21 joburi disponibile

Incident Response/Forensics Engineer Responsibilities Design, build, run, and own infrastructure and automation to detect, contain, and eradicate security threats. Lead the Computer Incident Response Team (CIRT) in responding to active and time-sensitive threats including communications and coordination across different teams. Work closely with other members of the Information Security team to lead changes in the company's defense posture. Develop new and novel defense techniques to identify and stop advanced adversary tactics and techniques. Perform forensics on network, host, memory, and other artifacts originating from multiple operating systems, applications, or networks and extract IOCs (Indicators of Compromise) and TTP (Tactics, Techniques, and Procedures). Collect, analyze, assess, and disseminate information about cyber threats and potential attacks. Conduct human-driven, proactive, and iterative hunts through enterprise networks, endpoints, or datasets to detect malicious, suspicious, or risky activities that have evaded detection by existing tools. Qualifications Bachelor's degree in Computer Science or equivalent work experience. 7+ years of experience in information security. Advanced knowledge of TCP/IP Networking, and network services such as DNS, SMTP, DHCP, etc. In-depth understanding of authentication protocols, applied cryptography, key management, PKI and SSL/TLS. Possession of a holistic view of the threat, vulnerability, and risk as well as their relationship. Deep understanding of internals and constructs of at least two main modern operation systems. Relevant security certifications (OSCP, OSCE, GPEN, GXPN, GREM, GNFA, GCFA). Applied experience with application and business logic Embedded in business systems. Knowledge of open security testing standards and projects, including OWASP. Proficiency with at least one interpreted programming language (Python, Ruby, etc.). Experience employing phishing and other social engineering tactics. Experience using multiple command and control channels, including DNS and HTTPS. If this is an opportunity that you're interested in please email your resume to: (see below)

The Role UNIX Administrator Auxilion, part of IT. Alliance Group, is looking to hire a UNIX Administrator. This is a permanent position joining our established team in Sheffield reporting into the RMM Operations Manager The Team: The RMM team in Sheffield is the escalation for Auxilion level 2/3 support and remote monitoring and management of client infrastructure. The team is comprised of several day-based engineers and a team of 8 engineers working shift providing 24*7*365 support. This position is to join the team of day-based engineers and deliver best of breed support to our enterprise customers. Experience and Knowledge: Prior experience in a 24 x 7 Network Operations Center/Service Desk Environment 3rd level technical service experience level a must. Good problem-solving skills Excellent communication skills (Communication to customers verbal and written is mandatory) 2-5 years' Commercial Experience with a major flavor of Linux (Red hat or SUSe preferred) Essential Skills: Core Infrastructure - Red Hat, SUSe Linux Virtualization. Shell Scripting (BASH/KSH) Server Architecture Patching, upgrades tuning and all other Standard Admin tasks Understanding of Logical Volume Management and filesystems. Desirable Skills: Experience of Commercial Versions of UNIX - Solaris/AIX/HP Experience with Cloud technologies -Azure/AWS Security and System Hardening Experience of clustering technologies. Experience of Standard UNIX/Linux apps and utilities Backup & Archiving Knowledge of networking, NFS Knowledge of SAN components and multipathing products. Experience of working in a server support environment. Service oriented behavior and communication to internal and external customers. Ability to cope with pressures of peak workloads, short deadlines. Experience with face-to-face customer liaison. Qualities: Integrity, attention to detail, timeline sensitive, goal oriented, motivated. Good communication skills. Team player. Experienced with ITIL support services disciplines an advantage What you get to do in this role: Working in a support environment the RMM Engineer focuses on continuous operation of the various customer estates, many of them running in a high availability environment. Incident resolution and monitoring of the supported estate through several key monitoring (RMM) tools Ensure user tickets and monitoring alerts are handled per pre-defined SLA's for response time, updates and closure Respond to requests via monitoring tools, email requests etc Participates in availability, capacity and change management processes. You will be expected to handle technical incidents and changes across the UNIX/Linux server, Azure and VMware estate. Perform troubleshooting on 3rd party application and web services where required. Our Company Auxilion - About Us Work matters. It's where we spend a third of our lives. At Auxilion we strive to be a great place to work, with career opportunities and development of people in our DNA. Our competitive advantage is how we manage the Customer Relationship journey. Our people have a passion for their work, our culture and our values. Whether you're focus is technical, sales, finance. or anything in-between, our roles aim to provide each person with meaningful impact and plenty of space to grow.

*We are unable to sponsor for this permanent Full time role* *This role can be a remote role for the right candidate* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Incident Response Threat Engineer with strong Splunk experience. Candidate is responsible for all aspects of security threat management. This hands-on technical role shares responsibilities across the team in conducting cyber threat intelligence, executing threat hunts, participating and leading incident response efforts, performing digital forensics, and implementing threat protection across the enterprise. Candidate will be responsible for building, maintaining, and improving the engine that powers large-scale security threat management capabilities that protect, detect, and respond to emerging threats and sophisticated attacks on enterprise networks. The person in this role reviews and analyzes large and highly complex data-sets and information to provide content, conclusions, and actionable recommendations to mitigate risk and stop attackers cold. Candidate should have an applied and in-depth understanding of malware, attacker tactics, techniques, and procedures and experience defending organizations from these threats. In addition to having a breadth of technical experience, the candidate should have leadership and customer communication experience Responsibilities: Design, build, run, and own infrastructure and automation to detect, contain, and eradicate security threats. Develop new and novel defense techniques to identify and stop advanced adversary tactics and techniques. Perform forensics on network, host, memory, and other artifacts originating from multiple operating systems, applications, or networks and extract IOCs (Indicators of Compromise) and TTP (Tactics, Techniques, and Procedures). Collect, analyze, assess, and disseminate information about cyber threats and potential attacks. Conduct human-driven, proactive, and iterative hunts through enterprise networks, endpoints, or datasets to detect malicious, suspicious, or risky activities that have evaded detection by existing tools. Lead the Computer Incident Response Team (CIRT) in responding to active and time-sensitive threats including communications and coordination across different teams. Work closely with other members of the Information Security team to lead changes in the company's defense posture. Qualifications: BS/MS in Computer Science or equivalent work experience. 7+ years of experience in information security. Possession of a holistic view of the threat, vulnerability, and risk as well as their relationship. Deep understanding of internals and constructs of at least two main modern operation systems. Relevant security certifications (OSCP, OSCE, GPEN, GXPN, GREM, GNFA, GCFA). Applied experience with application and business logic Embedded in business systems. Knowledge of open security testing standards and projects, including OWASP. Proficiency with at least one interpreted programming language (Python, Ruby, etc.). Advanced knowledge of TCP/IP Networking, and network services such as DNS, SMTP, DHCP, etc. In-depth understanding of authentication protocols, applied cryptography, key management, PKI and SSL/TLS. Experience employing phishing and other social engineering tactics. Experience using multiple command and control channels, including DNS and HTTPS.

