The FinOps Analyst is a mid-level role, reporting to the DevOps Director and is responsible for establishing financial policies, reporting, forecasting, optimisation and corporate governance for Zellis Cloud spend in Microsoft Azure across both our corporate and customer estates. Working within the Customer IT Team alongside colleagues from Enterprise Architecture, Corporate IT, Software Engineering, Compliance, Information Security and various Product teams, you will drive financial accountability across our Cloud spend through high quality FinOps practices. The role will interact with key stakeholders across the business and will drive the accountability for Cloud cost efficiency across the organisation. Key responsibilities include: Working directly with our technical teams, finance and business management teams across the organisation. Driving optimisation through discovery, development and sharing of cost-saving opportunities. Translating financial insights into actionable recommendations, promoting cost-aware architecture design, and leveraging code to automate resource optimisation. Integrating Cloud cost optimisation tools, creating reusable design patterns and code modules to support optimisation and Cloud Finance Management (CFM) policies at the enterprise level. Supporting the Cloud monthly budget and forecasting process in managing consumption, chargebacks, show back and savings in collaboration with accounting, finance and technical owners. Supporting stakeholders in understanding their Cloud spend based on their business roadmap and budgeted forecast. Interacting with key stakeholders across the business and driving the accountability for Cloud cost efficiency across the organisation. Monitoring Cloud consumption at the account level to detect, investigate and escalate anomalies and unplanned spikes. Analysing, reporting and producing meaningful insights from large raw datasets within Cloud billing and usage tools. Designing, developing and maintaining reports and KPIs that provide detailed usage statistics of resources across the Zellis Cloud landscape. Seeking opportunities to apply automation to any tasks performed manually, following through to implementation. Ensuring a fully documented and repeatable process is in place to support our Cloud spend. Skills and experience required Minimum of two years relevant experience in Cloud FinOps/Cloud spend optimisation. Bachelor's degree in business, Finance, IT or analytics. Additional professional experience - Financial Analyst and/or Business Analyst background preferred. Knowledge of Cloud cost products (e.g. Cost Explorer, Azure Portal). Strong understanding of public Cloud players (e.g. AWS, Azure), their product portfolio and commercial models (Azure preferred). Prior experience building custom reports with PowerBI. General understanding of broad IT strategy and sourcing space and working market knowledge (e.g. key vendors, services and technology trends). Ability to work directly with technical teams, finance and business management teams across the organisation, including key stakeholders at a senior level. FinOps certification preferred. Good understanding of the principles of DevOps and Cloud Ops. Experience of working in environments subject to regulatory compliance and Information Security standards (e.g. SOC, ISO27001 and Cyber Essentials). Strong planning and organisational skills, including the ability to manage several workstreams simultaneously, whilst balancing business priorities and quality. A clear, concise communicator - both written and verbal - including to both technical and non-technical audiences. An understanding of the sourcing of public Cloud services, including Cloud sourcing strategy planning, strategic supplier selection, contracting and commercial negotiations. About us Zellis is the leading provider of payroll and HR solutions for the UK & Ireland. Together with Benefex and Moorepay we form the Zellis Group, serving a vast array of companies across every vertical and industry. Our purpose is to make people feel appreciated for the work they do - through precision, choice, and magic. We have over 50 years of heritage and industry experience - and we've been ahead of the curve throughout. More than half a century ago, we were founded as Peterborough Data Processing. Quite a lot has changed since then - not least our name. We were acquired by Northgate, becoming NorthgateArinso in 2007 and NGA Human Resources UK and Ireland in 2014, where we were joined by Moorepay. In 2018, the UK and Ireland division was sold to Bain Capital and now we operate as a standalone company, Zellis. After acquiring Benefex, we're now even better equipped to serve the complex needs of our customers. Our vision is to be the clear leader in pay, reward, analytics, and people experiences. We're proud of our culture and we work hard to create an environment where people want to join, belong to, and be part of a progressive organisation. Our values, which were defined with input from all of our 2,000 colleagues, are not empty words on a poster: Unstoppable together. Always learning. Make it count. Salary package Competitive base salary. 25 days annual leave, plus your birthday off + bank holidays. Private medical insurance. Life assurance 4x salary. Enhanced pension. Range of additional flexible benefits.
01/04/2023
Full time
The FinOps Analyst is a mid-level role, reporting to the DevOps Director and is responsible for establishing financial policies, reporting, forecasting, optimisation and corporate governance for Zellis Cloud spend in Microsoft Azure across both our corporate and customer estates. Working within the Customer IT Team alongside colleagues from Enterprise Architecture, Corporate IT, Software Engineering, Compliance, Information Security and various Product teams, you will drive financial accountability across our Cloud spend through high quality FinOps practices. The role will interact with key stakeholders across the business and will drive the accountability for Cloud cost efficiency across the organisation. Key responsibilities include: Working directly with our technical teams, finance and business management teams across the organisation. Driving optimisation through discovery, development and sharing of cost-saving opportunities. Translating financial insights into actionable recommendations, promoting cost-aware architecture design, and leveraging code to automate resource optimisation. Integrating Cloud cost optimisation tools, creating reusable design patterns and code modules to support optimisation and Cloud Finance Management (CFM) policies at the enterprise level. Supporting the Cloud monthly budget and forecasting process in managing consumption, chargebacks, show back and savings in collaboration with accounting, finance and technical owners. Supporting stakeholders in understanding their Cloud spend based on their business roadmap and budgeted forecast. Interacting with key stakeholders across the business and driving the accountability for Cloud cost efficiency across the organisation. Monitoring Cloud consumption at the account level to detect, investigate and escalate anomalies and unplanned spikes. Analysing, reporting and producing meaningful insights from large raw datasets within Cloud billing and usage tools. Designing, developing and maintaining reports and KPIs that provide detailed usage statistics of resources across the Zellis Cloud landscape. Seeking opportunities to apply automation to any tasks performed manually, following through to implementation. Ensuring a fully documented and repeatable process is in place to support our Cloud spend. Skills and experience required Minimum of two years relevant experience in Cloud FinOps/Cloud spend optimisation. Bachelor's degree in business, Finance, IT or analytics. Additional professional experience - Financial Analyst and/or Business Analyst background preferred. Knowledge of Cloud cost products (e.g. Cost Explorer, Azure Portal). Strong understanding of public Cloud players (e.g. AWS, Azure), their product portfolio and commercial models (Azure preferred). Prior experience building custom reports with PowerBI. General understanding of broad IT strategy and sourcing space and working market knowledge (e.g. key vendors, services and technology trends). Ability to work directly with technical teams, finance and business management teams across the organisation, including key stakeholders at a senior level. FinOps certification preferred. Good understanding of the principles of DevOps and Cloud Ops. Experience of working in environments subject to regulatory compliance and Information Security standards (e.g. SOC, ISO27001 and Cyber Essentials). Strong planning and organisational skills, including the ability to manage several workstreams simultaneously, whilst balancing business priorities and quality. A clear, concise communicator - both written and verbal - including to both technical and non-technical audiences. An understanding of the sourcing of public Cloud services, including Cloud sourcing strategy planning, strategic supplier selection, contracting and commercial negotiations. About us Zellis is the leading provider of payroll and HR solutions for the UK & Ireland. Together with Benefex and Moorepay we form the Zellis Group, serving a vast array of companies across every vertical and industry. Our purpose is to make people feel appreciated for the work they do - through precision, choice, and magic. We have over 50 years of heritage and industry experience - and we've been ahead of the curve throughout. More than half a century ago, we were founded as Peterborough Data Processing. Quite a lot has changed since then - not least our name. We were acquired by Northgate, becoming NorthgateArinso in 2007 and NGA Human Resources UK and Ireland in 2014, where we were joined by Moorepay. In 2018, the UK and Ireland division was sold to Bain Capital and now we operate as a standalone company, Zellis. After acquiring Benefex, we're now even better equipped to serve the complex needs of our customers. Our vision is to be the clear leader in pay, reward, analytics, and people experiences. We're proud of our culture and we work hard to create an environment where people want to join, belong to, and be part of a progressive organisation. Our values, which were defined with input from all of our 2,000 colleagues, are not empty words on a poster: Unstoppable together. Always learning. Make it count. Salary package Competitive base salary. 25 days annual leave, plus your birthday off + bank holidays. Private medical insurance. Life assurance 4x salary. Enhanced pension. Range of additional flexible benefits.
