*We are unable to sponsor as this is a permanent Full time role* *Hybrid 3 days onsite 2 days remote* A prestigious company is looking for an IT Security GRC Specialist. This specialist will be the SME for information security GRC and will perform key risk management functions within the security governance department. They will do 3rd party vendor risk management and internal risk management. Experience with frameworks ISO 27001, NIST, SOC, SIG is required. Responsibilities: Management of process improvement, control maturity, and communication of risk throughout assigned GRC service activities. Level II responsibilities include incorporating ISO 27001 principles for continuous improvement throughout all services and support activities. Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. This service also provides contract review for security requirements. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Exception management, processing and tracking requests for exception to security controls. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Ensures security awareness training is aligned, defined, and executed. Evaluation of cyber training/education courses and methods based on instructional needs. Administration of the GRC technology platforms. Qualifications Bachelor's degree or five (5) years of work experience in IT Security is required. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required. Technical writing experience is required. Experience with instructional content educational writing strongly preferred. Strong knowledge of risk management principles and practices are required. Strong knowledge of security administration and role-based security controls are required. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Interview, gather, and understand content from subject-matter experts. Maintain accurate records and manage client security and risk requests. Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm's security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline, and procedure documents. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
28/06/2024
Full time
*We are unable to sponsor as this is a permanent Full time role* *Hybrid 3 days onsite 2 days remote* A prestigious company is looking for an IT Security GRC Specialist. This specialist will be the SME for information security GRC and will perform key risk management functions within the security governance department. They will do 3rd party vendor risk management and internal risk management. Experience with frameworks ISO 27001, NIST, SOC, SIG is required. Responsibilities: Management of process improvement, control maturity, and communication of risk throughout assigned GRC service activities. Level II responsibilities include incorporating ISO 27001 principles for continuous improvement throughout all services and support activities. Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. This service also provides contract review for security requirements. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Exception management, processing and tracking requests for exception to security controls. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Ensures security awareness training is aligned, defined, and executed. Evaluation of cyber training/education courses and methods based on instructional needs. Administration of the GRC technology platforms. Qualifications Bachelor's degree or five (5) years of work experience in IT Security is required. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required. Technical writing experience is required. Experience with instructional content educational writing strongly preferred. Strong knowledge of risk management principles and practices are required. Strong knowledge of security administration and role-based security controls are required. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Interview, gather, and understand content from subject-matter experts. Maintain accurate records and manage client security and risk requests. Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm's security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline, and procedure documents. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
Infrastructure Specialist Akkodis are currently working in partnership with a leading professional services provider to recruit an Infrastructure Specialist to join their global IT team. The Role As an Infrastructure Specialist you will work within the infrastructure team and help develop, maintain and support a global IT Infrastructure supporting 9,000+ staff across 100+ locations. As an Infrastructure Specialist you will have the opportunity to proactively improve, optimise, converge, and develop the infrastructure with future capacity in mind, managing multiple projects and responsibilities. You will provide advice and guidance on maintaining the cloud, server, network and security environments, to plan and instigate hardware and software upgrades as required, and to ensure that planned processes have been completed satisfactorily. The Responsibilities Monitor, support and maintain the global on-premise and cloud infrastructures. Manage the ongoing global migration from on-premise IT infrastructure into a cloud managed environment. Develop, manage, and implement infrastructure projects to deliver business wide initiatives. Respond to 2nd/3rd line Help Desk calls and manage such items through to resolution and other regular support activities and provide technical cover and mentoring. Perform regular preventative maintenance checks, check logs and Servers to ensure they are properly patched and implement corrective actions to resolve any issues. Manage the security and integrity of data and IT systems. Educating staff on good working practices. Management of external suppliers and support agencies for the ongoing support and maintenance of the global infrastructure environment. Take ownership to ensure that all work and changes are performed in such a way as to minimise all disruption to existing business use. Be proactive in designing and documenting infrastructure processes, procedures, and standards and to maintain or prepare system and software documentation as directed. Work with the Global IT team and collaborate on any global initiatives and rollouts. Manage the technical aspects of office moves and changes. Testing and rolling out updates to software with a particular emphasis on security updates. Ensuring that adequate backups of data are kept both on and off site and that backup and restore processes are regularly tested. The Requirements Enterprise working knowledge and support of the Microsoft 365 environment and Admin centre (Microsoft cloud technologies, M365, AzureAD, Defender ATP, EndPoint Manager, OneDrive, etc). Excellent understanding of Microsoft Technologies, Windows Servers (2012, 2016 & 2019) Active Directory and Group Policies. Comprehensive Experience with VMWare, vCentre, & ESXi. Good understanding of Storage, SAN, NAS & Backup Technologies. All round IT infrastructure specialist with at extensive hands-on experience. If you are looking for an exciting new challenge to join a leading global service provider, please apply now. Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
28/06/2024
Full time