IAM Architect This can be a contract, contract to hire or direct hire Salary: $150 an hour flex our price - $170k to $180k plus bonus full time Location: Remote You will be responsible for the design and development of new security solutions. Tier III Support, SDLC, product life cycle, forensics and investigations, IT & Application penetration testing, documentation, and RCA's. Must have Sailpoint. The individual will facilitate and gather requirements from our customers and provide security solutions to meet their needs while aligning with Company strategies, policies, standards, guidelines, and procedures. Serve as an SME in all areas of Identity Access Management; Provide subject matter expertise for Architecture, Planning Engineer solutions to ensure Payment Card Industry (PCI-DSS) and Sarbanes-Oxley (SOX) Compliance Works to ensure projects are completed on budget Provide Expert access troubleshooting and production support as needed in all systems across the enterprise especially related to Active Directory, IAM, Privileged ID Management, and SAML technologies Partner and execute complex changes in the Security Landscape based on results from analysis received from Internal Controls & Compliance, Internal Audit, External Audit and other functions as deemed appropriate Supports departmental and corporate goals by meeting key performance indicators and defined metrics Lead security project implementation from conception, design, testing and implementation. Serve as a mentor to Engineers. Lead and participate in, as required, analysing, developing, and implementing large or complex Identity security solutions, as requested by business and process team partners. Bachelor's degree in Information Systems or related degree, or equivalent job experience.  Experience: 7+ years of experience or training in Identity systems security fundamentals design, implementation and troubleshooting across all computer platforms. 7 or more years required of combined IT and security work experience with a broad exposure to infrastructure/network and multi-platform environments. Expert understanding of Identity technologies and understanding of integration of applications within a distributed environment Expert understanding of certificate based authentication and certificate management (eg SSL and PKI) Expert understanding of position based security model within the HR Org and distribution throughout the enterprise Expert understanding of Risk and Compliance framework, regulatory compliance (Sarbanes-Oxley (SOX) and PCI-DSS) Experience in implementation and management of security access systems within the enterprise and in the cloud (eg Federation, SAML, etc.) Demonstrates an expert understanding of how security access systems integrate across the enterprise Any of the following are highly preferred: CISSP, CRISC, CISM or CCIE Security Ability to quickly learn, become competent in, and effectively apply new skills Experienced in leading large security access system upgrades/projects Ability to add/change and provision roles and tasks in an IAM environment via standard business applications. Has an advanced understanding of an IAM environment and related technologies, including Active Directory and SAP Advanced Experience in supporting identity access applications and experience Sailpoint Ability to troubleshoot user account and directory object issues throughout the IAM environment including Privileged ID Management, Active Directory, and SAML environment. Demonstrates an advanced understanding of troubleshooting and configuring the IAM landscape including Privileged ID Management and SAMIL SSO integrations. Experience and hands-on working knowledge with a variety of Security tools including but not limited to Identity and Access Management, LDAP, Active Directory, forensics software, and security incident response.

Lead Security Engineer Responsibilities Collaborate with other teams as necessary to ensure customer service levels are met Design and development of Security Solutions to protect Company IT assets (Americas) Work closely with Infrastructure OR Software Delivery engineering teams to ensure security requirements are understood and built into the design of other entreprise services Forecast and Establish technical requirements in concert with Architecture and Risk Management for Connectivity (intra and intercompany), Internet facing solutions, Infrastructure, Application, eCommerce, Mobility, Cloud, etc. Lead the execution of more complex multi-platform changes Participate in projects as required; analyze, design, develop and implement security solutions which protect the information assets while enabling business functionality Lead/direct IT infrastructure OR application penetration testing using standard tools and procedures Perform Root Cause analysis for security or availability failure annd direct the remediation of Security related causes Provide subject matter expertise for Architecture, Planning and Roadmap sessions Research, evaluate, design, test, recommend and plan the implementation of new or updated information security technologies Document solutions engineered to be handed off to SOC, and other Engineering support organizations Own Security aspects of Software OR Infrastructure Delivery life cycle Perform product and solution life cycle management ensuring capacity, integrity and availability of all systems. Qualifications Bachelors degree in Information Systems or related degree, or equivalent job experience. 2+ years of experience in Security solution design, implementation and troubleshooting across all computer platforms. 5+ years of experience in Security technology implementation and troubleshooting across all computer platforms 5+ or more years required of combined IT and security work experience with a broad exposure to infrastructure/network and multi-platform environments. Experience and hands-on working knowledge with a variety of security technologies and processes including but not limited to Firewall (such as Check Point, Fortinet, Cisco ASA, Palo Alto, Juniper), VPN, SEIM, IDS/IPS (such as SourceFire, HP TippingPoint), HIDS, malware analysis and protection, content filtering, logical access controls, data loss prevention (such as Symantec, RSA, McAfee), content filtering technologies, application Firewalls (such as F5, Imperva), vulnerability scanners, forensics software, and security incident response. Understanding of Cloud solution best practices and integration techniques GIAC and ISC2 certifications such as CISSP are highly preferred. Good understanding of Risk and Compliance framework, regulatory compliance (Sarbanes-Oxley (SOX) and PCI-DSS) Solid understanding of standard business processes including Change Management, Problem Management, Work Prioritization, Quality Assurance, and Continuous Improvement best practices, etc. If this is an opportunity that you're interested in please email your resume (see below)