Cyber Security Engineer Summary: Grade: 3B Contract Type: Permanent Location: London Reporting to: Head of Cyber Operations Division: CISO The Purpose of the Role This role will be responsible for delivering new security capabilities within the cloud, branch and college environments to improve the overall security posture of Postoffice. To support the long-term strategic goals of Cyber Operations Teams. We act as the first line of defense for attacks aimed against us internally or externally. The successful candidate will contribute to cross functional collaboration to ensure appropriate security measures, technologies and processes are in place. This role will report to the Security Engineering Lead. Principal Accountabilities As a Cyber Security Engineer, you will be responsible for the engineering code configuration of multiple systems Working along side SOC and other cyber teams. You would be expected to show: • Office365 Cyber Threat and Management capabilities, including digital policy configuration, DLP, AIP, Intune and other MS security event mechanisms. • SIEM use case development, testing and false-positive tuning for Sentinel as primary with additional initiatives in cloud SIEMS for Splunk and AWS Security Hub. • Working with tools such as; Mimecast, Symantec Endpoint Protection, ServiceNow • Security event triage and investigation of alerts from multiple sources. • Help fine tune and improve SIEM use cases and Microsoft polices. • Support threat hunting based on threat intelligence and improve alerting. • Influence and drive continuous improvement in our SecOps capabilities. • Demonstrable experience in SecOps and working with technologies such as SIEM, SOAR and EDR. • Good level of understanding of threat actors and Tactics, Techniques, and Procedures utilised. Coordination and prioritisation of efforts will be at the discretion of the Cyber Engineering Lead. This role also includes a close working alignment with SOC Analysts to ensure effective monitoring is delivered. Qualifications, Experience & Skills Ideally have experience in the below: • AZ-500 or comparable level of knowledge • Understanding and being able articulate emerging threats and incidents to different audiences, including technical, operations management, senior management and executives. • Using industry leading technology to create detections to threats to our networks from external and internal threat actors. • Overseeing the day to day maintenance of Security tooling • Working with senior stakeholders to support a threat led approach to generate mitigation and countermeasures through SIEM use case • Working with third-party suppliers and vendors • Taking part in post-incident reviews and proposing engineering resolutions to improve results in any future recurrence • Excellent team player but also confident working on own initiative. • Strong communication skills (both written and oral) and interpersonal skills at all levels • An understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection, vulnerability scanning etc. • A good understanding of cyber security concepts and systems/solutions such as IDM, EDR, DLP, SIEM, SSO etc. • Understanding of the Cyber Kill Chain and MITRE ATT&CK • Worked with or an understanding of EDR systems such as Defender or Symantec. • Commissioning Splunk infrastructure such as heavy and universal forwarders • Configuring and setting up data connectors within Sentinel • The creation and maintenance of Log Analytic Workspaces • experience with Microsoft KQL Experience required: • Excellent self-motivation skills • Proven experience or demonstrate working knowledge of Splunk or Sentinel. • Ability to share knowledge with the wider team • Business player with an appreciation of the wider implications of the unit to the future success of the Post Office. • Sound analytical skills. • A keen interest in cyber security with an enthusiasm for personal and professional growth • At least 5 years' experience in SecOps or IT Security. • Familiarity with enterprise security controls and security best practices for Windows, Linux, and Mac systems or similar • Experience working with Python and Linux shell scripts or similar • Experience or demonstrable knowledge in Incident response, log analysis, Log ingestion and event data sources. About Post Office The Post Office has thrived at the heart of high streets and local communities across the UK for over 370 years. As one of the country's most trusted brands, we take our commitment to providing essential services to customers across the UK very seriously. We're the UK's largest retail network, as well as the largest financial services provider in the UK, with over 11,600 branches nationwide - more than all of the UK's banks and building societies put together. We know that the best way to provide a great service for customers is to evolve our business and adapt to their changing needs. That's why we have a range of over 170 products and services, from personal financial services like banking, insurance, payments and travel money, to telecoms and, of course, mails. And we're improving our online and in store experience for customers. We know that our customers never stop changing, so neither will we. Securing the future Post Office's future: We are working hard to ensure that the next chapter of the Post Office's history is a bright one. We are the current guardians of an iconic business and we want to hand over a thriving network of branches which can continue to provide essential products and services for our customers for many years to come. This is a uniquely exciting and challenging time for the Post Office - we're shaping the future and creating a business we can all be proud of. Working at the Post Office: Post Office colleagues are the driving force behind our business. Whether they are in our branches or supporting from our offices, we are proud of the energy, commitment and customer focus our people all have in common. All Post Office people are guided by our three values and behaviours: We care by always thinking customer We strive to make things ever better through honest challenge We commit to decisive deliver The Post Office embraces diversity and inclusion in the workplace and actively promote working without discrimination. We are also a Disability Confident Employer and are committed to interviewing disabled people who meet our minimum criteria for the job.
01/04/2023
Full time
Cyber Security Engineer Summary: Grade: 3B Contract Type: Permanent Location: London Reporting to: Head of Cyber Operations Division: CISO The Purpose of the Role This role will be responsible for delivering new security capabilities within the cloud, branch and college environments to improve the overall security posture of Postoffice. To support the long-term strategic goals of Cyber Operations Teams. We act as the first line of defense for attacks aimed against us internally or externally. The successful candidate will contribute to cross functional collaboration to ensure appropriate security measures, technologies and processes are in place. This role will report to the Security Engineering Lead. Principal Accountabilities As a Cyber Security Engineer, you will be responsible for the engineering code configuration of multiple systems Working along side SOC and other cyber teams. You would be expected to show: • Office365 Cyber Threat and Management capabilities, including digital policy configuration, DLP, AIP, Intune and other MS security event mechanisms. • SIEM use case development, testing and false-positive tuning for Sentinel as primary with additional initiatives in cloud SIEMS for Splunk and AWS Security Hub. • Working with tools such as; Mimecast, Symantec Endpoint Protection, ServiceNow • Security event triage and investigation of alerts from multiple sources. • Help fine tune and improve SIEM use cases and Microsoft polices. • Support threat hunting based on threat intelligence and improve alerting. • Influence and drive continuous improvement in our SecOps capabilities. • Demonstrable experience in SecOps and working with technologies such as SIEM, SOAR and EDR. • Good level of understanding of threat actors and Tactics, Techniques, and Procedures utilised. Coordination and prioritisation of efforts will be at the discretion of the Cyber Engineering Lead. This role also includes a close working alignment with SOC Analysts to ensure effective monitoring is delivered. Qualifications, Experience & Skills Ideally have experience in the below: • AZ-500 or comparable level of knowledge • Understanding and being able articulate emerging threats and incidents to different audiences, including technical, operations management, senior management and executives. • Using industry leading technology to create detections to threats to our networks from external and internal threat actors. • Overseeing the day to day maintenance of Security tooling • Working with senior stakeholders to support a threat led approach to generate mitigation and countermeasures through SIEM use case • Working with third-party suppliers and vendors • Taking part in post-incident reviews and proposing engineering resolutions to improve results in any future recurrence • Excellent team player but also confident working on own initiative. • Strong communication skills (both written and oral) and interpersonal skills at all levels • An understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection, vulnerability scanning etc. • A good understanding of cyber security concepts and systems/solutions such as IDM, EDR, DLP, SIEM, SSO etc. • Understanding of the Cyber Kill Chain and MITRE ATT&CK • Worked with or an understanding of EDR systems such as Defender or Symantec. • Commissioning Splunk infrastructure such as heavy and universal forwarders • Configuring and setting up data connectors within Sentinel • The creation and maintenance of Log Analytic Workspaces • experience with Microsoft KQL Experience required: • Excellent self-motivation skills • Proven experience or demonstrate working knowledge of Splunk or Sentinel. • Ability to share knowledge with the wider team • Business player with an appreciation of the wider implications of the unit to the future success of the Post Office. • Sound analytical skills. • A keen interest in cyber security with an enthusiasm for personal and professional growth • At least 5 years' experience in SecOps or IT Security. • Familiarity with enterprise security controls and security best practices for Windows, Linux, and Mac systems or similar • Experience working with Python and Linux shell scripts or similar • Experience or demonstrable knowledge in Incident response, log analysis, Log ingestion and event data sources. About Post Office The Post Office has thrived at the heart of high streets and local communities across the UK for over 370 years. As one of the country's most trusted brands, we take our commitment to providing essential services to customers across the UK very seriously. We're the UK's largest retail network, as well as the largest financial services provider in the UK, with over 11,600 branches nationwide - more than all of the UK's banks and building societies put together. We know that the best way to provide a great service for customers is to evolve our business and adapt to their changing needs. That's why we have a range of over 170 products and services, from personal financial services like banking, insurance, payments and travel money, to telecoms and, of course, mails. And we're improving our online and in store experience for customers. We know that our customers never stop changing, so neither will we. Securing the future Post Office's future: We are working hard to ensure that the next chapter of the Post Office's history is a bright one. We are the current guardians of an iconic business and we want to hand over a thriving network of branches which can continue to provide essential products and services for our customers for many years to come. This is a uniquely exciting and challenging time for the Post Office - we're shaping the future and creating a business we can all be proud of. Working at the Post Office: Post Office colleagues are the driving force behind our business. Whether they are in our branches or supporting from our offices, we are proud of the energy, commitment and customer focus our people all have in common. All Post Office people are guided by our three values and behaviours: We care by always thinking customer We strive to make things ever better through honest challenge We commit to decisive deliver The Post Office embraces diversity and inclusion in the workplace and actively promote working without discrimination. We are also a Disability Confident Employer and are committed to interviewing disabled people who meet our minimum criteria for the job.
Cyber Security Engineer Summary: Grade: 3B Contract Type: Permanent Location: London Reporting to: Head of Cyber Operations Division: CISO The Purpose of the Role This role will be responsible for delivering new security capabilities within the cloud, branch and college environments to improve the overall security posture of Postoffice. To support the long-term strategic goals of Cyber Operations Teams. We act as the first line of defense for attacks aimed against us internally or externally. The successful candidate will contribute to cross functional collaboration to ensure appropriate security measures, technologies and processes are in place. This role will report to the Security Engineering Lead. Principal Accountabilities As a Cyber Security Engineer, you will be responsible for the engineering code configuration of multiple systems Working along side SOC and other cyber teams. You would be expected to show: • Office365 Cyber Threat and Management capabilities, including digital policy configuration, DLP, AIP, Intune and other MS security event mechanisms. • SIEM use case development, testing and false-positive tuning for Sentinel as primary with additional initiatives in cloud SIEMS for Splunk and AWS Security Hub. • Working with tools such as; Mimecast, Symantec Endpoint Protection, ServiceNow • Security event triage and investigation of alerts from multiple sources. • Help fine tune and improve SIEM use cases and Microsoft polices. • Support threat hunting based on threat intelligence and improve alerting. • Influence and drive continuous improvement in our SecOps capabilities. • Demonstrable experience in SecOps and working with technologies such as SIEM, SOAR and EDR. • Good level of understanding of threat actors and Tactics, Techniques, and Procedures utilised. Coordination and prioritisation of efforts will be at the discretion of the Cyber Engineering Lead. This role also includes a close working alignment with SOC Analysts to ensure effective monitoring is delivered. Qualifications, Experience & Skills Ideally have experience in the below: • AZ-500 or comparable level of knowledge • Understanding and being able articulate emerging threats and incidents to different audiences, including technical, operations management, senior management and executives. • Using industry leading technology to create detections to threats to our networks from external and internal threat actors. • Overseeing the day to day maintenance of Security tooling • Working with senior stakeholders to support a threat led approach to generate mitigation and countermeasures through SIEM use case • Working with third-party suppliers and vendors • Taking part in post-incident reviews and proposing engineering resolutions to improve results in any future recurrence • Excellent team player but also confident working on own initiative. • Strong communication skills (both written and oral) and interpersonal skills at all levels • An understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection, vulnerability scanning etc. • A good understanding of cyber security concepts and systems/ solutions such as IDM, EDR, DLP, SIEM, SSO etc. • Understanding of the Cyber Kill Chain and MITRE ATT&CK • Worked with or an understanding of EDR systems such as Defender or Symantec. • Commissioning Splunk infrastructure such as heavy and universal forwarders • Configuring and setting up data connectors within Sentinel • The creation and maintenance of Log Analytic Workspaces • experience with Microsoft KQL Experience required: • Excellent self-motivation skills • Proven experience or demonstrate working knowledge of Splunk or Sentinel. • Ability to share knowledge with the wider team • Business player with an appreciation of the wider implications of the unit to the future success of the Post Office. • Sound analytical skills. • A keen interest in cyber security with an enthusiasm for personal and professional growth • At least 5 years' experience in SecOps or IT Security. • Familiarity with enterprise security controls and security best practices for Windows, Linux, and Mac systems or similar • Experience working with Python and Linux shell scripts or similar • Experience or demonstrable knowledge in Incident response, log analysis, Log ingestion and event data sources. About Post Office The Post Office has thrived at the heart of high streets and local communities across the UK for over 370 years. As one of the country's most trusted brands, we take our commitment to providing essential services to customers across the UK very seriously. We're the UK's largest retail network, as well as the largest financial services provider in the UK, with over 11,600 branches nationwide - more than all of the UK's banks and building societies put together. We know that the best way to provide a great service for customers is to evolve our business and adapt to their changing needs. That's why we have a range of over 170 products and services, from personal financial services like banking, insurance, payments and travel money, to telecoms and, of course, mails. And we're improving our online and in store experience for customers. We know that our customers never stop changing, so neither will we. Securing the future Post Office's future: We are working hard to ensure that the next chapter of the Post Office's history is a bright one. We are the current guardians of an iconic business and we want to hand over a thriving network of branches which can continue to provide essential products and services for our customers for many years to come. This is a uniquely exciting and challenging time for the Post Office - we're shaping the future and creating a business we can all be proud of. Working at the Post Office: Post Office colleagues are the driving force behind our business. Whether they are in our branches or supporting from our offices, we are proud of the energy, commitment and customer focus our people all have in common. All Post Office people are guided by our three values and behaviours: We care by always thinking customer We strive to make things ever better through honest challenge We commit to decisive deliver The Post Office embraces diversity and inclusion in the workplace and actively promote working without discrimination. We are also a Disability Confident Employer and are committed to interviewing disabled people who meet our minimum criteria for the job.