Infrastructure Specialist Akkodis are currently working in partnership with a leading professional services provider to recruit an Infrastructure Specialist to join their global IT team. The Role As an Infrastructure Specialist you will work within the infrastructure team and help develop, maintain and support a global IT Infrastructure supporting 9,000+ staff across 100+ locations. As an Infrastructure Specialist you will have the opportunity to proactively improve, optimise, converge, and develop the infrastructure with future capacity in mind, managing multiple projects and responsibilities. You will provide advice and guidance on maintaining the cloud, server, network and security environments, to plan and instigate hardware and software upgrades as required, and to ensure that planned processes have been completed satisfactorily. The Responsibilities Monitor, support and maintain the global on-premise and cloud infrastructures. Manage the ongoing global migration from on-premise IT infrastructure into a cloud managed environment. Develop, manage, and implement infrastructure projects to deliver business wide initiatives. Respond to 2nd/3rd line Help Desk calls and manage such items through to resolution and other regular support activities and provide technical cover and mentoring. Perform regular preventative maintenance checks, check logs and Servers to ensure they are properly patched and implement corrective actions to resolve any issues. Manage the security and integrity of data and IT systems. Educating staff on good working practices. Management of external suppliers and support agencies for the ongoing support and maintenance of the global infrastructure environment. Take ownership to ensure that all work and changes are performed in such a way as to minimise all disruption to existing business use. Be proactive in designing and documenting infrastructure processes, procedures, and standards and to maintain or prepare system and software documentation as directed. Work with the Global IT team and collaborate on any global initiatives and rollouts. Manage the technical aspects of office moves and changes. Testing and rolling out updates to software with a particular emphasis on security updates. Ensuring that adequate backups of data are kept both on and off site and that backup and restore processes are regularly tested. The Requirements Enterprise working knowledge and support of the Microsoft 365 environment and Admin centre (Microsoft cloud technologies, M365, AzureAD, Defender ATP, EndPoint Manager, OneDrive, etc). Excellent understanding of Microsoft Technologies, Windows Servers (2012, 2016 & 2019) Active Directory and Group Policies. Comprehensive Experience with VMWare, vCentre, & ESXi. Good understanding of Storage, SAN, NAS & Backup Technologies. All round IT infrastructure specialist with at extensive hands-on experience. If you are looking for an exciting new challenge to join a leading global service provider, please apply now. Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
Location: Glasgow - hybrid -3 days per week in the office We are seeking a highly skilled Senior Infrastructure Engineer to join an IT Services team. This 3rd line role involves investigating, performing root cause analysis, and resolving complex incidents and problems escalated from 1st and 2nd line support teams. The successful candidate will produce Knowledge Based Articles (KBAs) to document resolutions to common issues and make recommendations to prevent future incidents. The role includes deploying and supporting infrastructure components for End User Device Platforms and administering Microsoft Endpoint Manager (Intune), including Autopilot deployment, device enrolment, application deployment, and endpoint security policies. Key requirements: Microsoft Endpoint Manager (Intune) administration, including familiarity with Autopilot deployment and device enrolment, the ability to create and deploy applications, device configuration and endpoint security policies, operating system and application patching Windows and IOS end user device and operating system support The ability to support a Cloud based print solution Microsoft Entra ID administration and troubleshooting Administration, troubleshooting, and reporting on Cloud based Zero Trust Platform Desirable: Practical knowledge of Linux and Ansible Experience of SNMP and Agent based infrastructure monitoring End User device management and application delivery and life cycle management using System Center Configuration Manager (SCCM) Installation, support, monitoring, and maintenance of Microsoft Technologies such as Active Directory, Group Policy, Exchange, PowerShell, DNS, DHCP, Certificate Services, ADFS, Failover Clustering Installation, support, monitoring, and maintenance of Server Operating Systems (Windows and Linux) Installation, support, monitoring, and maintenance of virtualisation technologies Security Clearance: SC highly desirable; candidates with active SC clearance will be fast-tracked. If you consider yourself to have a disability or if you are a veteran, and you meet the essential criteria for the role, you will be put forward for the Guaranteed Interview' scheme whereby you will have the opportunity to discuss this role and your suitability with a member of the Sourcing team. If you are successful in securing this role, please note that for the entire duration of this contract, regardless of extension you will be working this role at the equivalent PAYE rate that has been advertised. For absolute clarity, we only work on a PAYE basis. If you wish to understand PAYE vs Umbrella more, please let us know and we can send you some additional information. As an Equal Opportunities Employer, we provide the best talent and encourage all applications regardless of background, in line with our commitment to diversity, equality and inclusion.
28/06/2024
Project-based
Location: Glasgow - hybrid -3 days per week in the office We are seeking a highly skilled Senior Infrastructure Engineer to join an IT Services team. This 3rd line role involves investigating, performing root cause analysis, and resolving complex incidents and problems escalated from 1st and 2nd line support teams. The successful candidate will produce Knowledge Based Articles (KBAs) to document resolutions to common issues and make recommendations to prevent future incidents. The role includes deploying and supporting infrastructure components for End User Device Platforms and administering Microsoft Endpoint Manager (Intune), including Autopilot deployment, device enrolment, application deployment, and endpoint security policies. Key requirements: Microsoft Endpoint Manager (Intune) administration, including familiarity with Autopilot deployment and device enrolment, the ability to create and deploy applications, device configuration and endpoint security policies, operating system and application patching Windows and IOS end user device and operating system support The ability to support a Cloud based print solution Microsoft Entra ID administration and troubleshooting Administration, troubleshooting, and reporting on Cloud based Zero Trust Platform Desirable: Practical knowledge of Linux and Ansible Experience of SNMP and Agent based infrastructure monitoring End User device management and application delivery and life cycle management using System Center Configuration Manager (SCCM) Installation, support, monitoring, and maintenance of Microsoft Technologies such as Active Directory, Group Policy, Exchange, PowerShell, DNS, DHCP, Certificate Services, ADFS, Failover Clustering Installation, support, monitoring, and maintenance of Server Operating Systems (Windows and Linux) Installation, support, monitoring, and maintenance of virtualisation technologies Security Clearance: SC highly desirable; candidates with active SC clearance will be fast-tracked. If you consider yourself to have a disability or if you are a veteran, and you meet the essential criteria for the role, you will be put forward for the Guaranteed Interview' scheme whereby you will have the opportunity to discuss this role and your suitability with a member of the Sourcing team. If you are successful in securing this role, please note that for the entire duration of this contract, regardless of extension you will be working this role at the equivalent PAYE rate that has been advertised. For absolute clarity, we only work on a PAYE basis. If you wish to understand PAYE vs Umbrella more, please let us know and we can send you some additional information. As an Equal Opportunities Employer, we provide the best talent and encourage all applications regardless of background, in line with our commitment to diversity, equality and inclusion.