*An Opportunity for an experienced Cloud Security Consultant to join a leading cyber security consultancy - London Based but also considering candidates based in the Beds/Berks/Bucks/Herts/Hants areas* *PLEASE NOTE - THIS ROLE DOES NOT OFFER VISA SPONSORSHIP* The Role My client - a well-known global cybersecurity company specialising in incident response, penetration testing and threat intelligence services - is looking for looking for an experienced Cloud Security Consultant to join them as they grown their cloud-focused security services I am looking for you someone who will understand how to analyse large, complex cloud environments to identify vulnerabilities, and can architect and implement secure systems within the cloud. Duties include; Delivering hands-on consultancy for the client base, including technical activities, report writing and presentation Dedicated research time to produce research to a publishable standard Supporting my client in their ambitious innovation and growth plans Working closely with other teams to produce scopes, bid content and pre-sales support to help win new business. Delivering hands-on consultancy for ghee company's clients, including technical activities, report writing and presentations What Experience Do You Need? You will have an in-depth technical knowledge of at least one major cloud provider (AWS, Azure, Google Cloud). If you have experience with multiple providers, or with an orchestration technology such as Kubernetes, then even better! A background within delivering penetration testing, security monitoring or incident response in cloud environments is highly desirable. If you have experience in cloud architecture or cloud engineering and are interested in applying your skills and expertise to security environment I would also like to hear from you You'll be passionate about information security - you attend related industry events and actively participate and 'give back' to the security community - and are a guru on the major cloud platforms You have an innovative mind-set, pro-active 'can do' approach to challenges and be willing to question and disrupt existing approaches to information security You're an excellent communicator at both the high-level and low-level, and just as comfortable speaking to a tech team as to the board A background as an AWS Solutions Architect or Azure Solutions Architect would be highly desirable Any experience with modern infrastructure management tools (Terraform, CloudFormation, Ansible, Puppet etc), common Continuous Integration/Continuous Deployment (CI/CD) and Experience with modern infrastructure management tools (Terraform, CloudFormation, Ansible, Puppet etc) would be highly beneficial You will be based in either England & be a UK citizen

Security Engineer Responsibilities Ability to assess technology projects, initiatives, or strategic direction and serve as a collaborative and strategic cybersecurity partner in identifying complex, multi-faceted or new cybersecurity solutions required to support the desired goals. Full understanding of industry standard security frameworks such as ISO, NIST SP 800-53, HIPAA, PCI, CIS, HITRUST, or NIST CSF and how to confirm security alignment operationally and in consulting or solution engineering. Partner and design changes in the cybersecurity Landscape based on results from analysis received from Risk & Compliance, Internal Audit, External Audit and other functions as deemed appropriate. Actively engage with Security Operations to assess overall data points being tracked, reported, and monitored and collaborate on better methods, metrics, data sources, or a combination thereof to increase effectiveness and value in security alerting and monitoring. Provides expert advice into the conceptual and technical design/execution of the enterprise wide cybersecurity solutions. (Windows, UNIX, Network, Web, TCP/IP, etc.) Ability to manage internal cybersecurity-related projects including; documented scoping, assessments, milestones and key deliverables, timeline and reporting. Provide service-oriented and value add cybersecurity guidance across all Information Technology Manage and optimize existing cybersecurity tool investments, proactively assess, evaluate and provide guidance on effectiveness to Company's cybersecurity posture. Serve as the driver in our security posture visibility and alerting maturity through partnered and purposeful analysis efforts; drive maturity beyond alerts, incidents and tickets into proactive analysis. Provide supportfor escalated incidents; Perform root cause analysis for cybersecurity, availability failure, and direct the remediation of cybersecurity related causes. Assist in the maturity and growth of the team by sharing knowledge, insight and mentoring the team to help expand overall capabilities. Serve as advisory resources to projects led by cybersecurity architecture and operations. Qualifications Bachelor's Degree in Information Security, Computer Science, Engineering, or equivalent related work experience 2 years of experience in a security related field. Operation Framework models such as DevOps, SecDevOps, SDLC, ITIL Scripting technologies such as Bash, Python, Ruby, PowerShell Cybersecurity practices around orchestration and automation technologies Securing container technologies, platform hardening and incident response Application security testing technologies such as IAST, DAST, RAST and SAST Cloud security including cloud native solutions, IaaS, PaaS, SaaS, Etc. Next-generation Firewalls and Web Application Firewalls Any Security related certifications are preferred (CEH, CISSP, CISA, GIAC, COMPTIA, etc.) If this is an opportunity that you're interested in please email your resume to: (see below)