01/04/2023
Full time
Cyber Security Engineer Summary: Grade: 3B Contract Type: Permanent Location: London Reporting to: Head of Cyber Operations Division: CISO The Purpose of the Role This role will be responsible for delivering new security capabilities within the cloud, branch and college environments to improve the overall security posture of Postoffice. To support the long-term strategic goals of Cyber Operations Teams. We act as the first line of defense for attacks aimed against us internally or externally. The successful candidate will contribute to cross functional collaboration to ensure appropriate security measures, technologies and processes are in place. This role will report to the Security Engineering Lead. Principal Accountabilities As a Cyber Security Engineer, you will be responsible for the engineering code configuration of multiple systems Working along side SOC and other cyber teams. You would be expected to show: • Office365 Cyber Threat and Management capabilities, including digital policy configuration, DLP, AIP, Intune and other MS security event mechanisms. • SIEM use case development, testing and false-positive tuning for Sentinel as primary with additional initiatives in cloud SIEMS for Splunk and AWS Security Hub. • Working with tools such as; Mimecast, Symantec Endpoint Protection, ServiceNow • Security event triage and investigation of alerts from multiple sources. • Help fine tune and improve SIEM use cases and Microsoft polices. • Support threat hunting based on threat intelligence and improve alerting. • Influence and drive continuous improvement in our SecOps capabilities. • Demonstrable experience in SecOps and working with technologies such as SIEM, SOAR and EDR. • Good level of understanding of threat actors and Tactics, Techniques, and Procedures utilised. Coordination and prioritisation of efforts will be at the discretion of the Cyber Engineering Lead. This role also includes a close working alignment with SOC Analysts to ensure effective monitoring is delivered. Qualifications, Experience & Skills Ideally have experience in the below: • AZ-500 or comparable level of knowledge • Understanding and being able articulate emerging threats and incidents to different audiences, including technical, operations management, senior management and executives. • Using industry leading technology to create detections to threats to our networks from external and internal threat actors. • Overseeing the day to day maintenance of Security tooling • Working with senior stakeholders to support a threat led approach to generate mitigation and countermeasures through SIEM use case • Working with third-party suppliers and vendors • Taking part in post-incident reviews and proposing engineering resolutions to improve results in any future recurrence • Excellent team player but also confident working on own initiative. • Strong communication skills (both written and oral) and interpersonal skills at all levels • An understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection, vulnerability scanning etc. • A good understanding of cyber security concepts and systems/ solutions such as IDM, EDR, DLP, SIEM, SSO etc. • Understanding of the Cyber Kill Chain and MITRE ATT&CK • Worked with or an understanding of EDR systems such as Defender or Symantec. • Commissioning Splunk infrastructure such as heavy and universal forwarders • Configuring and setting up data connectors within Sentinel • The creation and maintenance of Log Analytic Workspaces • experience with Microsoft KQL Experience required: • Excellent self-motivation skills • Proven experience or demonstrate working knowledge of Splunk or Sentinel. • Ability to share knowledge with the wider team • Business player with an appreciation of the wider implications of the unit to the future success of the Post Office. • Sound analytical skills. • A keen interest in cyber security with an enthusiasm for personal and professional growth • At least 5 years' experience in SecOps or IT Security. • Familiarity with enterprise security controls and security best practices for Windows, Linux, and Mac systems or similar • Experience working with Python and Linux shell scripts or similar • Experience or demonstrable knowledge in Incident response, log analysis, Log ingestion and event data sources. About Post Office The Post Office has thrived at the heart of high streets and local communities across the UK for over 370 years. As one of the country's most trusted brands, we take our commitment to providing essential services to customers across the UK very seriously. We're the UK's largest retail network, as well as the largest financial services provider in the UK, with over 11,600 branches nationwide - more than all of the UK's banks and building societies put together. We know that the best way to provide a great service for customers is to evolve our business and adapt to their changing needs. That's why we have a range of over 170 products and services, from personal financial services like banking, insurance, payments and travel money, to telecoms and, of course, mails. And we're improving our online and in store experience for customers. We know that our customers never stop changing, so neither will we. Securing the future Post Office's future: We are working hard to ensure that the next chapter of the Post Office's history is a bright one. We are the current guardians of an iconic business and we want to hand over a thriving network of branches which can continue to provide essential products and services for our customers for many years to come. This is a uniquely exciting and challenging time for the Post Office - we're shaping the future and creating a business we can all be proud of. Working at the Post Office: Post Office colleagues are the driving force behind our business. Whether they are in our branches or supporting from our offices, we are proud of the energy, commitment and customer focus our people all have in common. All Post Office people are guided by our three values and behaviours: We care by always thinking customer We strive to make things ever better through honest challenge We commit to decisive deliver The Post Office embraces diversity and inclusion in the workplace and actively promote working without discrimination. We are also a Disability Confident Employer and are committed to interviewing disabled people who meet our minimum criteria for the job.
Principal/Senior Systems Engineer £35,000 - £60,000 + Travel expenses paid + excellent benefits Hybrid 50/50 - Manchester/Bristol/Aldershot I am working with a multinational consultancy company who require a Principal or Senior Systems Engineering Consultant to join their world leading Aerospace, Defence, Security and Technology team. You'll lead teams that use Systems Thinking to analyse, assess and develop ways to mitigate engineering risks, including safety, environmental and cyber threats. Your Purpose: Delivering identified engineering outputs within time, cost, and quality constraints as part of an engineering service to a client. Draft and implement strategies to achieve successful client decision milestones. Provide consultancy to client project and engineering managers. Fulfil a senior role within a client's own delivery team. Managing multi-party and multidisciplinary teams to execute engineering plans. Development of engineering documentation, eg, Management Plans, Requirement Strategies, Acceptance Plans, Architectural Definitions. Engage Subject Matter Experts to capture requirements, risks, or solution options. Conduct technical analysis and make recommendations. Engage with wider industry to understand and shape potential solutions. Proactively identify opportunities and contribute to ADS&T growth. Deliver analysis reports to identify key risks and shortfalls. Participate in or lead design reviews. Implement quality assurance to satisfy both corporate and clients. Achieve client acceptance across a range of engineering deliverables. A Commensurate level of senior experience in any of these areas: Working on integration of complex systems, including military civilian platforms (submarines, aircraft and ships), civilian aircraft systems and advanced power and energy systems. Applying systems engineering processes (eg, ISO 15288:2015) across the life cycle. Managing projects and teams within different development methods. Understanding of different tools and techniques applied to engineering to capture requirements and develop solution designs, eg, Model Based Systems Engineering. Knowledge of modelling languages and architecture frameworks, eg, UML/SysML, Archimate, TOGAF, MODAF. Understanding of engineering within the MOD's procurement framework, Knowledge in Defence (KiD). Strong interpersonal skills and able to build trusted relationships. Ability to understand, simplify and explain subject matter to non-engineers and senior stakeholders. *Must be SC eligible* The JM Group is operating and advertising as an Employment Agency for permanent positions and as an Employment Business for interim/contract/temporary positions. The JM Group is an Equal Opportunities employer and we encourage applicants from all backgrounds.
31/03/2023
Full time
Principal/Senior Systems Engineer £35,000 - £60,000 + Travel expenses paid + excellent benefits Hybrid 50/50 - Manchester/Bristol/Aldershot I am working with a multinational consultancy company who require a Principal or Senior Systems Engineering Consultant to join their world leading Aerospace, Defence, Security and Technology team. You'll lead teams that use Systems Thinking to analyse, assess and develop ways to mitigate engineering risks, including safety, environmental and cyber threats. Your Purpose: Delivering identified engineering outputs within time, cost, and quality constraints as part of an engineering service to a client. Draft and implement strategies to achieve successful client decision milestones. Provide consultancy to client project and engineering managers. Fulfil a senior role within a client's own delivery team. Managing multi-party and multidisciplinary teams to execute engineering plans. Development of engineering documentation, eg, Management Plans, Requirement Strategies, Acceptance Plans, Architectural Definitions. Engage Subject Matter Experts to capture requirements, risks, or solution options. Conduct technical analysis and make recommendations. Engage with wider industry to understand and shape potential solutions. Proactively identify opportunities and contribute to ADS&T growth. Deliver analysis reports to identify key risks and shortfalls. Participate in or lead design reviews. Implement quality assurance to satisfy both corporate and clients. Achieve client acceptance across a range of engineering deliverables. A Commensurate level of senior experience in any of these areas: Working on integration of complex systems, including military civilian platforms (submarines, aircraft and ships), civilian aircraft systems and advanced power and energy systems. Applying systems engineering processes (eg, ISO 15288:2015) across the life cycle. Managing projects and teams within different development methods. Understanding of different tools and techniques applied to engineering to capture requirements and develop solution designs, eg, Model Based Systems Engineering. Knowledge of modelling languages and architecture frameworks, eg, UML/SysML, Archimate, TOGAF, MODAF. Understanding of engineering within the MOD's procurement framework, Knowledge in Defence (KiD). Strong interpersonal skills and able to build trusted relationships. Ability to understand, simplify and explain subject matter to non-engineers and senior stakeholders. *Must be SC eligible* The JM Group is operating and advertising as an Employment Agency for permanent positions and as an Employment Business for interim/contract/temporary positions. The JM Group is an Equal Opportunities employer and we encourage applicants from all backgrounds.