Role: Senior Infrastructure Engineer -SC Location : East Kilbride, Glasgow (Hybrid - 3 days/week on site) IR35: Inside Rate: £450/day (Umbrella) MAX Duration: 6 months initially Security Clearance: SC cleared & Uk nationality The IT Infrastructure Engineering teams are focused on ensuring that End Users are able to access and use the IT Services available to them in a structured and coherent manner. This is achieved through the efficient delivery of our Cloud native End User Platform and underpinning IT Infrastructure; providing seamless, measurable connectivity for our customers wherever they choose to operate from globally. Key responsibilities The Senior Infrastructure Engineer is a role within the IT Infrastructure Engineering team of IDD, reporting into the Lead Infrastructure Engineer. It is a 3rd line role responsible for the investigation, root cause analysis and resolution of incidents and problems that are escalated from 1st and 2nd line support teams. The successful candidate will be expected to produce Knowledge Based Articles (KBAs) to share resolutions to common issues and make recommendations on how to prevent future incidents. The 3rd line team is also responsible for the deployment and support of infrastructure components that underpin the End User Device Platforms. Essential skills and knowledge Microsoft Endpoint Manager (Intune) administration, including familiarity with Autopilot deployment and device enrolment, the ability to create and deploy applications, device configuration and endpoint security policies, operating system and application patching Windows and IOS end user device and operating system support The ability to support a Cloud based print solution Microsoft Entra ID administration and troubleshooting Administration, troubleshooting, and reporting on Cloud based Zero Trust Platform A collaborative approach to working both within the Infrastructure Engineering teams and with other DDaT functions as required Desirable skills and knowledge Practical knowledge of Linux and Ansible Experience of SNMP and Agent based infrastructure monitoring End User device management and application delivery and life cycle management using System Center Configuration Manager (SCCM) Installation, support, monitoring, and maintenance of Microsoft Technologies such as Active Directory, Group Policy, Exchange, PowerShell, DNS, DHCP, Certificate Services, ADFS, Failover Clustering Installation, support, monitoring, and maintenance of Server Operating Systems (Windows and Linux) Installation, support, monitoring, and maintenance of virtualisation technologies About You We are looking for someone with strong technical skills and experience in 3rd line support functions to support the maintenance of live service, who can demonstrate the skills outlined in the Senior Infrastructure Engineer role-level, in particular: Troubleshooting and problem resolution (relevant skill level: practitioner) Modern standards approach (relevant skill level: practitioner) IT Infrastructure (relevant skill level: practitioner) Information security (relevant skill level: working) Security Clearance: SC Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know. To apply for this role please submit your latest CV or contact Aspect Resources.
28/06/2024
Project-based
Role: Senior Infrastructure Engineer -SC Location : East Kilbride, Glasgow (Hybrid - 3 days/week on site) IR35: Inside Rate: £450/day (Umbrella) MAX Duration: 6 months initially Security Clearance: SC cleared & Uk nationality The IT Infrastructure Engineering teams are focused on ensuring that End Users are able to access and use the IT Services available to them in a structured and coherent manner. This is achieved through the efficient delivery of our Cloud native End User Platform and underpinning IT Infrastructure; providing seamless, measurable connectivity for our customers wherever they choose to operate from globally. Key responsibilities The Senior Infrastructure Engineer is a role within the IT Infrastructure Engineering team of IDD, reporting into the Lead Infrastructure Engineer. It is a 3rd line role responsible for the investigation, root cause analysis and resolution of incidents and problems that are escalated from 1st and 2nd line support teams. The successful candidate will be expected to produce Knowledge Based Articles (KBAs) to share resolutions to common issues and make recommendations on how to prevent future incidents. The 3rd line team is also responsible for the deployment and support of infrastructure components that underpin the End User Device Platforms. Essential skills and knowledge Microsoft Endpoint Manager (Intune) administration, including familiarity with Autopilot deployment and device enrolment, the ability to create and deploy applications, device configuration and endpoint security policies, operating system and application patching Windows and IOS end user device and operating system support The ability to support a Cloud based print solution Microsoft Entra ID administration and troubleshooting Administration, troubleshooting, and reporting on Cloud based Zero Trust Platform A collaborative approach to working both within the Infrastructure Engineering teams and with other DDaT functions as required Desirable skills and knowledge Practical knowledge of Linux and Ansible Experience of SNMP and Agent based infrastructure monitoring End User device management and application delivery and life cycle management using System Center Configuration Manager (SCCM) Installation, support, monitoring, and maintenance of Microsoft Technologies such as Active Directory, Group Policy, Exchange, PowerShell, DNS, DHCP, Certificate Services, ADFS, Failover Clustering Installation, support, monitoring, and maintenance of Server Operating Systems (Windows and Linux) Installation, support, monitoring, and maintenance of virtualisation technologies About You We are looking for someone with strong technical skills and experience in 3rd line support functions to support the maintenance of live service, who can demonstrate the skills outlined in the Senior Infrastructure Engineer role-level, in particular: Troubleshooting and problem resolution (relevant skill level: practitioner) Modern standards approach (relevant skill level: practitioner) IT Infrastructure (relevant skill level: practitioner) Information security (relevant skill level: working) Security Clearance: SC Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know. To apply for this role please submit your latest CV or contact Aspect Resources.
As an IT Service Manager, you are responsible for ensuring a high-quality service is achieved for the end-to-end technology solution, support services and user experience of the Case Management Tool (CMT) and associated services. This is a highly visible role supporting the department to achieve AME savings over the next 3 years. You will be required to undertake key activities associated with Service Management such as: Proactive role within the wider Fraud & Error Live Support team, using recognised Service Management processes, procedures and policies to resolve incidents, problems & issues and escalating where appropriate to relevant IT service functions focussing on supporting our external resource partners. Providing high quality support for all end users, understanding and trying to resolve user issues and queries, managing end user communication and expectations Meeting or exceeding agreed SLAs and OLAs for Incident, Problem and Change Management Liaising effectively and courteously with colleagues and stakeholders via various channels (eg phone, email, Teams) To work occasional evenings and weekends as required. Technical Skills required Continual Service Improvement Understanding of Service Management Framework Knowledge and Experience required: Previous experience of a Service Management framework such as ITIL ITIL V4 Foundation certification Previous experience of working within Public Sector If you feel you have the skills and experience needed for this role; please do apply now.
28/06/2024
Project-based
As an IT Service Manager, you are responsible for ensuring a high-quality service is achieved for the end-to-end technology solution, support services and user experience of the Case Management Tool (CMT) and associated services. This is a highly visible role supporting the department to achieve AME savings over the next 3 years. You will be required to undertake key activities associated with Service Management such as: Proactive role within the wider Fraud & Error Live Support team, using recognised Service Management processes, procedures and policies to resolve incidents, problems & issues and escalating where appropriate to relevant IT service functions focussing on supporting our external resource partners. Providing high quality support for all end users, understanding and trying to resolve user issues and queries, managing end user communication and expectations Meeting or exceeding agreed SLAs and OLAs for Incident, Problem and Change Management Liaising effectively and courteously with colleagues and stakeholders via various channels (eg phone, email, Teams) To work occasional evenings and weekends as required. Technical Skills required Continual Service Improvement Understanding of Service Management Framework Knowledge and Experience required: Previous experience of a Service Management framework such as ITIL ITIL V4 Foundation certification Previous experience of working within Public Sector If you feel you have the skills and experience needed for this role; please do apply now.