A Senior Threat Hunting Analyst is required by a prestigious organisation in their Malvern offices. As the Senior Threat Hunting Analyst you will develop and lead the new Threat Hunting capability at the heart of the threat hunting service. This is part of a portfolio of cyber security services provided by the Enterprise Cyber business to their internal and external clients. You will proactively search for and detect advanced persistent threats, develop and lead a team to do this including training and coaching junior cyber analysts, developing the companies threat hunting capability What's in it for the Senior Threat Hunting Analyst ? Working for a recognised company with an excellent reputation Excellent benefits package including contributory pension, Life Cover, income protection and much more Excellent Salary Working in a company who invest in their team (including certifications & subscriptions) Excellent Career Development opportunities You will be working within industry leading teams and people Skills for the Senior Threat Hunting Analyst Hold current SC clearance and be willing to go through DV Proactively search and detect advanced persistent attacks underway on a system Experience in alert monitoring, incident response and technical forensics Strong understanding of network and endpoint characteristics, and normal behaviour thereof Knowledge of relevant frameworks such as MITRE ATT&CK, GPG-13 and CIS 20 SQL queries, REGEX expressions and PowerShell/bash scripts Proven track record of working in an information security role in an operational environment Experience of utilising Endpoint Detection and Response (EDR) tools Security Information and Event Management (SIEM) experience Ability to lead, and work effectively with, individuals with varying levels of experience Experience utilising threat hunting tools and big data platforms Company One of the UK leading partners in Intelligence and National Security, Science and Technology that works on cutting edge research projects. A global organisation primarily established in the UK and the US, currently growing in international markets. They provide a wide range of services, such as technical, scientific and engineering expertise. This particular site provides scientific research and development and applies this to the commercial world making it viable for sale. Company Culture Currently staffed with problem solvers and analytically minded individuals, they pride themselves on being able to think outside the box. Passionate about technology and actively self-learn outside of core working hours, they are seen as some of the best minds in the UK. If you have the essential skills and you are a Senior Threat Hunting Analyst wanting to work for a company who invest in their technology and staff, then please apply via the link. IND_PERM_HIGH

Senior CSOC Engineer - UK Home Office - Permanent - Salford, Greater Manchester Senior CSOC Engineer Are you a problem solver? Do you have a background in threat and vulnerability management? This is an exciting time to join the Cyber Programme as we continue to work to protect the Home Offices' IT estate. Why this role is important? Digital Data and Technology (DDaT) enables the Home Office to keep citizens safe and the country secure, as well as at the front line of making the Home Office a modern and capable department at a time of unprecedented global change. Job Responsibilities  As the Senior CSOC Engineer you will be part of the Cyber Security Operations Centre division; you will be someone who can to deep dive into complex Cyber Security Problems and bring back inventive novel solutions. You will become a Subject Matter Expert on the capability and provide an expert skill set to be used to aid Incident response and be required to assist with training of staff who are operating tools that stem from your capability. You will provide research on the latest technologies, processes and threats related to your capability, and be expected to turn this research, into actionable objectives to keep the CSOC, one step ahead of the threats. Successful Senior CSOC Engineers will have the following: At least 3 years' experience in Threat and Vulnerability management or Cyber Security Exposure to security monitoring, vulnerability management tools and threat intelligence sources Managed a security incident from start to finish and provide advice and guidance on security vulnerabilities Understands patching processes at infrastructure, network, application level in traditional data centres and cloud hosting environments. Has high level problem solving and analytical skills Produced MI or reports within their previous roles Create, maintain and optimise scanning schedules using vulnerability scanning tools Troubleshoot issues experiences with scanning's tool and assets. Someone who can work collaboratively with other colleagues to achieve common goal Candidates with the following programming skills; Python, Curl, JavaScript, Java, PowerShell would be highly desirable. What's on offer As an employer of choice, the Home Office offers an extensive benefits package including: A competitive salary package consisting of: Manchester £36,284 - £40,988* *Candidates that provide an exceptional demonstration of the necessary skills and experience may be subject to receiving a Recruitment & Retention Allowance of up to £8,300 25 days annual leave (rising to 30 after 10 year's service in the Home Office) plus 1 additional day for the Queen's Birthday and 8 bank holidays Excellent pension scheme An extensive training and development plan for this role Flexible working to support a healthy work life balance Please note, this application is an expression of interest, and you will be required to complete a formal application via the civil service jobs website. Further instructions on this will be provided by Hays, once we have received and reviewed your CV. Hays Specialist Recruitment has been appointed as the recruitment partner for the Home Office. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.

Senior CSOC Engineer - UK Home Office - Permanent - Salford, Greater Manchester Senior CSOC Engineer Are you an analytical thinker? Do you have a background in Cyber Security? This is an exciting time to join the Cyber Programme as we continue to work to protect the Home Offices' IT estate. Why this role is important? Digital Data and Technology (DDaT) enables the Home Office to keep citizens safe and the country secure, as well as at the front line of making the Home Office a modern and capable department at a time of unprecedented global change. Job Responsibilities As the Senior CSOC Engineer you will be part of the Cyber Security Operations Centre division; you will be someone who can to deep dive into complex Cyber Security Problems and bring back inventive novel solutions. You will become a Subject Matter Expert on the capability and provide an expert skill set to be used to aid Incident response and be required to assist with training of staff who are operating tools that stem from your capability. You will provide research on the latest technologies, processes and threats related to your capability, and be expected to turn this research, into actionable objectives to keep the CSOC, one step ahead of the threats. Successful Senior CSOC Engineers will have the following: Minimum of 3 years working in cyber security Managed a security incident from start to finish Processed or remediated incoming threat intelligence Conducted own lab- based research on a security topic Excellent Microsoft Office skills Worked closely with other teams to achieve a common goal Produced MI or reports within your previous roles Presented articulately to stakeholders and to non-technical audiences Candidates with Python or PowerShell programming skills would be highly desirable as well as application deployment and maintenance skills. What's on offer As an employer of choice, the Home Office offers an extensive benefits package including: A competitive salary package consisting of: Manchester £36,284 - £40,988* *Candidates that provide an exceptional demonstration of the necessary skills and experience may be subject to receiving a Recruitment & Retention Allowance of up to £8,300 25 days annual leave (rising to 30 after 10 year's service in the Home Office) plus 1 additional day for the Queen's Birthday and 8 bank holidays Excellent pension scheme An extensive training and development plan for this role Flexible working to support a healthy work life balance Please note, this application is an expression of interest, and you will be required to complete a formal application via the civil service jobs website. Further instructions on this will be provided by Hays, once we have received and reviewed your CV. Hays Specialist Recruitment has been appointed as the recruitment partner for the Home Office. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.