Enterprise Security Architect What you will be doing We have an opportunity to build on your existing security skills within a supportive, diverse team of Security Architects and Engineers. With a wide variety of business areas and technology to support, broad security experience is essential, but tell us about your specialisms and security interests too. If you are eager to learn and want to build a breadth of skills, apply to help us improve our security. Collaborate to develop strategies to protect the global network from evolving cyber threats. Partner with the Security and Technology teams to develop and implement application security standards, patterns and guidelines that support ongoing deliveries and balance risk and business benefit. Provide consultancy and solutions architecture services to project teams to assess security risk, communicate security standards and best practices, and partner to ensure effective security outcomes and risk management within projects. Develop strategies to protect the organisation from evolving cyber threats, including technology, process, and people elements. Continuously review the design and effectiveness of our controls, and operate a program of continuous improvement within a span of control Support and grow the maturity of application security and architecture through partnerships on key deliverables. The difference you'll make You will join as a senior member of the Security Architecture and Engineering team, helping shape our security strategy, deliver improvements and act as a role model for others. Your focus will be to support the business through the application of proportionate security controls, technology and processes. You will be working across a variety of technologies, security and business areas communicating with technical and non-technical stakeholders. Since neither security nor the business standstill for long, your weeks will rarely be the same, whether supporting business projects, helping to deliver security improvements or responding to requests for support. What you'll bring The ability to build and grow relationships with business and technical stakeholders to advance application security goals Broad security experience, which could include the following areas, but we don't expect you to have worked in them all, and we would love to hear about your area if we missed it: Cloud environments. DevSecOps. Identity and access management. Blockchain Technologies and NFTs. Infrastructure and Networks. Privileged access management. Data Management and data correlation. Endpoint and Operating Systems. Sufficient security experience to have gained CISSP or equivalent security certification. Creative thinker and problem solver. The ability to analyse problems from multiple perspectives, enables all stakeholders' views to be understood and deliver consensus-based outcomes. The ability to communicate complex security issues to business stakeholders and others. Strategic thinking can help improve the organisation's security posture and approach. Location This is a permanent role. The team is based in our London office but operates under flexible working arrangements. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.
31/03/2023
Full time
Enterprise Security Architect What you will be doing We have an opportunity to build on your existing security skills within a supportive, diverse team of Security Architects and Engineers. With a wide variety of business areas and technology to support, broad security experience is essential, but tell us about your specialisms and security interests too. If you are eager to learn and want to build a breadth of skills, apply to help us improve our security. Collaborate to develop strategies to protect the global network from evolving cyber threats. Partner with the Security and Technology teams to develop and implement application security standards, patterns and guidelines that support ongoing deliveries and balance risk and business benefit. Provide consultancy and solutions architecture services to project teams to assess security risk, communicate security standards and best practices, and partner to ensure effective security outcomes and risk management within projects. Develop strategies to protect the organisation from evolving cyber threats, including technology, process, and people elements. Continuously review the design and effectiveness of our controls, and operate a program of continuous improvement within a span of control Support and grow the maturity of application security and architecture through partnerships on key deliverables. The difference you'll make You will join as a senior member of the Security Architecture and Engineering team, helping shape our security strategy, deliver improvements and act as a role model for others. Your focus will be to support the business through the application of proportionate security controls, technology and processes. You will be working across a variety of technologies, security and business areas communicating with technical and non-technical stakeholders. Since neither security nor the business standstill for long, your weeks will rarely be the same, whether supporting business projects, helping to deliver security improvements or responding to requests for support. What you'll bring The ability to build and grow relationships with business and technical stakeholders to advance application security goals Broad security experience, which could include the following areas, but we don't expect you to have worked in them all, and we would love to hear about your area if we missed it: Cloud environments. DevSecOps. Identity and access management. Blockchain Technologies and NFTs. Infrastructure and Networks. Privileged access management. Data Management and data correlation. Endpoint and Operating Systems. Sufficient security experience to have gained CISSP or equivalent security certification. Creative thinker and problem solver. The ability to analyse problems from multiple perspectives, enables all stakeholders' views to be understood and deliver consensus-based outcomes. The ability to communicate complex security issues to business stakeholders and others. Strategic thinking can help improve the organisation's security posture and approach. Location This is a permanent role. The team is based in our London office but operates under flexible working arrangements. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.
Software Engineer This is a fantastic opportunity for a software engineer to join our experienced and highly skilled team in developing and testing innovative products and systems on the cutting-edge of the Cyber Security. We have a range of posts applicable to recently qualified graduates through to highly experienced developers. The Application Software engineer positions will be applicable to aspiring software developers that have recently graduated (first degree or postgraduate) as well as experienced software engineers who may be suitable for more senior roles. £25,000 - £45,000 per annum (DOE) Based in Derby Must be eligible for Security Clearance Required Technical Skills/Qualifications Candidates shall be Degree qualified with a BSc in Computer Science or equivalent STEM subject. Practical commercial experience in developing applications using Visual Studio. C# development experience. C/C++ development skills. SQL Database experience Conversant with Networking, IP standards and their application. SNMP, TFTP etc Web Front End design. Desirable Technical Skills Cryptol and SAW experience. RUST and Ada SPARK experience. Network security and vulnerability analysis. Familiarity with MISRA compliance or similar quality source code conformance specification. Familiarity with static analysis tools. Embedded C/C++ development skills. Experience of Software Unit Test automation and tools (LDRA, Parasoft etc). Proficiency with Scripting languages (ruby, groovy, python, Perl, bash, PowerShell). Software Engineer
30/03/2023
Full time
Software Engineer This is a fantastic opportunity for a software engineer to join our experienced and highly skilled team in developing and testing innovative products and systems on the cutting-edge of the Cyber Security. We have a range of posts applicable to recently qualified graduates through to highly experienced developers. The Application Software engineer positions will be applicable to aspiring software developers that have recently graduated (first degree or postgraduate) as well as experienced software engineers who may be suitable for more senior roles. £25,000 - £45,000 per annum (DOE) Based in Derby Must be eligible for Security Clearance Required Technical Skills/Qualifications Candidates shall be Degree qualified with a BSc in Computer Science or equivalent STEM subject. Practical commercial experience in developing applications using Visual Studio. C# development experience. C/C++ development skills. SQL Database experience Conversant with Networking, IP standards and their application. SNMP, TFTP etc Web Front End design. Desirable Technical Skills Cryptol and SAW experience. RUST and Ada SPARK experience. Network security and vulnerability analysis. Familiarity with MISRA compliance or similar quality source code conformance specification. Familiarity with static analysis tools. Embedded C/C++ development skills. Experience of Software Unit Test automation and tools (LDRA, Parasoft etc). Proficiency with Scripting languages (ruby, groovy, python, Perl, bash, PowerShell). Software Engineer
PAM Engineer, 6 month initial contract, £450 per day, Out of Scope of IR35, Remote Your new company and role Our Public Sector client requires a Senior PAM Engineer who will be responsible for the implementation of the technical platform and adoption of the security controls associated with the management of Privileged Access Rights across the organisation. The client is currently moving projects from on premise to products in the cloud. Main Duties: . Develop, implement, monitor and improve PAM services and processes. . Provide expert consultancy to the IT Security & Identity team and the wider business. . Support IT incident investigations to minimise impact, resume service, identify root cause and implement steps to avoid recurrence. . Ensure delivery is in line with Security policies and technical and business requirements. . Work with the security architect to develop target state architecture and solution designs. . Support improvements to certificate life cycle management/certificate automation . Support the BAU function and wider team in formalising business and operational processes to optimise working practices. . Mentor junior colleagues as required What you'll need to succeed Experience in the following areas is required: . Detailed hands-on experience of IAM & PAM processes and solutions, preferably Delinea/Thycotic . End to end experience of delivering PAM programmes . A focus on execution with the ability to work independently and initiating improvements; needs limited guidance from supervisor . Experience of working with internal stakeholders, 3rd parties and managed service providers to deliver outstanding PAM solutions. . A keen eye for detail and ability to quickly understand complex problems and deliver innovative solutions. . A pragmatic attitude to focus on progress over perfection, iteratively improving security controls and services. Experience in the following is highly desirable: . PKI . HSMs . Working in a government department . Experience of ISO27001 framework and ISO27002 standards . Relevant qualifications (eg. MSc in Cyber Security, CISSP) What you'll get in return This a great opportunity for an initial 6 months with likely extensions, Out of scope of IR35 with a competitive day rate and fully remote. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
30/03/2023
Project-based
PAM Engineer, 6 month initial contract, £450 per day, Out of Scope of IR35, Remote Your new company and role Our Public Sector client requires a Senior PAM Engineer who will be responsible for the implementation of the technical platform and adoption of the security controls associated with the management of Privileged Access Rights across the organisation. The client is currently moving projects from on premise to products in the cloud. Main Duties: . Develop, implement, monitor and improve PAM services and processes. . Provide expert consultancy to the IT Security & Identity team and the wider business. . Support IT incident investigations to minimise impact, resume service, identify root cause and implement steps to avoid recurrence. . Ensure delivery is in line with Security policies and technical and business requirements. . Work with the security architect to develop target state architecture and solution designs. . Support improvements to certificate life cycle management/certificate automation . Support the BAU function and wider team in formalising business and operational processes to optimise working practices. . Mentor junior colleagues as required What you'll need to succeed Experience in the following areas is required: . Detailed hands-on experience of IAM & PAM processes and solutions, preferably Delinea/Thycotic . End to end experience of delivering PAM programmes . A focus on execution with the ability to work independently and initiating improvements; needs limited guidance from supervisor . Experience of working with internal stakeholders, 3rd parties and managed service providers to deliver outstanding PAM solutions. . A keen eye for detail and ability to quickly understand complex problems and deliver innovative solutions. . A pragmatic attitude to focus on progress over perfection, iteratively improving security controls and services. Experience in the following is highly desirable: . PKI . HSMs . Working in a government department . Experience of ISO27001 framework and ISO27002 standards . Relevant qualifications (eg. MSc in Cyber Security, CISSP) What you'll get in return This a great opportunity for an initial 6 months with likely extensions, Out of scope of IR35 with a competitive day rate and fully remote. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