As Senior Infrastructure Engineer, you will work within the IT Infrastructure Engineering team; reporting into the Lead Infrastructure Engineer. This is a 3rd line role responsible for the investigation, root cause analysis and resolution of incidents and problems that are escalated from 1st and 2nd line support teams. You will be expected to produce Knowledge Based Articles (KBAs) to share resolutions to common issues and make recommendations on how to prevent future incidents. The 3rd line team is also responsible for the deployment and support of infrastructure components that underpin the End User Device Platforms. Essential skills and knowledge Microsoft Endpoint Manager (Intune) administration, including familiarity with Autopilot deployment and device enrolment, the ability to create and deploy applications, device configuration and endpoint security policies, operating system and application patching Windows and IOS end user device and operating system support The ability to support a Cloud based print solution Microsoft Entra ID administration and troubleshooting Administration, troubleshooting, and reporting on Cloud based Zero Trust Platform A collaborative approach to working both within the Infrastructure Engineering teams and with other DDaT functions as required Desirable skills and knowledge Practical knowledge of Linux and Ansible Experience of SNMP and Agent based infrastructure monitoring End User device management and application delivery and life cycle management using System Center Configuration Manager (SCCM) Installation, support, monitoring, and maintenance of Microsoft Technologies such as Active Directory, Group Policy, Exchange, PowerShell, DNS, DHCP, Certificate Services, ADFS, Failover Clustering Installation, support, monitoring, and maintenance of Server Operating Systems (Windows and Linux) Installation, support, monitoring, and maintenance of virtualisation technologies If you feel you have the skills and experience needed for this role; please do apply now.
28/06/2024
Project-based
As Senior Infrastructure Engineer, you will work within the IT Infrastructure Engineering team; reporting into the Lead Infrastructure Engineer. This is a 3rd line role responsible for the investigation, root cause analysis and resolution of incidents and problems that are escalated from 1st and 2nd line support teams. You will be expected to produce Knowledge Based Articles (KBAs) to share resolutions to common issues and make recommendations on how to prevent future incidents. The 3rd line team is also responsible for the deployment and support of infrastructure components that underpin the End User Device Platforms. Essential skills and knowledge Microsoft Endpoint Manager (Intune) administration, including familiarity with Autopilot deployment and device enrolment, the ability to create and deploy applications, device configuration and endpoint security policies, operating system and application patching Windows and IOS end user device and operating system support The ability to support a Cloud based print solution Microsoft Entra ID administration and troubleshooting Administration, troubleshooting, and reporting on Cloud based Zero Trust Platform A collaborative approach to working both within the Infrastructure Engineering teams and with other DDaT functions as required Desirable skills and knowledge Practical knowledge of Linux and Ansible Experience of SNMP and Agent based infrastructure monitoring End User device management and application delivery and life cycle management using System Center Configuration Manager (SCCM) Installation, support, monitoring, and maintenance of Microsoft Technologies such as Active Directory, Group Policy, Exchange, PowerShell, DNS, DHCP, Certificate Services, ADFS, Failover Clustering Installation, support, monitoring, and maintenance of Server Operating Systems (Windows and Linux) Installation, support, monitoring, and maintenance of virtualisation technologies If you feel you have the skills and experience needed for this role; please do apply now.
IT Technician (Full-time onsite Monday - Friday) Rural Office location Wiltshire. Own transport needed. The site is commutable from Devizes, Basingstoke, Andover, Bath, Amesbury, Swindon, Trowbridge, Chippenham, Marlborough. Primary duties Working in a Security Cleared Environment Supporting and maintaining IT services and providing support to users via the IT Service Desk Handle and manage incoming calls to the IT Service Desk and log within the Service Management tool. Ensuring all IT Incidents and Service Requests are resolved in a fast and efficient manner and recorded to the appropriate level Troubleshooting and fault diagnosis whilst ensuring data integrity is maintained Developing and following procedures for the provision of IT services, within the remit of the IT Desk, in conjunction with the IT Service Desk Team Leader and IT Service Manager Providing support and guidance to other department members, providing on-site support in regions as required, and coordinating and liaising with other IT Systems Technicians Ensuring Security Operating Procedures and other IT directives are carried out by users Technical Knowledge Needed Comprehensive knowledge of Microsoft operating systems and applications, especially Microsoft Office 2016+ and Windows 10 Comprehensive knowledge and experience of helpdesks and helpdesk software Comprehensive knowledge and experience of supporting distributed office environments Comprehensive knowledge and experience of desktop installation/imaging technologies Comprehensive knowledge and experience of Anti-virus software Knowledge of software licensing, in particular Microsoft Volume Licensing (Desirable) Knowledge of communication technologies including remote access (Dial-up/ADSL), leased lines, and domain names ITIL V3 Foundation. Ideal Experience and Attributes Proven, effective experience in an IT support role Ability to provide effective and efficient diagnosis and logging of IT Incidents and Service Requests (including over the telephone) Ability to effectively support desktop PCs (including PC hardware), peripherals, desktop/Office applications and server/Back Office applications Experience of working with ITIL processes Effective written and oral communication skills. Customer service orientation Results oriented Proactive, Flexible and Positive approach to work Respond effectively to conflicting work demands Ability to establish, maintain and develop effective working relationships. Must haves: Full valid UK driving licence Candidates must meet the UK residency requirements (min 5 years) to undergo MOD SC Clearance
28/06/2024
Full time
IT Technician (Full-time onsite Monday - Friday) Rural Office location Wiltshire. Own transport needed. The site is commutable from Devizes, Basingstoke, Andover, Bath, Amesbury, Swindon, Trowbridge, Chippenham, Marlborough. Primary duties Working in a Security Cleared Environment Supporting and maintaining IT services and providing support to users via the IT Service Desk Handle and manage incoming calls to the IT Service Desk and log within the Service Management tool. Ensuring all IT Incidents and Service Requests are resolved in a fast and efficient manner and recorded to the appropriate level Troubleshooting and fault diagnosis whilst ensuring data integrity is maintained Developing and following procedures for the provision of IT services, within the remit of the IT Desk, in conjunction with the IT Service Desk Team Leader and IT Service Manager Providing support and guidance to other department members, providing on-site support in regions as required, and coordinating and liaising with other IT Systems Technicians Ensuring Security Operating Procedures and other IT directives are carried out by users Technical Knowledge Needed Comprehensive knowledge of Microsoft operating systems and applications, especially Microsoft Office 2016+ and Windows 10 Comprehensive knowledge and experience of helpdesks and helpdesk software Comprehensive knowledge and experience of supporting distributed office environments Comprehensive knowledge and experience of desktop installation/imaging technologies Comprehensive knowledge and experience of Anti-virus software Knowledge of software licensing, in particular Microsoft Volume Licensing (Desirable) Knowledge of communication technologies including remote access (Dial-up/ADSL), leased lines, and domain names ITIL V3 Foundation. Ideal Experience and Attributes Proven, effective experience in an IT support role Ability to provide effective and efficient diagnosis and logging of IT Incidents and Service Requests (including over the telephone) Ability to effectively support desktop PCs (including PC hardware), peripherals, desktop/Office applications and server/Back Office applications Experience of working with ITIL processes Effective written and oral communication skills. Customer service orientation Results oriented Proactive, Flexible and Positive approach to work Respond effectively to conflicting work demands Ability to establish, maintain and develop effective working relationships. Must haves: Full valid UK driving licence Candidates must meet the UK residency requirements (min 5 years) to undergo MOD SC Clearance