Security Operations Engineer A global brand is currently looking to hire a Security Operations Engineer to join them on a greenfield site! They have recently moved their security back in-house and are looking to develop a fully automated SOC. They are looking to become one of the most technologically advanced firms in the retail sector, hence they are looking for brilliant engineers to join them on that endeavour. You would act as a technical lead and get a chance to try out different approaches to creating and enhancing their security suite. If you like thinking outside of the box and being technical- this is your chance! What will you do? Act as a technical lead for SOC. Lead the development of an automated framework. Ensure optimal running of all security platforms (on-prem and Cloud). Technical oversight of incident response. Partaking in Red Teaming activities. What are we looking for? Passion for all things Cyber. Drive to innovate and make positive changes. Experience with various security tools - SIEM, DLP, EDR, PCAP, AV. Strong understanding of cyber-attacks and ways to prevent, detect, respond, mitigate them. Experience with Scripting languages and DevOps toolsets (Github, Jira, Jenkins, etc.) In return my client offers an opportunity to: Skyrocket your career by working in a progression-driven environment (various opportunities in Security Engineering and Architecture). Good compensation package. Expand your skill set. Learn by working on an array of amazing projects. Use the latest technology (will get a say in which products you will use!). Thrive as a part of a well-known company. Salary: £80k + Bonus + Benefits Location: London (flexible) Apply today and join an amazing team! Lawrence Harvey is acting as an employment agency in regards to this position.

Prestigious Fortune 500 Company is currently seeking a Security Orchestration and Automation Response Developer. Candidate is responsible for the delivery of all Security Orchestration, Automation and Response activities. Responsibilities: Closely support and collaborate with other Security Operations Center teams to identify requirements, develop playbooks on the Phantom and Resilient platforms to accomplish the requirements, test playbooks, communicate/coordinate the release of playbooks with affected customers and stake-holders, then release developed automations. Python development, credentials management, Firewall Change Requests, etc. Build strong partnerships with technical dependency teams Light project management Expert-level technical hands-on work Mentoring other platform engineers in OS, networking, IT operations Tracking and driving to completion all of the SOAR development focus group's deliverables Qualifications: Bachelors and/or Master's Degree or equivalent experience in Information Security, Engineering, Computers Science, or related field Have 5+ years experience in application care: admin, patching, vendor support interactions, etc. Have 5+ years experience in network fundamentals mastery: OSI/DoD network models Ethernet IPv4/IPv6 typical layer 3 and 4 protocols associated with IP application layer protocol knowledge stateful inspection Firewalls etc. Have 5+ years experience in security operations center related disciplines: threat Intel, vulnerability management, penetration testing, incident handling (preferred), etc... 2+ years programming/software development: procedural and OO programming, Scripting, RESTful/SOAP API. Most of our work is with Python, so Python programming is necessary. 5+ years SOAR development experience. Preferred candidates will be well versed in Splunk/Phantom. Outstanding customer service attitude and skill. Moderate familiarity with Splunk and Splunk Enterprise Security. Passion for constant self-improvement and learning Familiar with industry standard security best practices for information security and cyber security operations

Azure Security Engineer Our leading financial client is looking for an experienced Security Engineer with Azure and DevOps expertise who can help them make digital banking as safe as possible. You will play a crucial role in the Grid journey to migrate to DevSecOps process and adaptation of the Microsoft Azure cloud. Your contribution will enhance development teams to understand security aspects of the application they develop. You brainstorm, advise and work together with our talented development teams to secure information security at the start of our banking products. Briefly: a constant co-creation and security by design! In terms of hierarchy, there is little to be noticed as we work together in completing our tasks. Your day to day activities as Azure Security Engineer Working with the DevSecOps team for the design and development of security solutions using the approved automation, CI/CD tooling and standards security solutions Recognise areas for security improvements within the cloud platform around automation and CI/CD, access controls, network, automated compliance, alerting and forensics etc. Train DevOps teams in consuming security and security standards as offered by the bank. Facilitate and support testing by DevOps teams and validate security related alerting, incident responses, counter measures, SOC, operational processes, forensics, etc. Define and support secure continuous delivery approaches including tooling and automated testing and support teams with threat modelling. Managing the development, refresh and implementation of security policies, standards, guidelines and procedures. The ideal candidate for Azure Security Engineer A security specialist with the overview of a generalist and therefore an effective consultant & engineer. You are well acquainted with network and application security, as well as both technical and organisational areas. You continuously search for fresh ideas and gain more professional knowledge in order to enlarge your technical capabilities, as well as improving your soft skills. Furthermore, you have a sharp analytical eye and do not easily get stressed. You are bold, do not simply take things at face value and dare to ask questions. You are able to entice managers, colleagues and customers with your ideas. This means you can easily convince people and transpose technical jargons into understandable language effortlessly. Sometimes you will only be given five minutes to substantiate your advice & solution. This should be enough to make your statement. Requirements as Azure Security Engineer Solid experience working with and integrating automated security tools into CI/CD pipelines; Solid understanding of the Microsoft Azure platform; Strong technical knowledge of secure engineering principles; Working knowledge of risk assessments, vulnerability- and compliance management Strong communication skills both verbally and in writing in Dutch and/or English. Following qualifications would help to boost your candidature: Working experience of minimal 5 years in IT, with at least 3 years in Information security Master's degree in Information Science or relevant studies Information security (IS) professional qualifications such as CISSP, CEH, CISA, CISM and CCSK Azure specific certifications such as AZ-300, AZ-301, AZ-400 and AZ-500 Have experience with (cloud) security best practices and translate this to specific advice for the business as well as the bank. Good understanding or familiar with: Migrating workloads from classic datacentres to the cloud A good understanding of cloud concepts and best practices Cloud security with special focus on Azure and SAAS-solutions Patch management, Anti-malware, Access Control Management, Secure Coding, pentesting Network security eg: Firewalls, Proxies, DNS and emerging technologies such as SDN Proven security processes, technologies and architectures such as hardening, patch management, access control, cryptography, communication protocol, Windows and Linux Application security and security coding (OWASP) Agile way of working and DevOps