Senior Java Developer (AVP) £110k+ Senior Java Developer (Associate Vice President) As a Software Developer, you will be analysing and propose designs and technical solutions, as well as analysing existing systems and producing designs and software PoC/prototypes. You will also work alongside technology controls and cyber security teams to foster innovation in technology risk management and re-engineer current processes and controls to be highly automated, codified, self-service, and friction-free. Additionally, you will be responsible for enabling true CI/CD for our development teams, characterized by multiple releases per day. To be successful in this role, you should have at least 4 years of commercial experience with Java, Linux/Unix, REST, multithread development, Git, and CI/CD. You should also have experience working in a creatively challenging environment and be proficient in Core Java (Collections/Concurrency/Design patterns), databases (SQL/JDBC/JPA/In-memory), messaging (JMS/FIX/XML/JSON), web services and REST API design (using frameworks such as Jetty/Jersey/Swagger), and test-driven development (such as Junit/Mockito). Experience with behaviour-driven development (such as Concordion/Cucumber), distributed version control systems (preferably Git/Bit What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
30/03/2023
Full time
Senior Java Developer (AVP) £110k+ Senior Java Developer (Associate Vice President) As a Software Developer, you will be analysing and propose designs and technical solutions, as well as analysing existing systems and producing designs and software PoC/prototypes. You will also work alongside technology controls and cyber security teams to foster innovation in technology risk management and re-engineer current processes and controls to be highly automated, codified, self-service, and friction-free. Additionally, you will be responsible for enabling true CI/CD for our development teams, characterized by multiple releases per day. To be successful in this role, you should have at least 4 years of commercial experience with Java, Linux/Unix, REST, multithread development, Git, and CI/CD. You should also have experience working in a creatively challenging environment and be proficient in Core Java (Collections/Concurrency/Design patterns), databases (SQL/JDBC/JPA/In-memory), messaging (JMS/FIX/XML/JSON), web services and REST API design (using frameworks such as Jetty/Jersey/Swagger), and test-driven development (such as Junit/Mockito). Experience with behaviour-driven development (such as Concordion/Cucumber), distributed version control systems (preferably Git/Bit What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and audit experience. Qualifications Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Familiarity with security tools such as: CyberArk, Splunk, SailPoint Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub Familiarity with databases such as: Oracle, DB2, SQL Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent. preferred
29/03/2023
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and audit experience. Qualifications Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Familiarity with security tools such as: CyberArk, Splunk, SailPoint Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub Familiarity with databases such as: Oracle, DB2, SQL Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent. preferred
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and audit experience. Qualifications Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Familiarity with security tools such as: CyberArk, Splunk, SailPoint Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub Familiarity with databases such as: Oracle, DB2, SQL Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent. preferred
29/03/2023
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and audit experience. Qualifications Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Familiarity with security tools such as: CyberArk, Splunk, SailPoint Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub Familiarity with databases such as: Oracle, DB2, SQL Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent. preferred
Marcus Donald People are currently looking for a well-rounded Senior Cyber Security Specialist who has ideally got practical Microsoft Sentinel knowledge alongside good experience with SOAR tools. One of your main responsibilities will be to develop Microsoft Sentinel content including Detection rules, Functions, Playbooks, LogicApps and Query Time Parser! With this being said, Microsoft Sentinel experience would be fantastic however, depth of experience with alternatives like AlienVault, Splunk, ArcSight, LogRhythm would be great also! * £70,000 - £80,000 per annum + very good benefits. * 100% remote/OR there are offices in Manchester, Leeds, Newcastle & Berkshire.* (They are open to someone working remotely, as long as you don't come in with the mindset of never wanting to come into an office) Although other SIEM experience such as Splunk & ArcSight would be ideal, we need someone who would be comfortable across a range of SIEM alerting platforms, as you will be an important member of the team in the Development of SOC triage runbooks for developing threats. Senior Cyber Security Specialist - Requirements: Requirements analysis and SIEM Use Case design, validation, and testing in QA Ability to develop use cases from scratch Previous experience of continuously improve existing runbooks In Depth knowledge of the MITRE ATT&CK framework Contribute to Cyber systems and infrastructure integration initiatives within the business Experience Automating and orchestrating using APIs strong customer-facing experience or engagement across a variety of customers in terms of Threat detection solutioneering Good interpersonal skills and personable Senior Cyber Security Specialist - Desirable: Microsoft Sentinel but if not, then depth of experience with alternatives like AlienVault, Splunk, ArcSight, LogRhythm. Previously worked with Terraform Working Experience with common CI/CD frameworks/tooling (Jenkins/Circle CI/Git Pipelines) Python Scripting/development work within security domains. KQL would be a strong bonus too Ultimately you would be joining a Site Reliability Engineering team that is focussed towards delivering complete technical solutions using leading technology. The Site Reliability team you will be joining consists of System Developers, Software Engineers, Architects & Support Engineers and their main focus as a team is to design suitable solutions to progress relative team functionalities. Experience with SIEM Platforms, including working with logs and creating correlation searches and dashboards is vital here and the projects and responsibilities you will have solid involvement with, will really enhance your overall knowledge and therefore, offerings as a Cyber Expert! This is a great opportunity for someone who values the customer experience as well as someone who has the technical capacity to engage with multiple technologies, customers and third parties simultaneously. If you would like to discuss this in further detail, contact me at (see below) or call.
29/03/2023
Full time
Marcus Donald People are currently looking for a well-rounded Senior Cyber Security Specialist who has ideally got practical Microsoft Sentinel knowledge alongside good experience with SOAR tools. One of your main responsibilities will be to develop Microsoft Sentinel content including Detection rules, Functions, Playbooks, LogicApps and Query Time Parser! With this being said, Microsoft Sentinel experience would be fantastic however, depth of experience with alternatives like AlienVault, Splunk, ArcSight, LogRhythm would be great also! * £70,000 - £80,000 per annum + very good benefits. * 100% remote/OR there are offices in Manchester, Leeds, Newcastle & Berkshire.* (They are open to someone working remotely, as long as you don't come in with the mindset of never wanting to come into an office) Although other SIEM experience such as Splunk & ArcSight would be ideal, we need someone who would be comfortable across a range of SIEM alerting platforms, as you will be an important member of the team in the Development of SOC triage runbooks for developing threats. Senior Cyber Security Specialist - Requirements: Requirements analysis and SIEM Use Case design, validation, and testing in QA Ability to develop use cases from scratch Previous experience of continuously improve existing runbooks In Depth knowledge of the MITRE ATT&CK framework Contribute to Cyber systems and infrastructure integration initiatives within the business Experience Automating and orchestrating using APIs strong customer-facing experience or engagement across a variety of customers in terms of Threat detection solutioneering Good interpersonal skills and personable Senior Cyber Security Specialist - Desirable: Microsoft Sentinel but if not, then depth of experience with alternatives like AlienVault, Splunk, ArcSight, LogRhythm. Previously worked with Terraform Working Experience with common CI/CD frameworks/tooling (Jenkins/Circle CI/Git Pipelines) Python Scripting/development work within security domains. KQL would be a strong bonus too Ultimately you would be joining a Site Reliability Engineering team that is focussed towards delivering complete technical solutions using leading technology. The Site Reliability team you will be joining consists of System Developers, Software Engineers, Architects & Support Engineers and their main focus as a team is to design suitable solutions to progress relative team functionalities. Experience with SIEM Platforms, including working with logs and creating correlation searches and dashboards is vital here and the projects and responsibilities you will have solid involvement with, will really enhance your overall knowledge and therefore, offerings as a Cyber Expert! This is a great opportunity for someone who values the customer experience as well as someone who has the technical capacity to engage with multiple technologies, customers and third parties simultaneously. If you would like to discuss this in further detail, contact me at (see below) or call.
Senior IT/OT Security Specialist - Contact - 12 Months Contract - Denmark Senior IT/OT Security Specialist Project activities Ensure Compliance with clients referential's and standards within the cyber security area and prepare derogations where needed. Ensure segregation and follow IT and OT Security specifications/rules/policies. Secure high-level approvals from metier on cyber security and OT security, ensure compliance with Danish Legislation in all matters related to OT security. Liaise with L-iCSO (report to L-iCSO) Maintains strong internal and external peer networks and is a clear, powerful communicator. Evaluate different availability scenario is to ensure high uptime. Establish overview of all connected systems and ensure fit for purpose security, (SP1, SP2, SP3) Establish Awareness of OT security within all disciplines in the projects. Senior IT/OT Security Specialist Context and environment Is a fully independent professional Senior OT Security specialist, able to make a significant technical contribution to integrated teams in two or more areas of the discipline with minimal supervision. Liaises confidently with internal and external stakeholders. Senior IT/OT Security Specialist Goal/Purposes Ensure that the industrial systems are operational in island mode. Ensure policies, rules, best practices are implemented and governed. Ensure a secure setup to avoid downtime from outside attacks and/or malware. Ensure procedures, awareness, patching etc. are in place. Senior IT/OT Security Specialist HSSE activities Drives a generative safety culture by being a safety model. Maintain the highest level of occupational safety by complying with our golden rules. In the event of unsafe actions or situation particular in noncompliance, use the Stop Card to step in. Carry out daily activities in compliance with our Safety Health Environment Quality Charter and our Code of Conduct. Drive visible safety leadership; take responsibility for you and your colleagues' safety. With over 90 years' combined experience, NES Fircroft (NES) is proud to be the world's leading engineering staffing provider spanning the Oil & Gas, Power & Renewables, Infrastructure, Life Sciences, Mining, Automotive and Chemicals sectors worldwide.With more than 100 offices in 45 countries, we are able to provide our clients with the engineering and technical expertise they need, wherever and whenever it is needed. We offer contractors far more than a traditional recruitment service, supporting with everything from securing visas and work permits, to providing market-leading benefits packages and accommodation, ensuring they are safely and compliantly able to support our clients.
