assessments for the client. Conduct personalized ASP.NET/JAVA application code reviews for clients. Take care of projects in security code reviews/Static Application Security Testing of applications. Monitor application security projects such as quality and timely delivery. Organise closure meetings to verify customer queries and confirm acceptance of project deliverables. Provide reports and compare multiple vulnerabilities and different automated tools. Provide customised risk rating for vulnerabilities based on company policies. Deal with client concerns related to project execution, the impact to production services and quality of deliverables. Track vulnerabilities and collaborate with internal network teams to ensure closure of vulnerabilities. Well-versed with various security tools such as Burp Suite, Nmap, Nessus, Qualys, Metaspolit, etc. This is an urgent need so which the client is looking to move quickly on so, should you be interested in the above position, please feel free to submit your CV and call for further information. Costello & Reyes Group Limited is one of the UK's leading providers of recruitment advice and services and acts as a recruiter on behalf of our client.
Fantastic opportunity for a Chief Information Security Officer (CISO) to transform and build a world class leading information security position for a fast growth global business. My client is a leading provider of technology products and services. You will bring in industry best practices and modern technology, design the information security strategy globally and implement. As the CISO, you will be responsible for providing enterprise wide leadership in developing, planning, coordinating, administering, managing and staffing. To develop and drive the overall global information security strategy and execute Create strong security awareness and culture across the organisation Develop and deliver information security, privacy and data loss prevention programs Ensure information security efforts system-wide are properly coordinated and in compliance with reducing the overall security risk. Define and deploy a robust secure SDLC program. Develop and instill a DevSecOps culture Recommend methods for vulnerability detection and remediation and perform and/or oversee vulnerability testing. Drive domestic and international projects to meet emerging cyber security requirements, data protection, and privacy laws Develop runbooks for breach notifications and even incident responses, inclusive of defining an escalation Matrix and company obligations in conjunction with legal and necessary parties Run tabletop exercises to simulate security and data breaches Suitable candidates will have 15+ years of relevant information security experience, ideally with an engineering/architecture background Bachelor's degree, MBA or relevant advanced degree preferred. CISM and CISSP Certifications. Strategic leadership skills to drive the company's vision for cyber security while maintaining an execution-oriented mindset to drive results; an entrepreneurial spirit; ability to serve as a hands-on leader Technical background in cyber risk management, privacy, and incident response Thorough understanding of IT systems and security tools, including methods, procedures, equipment and software used for delivery; deep understanding of Cloud, Internet of Things, and database development Deep knowledge of Cloud Security (Microsoft, AWS, Google, etc.) and extensive security knowledge of Microsoft O365/CSP and Azure Security Experience implementing security technologies, including encryption, network security, intrusion detection, and digital forensics Expertise in regulatory and compliance environments Strong business acumen, to understand business drivers and provide support for the executive team This is a superb opportunity for to build, develop and make your own. We are looking for someone passionate and able to bring a deep level Information Security knowledge with strong business acumen to the role. Networking People (UK) is acting as an Employment Agency in relation to this vacancy.
16/09/2020
Full time
Fantastic opportunity for a Chief Information Security Officer (CISO) to transform and build a world class leading information security position for a fast growth global business. My client is a leading provider of technology products and services. You will bring in industry best practices and modern technology, design the information security strategy globally and implement. As the CISO, you will be responsible for providing enterprise wide leadership in developing, planning, coordinating, administering, managing and staffing. To develop and drive the overall global information security strategy and execute Create strong security awareness and culture across the organisation Develop and deliver information security, privacy and data loss prevention programs Ensure information security efforts system-wide are properly coordinated and in compliance with reducing the overall security risk. Define and deploy a robust secure SDLC program. Develop and instill a DevSecOps culture Recommend methods for vulnerability detection and remediation and perform and/or oversee vulnerability testing. Drive domestic and international projects to meet emerging cyber security requirements, data protection, and privacy laws Develop runbooks for breach notifications and even incident responses, inclusive of defining an escalation Matrix and company obligations in conjunction with legal and necessary parties Run tabletop exercises to simulate security and data breaches Suitable candidates will have 15+ years of relevant information security experience, ideally with an engineering/architecture background Bachelor's degree, MBA or relevant advanced degree preferred. CISM and CISSP Certifications. Strategic leadership skills to drive the company's vision for cyber security while maintaining an execution-oriented mindset to drive results; an entrepreneurial spirit; ability to serve as a hands-on leader Technical background in cyber risk management, privacy, and incident response Thorough understanding of IT systems and security tools, including methods, procedures, equipment and software used for delivery; deep understanding of Cloud, Internet of Things, and database development Deep knowledge of Cloud Security (Microsoft, AWS, Google, etc.) and extensive security knowledge of Microsoft O365/CSP and Azure Security Experience implementing security technologies, including encryption, network security, intrusion detection, and digital forensics Expertise in regulatory and compliance environments Strong business acumen, to understand business drivers and provide support for the executive team This is a superb opportunity for to build, develop and make your own. We are looking for someone passionate and able to bring a deep level Information Security knowledge with strong business acumen to the role. Networking People (UK) is acting as an Employment Agency in relation to this vacancy.