Security Engineer Location: Derby, UK Permanent - Full Time (37.5 hour week, Standard operating hours between 08:00 - 18:00) Must be eligible for SC Clearance (Must have lived in the UK for 5 years or more) Who you'll be working with Capgemini's Cybersecurity Practice delivers projects and consulting services in all areas of IT and OT, from networks to cloud services and everything in between. Our services include high-level consulting, strategy and business case development, architecture design and implementation across all market sectors including government and secure sectors. Capgemini has over 3000 Cybersecurity professionals (over 300 in the UK) to help define and implement our clients' cybersecurity strategies. We protect their IT, industrial systems and the ever-growing number of products and systems enabled by cloud and the Internet of Things (IoT). As trusted advisors, we also strengthen their defences, optimize their investments and control their risks. We offer a comprehensive portfolio of services that maps across IT advisory, design, implementation and ongoing management, to serve as true an end-to-end capability partner entirely aligned to business outcomes. A solution that is efficient, scalable and secure, that strikes a balance between flexibility and cost, while facilitating innovation and future business planning. The result is improved service quality, productivity and end-user gratification. Introduction to Account Engineers form part of the Security Engineering Team (SET), an expanding team who deliver specific IT Security Services to a client in the Aerospace industry. The team has a footprint in two main sites in Derby, to effectively provide services to the client. The team members are not fixed to one location, which lends itself to interesting and diverse work within differing environments. The focus of your role The role is focused in three main areas for Security Engineering and Operational activity: Projects - Delivering new tools and or upgrading/refreshing existing applications. Run Activity - Monitoring and acting as required on the health of various Security tools. Incident Response - responding with appropriate actions as required if the SOC alerts of an incident. What you'll do Responsible for ensuring the integrity of client IT infrastructures. Keep the lights green on all Security Toolkit Infrastructure within our remit. Support various toolsets including SIEM, IDPS, GVM and Malware Protection . Record and respond to health alerts from the Security Infrastructure we maintain. Tune and enable polices, features and enhancements as required in response to Security Incidents and general enhancements requested by the client. You will be engaged to troubleshoot potential impact of security tooling on business applications as required. You will be assigned to specific project activity to deliver new features or Security Tools. Respond to and follow core IT Service Management Principles. What you'll bring Experience of Engineering and operating Security Toolsets in large and complex environments. An SME in atleast one of the following tools: SIEM, IDPS, GVM and Malware Protection . Experience of Cloud environments (Azure) is desirable You will have a strong understanding of security threats and compromise methods. Understanding of server, client and network technologies. Experience working in an IT outsource environment. You will provide excellent communication skills both written and verbal. Client engagement skills, time management, expectation management etc Show aptitude to learn new technologies. Exhibit a methodical approach to troubleshooting issues. Ability to keep calm and perform under pressurised situations. Experience of balancing security risk versus specific business/client requirements. What we'll offer you Professional development. Accelerated career progression. An environment that encourages entrepreneurial spirit. It's all on offer at Capgemini. And although collaboration is at the core of the way we work, we also recognise individual needs with a flexible benefits package you can tailor to suit you. Why we're different At Capgemini, we help organisations across the world become more agile, more competitive and more successful. Smart, tailored, often-groundbreaking technical solutions to complex problems are the norm. But so, too, is a culture that's as collaborative as it is forward thinking. Working closely with each other, and with our clients, we get under the skin of businesses and to the heart of their goals. You will too. APPLY TODAY for your chance to be considered for this role. A member of our friendly recruitment team will be in touch to discuss your application if you have been successfully shortlisted.

Incident Response/Forensics Engineer Responsibilities Design, build, run, and own infrastructure and automation to detect, contain, and eradicate security threats. Lead the Computer Incident Response Team (CIRT) in responding to active and time-sensitive threats including communications and coordination across different teams. Work closely with other members of the Information Security team to lead changes in the company's defense posture. Develop new and novel defense techniques to identify and stop advanced adversary tactics and techniques. Perform forensics on network, host, memory, and other artifacts originating from multiple operating systems, applications, or networks and extract IOCs (Indicators of Compromise) and TTP (Tactics, Techniques, and Procedures). Collect, analyze, assess, and disseminate information about cyber threats and potential attacks. Conduct human-driven, proactive, and iterative hunts through enterprise networks, endpoints, or datasets to detect malicious, suspicious, or risky activities that have evaded detection by existing tools. Qualifications Bachelor's degree in Computer Science or equivalent work experience. 7+ years of experience in information security. Advanced knowledge of TCP/IP Networking, and network services such as DNS, SMTP, DHCP, etc. In-depth understanding of authentication protocols, applied cryptography, key management, PKI and SSL/TLS. Possession of a holistic view of the threat, vulnerability, and risk as well as their relationship. Deep understanding of internals and constructs of at least two main modern operation systems. Relevant security certifications (OSCP, OSCE, GPEN, GXPN, GREM, GNFA, GCFA). Applied experience with application and business logic Embedded in business systems. Knowledge of open security testing standards and projects, including OWASP. Proficiency with at least one interpreted programming language (Python, Ruby, etc.). Experience employing phishing and other social engineering tactics. Experience using multiple command and control channels, including DNS and HTTPS. If this is an opportunity that you're interested in please email your resume to: (see below)