29/03/2023
Project-based
Senior IT/OT Security Specialist - Contact - 12 Months Contract - Denmark Senior IT/OT Security Specialist Project activities Ensure Compliance with clients referential's and standards within the cyber security area and prepare derogations where needed. Ensure segregation and follow IT and OT Security specifications/rules/policies. Secure high-level approvals from metier on cyber security and OT security, ensure compliance with Danish Legislation in all matters related to OT security. Liaise with L-iCSO (report to L-iCSO) Maintains strong internal and external peer networks and is a clear, powerful communicator. Evaluate different availability scenario is to ensure high uptime. Establish overview of all connected systems and ensure fit for purpose security, (SP1, SP2, SP3) Establish Awareness of OT security within all disciplines in the projects. Senior IT/OT Security Specialist Context and environment Is a fully independent professional Senior OT Security specialist, able to make a significant technical contribution to integrated teams in two or more areas of the discipline with minimal supervision. Liaises confidently with internal and external stakeholders. Senior IT/OT Security Specialist Goal/Purposes Ensure that the industrial systems are operational in island mode. Ensure policies, rules, best practices are implemented and governed. Ensure a secure setup to avoid downtime from outside attacks and/or malware. Ensure procedures, awareness, patching etc. are in place. Senior IT/OT Security Specialist HSSE activities Drives a generative safety culture by being a safety model. Maintain the highest level of occupational safety by complying with our golden rules. In the event of unsafe actions or situation particular in noncompliance, use the Stop Card to step in. Carry out daily activities in compliance with our Safety Health Environment Quality Charter and our Code of Conduct. Drive visible safety leadership; take responsibility for you and your colleagues' safety. With over 90 years' combined experience, NES Fircroft (NES) is proud to be the world's leading engineering staffing provider spanning the Oil & Gas, Power & Renewables, Infrastructure, Life Sciences, Mining, Automotive and Chemicals sectors worldwide.With more than 100 offices in 45 countries, we are able to provide our clients with the engineering and technical expertise they need, wherever and whenever it is needed. We offer contractors far more than a traditional recruitment service, supporting with everything from securing visas and work permits, to providing market-leading benefits packages and accommodation, ensuring they are safely and compliantly able to support our clients.
Job purpose Cyber Security is responsible for discovering vulnerabilities and risks in networks, software systems and hardware with ongoing vulnerability scans, monitoring network data, and ensuring corporate and Datacentre systems are compliant and secure. Key Responsibilities and duties Daily investigation and monitoring of system logs from devices such as Firewalls, Azure, AV/EDR Platforms, Security Information and Event Management (SIEM) systems and the network environment to identify anomalies such as suspicious network traffic, alerts and indications of compromise. If any are identified, investigate any vulnerabilities and escalate resolution to prevent re-occurrence. Conduct investigations and reporting for incoming phishing emails, mitigate infection vector and discover origin in order to block senders. Conduct OSINT (Open Source Intelligence) against senders and liaise with NCSC to expedite cessation of further threats. Use Cyber Threat Intelligence to protect supply chain and partners. Manage the implementation and monitoring of Honeypots to detect intruders inside the network. Administer and monitor the AV/EDR control panel including the creation of new policies to ensure the compliance of all connected machines (Workstations and Servers in all production, EMS, BMS and Security networks). Smarthost Email Gateway administration including monitoring and reacting to Email born threats. Continued improvement works in order to enhance and adapt the Email Gateway's defensive policies. Conduct Phishing tests against employees and departments, collate results and create security awareness training. Administer and monitor the Web Application Firewall Proxy, review website activity and identify potential malicious websites. Assist the IT Security Manager with Cloud Security Assessments on proposed cloud SaaS. PaaS and IaaS solutions. Continual Cyber Security posture testing of the Workstation, Server, EMS/BMS network and CCTV environments, including testing of new vulnerabilities as they are discovered. Assist in the re-certification of IT Security related audits which include ISO 27001 and Cyber Essentials Plus accreditation scheme. Host, assist and remediate actions presented by internal/external auditors. Liaise with the IT Security Manager to conduct intelligence projects into current and evolving threats from various information security websites, dark net forums and Cyber Security groups using inhouse Cyber Threat Intelligence tools. Research new methods and tools which could be used against installed infrastructure, including carrying out internal penetration tests in order to improve the security posture of the organisation. Capture, review and investigation of received malware that bypasses security systems using Sandbox tools. Reverse engineer malware to discover C2 (Command and control Server) origins and ascertain IOC's (Indicators of Compromise) to confirm the infection vector and remediate. Conduct forensics on infected systems and create new security policies to vaccinate against further attacks. Assist Penetration Testers including completing prerequisites prior to arrival, creation and configuration of workspace, agreement on scope of works and technical knowledge of installed infrastructure including assistance where required. Cyber Security Penetration test remediation works including reporting vulnerabilities to the Senior Leadership Team (SLT) and NCSC, remediation of discovered vulnerabilities and proof of work within a strict time frame. Complete security reviews against all external public facing services such as our corporate website, ticketing system and future perimeter services. Liaise with Construction and contractors, implement best practices and build reviews of their hardware that is used within the network infrastructure. Recommend hardening procedures for equipment used in current and new buildings. Assist the IT Security Manager to provide security reports, talks, training and demonstrations in order to confirm Cyber Security posture. Assist the IT team with the patching of the estate including Corporate, Security, BMS and EMS Servers and workstations. This includes 3rd party software being used in the corporate environment. Continue to enhance security posture for the employees and company, introduce new tools and policies, assist with disaster recovery exercises. Assist the IT Security Manager in providing weekly and monthly threat intelligence reports for SLT. Continued survey of software used to ensure no company acquisitions affect ISO 27001 accreditation or security posture. Training and security awareness for all staff, create a security knowledgebase system that all staff can access. Experience, Skills and Qualifications Strong background in Cyber Security, IT and network systems, architectures and applications, such as knowledge of Windows OS, Linux OS, networking, Active Directory, VMWare and Azure. Experience with AV/EDR software, Email Gateway Smarthosts, SIEM, intrusion detection, Firewalls and web application Firewall content filtering. Knowledge of designing secure networks, systems and application architectures. Knowledge of disaster recovery, computer forensic tools, technologies and methods. Professional experience in a system administration role supporting multiple platforms and applications. Ability to obtain relevant security clearance. MSc or BSc in computer science, technology or security subject is an advantage. Cyber Security related certifications such as SANS, AZ-500, Security+ and CEH is an advantage. Access to own vehicle for company travel. We are committed to a hybrid working environment and therefore expectation is attendance at the office, a minimum of 3 days per week.
29/03/2023
Full time
Job purpose Cyber Security is responsible for discovering vulnerabilities and risks in networks, software systems and hardware with ongoing vulnerability scans, monitoring network data, and ensuring corporate and Datacentre systems are compliant and secure. Key Responsibilities and duties Daily investigation and monitoring of system logs from devices such as Firewalls, Azure, AV/EDR Platforms, Security Information and Event Management (SIEM) systems and the network environment to identify anomalies such as suspicious network traffic, alerts and indications of compromise. If any are identified, investigate any vulnerabilities and escalate resolution to prevent re-occurrence. Conduct investigations and reporting for incoming phishing emails, mitigate infection vector and discover origin in order to block senders. Conduct OSINT (Open Source Intelligence) against senders and liaise with NCSC to expedite cessation of further threats. Use Cyber Threat Intelligence to protect supply chain and partners. Manage the implementation and monitoring of Honeypots to detect intruders inside the network. Administer and monitor the AV/EDR control panel including the creation of new policies to ensure the compliance of all connected machines (Workstations and Servers in all production, EMS, BMS and Security networks). Smarthost Email Gateway administration including monitoring and reacting to Email born threats. Continued improvement works in order to enhance and adapt the Email Gateway's defensive policies. Conduct Phishing tests against employees and departments, collate results and create security awareness training. Administer and monitor the Web Application Firewall Proxy, review website activity and identify potential malicious websites. Assist the IT Security Manager with Cloud Security Assessments on proposed cloud SaaS. PaaS and IaaS solutions. Continual Cyber Security posture testing of the Workstation, Server, EMS/BMS network and CCTV environments, including testing of new vulnerabilities as they are discovered. Assist in the re-certification of IT Security related audits which include ISO 27001 and Cyber Essentials Plus accreditation scheme. Host, assist and remediate actions presented by internal/external auditors. Liaise with the IT Security Manager to conduct intelligence projects into current and evolving threats from various information security websites, dark net forums and Cyber Security groups using inhouse Cyber Threat Intelligence tools. Research new methods and tools which could be used against installed infrastructure, including carrying out internal penetration tests in order to improve the security posture of the organisation. Capture, review and investigation of received malware that bypasses security systems using Sandbox tools. Reverse engineer malware to discover C2 (Command and control Server) origins and ascertain IOC's (Indicators of Compromise) to confirm the infection vector and remediate. Conduct forensics on infected systems and create new security policies to vaccinate against further attacks. Assist Penetration Testers including completing prerequisites prior to arrival, creation and configuration of workspace, agreement on scope of works and technical knowledge of installed infrastructure including assistance where required. Cyber Security Penetration test remediation works including reporting vulnerabilities to the Senior Leadership Team (SLT) and NCSC, remediation of discovered vulnerabilities and proof of work within a strict time frame. Complete security reviews against all external public facing services such as our corporate website, ticketing system and future perimeter services. Liaise with Construction and contractors, implement best practices and build reviews of their hardware that is used within the network infrastructure. Recommend hardening procedures for equipment used in current and new buildings. Assist the IT Security Manager to provide security reports, talks, training and demonstrations in order to confirm Cyber Security posture. Assist the IT team with the patching of the estate including Corporate, Security, BMS and EMS Servers and workstations. This includes 3rd party software being used in the corporate environment. Continue to enhance security posture for the employees and company, introduce new tools and policies, assist with disaster recovery exercises. Assist the IT Security Manager in providing weekly and monthly threat intelligence reports for SLT. Continued survey of software used to ensure no company acquisitions affect ISO 27001 accreditation or security posture. Training and security awareness for all staff, create a security knowledgebase system that all staff can access. Experience, Skills and Qualifications Strong background in Cyber Security, IT and network systems, architectures and applications, such as knowledge of Windows OS, Linux OS, networking, Active Directory, VMWare and Azure. Experience with AV/EDR software, Email Gateway Smarthosts, SIEM, intrusion detection, Firewalls and web application Firewall content filtering. Knowledge of designing secure networks, systems and application architectures. Knowledge of disaster recovery, computer forensic tools, technologies and methods. Professional experience in a system administration role supporting multiple platforms and applications. Ability to obtain relevant security clearance. MSc or BSc in computer science, technology or security subject is an advantage. Cyber Security related certifications such as SANS, AZ-500, Security+ and CEH is an advantage. Access to own vehicle for company travel. We are committed to a hybrid working environment and therefore expectation is attendance at the office, a minimum of 3 days per week.