*We are unable to sponsor as this is a permanent Full time role* *Hybrid 3 days onsite 2 days remote* A prestigious company is looking for an IT Security GRC Specialist. This specialist will be the SME for information security GRC and will perform key risk management functions within the security governance department. They will do 3rd party vendor risk management and internal risk management. Experience with frameworks ISO 27001, NIST, SOC, SIG is required. Responsibilities: Management of process improvement, control maturity, and communication of risk throughout assigned GRC service activities. Level II responsibilities include incorporating ISO 27001 principles for continuous improvement throughout all services and support activities. Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. This service also provides contract review for security requirements. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Exception management, processing and tracking requests for exception to security controls. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Ensures security awareness training is aligned, defined, and executed. Evaluation of cyber training/education courses and methods based on instructional needs. Administration of the GRC technology platforms. Qualifications Bachelor's degree or five (5) years of work experience in IT Security is required. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required. Technical writing experience is required. Experience with instructional content educational writing strongly preferred. Strong knowledge of risk management principles and practices are required. Strong knowledge of security administration and role-based security controls are required. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Interview, gather, and understand content from subject-matter experts. Maintain accurate records and manage client security and risk requests. Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm's security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline, and procedure documents. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
27/06/2024
Full time
*We are unable to sponsor as this is a permanent Full time role* *Hybrid 3 days onsite 2 days remote* A prestigious company is looking for an IT Security GRC Specialist. This specialist will be the SME for information security GRC and will perform key risk management functions within the security governance department. They will do 3rd party vendor risk management and internal risk management. Experience with frameworks ISO 27001, NIST, SOC, SIG is required. Responsibilities: Management of process improvement, control maturity, and communication of risk throughout assigned GRC service activities. Level II responsibilities include incorporating ISO 27001 principles for continuous improvement throughout all services and support activities. Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. This service also provides contract review for security requirements. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Exception management, processing and tracking requests for exception to security controls. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Ensures security awareness training is aligned, defined, and executed. Evaluation of cyber training/education courses and methods based on instructional needs. Administration of the GRC technology platforms. Qualifications Bachelor's degree or five (5) years of work experience in IT Security is required. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required. Technical writing experience is required. Experience with instructional content educational writing strongly preferred. Strong knowledge of risk management principles and practices are required. Strong knowledge of security administration and role-based security controls are required. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Interview, gather, and understand content from subject-matter experts. Maintain accurate records and manage client security and risk requests. Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm's security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline, and procedure documents. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
*We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Oracle Applications DBA Tech Lead/Manager. This is a hands-on tech lead/manager. They will focus on all Oracle ERP applications and will focus heavily on Oracle EBS (11i/R12). This company is looking for someone with heavy Oracle Fusion Cloud experience. Responsibilities: You will support the following levels: Physical - you will be responsible for the physical and technical oriented aspects eg, storage, security, networking and more; Application - you will handle all application-related issues (eg, queries, users, Embedded SQL's etc.) You will ensure database resources are sized properly and a design strategy is developed to make sure that the database is maintained at a healthy size. You will ensure availability and performance of multi database and application environments with very large volumes and sizes. Responsible to manage Oracle Cloud OCI platform and maintain the ongoing integrations and configurations to keep the Cloud platform in a healthy condition. You will manage or perform routine DBA tasks like database maintenance, backups, recovery, table space management, upgrades, etc. You will execute periodic health checks for databases and recommend changes that should be executed in the production environment to ensure optimal performance. You will interact and work with multiple infrastructure, Security and IT teams as part of environment setup, maintenance and support. This is an important function of this role. Plans and responds to service outages including backup and restore. Monitors system performance diagnosing software and hardware failures to resolution Provides patch management and distribution capabilities to prevent new threats with minimized physical infrastructure impacts. Creates and tests data backups. Provides data cleansing services, verifies data integrity, and implements access controls. Performs database configuration, monitoring, and tuning. Routine maintenance including problem defect analysis and resolution, space, storage, object management, physical database layout, rollback segment management, and temporary space management. Supports logs and alerts, access rights and roles, database instance version control. New IDs, roles, authorizations, audits, locked/unlocked status, revocation. Performs memory usage monitoring, database parameter configuration, database resources, I/O distribution. Ensures system health, maintenance, technical security, recovery, and basic application technical tuning. Maintains Oracle Quarterly Releases and patch management schedules. Supports Systems Development, Migration, and Integration efforts as needed. Significant contributor to work plans for security analysis and recommendations Qualifications: Bachelor's Degree Computer Science or similar required 10+ years Oracle EBS (11i/R12) Minimum five (5) years in ERP Cloud platform 20+ years of experience as Oracle ERP APPS DBA Must have executed a minimum of two Upgrade cycles in the past. Will be responsible for Cutover Downtime reduction thru process improvements in each Upgrade iteration, Must have experience in EBS Application architecture, Concurrent managers, Workflow, layout of application on infrastructure, etc. Must have excellent knowledge in cloning, patching, backup recovery of ERP application including knowledge of ODI, FAW/ADW, Performance tuning, SQL profiling Must have hands on experience of RMAN, Backup Management and different Recovery techniques. Design and Implement disaster recovery plans. Support Oracle Cloud and EBS developers for custom coding, code migration, workflow and concurrent requests Knowledge of system administration functionality within Oracle Cloud ERP, Unix Shell Scripting skills on Oracle ODA's and OVM's Ability to manage and supervise DBA staff in the team. Responsible for providing day-to-day status and maintenance for Oracle EBS and ERP Cloud. Work with multiple application teams and developers.