NO SPONSORSHIP Security Incident Response Engineer Salary: $100-120k flex + 20 percent bonus Location: Remote Looking for a sharp incident response engineeer with threat hunting, incident response, threat management, threat intelligence. digital forensics and threat protection. Must also have splunk experience -not just as user but someone who can adjust logs, format logs and able to customize the splunk infrastructure. Key to the job along with the inicident response is heavy splunk and experiene customizing user settings. The Security Incident Response Logging and Event Engineer is responsible for building, maintaining, and improving the engine that powers large-scale security threat management capabilities that protect, detect, and respond to emerging threats and sophisticated attacks on enterprise networks. The person in this role onboards, ingests, reviews, and analyzes large and highly complex datasets and information to provide content, conclusions, and actionable recommendations to mitigate risk and stop attackers cold. Work with application development teams and third-party vendors to develop data for enterprise applications in order to create appropriate logs and events Create logging configuration standards for all IT infrastructure and instructs IT on how to configure systems to log appropriately Create event dashboards and metrics and establishes threshold standards Perform centralized data onboarding and log ingestion into the Splunk platform to improve the visibility of security threat management at Company Administer Splunk Enterprise Security solution in a highly available, redundant, distributed multi-site clustered environment Create and optimize correlation searches for the Security Operations Center (SOC) analysts Assist in the operations, performance, and troubleshooting of Splunk, Search Heads, Indexers, Heavy Forwarders, Deployment Server, Splunk Apps/TAs and Data Models Provide recommendations and implement changes to optimize the Splunk platform Reproduce issues, file bug reports, and escalate cases to Splunk support as necessary Performs log audits and actively works to improve log management compliance Ensures data retention of logs and alerts meets corporate standards Maintain Splunk systems internal documentation, including SOP's and design documents Create technical documentation related to system configurations, process, procedure, and knowledgebase articles. Support defensive tools and solutions that identify and stop advanced adversary tactics and techniques. Participate in Computer Incident Response Team (CIRT) responses to active and time-sensitive threats including communications and coordination across different teams. Work closely with other members of the Cyber Risk Management team to lead changes in the company's defense posture. Qualifications: 5+ years of experience in information security 2+ years of hands-on experience with Splunk Enterprise Security Certified Splunk Administrator/Enterprise Security Relevant security certifications (OSCP, OSCE, GPEN, GXPN, GREM, GNFA, GCFA) Experience administrating and operating Splunk in an enterprise environment Knowledge and experience working with the Splunk API Understands the security incident response discipline, including threat hunting, forensics, intrusion detection, and threat intelligence Experience with at least one interpreted programming language (Python, Ruby, etc.) Proficiency in PowerShell and/or Bash Understanding of TCP/IP Networking, and network services such as DNS, SMTP, DHCP, etc. Experience in common phishing and other social engineering tactics Familiarity with malware, command and control channels, and attacker tactics, techniques, and procedures

The Application Security Engineer is responsible for securing enterprise information at the Company by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; and mentoring team members. Additionally, this position is responsible for identifying potential threats to the IT infrastructure and recommending enterprise security enhancements. The Application Security Engineer will work on project teams as a technical expert and deliver quality products according to project timelines and budgets. PRINCIPAL RESPONSIBILITIES Conduct application security reviews, vulnerability analyses, and risk assessments; identify integration issues. Recommend best practices and integrate mitigation strategies using Web Application Firewalls and the OWASP framework. Use technical knowledge of current attacks to identify flaws and weaknesses in the composition and design of networks, remote access schemes, systems, and applications to specify solutions, verify the solutions that have been implemented, and rapidly adjust designs based on new threat and attack information as acquired. Provide engineering support, troubleshooting, and evaluation of preventative and detective security technologies such as: Malware detection, web/email content filtering, intrusion detection and prevention, and vulnerability management. Serve as technical and project lead on IT Security initiatives; partner with System Engineers, Application Development teams, and Architects. Maintain security posture by monitoring and ensuring IT Security compliance to standards, policies, and procedures; conduct incident response analyses; develop and deliver training programs to team members. Enhance existing architecture and design through planning delivery of solutions; answering technical and procedural questions for team members; teaching improved processes; and mentoring team members. Generate and document operational processes, procedures, and incident response plans where necessary. Support the Company's diversity and inclusion strategy by following policies and procedures that ensure opportunities for employees and diverse business partners. Assist with other job duties as assigned. REQUIREMENTS Minimum 5 years of experience designing, deploying, configuring, supporting, troubleshooting, debugging, and administering Network Security Products (Firewalls, Proxy, Intrusion Detection Systems/Intrusion Prevention Systems, etc.). Minimum 5 years of experience practicing Change, Problem, and Incident management processes utilizing ITIL in an enterprise environment. Minimum of 5 years of experience implementing and troubleshooting F5 BIG-IP solutions (APM, ASM) Ability to analyze, use, and configure large enterprise networks. Proven crisis management skills. Understanding of malware, emerging threats, attacks, and vulnerability management. Thorough understanding of network protocols such as TCP/IP and web protocols (HTTP/HTTPS). Working knowledge of Firewall technologies. Fundamental knowledge of different operating systems (Sun Solaris, Linux, Windows, etc.). Ability to initiate and complete assignments accurately and on time, with minimal supervision. Ability to work effectively with vendor technical support channels. Comprehensive understanding of the terminology, principles, and application of fault tolerance high availability and disaster recovery preparedness. Working knowledge of data security controls, protocols, and methods. Bachelor's degree in related field preferred. Strong written and oral communication skills.