Senior IT Operations Engineer (AWS Python Powershell IaC).Cheshire* to £100k Are you a talented Senior IT Operations Engineer who would enjoy being part of a hugely ambitious cyber security company delivering amazing products and services? Do you want to be part of a fantastic culture and work alongside a kind and genuine team who are exceptionally good at what they do? What's in it for you? Up to £100k salary Free food and beverages on-site all day everyday (including fresh baked treats and coffee!) On-site gym with trainers and classes including yoga Enhanced parental leave - 26 weeks full pay Flexible working hours can be supported Opportunities to upskill, structured development programmes, and life/career coaching Fantastic socials - quarterly team lunches, Friday drinks, regular company events Your Role: As a Senior IT Operations Engineer, you will help to shape and secure the company's systems and platforms by supporting team members with complex IT issues and delivering operations to a high standard. Most of the IT infrastructure is hosted in the Cloud, and any on-premises infrastructure is strictly limited to provide end user devices, networking equipment, audio visual, and building management systems. Some of your main duties will include managing user access to ensure everyone has sufficient access to do their role, assessing networks and system security regularly, delivering operational tasks including physical installation, configuration, and updates, and creating and maintaining an automated IT asset inventory. WfH Policy: For this role you will be required in the Knutsford office 5 days a week. The office is modern and spacious, and you can enjoy an incredibly generous benefits package. Ideal Requirements: You have hands-on IT and systems architecture, implementation, and operations experience You have experience with a range of AWS services You have a track record of building Infrastructure as Code (IaC) You have a solid understanding of networking concepts including switching, routing, Firewalls, and VPNs You can code in Python, PowerShell or similar You are a kind, genuine, and open individual who has excellent communication and collaboration skills As a Senior IT Operations Engineer you can expect to earn a competitive salary (up to £100k) plus a comprehensive benefits package. Apply today or call to find out more about this Senior IT Operations Engineer (AWS IaC) role. At Client Server we believe in a diverse workplace that allows people to play to their strengths and continually learn. We're an equal opportunities employer whose people come from all walks of life and will never discriminate based on race, colour, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. The clients we work with share our values.
28/03/2023
Full time
Senior IT Operations Engineer (AWS Python Powershell IaC).Cheshire* to £100k Are you a talented Senior IT Operations Engineer who would enjoy being part of a hugely ambitious cyber security company delivering amazing products and services? Do you want to be part of a fantastic culture and work alongside a kind and genuine team who are exceptionally good at what they do? What's in it for you? Up to £100k salary Free food and beverages on-site all day everyday (including fresh baked treats and coffee!) On-site gym with trainers and classes including yoga Enhanced parental leave - 26 weeks full pay Flexible working hours can be supported Opportunities to upskill, structured development programmes, and life/career coaching Fantastic socials - quarterly team lunches, Friday drinks, regular company events Your Role: As a Senior IT Operations Engineer, you will help to shape and secure the company's systems and platforms by supporting team members with complex IT issues and delivering operations to a high standard. Most of the IT infrastructure is hosted in the Cloud, and any on-premises infrastructure is strictly limited to provide end user devices, networking equipment, audio visual, and building management systems. Some of your main duties will include managing user access to ensure everyone has sufficient access to do their role, assessing networks and system security regularly, delivering operational tasks including physical installation, configuration, and updates, and creating and maintaining an automated IT asset inventory. WfH Policy: For this role you will be required in the Knutsford office 5 days a week. The office is modern and spacious, and you can enjoy an incredibly generous benefits package. Ideal Requirements: You have hands-on IT and systems architecture, implementation, and operations experience You have experience with a range of AWS services You have a track record of building Infrastructure as Code (IaC) You have a solid understanding of networking concepts including switching, routing, Firewalls, and VPNs You can code in Python, PowerShell or similar You are a kind, genuine, and open individual who has excellent communication and collaboration skills As a Senior IT Operations Engineer you can expect to earn a competitive salary (up to £100k) plus a comprehensive benefits package. Apply today or call to find out more about this Senior IT Operations Engineer (AWS IaC) role. At Client Server we believe in a diverse workplace that allows people to play to their strengths and continually learn. We're an equal opportunities employer whose people come from all walks of life and will never discriminate based on race, colour, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. The clients we work with share our values.
Systems Engineer - Permanent - Hybrid working with offices in Manchester-Bristol-Surrey Must hold an SC clearance or be alliable for an SC clearance NO SPONSORSHIP GIVEN We are looking for multiple System Engineers of all levels to work with a client of ours who work in Aerospace, Defence, Security and Technology (ADS&T) As the Systems Engineer, you'll have all the support you need to succeed. Working in a team that uses Systems thinking, you'll analyse, assess, and develop ways to mitigate engineering risks, including safety, environmental and cyber threats. And with the huge variety of projects, we have - from local schemes to high-profile programmes - you'll always have something challenging to get involved in. Experience/Qualifications needed: Development of solutions to complex problems in balance with performance, cost, time, and risk and using our knowledge and experience in the state-of-the-art and emerging technologies. BSc/BA with Honours Degree qualified (Level 6 or above), or equivalent depth of experience. We welcome applications from candidates who can demonstrate that their degree and experience has equipped them for creative and Systems Thinking. Ability to tailor the presentation of ideas to non-technical and senior stakeholders. Able to work alone or as part of a team. Experience and skill with the MS Office toolset.
28/03/2023
Full time
Systems Engineer - Permanent - Hybrid working with offices in Manchester-Bristol-Surrey Must hold an SC clearance or be alliable for an SC clearance NO SPONSORSHIP GIVEN We are looking for multiple System Engineers of all levels to work with a client of ours who work in Aerospace, Defence, Security and Technology (ADS&T) As the Systems Engineer, you'll have all the support you need to succeed. Working in a team that uses Systems thinking, you'll analyse, assess, and develop ways to mitigate engineering risks, including safety, environmental and cyber threats. And with the huge variety of projects, we have - from local schemes to high-profile programmes - you'll always have something challenging to get involved in. Experience/Qualifications needed: Development of solutions to complex problems in balance with performance, cost, time, and risk and using our knowledge and experience in the state-of-the-art and emerging technologies. BSc/BA with Honours Degree qualified (Level 6 or above), or equivalent depth of experience. We welcome applications from candidates who can demonstrate that their degree and experience has equipped them for creative and Systems Thinking. Ability to tailor the presentation of ideas to non-technical and senior stakeholders. Able to work alone or as part of a team. Experience and skill with the MS Office toolset.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Forensics Engineer. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security initiatives and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. In addition, the position will enhance the process around monitoring third-party security-related feeds, websites, forums, and mailing lists for information regarding cyber threats, vulnerabilities, and exploits. The role will be heavily involved in the documenting, delivery, and testing of regulatory compliance to all required security regulation as well as the reporting of high-level details and metrics to Senior management. Responsibilities: Incident Management and Security Analysis: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Actively monitor and research cyber threats with a direct or indirect impact to the business operations, or technology infrastructure. Oversee process of monthly reporting to Security management on and Incident management metrics. Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives. Lead various teams to operationalize remediation efforts for gaps identified. Develop and implement security monitoring roadmaps for technologies, applications, SaaS, and other cloud-hosted solutions. These roadmaps will direct efforts on implementation of monitoring use cases and measurement of monitoring capabilities. Qualifications : Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. Technical Skills: Demonstrated proficiency in: Incident Response playbook development managing incident analysis and remediation. Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Standard technical writing tools including MS Word, Excel, Project and Visio Proxy and caching services. Client Server platforms including Windows, Linux. Operating system hardening procedures (, Linux, Windows, etc.) Web Application Firewalls. Security Orchestration and Automated Response tools and concepts. Minimum three years of information security experience, preferably in the financial services industry.
27/03/2023
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Forensics Engineer. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security initiatives and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. In addition, the position will enhance the process around monitoring third-party security-related feeds, websites, forums, and mailing lists for information regarding cyber threats, vulnerabilities, and exploits. The role will be heavily involved in the documenting, delivery, and testing of regulatory compliance to all required security regulation as well as the reporting of high-level details and metrics to Senior management. Responsibilities: Incident Management and Security Analysis: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Actively monitor and research cyber threats with a direct or indirect impact to the business operations, or technology infrastructure. Oversee process of monthly reporting to Security management on and Incident management metrics. Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives. Lead various teams to operationalize remediation efforts for gaps identified. Develop and implement security monitoring roadmaps for technologies, applications, SaaS, and other cloud-hosted solutions. These roadmaps will direct efforts on implementation of monitoring use cases and measurement of monitoring capabilities. Qualifications : Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. Technical Skills: Demonstrated proficiency in: Incident Response playbook development managing incident analysis and remediation. Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Standard technical writing tools including MS Word, Excel, Project and Visio Proxy and caching services. Client Server platforms including Windows, Linux. Operating system hardening procedures (, Linux, Windows, etc.) Web Application Firewalls. Security Orchestration and Automated Response tools and concepts. Minimum three years of information security experience, preferably in the financial services industry.
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Forensics Engineer. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security initiatives and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. In addition, the position will enhance the process around monitoring third-party security-related feeds, websites, forums, and mailing lists for information regarding cyber threats, vulnerabilities, and exploits. The role will be heavily involved in the documenting, delivery, and testing of regulatory compliance to all required security regulation as well as the reporting of high-level details and metrics to Senior management. Responsibilities: Incident Management and Security Analysis: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Actively monitor and research cyber threats with a direct or indirect impact to the business operations, or technology infrastructure. Oversee process of monthly reporting to Security management on and Incident management metrics. Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives. Lead various teams to operationalize remediation efforts for gaps identified. Develop and implement security monitoring roadmaps for technologies, applications, SaaS, and other cloud-hosted solutions. These roadmaps will direct efforts on implementation of monitoring use cases and measurement of monitoring capabilities. Qualifications : Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. Technical Skills: Demonstrated proficiency in: Incident Response playbook development managing incident analysis and remediation. Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Standard technical writing tools including MS Word, Excel, Project and Visio Proxy and caching services. Client Server platforms including Windows, Linux. Operating system hardening procedures (, Linux, Windows, etc.) Web Application Firewalls. Security Orchestration and Automated Response tools and concepts. Minimum three years of information security experience, preferably in the financial services industry.