27/06/2024
Full time
*We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Oracle Applications DBA Tech Lead/Manager. This is a hands-on tech lead/manager. They will focus on all Oracle ERP applications and will focus heavily on Oracle EBS (11i/R12). This company is looking for someone with heavy Oracle Fusion Cloud experience. Responsibilities: You will support the following levels: Physical - you will be responsible for the physical and technical oriented aspects eg, storage, security, networking and more; Application - you will handle all application-related issues (eg, queries, users, Embedded SQL's etc.) You will ensure database resources are sized properly and a design strategy is developed to make sure that the database is maintained at a healthy size. You will ensure availability and performance of multi database and application environments with very large volumes and sizes. Responsible to manage Oracle Cloud OCI platform and maintain the ongoing integrations and configurations to keep the Cloud platform in a healthy condition. You will manage or perform routine DBA tasks like database maintenance, backups, recovery, table space management, upgrades, etc. You will execute periodic health checks for databases and recommend changes that should be executed in the production environment to ensure optimal performance. You will interact and work with multiple infrastructure, Security and IT teams as part of environment setup, maintenance and support. This is an important function of this role. Plans and responds to service outages including backup and restore. Monitors system performance diagnosing software and hardware failures to resolution Provides patch management and distribution capabilities to prevent new threats with minimized physical infrastructure impacts. Creates and tests data backups. Provides data cleansing services, verifies data integrity, and implements access controls. Performs database configuration, monitoring, and tuning. Routine maintenance including problem defect analysis and resolution, space, storage, object management, physical database layout, rollback segment management, and temporary space management. Supports logs and alerts, access rights and roles, database instance version control. New IDs, roles, authorizations, audits, locked/unlocked status, revocation. Performs memory usage monitoring, database parameter configuration, database resources, I/O distribution. Ensures system health, maintenance, technical security, recovery, and basic application technical tuning. Maintains Oracle Quarterly Releases and patch management schedules. Supports Systems Development, Migration, and Integration efforts as needed. Significant contributor to work plans for security analysis and recommendations Qualifications: Bachelor's Degree Computer Science or similar required 10+ years Oracle EBS (11i/R12) Minimum five (5) years in ERP Cloud platform 20+ years of experience as Oracle ERP APPS DBA Must have executed a minimum of two Upgrade cycles in the past. Will be responsible for Cutover Downtime reduction thru process improvements in each Upgrade iteration, Must have experience in EBS Application architecture, Concurrent managers, Workflow, layout of application on infrastructure, etc. Must have excellent knowledge in cloning, patching, backup recovery of ERP application including knowledge of ODI, FAW/ADW, Performance tuning, SQL profiling Must have hands on experience of RMAN, Backup Management and different Recovery techniques. Design and Implement disaster recovery plans. Support Oracle Cloud and EBS developers for custom coding, code migration, workflow and concurrent requests Knowledge of system administration functionality within Oracle Cloud ERP, Unix Shell Scripting skills on Oracle ODA's and OVM's Ability to manage and supervise DBA staff in the team. Responsible for providing day-to-day status and maintenance for Oracle EBS and ERP Cloud. Work with multiple application teams and developers.
Dynamics 365 CE Support Developer (SC cleared/clearable) Permanent Hybrid - 2 days per month on-site in Birmingham What you'll be doing: Our requirement is for a Dynamics 365 Support Developer (particularly in Sales, Customer Service and Marketing) to join our team, assisting with the delivery of support services to existing clients. You will be part of our Service Operations Applications Support development team, supporting our service desk in resolving incidents which get escalated and working on change requests/problem tickets from new and existing clients across a range of industries. * Provide exceptional standards of support to all customers and support a variety of products, services and platforms. * Effective day-to-day management and resolution of incidents raised by customers, under Service Level Agreements, documented processes and procedures; and provision of technical expertise on assigned project/support activity. * Working on processing change requests for existing clients and looking for opportunities to improve solutions where appropriate. * Provide Support via telephone, e-mail and webchat. * Liaise with the Resolver Groups/Teams to ensure issues are resolved. * Implement workarounds to resolve incidents at source. * Develop and maintain knowledge and skills, ensuring you keep up-to-date with new processes and procedures * Plan and priorities work to ensure that deadlines and targets are met. * Contribute to the knowledge base. * Own and champion nominated processes and procedure. What are the measures of success in this role? * High customer satisfaction results. * The ability to quickly and effectively resolve issues related to Dynamics 365 is crucial. * Continuous improvement in technical skills and knowledge * The ability to create clear and comprehensive documentation for issue resolutions and troubleshooting procedures. * Team Collaboration * Being Proactive and having the ability to anticipate and prevent potential issues before they impact clients. * Annual objectives - set personal goals to achieve annually. What experience you'll bring: You will need strong experience with the following: * Microsoft Dynamics 365 * C# Plugins * Javascript * Power Apps Portal * Azure Functions * Power Apps * Power Automate * Experience working with Microsoft Azure components. In addition, you'll require: A strong attention to detail and excellent troubleshooting/problem solving skills. The ability to work independently and as part of a development or service desk team. Demonstrated ability to develop business relationships and communicate effectively with customers. Solid troubleshooting skills. Excellent communication skills. Extensive understanding of Microsoft D365 CE, C#, JavaScript, Microsoft Power Automate, and Microsoft Power Platform. Current active UK SC security clearance or eligibility to obtain Standard benefits are: Private medical insurance or health cash plan Life assurance Income protection 25 days holiday Holiday trading Generous pension scheme Benefits you can add include: Discounted gym membership Dental insurance Cycle to work scheme Travel insurance Please contact me directly. Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