LA International Computer Consultants Ltd
Bristol, Somerset
We're looking for an experienced Principal Cyber Incident Response Analyst specialising in incident management, digital investigations, host forensics, network forensics and/or malware analysis to lead the Cyber Incident Response Team. Your key responsibility areas will include: *Leading the professional delivery of all Cyber Incident Response and Digital Investigation services *Managing a small team of technical specialists and supporting their professional development through coaching, training, and performance reviews *Acting as the subject matter specialist in cyber incident response and related disciplines to the wider business *Advising clients on how to best respond to any given incident, from boardroom to boots-on-the-ground, with excellent technical leadership to promote confidence based on your skills and experience *Advising clients on how to best implement mitigation measures which might prevent or limit future incidents, working with customer and internal teams to create effective response strategies *Authoring and reviewing customer Cyber Incident Response Plans *Providing specialist cyber knowledge, insight, and training to clients and to internal teams on an ad-hoc basis and through the delivery of formal training courses *Leading threat hunting programmes across available security devices and through operating system native or custom tooling *Developing threat intelligence capabilities and strategies in conjunction with other operational teams and customers Skills, Qualifications & Knowledge Required We're looking for somebody that has: *Excellent knowledge of the inner workings of Windows Operating Systems *Excellent knowledge of how malware works and some experience in tearing it apart *Good knowledge of the fundamentals of Unix systems including MacOS and Linux distributions *Excellent knowledge of host-based investigations including digital forensic principles and practices *Excellent report writing and reviewing skills *Good knowledge of Cyber Threat Intelligence capabilities and strategy implementation *Excellent knowledge of common networking and routing protocols (eg TCP/IP), services (eg TLS, DNS, SMTP) and how they interact to provide network communications *Good experience in packet-level analysis, Firewall and hypervisor administration, network appliance log analysis, and management of network intrusion detection and prevention systems *Excellent knowledge of Cyber Security Incident Response processes and procedures with real-world application *Proven experience in winning commercial bids and leading the delivery of technical consulting services *Some practical programming knowledge or experience in writing scripts in languages such as Python, PowerShell and Bash Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 10 weeks. LA International Computer Consultants Ltd is an HMG Approved Consultancy and operates as an IT & Engineering Consultancy or as an Employment Business & Agency, depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, we welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International Computer Consultants Ltd (Recruiter Awards for Excellence - Best IT, Best Public Sector & Gold Awards) and the most prestigious award that any business can receive The Queens Award for Enterprise: International Trade 2015.
15/09/2020
Project-based
We're looking for an experienced Principal Cyber Incident Response Analyst specialising in incident management, digital investigations, host forensics, network forensics and/or malware analysis to lead the Cyber Incident Response Team. Your key responsibility areas will include: *Leading the professional delivery of all Cyber Incident Response and Digital Investigation services *Managing a small team of technical specialists and supporting their professional development through coaching, training, and performance reviews *Acting as the subject matter specialist in cyber incident response and related disciplines to the wider business *Advising clients on how to best respond to any given incident, from boardroom to boots-on-the-ground, with excellent technical leadership to promote confidence based on your skills and experience *Advising clients on how to best implement mitigation measures which might prevent or limit future incidents, working with customer and internal teams to create effective response strategies *Authoring and reviewing customer Cyber Incident Response Plans *Providing specialist cyber knowledge, insight, and training to clients and to internal teams on an ad-hoc basis and through the delivery of formal training courses *Leading threat hunting programmes across available security devices and through operating system native or custom tooling *Developing threat intelligence capabilities and strategies in conjunction with other operational teams and customers Skills, Qualifications & Knowledge Required We're looking for somebody that has: *Excellent knowledge of the inner workings of Windows Operating Systems *Excellent knowledge of how malware works and some experience in tearing it apart *Good knowledge of the fundamentals of Unix systems including MacOS and Linux distributions *Excellent knowledge of host-based investigations including digital forensic principles and practices *Excellent report writing and reviewing skills *Good knowledge of Cyber Threat Intelligence capabilities and strategy implementation *Excellent knowledge of common networking and routing protocols (eg TCP/IP), services (eg TLS, DNS, SMTP) and how they interact to provide network communications *Good experience in packet-level analysis, Firewall and hypervisor administration, network appliance log analysis, and management of network intrusion detection and prevention systems *Excellent knowledge of Cyber Security Incident Response processes and procedures with real-world application *Proven experience in winning commercial bids and leading the delivery of technical consulting services *Some practical programming knowledge or experience in writing scripts in languages such as Python, PowerShell and Bash Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 10 weeks. LA International Computer Consultants Ltd is an HMG Approved Consultancy and operates as an IT & Engineering Consultancy or as an Employment Business & Agency, depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, we welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International Computer Consultants Ltd (Recruiter Awards for Excellence - Best IT, Best Public Sector & Gold Awards) and the most prestigious award that any business can receive The Queens Award for Enterprise: International Trade 2015.
Levy Associates Ltd
Amsterdam, Noord-Holland, Netherlands
Azure Security Engineer Our leading financial client is looking for an experienced Security Engineer with Azure and DevOps expertise who can help them make digital banking as safe as possible. You will play a crucial role in the Grid journey to migrate to DevSecOps process and adaptation of the Microsoft Azure cloud. Your contribution will enhance development teams to understand security aspects of the application they develop. You brainstorm, advise and work together with our talented development teams to secure information security at the start of our banking products. Briefly: a constant co-creation and security by design! In terms of hierarchy, there is little to be noticed as we work together in completing our tasks. Your day to day activities as Azure Security Engineer Working with the DevSecOps team for the design and development of security solutions using the approved automation, CI/CD tooling and standards security solutions Recognise areas for security improvements within the cloud platform around automation and CI/CD, access controls, network, automated compliance, alerting and forensics etc. Train DevOps teams in consuming security and security standards as offered by the bank. Facilitate and support testing by DevOps teams and validate security related alerting, incident responses, counter measures, SOC, operational processes, forensics, etc. Define and support secure continuous delivery approaches including tooling and automated testing and support teams with threat modelling. Managing the development, refresh and implementation of security policies, standards, guidelines and procedures. The ideal candidate for Azure Security Engineer A security specialist with the overview of a generalist and therefore an effective consultant & engineer. You are well acquainted with network and application security, as well as both technical and organisational areas. You continuously search for fresh ideas and gain more professional knowledge in order to enlarge your technical capabilities, as well as improving your soft skills. Furthermore, you have a sharp analytical eye and do not easily get stressed. You are bold, do not simply take things at face value and dare to ask questions. You are able to entice managers, colleagues and customers with your ideas. This means you can easily convince people and transpose technical jargons into understandable language effortlessly. Sometimes you will only be given five minutes to substantiate your advice & solution. This should be enough to make your statement. Requirements as Azure Security Engineer Solid experience working with and integrating automated security tools into CI/CD pipelines; Solid understanding of the Microsoft Azure platform; Strong technical knowledge of secure engineering principles; Working knowledge of risk assessments, vulnerability- and compliance management Strong communication skills both verbally and in writing in Dutch and/or English. Following qualifications would help to boost your candidature: Working experience of minimal 5 years in IT, with at least 3 years in Information security Master's degree in Information Science or relevant studies Information security (IS) professional qualifications such as CISSP, CEH, CISA, CISM and CCSK Azure specific certifications such as AZ-300, AZ-301, AZ-400 and AZ-500 Have experience with (cloud) security best practices and translate this to specific advice for the business as well as the bank. Good understanding or familiar with: Migrating workloads from classic datacentres to the cloud A good understanding of cloud concepts and best practices Cloud security with special focus on Azure and SAAS-solutions Patch management, Anti-malware, Access Control Management, Secure Coding, pentesting Network security eg: Firewalls, Proxies, DNS and emerging technologies such as SDN Proven security processes, technologies and architectures such as hardening, patch management, access control, cryptography, communication protocol, Windows and Linux Application security and security coding (OWASP) Agile way of working and DevOps