27/03/2023
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Forensics Engineer. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security initiatives and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. In addition, the position will enhance the process around monitoring third-party security-related feeds, websites, forums, and mailing lists for information regarding cyber threats, vulnerabilities, and exploits. The role will be heavily involved in the documenting, delivery, and testing of regulatory compliance to all required security regulation as well as the reporting of high-level details and metrics to Senior management. Responsibilities: Incident Management and Security Analysis: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Actively monitor and research cyber threats with a direct or indirect impact to the business operations, or technology infrastructure. Oversee process of monthly reporting to Security management on and Incident management metrics. Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives. Lead various teams to operationalize remediation efforts for gaps identified. Develop and implement security monitoring roadmaps for technologies, applications, SaaS, and other cloud-hosted solutions. These roadmaps will direct efforts on implementation of monitoring use cases and measurement of monitoring capabilities. Qualifications : Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. Technical Skills: Demonstrated proficiency in: Incident Response playbook development managing incident analysis and remediation. Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Standard technical writing tools including MS Word, Excel, Project and Visio Proxy and caching services. Client Server platforms including Windows, Linux. Operating system hardening procedures (, Linux, Windows, etc.) Web Application Firewalls. Security Orchestration and Automated Response tools and concepts. Minimum three years of information security experience, preferably in the financial services industry.
Request Technology - Craig Johnson
Oakland, California
*We are unable to sponsor for this Remote permanent role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Lead Cyber Security Penetration & Vulnerability Tester. Candidate will provide domain expertise in Penetration testing of Infrastructure and Networks, Web Applications, Cloud and Social engineering! In this role, the candidate will provide improved vulnerability analysis and contextual feedback to stakeholders to support the resolution of discovered vulnerabilities and facilitate risk awareness. Responsibilities: Penetration Testing and Red Team assessments Perform internal and external penetration testing of network infrastructure and applications Red team assessments including physical, social engineering, and network exploitation Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases Perform network reconnaissance, OSINT, social engineering, and physical security reviews Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards Effectively communicate findings and strategy to stakeholders, including technical staff and executive leadership Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement Purple Team and Adversary simulations Participate in regular Purple team exercises and perform adversary simulations to test defense controls Assist with scoping prospective engagements, leading engagements from kickoff through remediation Work closely with Blue team to test efficacy of existing alerts and help create new detection. Create findings reports and communicate to stakeholders Contribute to enhancing the team's toolkit Write custom scripts to automate tasks related to finding new vulnerabilities Maintain runbooks to continually improve penetration testing methodologies and threat modelling. The Red team is responsible for testing the overall strength of our organization's defenses (the technology, the processes, and the people) by simulating the objectives and actions of an attacker! This role provides domain expertise in Penetration testing of Infrastructure and Networks, Web Applications, Cloud and Social engineering, as well as Red Team and Purple Team internal engagements. Additionally, you will provide improved vulnerability analysis and contextual feedback to partners to support the resolution of discovered vulnerabilities and facilitate risk awareness. Qualifications : 8-10 years of experience in Penetration testing, Red Team and Purple Team Bachelor of Science in Engineering, Computer Science, Information Technology, or equivalent work experience Advanced knowledge in common penetration testing tools (Metasploit, Burp Suite, Cobalt Strike, Empire, KALI Linux etc.) Must have a demonstrable understanding of voice and data networks, major operating systems, Active Directory, cloud technologies Must demonstrate knowledge of MITRE's ATT&CK framework, execute and chain TTP's Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms. Ability to optimally code in a Scripting language (Python, Bash, PowerShell, Perl, etc.) OSCP 7+ to 10 years experience Seniority Level - Other Management Experience Required - No Minimum Education - Bachelor's Degree Willingness to Travel - Never
24/03/2023
Full time
*We are unable to sponsor for this Remote permanent role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Lead Cyber Security Penetration & Vulnerability Tester. Candidate will provide domain expertise in Penetration testing of Infrastructure and Networks, Web Applications, Cloud and Social engineering! In this role, the candidate will provide improved vulnerability analysis and contextual feedback to stakeholders to support the resolution of discovered vulnerabilities and facilitate risk awareness. Responsibilities: Penetration Testing and Red Team assessments Perform internal and external penetration testing of network infrastructure and applications Red team assessments including physical, social engineering, and network exploitation Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases Perform network reconnaissance, OSINT, social engineering, and physical security reviews Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards Effectively communicate findings and strategy to stakeholders, including technical staff and executive leadership Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement Purple Team and Adversary simulations Participate in regular Purple team exercises and perform adversary simulations to test defense controls Assist with scoping prospective engagements, leading engagements from kickoff through remediation Work closely with Blue team to test efficacy of existing alerts and help create new detection. Create findings reports and communicate to stakeholders Contribute to enhancing the team's toolkit Write custom scripts to automate tasks related to finding new vulnerabilities Maintain runbooks to continually improve penetration testing methodologies and threat modelling. The Red team is responsible for testing the overall strength of our organization's defenses (the technology, the processes, and the people) by simulating the objectives and actions of an attacker! This role provides domain expertise in Penetration testing of Infrastructure and Networks, Web Applications, Cloud and Social engineering, as well as Red Team and Purple Team internal engagements. Additionally, you will provide improved vulnerability analysis and contextual feedback to partners to support the resolution of discovered vulnerabilities and facilitate risk awareness. Qualifications : 8-10 years of experience in Penetration testing, Red Team and Purple Team Bachelor of Science in Engineering, Computer Science, Information Technology, or equivalent work experience Advanced knowledge in common penetration testing tools (Metasploit, Burp Suite, Cobalt Strike, Empire, KALI Linux etc.) Must have a demonstrable understanding of voice and data networks, major operating systems, Active Directory, cloud technologies Must demonstrate knowledge of MITRE's ATT&CK framework, execute and chain TTP's Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms. Ability to optimally code in a Scripting language (Python, Bash, PowerShell, Perl, etc.) OSCP 7+ to 10 years experience Seniority Level - Other Management Experience Required - No Minimum Education - Bachelor's Degree Willingness to Travel - Never
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Engineer. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security initiatives and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. Responsibilities: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Actively monitor and research cyber threats with a direct or indirect impact to the brand, business operations, or technology infrastructure. Oversee process of monthly reporting to Security management on and Incident management metrics. Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives. Lead various teams to operationalize remediation efforts for gaps identified. Develop and implement security monitoring roadmaps for technologies, applications, SaaS, and other cloud-hosted solutions. These roadmaps will direct efforts on implementation of monitoring use cases and measurement of monitoring capabilities. Security Device Administration Report on and enhance current metrics surrounding security tool capabilities and efficacy. Qualifications: Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Incident Response playbook development managing incident analysis and remediation Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Standard technical writing tools including MS Word, Excel, Project and Visio Proxy and caching services. Client Server platforms including Windows, Linux. Operating system hardening procedures (, Linux, Windows, etc.) Web Application Firewalls. Security Orchestration and Automated Response tools and concepts. Minimum three years of information security experience, preferably in the financial services industry. Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Industry knowledge of leading-edge security technologies and methods working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CCE, CFE
07/03/2023
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Engineer. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security initiatives and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. Responsibilities: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Actively monitor and research cyber threats with a direct or indirect impact to the brand, business operations, or technology infrastructure. Oversee process of monthly reporting to Security management on and Incident management metrics. Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives. Lead various teams to operationalize remediation efforts for gaps identified. Develop and implement security monitoring roadmaps for technologies, applications, SaaS, and other cloud-hosted solutions. These roadmaps will direct efforts on implementation of monitoring use cases and measurement of monitoring capabilities. Security Device Administration Report on and enhance current metrics surrounding security tool capabilities and efficacy. Qualifications: Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Incident Response playbook development managing incident analysis and remediation Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Standard technical writing tools including MS Word, Excel, Project and Visio Proxy and caching services. Client Server platforms including Windows, Linux. Operating system hardening procedures (, Linux, Windows, etc.) Web Application Firewalls. Security Orchestration and Automated Response tools and concepts. Minimum three years of information security experience, preferably in the financial services industry. Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Industry knowledge of leading-edge security technologies and methods working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CCE, CFE
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Engineer. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security initiatives and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. Responsibilities: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Actively monitor and research cyber threats with a direct or indirect impact to the brand, business operations, or technology infrastructure. Oversee process of monthly reporting to Security management on and Incident management metrics. Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives. Lead various teams to operationalize remediation efforts for gaps identified. Develop and implement security monitoring roadmaps for technologies, applications, SaaS, and other cloud-hosted solutions. These roadmaps will direct efforts on implementation of monitoring use cases and measurement of monitoring capabilities. Security Device Administration Report on and enhance current metrics surrounding security tool capabilities and efficacy. Qualifications: Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Incident Response playbook development managing incident analysis and remediation Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Standard technical writing tools including MS Word, Excel, Project and Visio Proxy and caching services. Client Server platforms including Windows, Linux. Operating system hardening procedures (, Linux, Windows, etc.) Web Application Firewalls. Security Orchestration and Automated Response tools and concepts. Minimum three years of information security experience, preferably in the financial services industry. Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Industry knowledge of leading-edge security technologies and methods working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CCE, CFE
07/03/2023
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Engineer. Candidate will help plan actions and lead security professionals in the analysis and determination of threats to the enterprise, vulnerabilities in the environment, and how our company will best defend itself against these threats. This position will require initiative to oversee security initiatives and be expected to put together projects and teams to remediate identified security threats, incidents, and compliance issues. Responsibilities: Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting. Oversee technical analysis of security events while coordinating incident response activities with internal and external teams. Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures. Develop and support briefings to senior management as a trusted incident responder. Actively monitor and research cyber threats with a direct or indirect impact to the brand, business operations, or technology infrastructure. Oversee process of monthly reporting to Security management on and Incident management metrics. Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives. Lead various teams to operationalize remediation efforts for gaps identified. Develop and implement security monitoring roadmaps for technologies, applications, SaaS, and other cloud-hosted solutions. These roadmaps will direct efforts on implementation of monitoring use cases and measurement of monitoring capabilities. Security Device Administration Report on and enhance current metrics surrounding security tool capabilities and efficacy. Qualifications: Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Incident Response playbook development managing incident analysis and remediation Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump). Standard technical writing tools including MS Word, Excel, Project and Visio Proxy and caching services. Client Server platforms including Windows, Linux. Operating system hardening procedures (, Linux, Windows, etc.) Web Application Firewalls. Security Orchestration and Automated Response tools and concepts. Minimum three years of information security experience, preferably in the financial services industry. Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response Minimum one year in a leadership role or team/project lead capacity. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies. Industry knowledge of leading-edge security technologies and methods working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CCE, CFE