27/06/2024
Full time
Dynamics 365 CE Support Developer (SC cleared/clearable) Permanent Hybrid - 2 days per month on-site in Birmingham What you'll be doing: Our requirement is for a Dynamics 365 Support Developer (particularly in Sales, Customer Service and Marketing) to join our team, assisting with the delivery of support services to existing clients. You will be part of our Service Operations Applications Support development team, supporting our service desk in resolving incidents which get escalated and working on change requests/problem tickets from new and existing clients across a range of industries. * Provide exceptional standards of support to all customers and support a variety of products, services and platforms. * Effective day-to-day management and resolution of incidents raised by customers, under Service Level Agreements, documented processes and procedures; and provision of technical expertise on assigned project/support activity. * Working on processing change requests for existing clients and looking for opportunities to improve solutions where appropriate. * Provide Support via telephone, e-mail and webchat. * Liaise with the Resolver Groups/Teams to ensure issues are resolved. * Implement workarounds to resolve incidents at source. * Develop and maintain knowledge and skills, ensuring you keep up-to-date with new processes and procedures * Plan and priorities work to ensure that deadlines and targets are met. * Contribute to the knowledge base. * Own and champion nominated processes and procedure. What are the measures of success in this role? * High customer satisfaction results. * The ability to quickly and effectively resolve issues related to Dynamics 365 is crucial. * Continuous improvement in technical skills and knowledge * The ability to create clear and comprehensive documentation for issue resolutions and troubleshooting procedures. * Team Collaboration * Being Proactive and having the ability to anticipate and prevent potential issues before they impact clients. * Annual objectives - set personal goals to achieve annually. What experience you'll bring: You will need strong experience with the following: * Microsoft Dynamics 365 * C# Plugins * Javascript * Power Apps Portal * Azure Functions * Power Apps * Power Automate * Experience working with Microsoft Azure components. In addition, you'll require: A strong attention to detail and excellent troubleshooting/problem solving skills. The ability to work independently and as part of a development or service desk team. Demonstrated ability to develop business relationships and communicate effectively with customers. Solid troubleshooting skills. Excellent communication skills. Extensive understanding of Microsoft D365 CE, C#, JavaScript, Microsoft Power Automate, and Microsoft Power Platform. Current active UK SC security clearance or eligibility to obtain Standard benefits are: Private medical insurance or health cash plan Life assurance Income protection 25 days holiday Holiday trading Generous pension scheme Benefits you can add include: Discounted gym membership Dental insurance Cycle to work scheme Travel insurance Please contact me directly. Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
Eames Consulting Group Ltd
Swansea, West Glamorgan
Role Overview: Join the IT Governance team to support the development and maturity of the Information Security function. The role focuses on identifying, mitigating, monitoring, and reporting operational resilience risks within the Technology Services department. Key Responsibilities: Operational Resilience: Manage tasks, emails, and calendars for operational resilience and business continuity activities. Support the embedding of the Operational Resilience Project into business operations. Maintain the Operational Resilience Management System (ORMS). Handle reviews, self-assessments, regulatory reports, and key artefacts. Lead and support operating model processes and impact tolerance reviews. Identify documentation gaps and suggest improvements. Facilitate annual tests of substitute processes. Track and report impact tolerance failures monthly. Assist in providing regulatory evidence. Support annual third-party reviews and management information production. Develop E-learning content. Ensure adherence to internal controls with business/controls owners. Business Continuity: Manage the Business Continuity Management System (BCMS) for daily operations. Facilitate annual reviews of Business Continuity plans and Business Impact Assessments. Update BCMS framework documentation. Conduct annual training for senior managers. Organize annual scenario workshops. Develop E-learning content. Facilitate annual tests of Business Continuity plans. Support management information reporting. Qualifications, Skills, and Experience: Experience in financial services, preferably the insurance industry. Qualification in Business Continuity. Proficient in MS Visio and other MS Office packages. Experience in business continuity and operational resilience roles. Eames Consulting is acting as an Employment Agency in relation to this vacancy.
27/06/2024
Full time
Role Overview: Join the IT Governance team to support the development and maturity of the Information Security function. The role focuses on identifying, mitigating, monitoring, and reporting operational resilience risks within the Technology Services department. Key Responsibilities: Operational Resilience: Manage tasks, emails, and calendars for operational resilience and business continuity activities. Support the embedding of the Operational Resilience Project into business operations. Maintain the Operational Resilience Management System (ORMS). Handle reviews, self-assessments, regulatory reports, and key artefacts. Lead and support operating model processes and impact tolerance reviews. Identify documentation gaps and suggest improvements. Facilitate annual tests of substitute processes. Track and report impact tolerance failures monthly. Assist in providing regulatory evidence. Support annual third-party reviews and management information production. Develop E-learning content. Ensure adherence to internal controls with business/controls owners. Business Continuity: Manage the Business Continuity Management System (BCMS) for daily operations. Facilitate annual reviews of Business Continuity plans and Business Impact Assessments. Update BCMS framework documentation. Conduct annual training for senior managers. Organize annual scenario workshops. Develop E-learning content. Facilitate annual tests of Business Continuity plans. Support management information reporting. Qualifications, Skills, and Experience: Experience in financial services, preferably the insurance industry. Qualification in Business Continuity. Proficient in MS Visio and other MS Office packages. Experience in business continuity and operational resilience roles. Eames Consulting is acting as an Employment Agency in relation to this vacancy.