23/06/2020
Project-based
Azure Security Engineer Our leading financial client is looking for an experienced Security Engineer with Azure and DevOps expertise who can help them make digital banking as safe as possible. You will play a crucial role in the Grid journey to migrate to DevSecOps process and adaptation of the Microsoft Azure cloud. Your contribution will enhance development teams to understand security aspects of the application they develop. You brainstorm, advise and work together with our talented development teams to secure information security at the start of our banking products. Briefly: a constant co-creation and security by design! In terms of hierarchy, there is little to be noticed as we work together in completing our tasks. Your day to day activities as Azure Security Engineer Working with the DevSecOps team for the design and development of security solutions using the approved automation, CI/CD tooling and standards security solutions Recognise areas for security improvements within the cloud platform around automation and CI/CD, access controls, network, automated compliance, alerting and forensics etc. Train DevOps teams in consuming security and security standards as offered by the bank. Facilitate and support testing by DevOps teams and validate security related alerting, incident responses, counter measures, SOC, operational processes, forensics, etc. Define and support secure continuous delivery approaches including tooling and automated testing and support teams with threat modelling. Managing the development, refresh and implementation of security policies, standards, guidelines and procedures. The ideal candidate for Azure Security Engineer A security specialist with the overview of a generalist and therefore an effective consultant & engineer. You are well acquainted with network and application security, as well as both technical and organisational areas. You continuously search for fresh ideas and gain more professional knowledge in order to enlarge your technical capabilities, as well as improving your soft skills. Furthermore, you have a sharp analytical eye and do not easily get stressed. You are bold, do not simply take things at face value and dare to ask questions. You are able to entice managers, colleagues and customers with your ideas. This means you can easily convince people and transpose technical jargons into understandable language effortlessly. Sometimes you will only be given five minutes to substantiate your advice & solution. This should be enough to make your statement. Requirements as Azure Security Engineer Solid experience working with and integrating automated security tools into CI/CD pipelines; Solid understanding of the Microsoft Azure platform; Strong technical knowledge of secure engineering principles; Working knowledge of risk assessments, vulnerability- and compliance management Strong communication skills both verbally and in writing in Dutch and/or English. Following qualifications would help to boost your candidature: Working experience of minimal 5 years in IT, with at least 3 years in Information security Master's degree in Information Science or relevant studies Information security (IS) professional qualifications such as CISSP, CEH, CISA, CISM and CCSK Azure specific certifications such as AZ-300, AZ-301, AZ-400 and AZ-500 Have experience with (cloud) security best practices and translate this to specific advice for the business as well as the bank. Good understanding or familiar with: Migrating workloads from classic datacentres to the cloud A good understanding of cloud concepts and best practices Cloud security with special focus on Azure and SAAS-solutions Patch management, Anti-malware, Access Control Management, Secure Coding, pentesting Network security eg: Firewalls, Proxies, DNS and emerging technologies such as SDN Proven security processes, technologies and architectures such as hardening, patch management, access control, cryptography, communication protocol, Windows and Linux Application security and security coding (OWASP) Agile way of working and DevOps
Pontoon - Capgemini
Derby, Derbyshire, United Kingdom
Security Engineer Location: Derby, UK Permanent - Full Time (37.5 hour week, Standard operating hours between 08:00 - 18:00) Must be eligible for SC Clearance (Must have lived in the UK for 5 years or more) Who you'll be working with Capgemini's Cybersecurity Practice delivers projects and consulting services in all areas of IT and OT, from networks to cloud services and everything in between. Our services include high-level consulting, strategy and business case development, architecture design and implementation across all market sectors including government and secure sectors. Capgemini has over 3000 Cybersecurity professionals (over 300 in the UK) to help define and implement our clients' cybersecurity strategies. We protect their IT, industrial systems and the ever-growing number of products and systems enabled by cloud and the Internet of Things (IoT). As trusted advisors, we also strengthen their defences, optimize their investments and control their risks. We offer a comprehensive portfolio of services that maps across IT advisory, design, implementation and ongoing management, to serve as true an end-to-end capability partner entirely aligned to business outcomes. A solution that is efficient, scalable and secure, that strikes a balance between flexibility and cost, while facilitating innovation and future business planning. The result is improved service quality, productivity and end-user gratification. Introduction to Account Engineers form part of the Security Engineering Team (SET), an expanding team who deliver specific IT Security Services to a client in the Aerospace industry. The team has a footprint in two main sites in Derby, to effectively provide services to the client. The team members are not fixed to one location, which lends itself to interesting and diverse work within differing environments. The focus of your role The role is focused in three main areas for Security Engineering and Operational activity: Projects - Delivering new tools and or upgrading/refreshing existing applications. Run Activity - Monitoring and acting as required on the health of various Security tools. Incident Response - responding with appropriate actions as required if the SOC alerts of an incident. What you'll do Responsible for ensuring the integrity of client IT infrastructures. Keep the lights green on all Security Toolkit Infrastructure within our remit. Support various toolsets including SIEM, IDPS, GVM and Malware Protection . Record and respond to health alerts from the Security Infrastructure we maintain. Tune and enable polices, features and enhancements as required in response to Security Incidents and general enhancements requested by the client. You will be engaged to troubleshoot potential impact of security tooling on business applications as required. You will be assigned to specific project activity to deliver new features or Security Tools. Respond to and follow core IT Service Management Principles. What you'll bring Experience of Engineering and operating Security Toolsets in large and complex environments. An SME in atleast one of the following tools: SIEM, IDPS, GVM and Malware Protection . Experience of Cloud environments (Azure) is desirable You will have a strong understanding of security threats and compromise methods. Understanding of server, client and network technologies. Experience working in an IT outsource environment. You will provide excellent communication skills both written and verbal. Client engagement skills, time management, expectation management etc Show aptitude to learn new technologies. Exhibit a methodical approach to troubleshooting issues. Ability to keep calm and perform under pressurised situations. Experience of balancing security risk versus specific business/client requirements. What we'll offer you Professional development. Accelerated career progression. An environment that encourages entrepreneurial spirit. It's all on offer at Capgemini. And although collaboration is at the core of the way we work, we also recognise individual needs with a flexible benefits package you can tailor to suit you. Why we're different At Capgemini, we help organisations across the world become more agile, more competitive and more successful. Smart, tailored, often-groundbreaking technical solutions to complex problems are the norm. But so, too, is a culture that's as collaborative as it is forward thinking. Working closely with each other, and with our clients, we get under the skin of businesses and to the heart of their goals. You will too. APPLY TODAY for your chance to be considered for this role. A member of our friendly recruitment team will be in touch to discuss your application if you have been successfully shortlisted.