*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking an Application and Network Security Engineer. Candidate is responsible for securing enterprise information at the Company by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; and mentoring team members. Additionally, this position is responsible for identifying potential threats to the IT infrastructure and recommending enterprise security enhancements. The Application Security Engineer will work on project teams as a technical expert and deliver quality products according to project timelines and budgets. Responsibilities: Conduct application security reviews, vulnerability analyses, and risk assessments; identify integration issues. Recommend best practices and integrate mitigation strategies using Web Application Firewalls and the OWASP framework. Use technical knowledge of current attacks to identify flaws and weaknesses in the composition and design of networks, remote access schemes, systems, and applications to specify solutions, verify the solutions that have been implemented, and rapidly adjust designs based on new threat and attack information as acquired. Provide engineering support, troubleshooting, and evaluation of preventative and detective security technologies such as: Malware detection, web/email content filtering, intrusion detection and prevention, and vulnerability management. Serve as technical and project lead on IT Security initiatives; partner with System Engineers, Application Development teams, and Architects. Maintain security posture by monitoring and ensuring IT Security compliance to standards, policies, and procedures; conduct incident response analyses; develop and deliver training programs to team members. Enhance existing architecture and design through planning delivery of solutions; answering technical and procedural questions for team members; teaching improved processes; and mentoring team members. Generate and document operational processes, procedures, and incident response plans where necessary. Support the Company's diversity and inclusion strategy by following policies and procedures that ensure opportunities for employees and diverse business partners. Assist with other job duties as assigned. Qualifications: 5+ years of experience designing, deploying, configuring, supporting, troubleshooting, debugging, and administering Network Security Products (Firewalls, Proxy, Intrusion Detection Systems/Intrusion Prevention Systems, etc.). 5+ years of experience practicing Change, Problem, and Incident management processes utilizing ITIL in an enterprise environment. Minimum of 5 years of experience implementing and troubleshooting F5 BIG-IP solutions (APM, ASM) Ability to analyze, use, and configure large enterprise networks. Proven crisis management skills. Understanding of malware, emerging threats, attacks, and vulnerability management. Thorough understanding of network protocols such as TCP/IP and web protocols (HTTP/HTTPS). Working knowledge of Firewall technologies. Fundamental knowledge of different operating systems (Sun Solaris, Linux, Windows, etc.). Ability to initiate and complete assignments accurately and on time, with minimal supervision. Ability to work effectively with vendor technical support channels. Comprehensive understanding of the terminology, principles, and application of fault tolerance high availability and disaster recovery preparedness. Working knowledge of data security controls, protocols, and methods. Bachelor's degree in related field preferred. Strong written and oral communication skills. Ability to effectively lead and influence others without direct managerial authority within an inclusive work environment, using collaboration, coordination, and self-motivation. Ability to listen and integrate ideas from diverse groups of individuals, build and maintain respectful relationships, collaborate with others, and resolve conflicts constructively. Experience supporting IT service delivery in a highly-regulated and audited environment preferred.

Application Security Engineer *We are unable to sponsor as this is a permanent full time role* Responsibilities Conduct application security reviews, vulnerability analyses, and risk assessments; identify integration issues. Recommend best practices and integrate mitigation strategies using Web Application Firewalls and the OWASP framework. Use technical knowledge of current attacks to identify flaws and weaknesses in the composition and design of networks, remote access schemes, systems, and applications to specify solutions, verify the solutions that have been implemented, and rapidly adjust designs based on new threat and attack information as acquired. Provide engineering support, troubleshooting, and evaluation of preventative and detective security technologies such as: Serve as technical and project lead on IT Security initiatives; partner with System Engineers, Application Development teams, and Architects. Maintain security posture by monitoring and ensuring IT Security compliance to standards, policies, and procedures; conduct incident response analyses; develop and deliver training programs to team members. Enhance existing architecture and design through planning delivery of solutions; answering technical and procedural questions for team members; teaching improved processes; and mentoring team members. Generate and document operational processes, procedures, and incident response plans where necessary. Support the Company's diversity and inclusion strategy by following policies and procedures that ensure opportunities for employees and diverse business partners. Qualifications 5+ years of experience designing, deploying, configuring, supporting, troubleshooting, debugging, and administering Network Security Products (Firewalls, Proxy, Intrusion Detection Systems/Intrusion Prevention Systems, etc.). 5+ years of experience practicing Change, Problem, and Incident management processes utilizing ITIL in an enterprise environment. 5+ years of experience implementing and troubleshooting F5 BIG-IP solutions (APM, ASM) Ability to analyze, use, and configure large enterprise networks. Understanding of malware, emerging threats, attacks, and vulnerability management. Thorough understanding of network protocols such as TCP/IP and web protocols (HTTP/HTTPS). Working knowledge of Firewall technologies. Fundamental knowledge of different operating systems (Sun Solaris, Linux, Windows, etc.). Ability to initiate and complete assignments accurately and on time, with minimal supervision. Ability to work effectively with vendor technical support channels. Comprehensive understanding of the terminology, principles, and application of fault tolerance high availability and disaster recovery preparedness. Working knowledge of data security controls, protocols, and methods. Bachelor's degree in a technical field Ability to effectively lead and influence others without direct managerial authority within an inclusive work environment, using collaboration, coordination, and self-motivation. Ability to listen and integrate ideas from diverse groups of individuals, build and maintain respectful relationships, collaborate with others, and resolve conflicts constructively. Experience supporting IT service delivery in a highly-regulated and audited environment preferred. If this is an opportunity that you're interested in please email your resume to: (see below)