22/06/2020
Full time
Security Engineer Location: Derby, UK Permanent - Full Time (37.5 hour week, Standard operating hours between 08:00 - 18:00) Must be eligible for SC Clearance (Must have lived in the UK for 5 years or more) Who you'll be working with Capgemini's Cybersecurity Practice delivers projects and consulting services in all areas of IT and OT, from networks to cloud services and everything in between. Our services include high-level consulting, strategy and business case development, architecture design and implementation across all market sectors including government and secure sectors. Capgemini has over 3000 Cybersecurity professionals (over 300 in the UK) to help define and implement our clients' cybersecurity strategies. We protect their IT, industrial systems and the ever-growing number of products and systems enabled by cloud and the Internet of Things (IoT). As trusted advisors, we also strengthen their defences, optimize their investments and control their risks. We offer a comprehensive portfolio of services that maps across IT advisory, design, implementation and ongoing management, to serve as true an end-to-end capability partner entirely aligned to business outcomes. A solution that is efficient, scalable and secure, that strikes a balance between flexibility and cost, while facilitating innovation and future business planning. The result is improved service quality, productivity and end-user gratification. Introduction to Account Engineers form part of the Security Engineering Team (SET), an expanding team who deliver specific IT Security Services to a client in the Aerospace industry. The team has a footprint in two main sites in Derby, to effectively provide services to the client. The team members are not fixed to one location, which lends itself to interesting and diverse work within differing environments. The focus of your role The role is focused in three main areas for Security Engineering and Operational activity: Projects - Delivering new tools and or upgrading/refreshing existing applications. Run Activity - Monitoring and acting as required on the health of various Security tools. Incident Response - responding with appropriate actions as required if the SOC alerts of an incident. What you'll do Responsible for ensuring the integrity of client IT infrastructures. Keep the lights green on all Security Toolkit Infrastructure within our remit. Support various toolsets including SIEM, IDPS, GVM and Malware Protection . Record and respond to health alerts from the Security Infrastructure we maintain. Tune and enable polices, features and enhancements as required in response to Security Incidents and general enhancements requested by the client. You will be engaged to troubleshoot potential impact of security tooling on business applications as required. You will be assigned to specific project activity to deliver new features or Security Tools. Respond to and follow core IT Service Management Principles. What you'll bring Experience of Engineering and operating Security Toolsets in large and complex environments. An SME in atleast one of the following tools: SIEM, IDPS, GVM and Malware Protection . Experience of Cloud environments (Azure) is desirable You will have a strong understanding of security threats and compromise methods. Understanding of server, client and network technologies. Experience working in an IT outsource environment. You will provide excellent communication skills both written and verbal. Client engagement skills, time management, expectation management etc Show aptitude to learn new technologies. Exhibit a methodical approach to troubleshooting issues. Ability to keep calm and perform under pressurised situations. Experience of balancing security risk versus specific business/client requirements. What we'll offer you Professional development. Accelerated career progression. An environment that encourages entrepreneurial spirit. It's all on offer at Capgemini. And although collaboration is at the core of the way we work, we also recognise individual needs with a flexible benefits package you can tailor to suit you. Why we're different At Capgemini, we help organisations across the world become more agile, more competitive and more successful. Smart, tailored, often-groundbreaking technical solutions to complex problems are the norm. But so, too, is a culture that's as collaborative as it is forward thinking. Working closely with each other, and with our clients, we get under the skin of businesses and to the heart of their goals. You will too. APPLY TODAY for your chance to be considered for this role. A member of our friendly recruitment team will be in touch to discuss your application if you have been successfully shortlisted.
Incident Response/Forensics Engineer Responsibilities Design, build, run, and own infrastructure and automation to detect, contain, and eradicate security threats. Lead the Computer Incident Response Team (CIRT) in responding to active and time-sensitive threats including communications and coordination across different teams. Work closely with other members of the Information Security team to lead changes in the company's defense posture. Develop new and novel defense techniques to identify and stop advanced adversary tactics and techniques. Perform forensics on network, host, memory, and other artifacts originating from multiple operating systems, applications, or networks and extract IOCs (Indicators of Compromise) and TTP (Tactics, Techniques, and Procedures). Collect, analyze, assess, and disseminate information about cyber threats and potential attacks. Conduct human-driven, proactive, and iterative hunts through enterprise networks, endpoints, or datasets to detect malicious, suspicious, or risky activities that have evaded detection by existing tools. Qualifications Bachelor's degree in Computer Science or equivalent work experience. 7+ years of experience in information security. Advanced knowledge of TCP/IP Networking, and network services such as DNS, SMTP, DHCP, etc. In-depth understanding of authentication protocols, applied cryptography, key management, PKI and SSL/TLS. Possession of a holistic view of the threat, vulnerability, and risk as well as their relationship. Deep understanding of internals and constructs of at least two main modern operation systems. Relevant security certifications (OSCP, OSCE, GPEN, GXPN, GREM, GNFA, GCFA). Applied experience with application and business logic Embedded in business systems. Knowledge of open security testing standards and projects, including OWASP. Proficiency with at least one interpreted programming language (Python, Ruby, etc.). Experience employing phishing and other social engineering tactics. Experience using multiple command and control channels, including DNS and HTTPS. If this is an opportunity that you're interested in please email your resume to: (see below)
19/06/2020
Full time
Incident Response/Forensics Engineer Responsibilities Design, build, run, and own infrastructure and automation to detect, contain, and eradicate security threats. Lead the Computer Incident Response Team (CIRT) in responding to active and time-sensitive threats including communications and coordination across different teams. Work closely with other members of the Information Security team to lead changes in the company's defense posture. Develop new and novel defense techniques to identify and stop advanced adversary tactics and techniques. Perform forensics on network, host, memory, and other artifacts originating from multiple operating systems, applications, or networks and extract IOCs (Indicators of Compromise) and TTP (Tactics, Techniques, and Procedures). Collect, analyze, assess, and disseminate information about cyber threats and potential attacks. Conduct human-driven, proactive, and iterative hunts through enterprise networks, endpoints, or datasets to detect malicious, suspicious, or risky activities that have evaded detection by existing tools. Qualifications Bachelor's degree in Computer Science or equivalent work experience. 7+ years of experience in information security. Advanced knowledge of TCP/IP Networking, and network services such as DNS, SMTP, DHCP, etc. In-depth understanding of authentication protocols, applied cryptography, key management, PKI and SSL/TLS. Possession of a holistic view of the threat, vulnerability, and risk as well as their relationship. Deep understanding of internals and constructs of at least two main modern operation systems. Relevant security certifications (OSCP, OSCE, GPEN, GXPN, GREM, GNFA, GCFA). Applied experience with application and business logic Embedded in business systems. Knowledge of open security testing standards and projects, including OWASP. Proficiency with at least one interpreted programming language (Python, Ruby, etc.). Experience employing phishing and other social engineering tactics. Experience using multiple command and control channels, including DNS and HTTPS. If this is an opportunity that you're interested in please email your resume to: (see below)
NO SPONSORSHIP Security Incident Response Engineer Salary: $100-120k flex + 20 percent bonus Location: Remote Looking for a sharp incident response engineeer with threat hunting, incident response, threat management, threat intelligence. digital forensics and threat protection. Must also have splunk experience -not just as user but someone who can adjust logs, format logs and able to customize the splunk infrastructure. Key to the job along with the inicident response is heavy splunk and experiene customizing user settings. The Security Incident Response Logging and Event Engineer is responsible for building, maintaining, and improving the engine that powers large-scale security threat management capabilities that protect, detect, and respond to emerging threats and sophisticated attacks on enterprise networks. The person in this role onboards, ingests, reviews, and analyzes large and highly complex datasets and information to provide content, conclusions, and actionable recommendations to mitigate risk and stop attackers cold. Work with application development teams and third-party vendors to develop data for enterprise applications in order to create appropriate logs and events Create logging configuration standards for all IT infrastructure and instructs IT on how to configure systems to log appropriately Create event dashboards and metrics and establishes threshold standards Perform centralized data onboarding and log ingestion into the Splunk platform to improve the visibility of security threat management at Company Administer Splunk Enterprise Security solution in a highly available, redundant, distributed multi-site clustered environment Create and optimize correlation searches for the Security Operations Center (SOC) analysts Assist in the operations, performance, and troubleshooting of Splunk, Search Heads, Indexers, Heavy Forwarders, Deployment Server, Splunk Apps/TAs and Data Models Provide recommendations and implement changes to optimize the Splunk platform Reproduce issues, file bug reports, and escalate cases to Splunk support as necessary Performs log audits and actively works to improve log management compliance Ensures data retention of logs and alerts meets corporate standards Maintain Splunk systems internal documentation, including SOP's and design documents Create technical documentation related to system configurations, process, procedure, and knowledgebase articles. Support defensive tools and solutions that identify and stop advanced adversary tactics and techniques. Participate in Computer Incident Response Team (CIRT) responses to active and time-sensitive threats including communications and coordination across different teams. Work closely with other members of the Cyber Risk Management team to lead changes in the company's defense posture. Qualifications: 5+ years of experience in information security 2+ years of hands-on experience with Splunk Enterprise Security Certified Splunk Administrator/Enterprise Security Relevant security certifications (OSCP, OSCE, GPEN, GXPN, GREM, GNFA, GCFA) Experience administrating and operating Splunk in an enterprise environment Knowledge and experience working with the Splunk API Understands the security incident response discipline, including threat hunting, forensics, intrusion detection, and threat intelligence Experience with at least one interpreted programming language (Python, Ruby, etc.) Proficiency in PowerShell and/or Bash Understanding of TCP/IP Networking, and network services such as DNS, SMTP, DHCP, etc. Experience in common phishing and other social engineering tactics Familiarity with malware, command and control channels, and attacker tactics, techniques, and procedures
19/06/2020
Full time
NO SPONSORSHIP Security Incident Response Engineer Salary: $100-120k flex + 20 percent bonus Location: Remote Looking for a sharp incident response engineeer with threat hunting, incident response, threat management, threat intelligence. digital forensics and threat protection. Must also have splunk experience -not just as user but someone who can adjust logs, format logs and able to customize the splunk infrastructure. Key to the job along with the inicident response is heavy splunk and experiene customizing user settings. The Security Incident Response Logging and Event Engineer is responsible for building, maintaining, and improving the engine that powers large-scale security threat management capabilities that protect, detect, and respond to emerging threats and sophisticated attacks on enterprise networks. The person in this role onboards, ingests, reviews, and analyzes large and highly complex datasets and information to provide content, conclusions, and actionable recommendations to mitigate risk and stop attackers cold. Work with application development teams and third-party vendors to develop data for enterprise applications in order to create appropriate logs and events Create logging configuration standards for all IT infrastructure and instructs IT on how to configure systems to log appropriately Create event dashboards and metrics and establishes threshold standards Perform centralized data onboarding and log ingestion into the Splunk platform to improve the visibility of security threat management at Company Administer Splunk Enterprise Security solution in a highly available, redundant, distributed multi-site clustered environment Create and optimize correlation searches for the Security Operations Center (SOC) analysts Assist in the operations, performance, and troubleshooting of Splunk, Search Heads, Indexers, Heavy Forwarders, Deployment Server, Splunk Apps/TAs and Data Models Provide recommendations and implement changes to optimize the Splunk platform Reproduce issues, file bug reports, and escalate cases to Splunk support as necessary Performs log audits and actively works to improve log management compliance Ensures data retention of logs and alerts meets corporate standards Maintain Splunk systems internal documentation, including SOP's and design documents Create technical documentation related to system configurations, process, procedure, and knowledgebase articles. Support defensive tools and solutions that identify and stop advanced adversary tactics and techniques. Participate in Computer Incident Response Team (CIRT) responses to active and time-sensitive threats including communications and coordination across different teams. Work closely with other members of the Cyber Risk Management team to lead changes in the company's defense posture. Qualifications: 5+ years of experience in information security 2+ years of hands-on experience with Splunk Enterprise Security Certified Splunk Administrator/Enterprise Security Relevant security certifications (OSCP, OSCE, GPEN, GXPN, GREM, GNFA, GCFA) Experience administrating and operating Splunk in an enterprise environment Knowledge and experience working with the Splunk API Understands the security incident response discipline, including threat hunting, forensics, intrusion detection, and threat intelligence Experience with at least one interpreted programming language (Python, Ruby, etc.) Proficiency in PowerShell and/or Bash Understanding of TCP/IP Networking, and network services such as DNS, SMTP, DHCP, etc. Experience in common phishing and other social engineering tactics Familiarity with malware, command and control channels, and attacker tactics, techniques, and procedures
Request Technology - Robyn Honquest
Reston , Virginia, United States
The Application Security Engineer is responsible for securing enterprise information at the Company by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; and mentoring team members. Additionally, this position is responsible for identifying potential threats to the IT infrastructure and recommending enterprise security enhancements. The Application Security Engineer will work on project teams as a technical expert and deliver quality products according to project timelines and budgets. PRINCIPAL RESPONSIBILITIES Conduct application security reviews, vulnerability analyses, and risk assessments; identify integration issues. Recommend best practices and integrate mitigation strategies using Web Application Firewalls and the OWASP framework. Use technical knowledge of current attacks to identify flaws and weaknesses in the composition and design of networks, remote access schemes, systems, and applications to specify solutions, verify the solutions that have been implemented, and rapidly adjust designs based on new threat and attack information as acquired. Provide engineering support, troubleshooting, and evaluation of preventative and detective security technologies such as: Malware detection, web/email content filtering, intrusion detection and prevention, and vulnerability management. Serve as technical and project lead on IT Security initiatives; partner with System Engineers, Application Development teams, and Architects. Maintain security posture by monitoring and ensuring IT Security compliance to standards, policies, and procedures; conduct incident response analyses; develop and deliver training programs to team members. Enhance existing architecture and design through planning delivery of solutions; answering technical and procedural questions for team members; teaching improved processes; and mentoring team members. Generate and document operational processes, procedures, and incident response plans where necessary. Support the Company's diversity and inclusion strategy by following policies and procedures that ensure opportunities for employees and diverse business partners. Assist with other job duties as assigned. REQUIREMENTS Minimum 5 years of experience designing, deploying, configuring, supporting, troubleshooting, debugging, and administering Network Security Products (Firewalls, Proxy, Intrusion Detection Systems/Intrusion Prevention Systems, etc.). Minimum 5 years of experience practicing Change, Problem, and Incident management processes utilizing ITIL in an enterprise environment. Minimum of 5 years of experience implementing and troubleshooting F5 BIG-IP solutions (APM, ASM) Ability to analyze, use, and configure large enterprise networks. Proven crisis management skills. Understanding of malware, emerging threats, attacks, and vulnerability management. Thorough understanding of network protocols such as TCP/IP and web protocols (HTTP/HTTPS). Working knowledge of Firewall technologies. Fundamental knowledge of different operating systems (Sun Solaris, Linux, Windows, etc.). Ability to initiate and complete assignments accurately and on time, with minimal supervision. Ability to work effectively with vendor technical support channels. Comprehensive understanding of the terminology, principles, and application of fault tolerance high availability and disaster recovery preparedness. Working knowledge of data security controls, protocols, and methods. Bachelor's degree in related field preferred. Strong written and oral communication skills.
19/06/2020
Full time
The Application Security Engineer is responsible for securing enterprise information at the Company by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; and mentoring team members. Additionally, this position is responsible for identifying potential threats to the IT infrastructure and recommending enterprise security enhancements. The Application Security Engineer will work on project teams as a technical expert and deliver quality products according to project timelines and budgets. PRINCIPAL RESPONSIBILITIES Conduct application security reviews, vulnerability analyses, and risk assessments; identify integration issues. Recommend best practices and integrate mitigation strategies using Web Application Firewalls and the OWASP framework. Use technical knowledge of current attacks to identify flaws and weaknesses in the composition and design of networks, remote access schemes, systems, and applications to specify solutions, verify the solutions that have been implemented, and rapidly adjust designs based on new threat and attack information as acquired. Provide engineering support, troubleshooting, and evaluation of preventative and detective security technologies such as: Malware detection, web/email content filtering, intrusion detection and prevention, and vulnerability management. Serve as technical and project lead on IT Security initiatives; partner with System Engineers, Application Development teams, and Architects. Maintain security posture by monitoring and ensuring IT Security compliance to standards, policies, and procedures; conduct incident response analyses; develop and deliver training programs to team members. Enhance existing architecture and design through planning delivery of solutions; answering technical and procedural questions for team members; teaching improved processes; and mentoring team members. Generate and document operational processes, procedures, and incident response plans where necessary. Support the Company's diversity and inclusion strategy by following policies and procedures that ensure opportunities for employees and diverse business partners. Assist with other job duties as assigned. REQUIREMENTS Minimum 5 years of experience designing, deploying, configuring, supporting, troubleshooting, debugging, and administering Network Security Products (Firewalls, Proxy, Intrusion Detection Systems/Intrusion Prevention Systems, etc.). Minimum 5 years of experience practicing Change, Problem, and Incident management processes utilizing ITIL in an enterprise environment. Minimum of 5 years of experience implementing and troubleshooting F5 BIG-IP solutions (APM, ASM) Ability to analyze, use, and configure large enterprise networks. Proven crisis management skills. Understanding of malware, emerging threats, attacks, and vulnerability management. Thorough understanding of network protocols such as TCP/IP and web protocols (HTTP/HTTPS). Working knowledge of Firewall technologies. Fundamental knowledge of different operating systems (Sun Solaris, Linux, Windows, etc.). Ability to initiate and complete assignments accurately and on time, with minimal supervision. Ability to work effectively with vendor technical support channels. Comprehensive understanding of the terminology, principles, and application of fault tolerance high availability and disaster recovery preparedness. Working knowledge of data security controls, protocols, and methods. Bachelor's degree in related field preferred. Strong written and oral communication skills.
Request Technology - Craig Johnson
Reston , Virginia, United States
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking an Application and Network Security Engineer. Candidate is responsible for securing enterprise information at the Company by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; and mentoring team members. Additionally, this position is responsible for identifying potential threats to the IT infrastructure and recommending enterprise security enhancements. The Application Security Engineer will work on project teams as a technical expert and deliver quality products according to project timelines and budgets. Responsibilities: Conduct application security reviews, vulnerability analyses, and risk assessments; identify integration issues. Recommend best practices and integrate mitigation strategies using Web Application Firewalls and the OWASP framework. Use technical knowledge of current attacks to identify flaws and weaknesses in the composition and design of networks, remote access schemes, systems, and applications to specify solutions, verify the solutions that have been implemented, and rapidly adjust designs based on new threat and attack information as acquired. Provide engineering support, troubleshooting, and evaluation of preventative and detective security technologies such as: Malware detection, web/email content filtering, intrusion detection and prevention, and vulnerability management. Serve as technical and project lead on IT Security initiatives; partner with System Engineers, Application Development teams, and Architects. Maintain security posture by monitoring and ensuring IT Security compliance to standards, policies, and procedures; conduct incident response analyses; develop and deliver training programs to team members. Enhance existing architecture and design through planning delivery of solutions; answering technical and procedural questions for team members; teaching improved processes; and mentoring team members. Generate and document operational processes, procedures, and incident response plans where necessary. Support the Company's diversity and inclusion strategy by following policies and procedures that ensure opportunities for employees and diverse business partners. Assist with other job duties as assigned. Qualifications: 5+ years of experience designing, deploying, configuring, supporting, troubleshooting, debugging, and administering Network Security Products (Firewalls, Proxy, Intrusion Detection Systems/Intrusion Prevention Systems, etc.). 5+ years of experience practicing Change, Problem, and Incident management processes utilizing ITIL in an enterprise environment. Minimum of 5 years of experience implementing and troubleshooting F5 BIG-IP solutions (APM, ASM) Ability to analyze, use, and configure large enterprise networks. Proven crisis management skills. Understanding of malware, emerging threats, attacks, and vulnerability management. Thorough understanding of network protocols such as TCP/IP and web protocols (HTTP/HTTPS). Working knowledge of Firewall technologies. Fundamental knowledge of different operating systems (Sun Solaris, Linux, Windows, etc.). Ability to initiate and complete assignments accurately and on time, with minimal supervision. Ability to work effectively with vendor technical support channels. Comprehensive understanding of the terminology, principles, and application of fault tolerance high availability and disaster recovery preparedness. Working knowledge of data security controls, protocols, and methods. Bachelor's degree in related field preferred. Strong written and oral communication skills. Ability to effectively lead and influence others without direct managerial authority within an inclusive work environment, using collaboration, coordination, and self-motivation. Ability to listen and integrate ideas from diverse groups of individuals, build and maintain respectful relationships, collaborate with others, and resolve conflicts constructively. Experience supporting IT service delivery in a highly-regulated and audited environment preferred.
19/06/2020
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking an Application and Network Security Engineer. Candidate is responsible for securing enterprise information at the Company by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; and mentoring team members. Additionally, this position is responsible for identifying potential threats to the IT infrastructure and recommending enterprise security enhancements. The Application Security Engineer will work on project teams as a technical expert and deliver quality products according to project timelines and budgets. Responsibilities: Conduct application security reviews, vulnerability analyses, and risk assessments; identify integration issues. Recommend best practices and integrate mitigation strategies using Web Application Firewalls and the OWASP framework. Use technical knowledge of current attacks to identify flaws and weaknesses in the composition and design of networks, remote access schemes, systems, and applications to specify solutions, verify the solutions that have been implemented, and rapidly adjust designs based on new threat and attack information as acquired. Provide engineering support, troubleshooting, and evaluation of preventative and detective security technologies such as: Malware detection, web/email content filtering, intrusion detection and prevention, and vulnerability management. Serve as technical and project lead on IT Security initiatives; partner with System Engineers, Application Development teams, and Architects. Maintain security posture by monitoring and ensuring IT Security compliance to standards, policies, and procedures; conduct incident response analyses; develop and deliver training programs to team members. Enhance existing architecture and design through planning delivery of solutions; answering technical and procedural questions for team members; teaching improved processes; and mentoring team members. Generate and document operational processes, procedures, and incident response plans where necessary. Support the Company's diversity and inclusion strategy by following policies and procedures that ensure opportunities for employees and diverse business partners. Assist with other job duties as assigned. Qualifications: 5+ years of experience designing, deploying, configuring, supporting, troubleshooting, debugging, and administering Network Security Products (Firewalls, Proxy, Intrusion Detection Systems/Intrusion Prevention Systems, etc.). 5+ years of experience practicing Change, Problem, and Incident management processes utilizing ITIL in an enterprise environment. Minimum of 5 years of experience implementing and troubleshooting F5 BIG-IP solutions (APM, ASM) Ability to analyze, use, and configure large enterprise networks. Proven crisis management skills. Understanding of malware, emerging threats, attacks, and vulnerability management. Thorough understanding of network protocols such as TCP/IP and web protocols (HTTP/HTTPS). Working knowledge of Firewall technologies. Fundamental knowledge of different operating systems (Sun Solaris, Linux, Windows, etc.). Ability to initiate and complete assignments accurately and on time, with minimal supervision. Ability to work effectively with vendor technical support channels. Comprehensive understanding of the terminology, principles, and application of fault tolerance high availability and disaster recovery preparedness. Working knowledge of data security controls, protocols, and methods. Bachelor's degree in related field preferred. Strong written and oral communication skills. Ability to effectively lead and influence others without direct managerial authority within an inclusive work environment, using collaboration, coordination, and self-motivation. Ability to listen and integrate ideas from diverse groups of individuals, build and maintain respectful relationships, collaborate with others, and resolve conflicts constructively. Experience supporting IT service delivery in a highly-regulated and audited environment preferred.
Request Technology - Kyle Honn
Virginia, United States
Application Security Engineer *We are unable to sponsor as this is a permanent full time role* Responsibilities Conduct application security reviews, vulnerability analyses, and risk assessments; identify integration issues. Recommend best practices and integrate mitigation strategies using Web Application Firewalls and the OWASP framework. Use technical knowledge of current attacks to identify flaws and weaknesses in the composition and design of networks, remote access schemes, systems, and applications to specify solutions, verify the solutions that have been implemented, and rapidly adjust designs based on new threat and attack information as acquired. Provide engineering support, troubleshooting, and evaluation of preventative and detective security technologies such as: Serve as technical and project lead on IT Security initiatives; partner with System Engineers, Application Development teams, and Architects. Maintain security posture by monitoring and ensuring IT Security compliance to standards, policies, and procedures; conduct incident response analyses; develop and deliver training programs to team members. Enhance existing architecture and design through planning delivery of solutions; answering technical and procedural questions for team members; teaching improved processes; and mentoring team members. Generate and document operational processes, procedures, and incident response plans where necessary. Support the Company's diversity and inclusion strategy by following policies and procedures that ensure opportunities for employees and diverse business partners. Qualifications 5+ years of experience designing, deploying, configuring, supporting, troubleshooting, debugging, and administering Network Security Products (Firewalls, Proxy, Intrusion Detection Systems/Intrusion Prevention Systems, etc.). 5+ years of experience practicing Change, Problem, and Incident management processes utilizing ITIL in an enterprise environment. 5+ years of experience implementing and troubleshooting F5 BIG-IP solutions (APM, ASM) Ability to analyze, use, and configure large enterprise networks. Understanding of malware, emerging threats, attacks, and vulnerability management. Thorough understanding of network protocols such as TCP/IP and web protocols (HTTP/HTTPS). Working knowledge of Firewall technologies. Fundamental knowledge of different operating systems (Sun Solaris, Linux, Windows, etc.). Ability to initiate and complete assignments accurately and on time, with minimal supervision. Ability to work effectively with vendor technical support channels. Comprehensive understanding of the terminology, principles, and application of fault tolerance high availability and disaster recovery preparedness. Working knowledge of data security controls, protocols, and methods. Bachelor's degree in a technical field Ability to effectively lead and influence others without direct managerial authority within an inclusive work environment, using collaboration, coordination, and self-motivation. Ability to listen and integrate ideas from diverse groups of individuals, build and maintain respectful relationships, collaborate with others, and resolve conflicts constructively. Experience supporting IT service delivery in a highly-regulated and audited environment preferred. If this is an opportunity that you're interested in please email your resume to: (see below)
19/06/2020
Full time
Application Security Engineer *We are unable to sponsor as this is a permanent full time role* Responsibilities Conduct application security reviews, vulnerability analyses, and risk assessments; identify integration issues. Recommend best practices and integrate mitigation strategies using Web Application Firewalls and the OWASP framework. Use technical knowledge of current attacks to identify flaws and weaknesses in the composition and design of networks, remote access schemes, systems, and applications to specify solutions, verify the solutions that have been implemented, and rapidly adjust designs based on new threat and attack information as acquired. Provide engineering support, troubleshooting, and evaluation of preventative and detective security technologies such as: Serve as technical and project lead on IT Security initiatives; partner with System Engineers, Application Development teams, and Architects. Maintain security posture by monitoring and ensuring IT Security compliance to standards, policies, and procedures; conduct incident response analyses; develop and deliver training programs to team members. Enhance existing architecture and design through planning delivery of solutions; answering technical and procedural questions for team members; teaching improved processes; and mentoring team members. Generate and document operational processes, procedures, and incident response plans where necessary. Support the Company's diversity and inclusion strategy by following policies and procedures that ensure opportunities for employees and diverse business partners. Qualifications 5+ years of experience designing, deploying, configuring, supporting, troubleshooting, debugging, and administering Network Security Products (Firewalls, Proxy, Intrusion Detection Systems/Intrusion Prevention Systems, etc.). 5+ years of experience practicing Change, Problem, and Incident management processes utilizing ITIL in an enterprise environment. 5+ years of experience implementing and troubleshooting F5 BIG-IP solutions (APM, ASM) Ability to analyze, use, and configure large enterprise networks. Understanding of malware, emerging threats, attacks, and vulnerability management. Thorough understanding of network protocols such as TCP/IP and web protocols (HTTP/HTTPS). Working knowledge of Firewall technologies. Fundamental knowledge of different operating systems (Sun Solaris, Linux, Windows, etc.). Ability to initiate and complete assignments accurately and on time, with minimal supervision. Ability to work effectively with vendor technical support channels. Comprehensive understanding of the terminology, principles, and application of fault tolerance high availability and disaster recovery preparedness. Working knowledge of data security controls, protocols, and methods. Bachelor's degree in a technical field Ability to effectively lead and influence others without direct managerial authority within an inclusive work environment, using collaboration, coordination, and self-motivation. Ability to listen and integrate ideas from diverse groups of individuals, build and maintain respectful relationships, collaborate with others, and resolve conflicts constructively. Experience supporting IT service delivery in a highly-regulated and audited environment preferred. If this is an opportunity that you're interested in please email your resume to: (see below)