Azure Cloud Operations Engineer Any UK office/Hybrid working options £50,000 - 60,000 + benefits AZURE SAAS, Single Sign on, O365 Leading professional services company are actively recruiting for an experienced Azure Cloud Operations Engineer to support the IT Operations team managing the UK Cloud estate primarily focused on Azure cloud Delivery. This will involve ensuring it is operated in line with best practice industry standards, that key performance metrics are captured and reported, and the IT environment is optimised. This Includes Compliance and Lifecycle management, that technology remains updated in line with vendor support and that good practice is adhered in areas including Compliance, Version Control, Capacity Management, Data Cleansing, Archiving, Backup, Recovery, DR, and Business Continuity Responsibilities for the position of Azure Cloud Operations Engineer The post holder must be experienced in driving improvement, identifying and owning change with a track record in a high-level of operational delivery. The current technology stack is completely cloud, primarily Azure, but also uses a variety of other Dependent solutions. The candidate will be experienced in a broad variety of technology areas including Cloud, Digital and Virtual Delivery with experience across Core Network and Network Security solutions and able to demonstrate a focus in Service Management best practice. They will have demonstrate experience and a track record of delivering a highly professional standard technology solutions at a significant organisation (>1,000 seats), with exposure to transformation in Professional or Managed Services preferred. They will also engage and technically support in driving drive performance in third parties and will have a solid understanding of commercials and licensing agreements to ensure value for money in the function. Essential skills for the position of Azure Cloud Operations Engineer Experience in managing, supporting, and maintaining enterprise solutions with a good appreciation of Native Cloud design & delivery. The manager is particularly keen to see candidates with skills in AZURE SAAS, Single Sign on, O365 with a wintel/infrastructure engineering background. Excellent troubleshooting, problem solving & delivery skills coupled with a good understanding of ITIL support processes. Experience in implementing, customising, and supporting third party systems including managing suppliers to delivery. Awareness of structured project management methods (SDLC, Prince, Agile, etc) Experience in supporting a combination Cloud (Azure) and SaaS based solutions.
27/06/2024
Full time
Azure Cloud Operations Engineer Any UK office/Hybrid working options £50,000 - 60,000 + benefits AZURE SAAS, Single Sign on, O365 Leading professional services company are actively recruiting for an experienced Azure Cloud Operations Engineer to support the IT Operations team managing the UK Cloud estate primarily focused on Azure cloud Delivery. This will involve ensuring it is operated in line with best practice industry standards, that key performance metrics are captured and reported, and the IT environment is optimised. This Includes Compliance and Lifecycle management, that technology remains updated in line with vendor support and that good practice is adhered in areas including Compliance, Version Control, Capacity Management, Data Cleansing, Archiving, Backup, Recovery, DR, and Business Continuity Responsibilities for the position of Azure Cloud Operations Engineer The post holder must be experienced in driving improvement, identifying and owning change with a track record in a high-level of operational delivery. The current technology stack is completely cloud, primarily Azure, but also uses a variety of other Dependent solutions. The candidate will be experienced in a broad variety of technology areas including Cloud, Digital and Virtual Delivery with experience across Core Network and Network Security solutions and able to demonstrate a focus in Service Management best practice. They will have demonstrate experience and a track record of delivering a highly professional standard technology solutions at a significant organisation (>1,000 seats), with exposure to transformation in Professional or Managed Services preferred. They will also engage and technically support in driving drive performance in third parties and will have a solid understanding of commercials and licensing agreements to ensure value for money in the function. Essential skills for the position of Azure Cloud Operations Engineer Experience in managing, supporting, and maintaining enterprise solutions with a good appreciation of Native Cloud design & delivery. The manager is particularly keen to see candidates with skills in AZURE SAAS, Single Sign on, O365 with a wintel/infrastructure engineering background. Excellent troubleshooting, problem solving & delivery skills coupled with a good understanding of ITIL support processes. Experience in implementing, customising, and supporting third party systems including managing suppliers to delivery. Awareness of structured project management methods (SDLC, Prince, Agile, etc) Experience in supporting a combination Cloud (Azure) and SaaS based solutions.
Gleeson Recruitment Group have just been briefed on a fantastic opportunity for an experienced Systems Engineer to join a leading Nottingham based business. Reporting to the IT Infrastructure & Security Manager, the Systems Engineer is part of the IT infrastructure team. They support and maintain the businesses Network and Server Infrastructure, ensuring maximum uptime, availability and adherence to IT Policies and Processes. IT infrastructure support across all locations, including Stores, Head Office, Tech Centre and Virtual workloads. Coverage includes core business operational hours and out-of-hours 24x7 on-call service for priority issues. Providing proactive support and maintenance, system monitoring, backups and capacity planning for on-premises, hosted and cloud environments for 1500+ Servers and 1700+ Network devices. Responding to incidents logged directly or escalated from 2nd line support teams, the Systems Engineers are the network and IT infrastructure custodians, including the management of Operating Systems, physical and virtual Servers, hosting, and system security. The engineer works across support and project-based activities, providing remote and onsite capability as required. The role requires a close working relationship with the global IT teams. Key Responsibilities: Provide 2nd and 3rd Line support as defined by the Information Technology Infrastructure Library (ITIL) 2nd Level Support takes over incidents that cannot be solved immediately with the means of 1st Level Support. If necessary, it will request external support, eg, from software or hardware manufacturers. The aim is to restore a failed IT Service as quickly as possible. If no solution can be found, the 2nd Level Support passes on the Incident or Problem Management Team. Provide 3rd-line support, as defined by the Information Technology Infrastructure Library (ITIL), for internal systems where no external vendor support is available or is not required for the nature of the incident. Ensure system monitoring alerts are responded to per the KPIs defined by the Operational or Service Level agreements. Provide 3rd-line support for all the business's physical and virtual IT assets. Liaising with Application Owners and business functions, including; Dell and HP Server Hardware Microsoft and Linux Operating environment VMware Virtual server environment Data stores and backup devices (NetApp/Comvault) Cloud and Hosted Infrastructure Microsoft 365 Applications and SSO Information Security Systems Security Appliances Cisco and Meraki Networking Data Centre Facilities management Change Management Accurate Documentation As defined by ITIL escalation procedures for 3rd Line support services to Desktop Analysts and Store Support Teams, be an escalation point. Liaise with third-party vendors concerning application/software support and hardware maintenance. Daily tasks and duties, as defined in the ISMS policies and procedures, including but not limited to: Successful data retention and back policies System monitoring Endpoint security management and reporting Key Skills Linux/Unix Operating Systems (RedHat, SUSE and Oracle) Installation and low level configuration Server Administration Management of Printer Queues Scripting/CRON/Batch Jobs System Patching and Updates Application Installation Storage Management User account administration Security and Compliance Windows Server Operating Systems (Server 2008, 2012, 2016, 2019) Installation Administration PowerShell Scripting User account management System Updates and Housekeeping Security and Compliance Server administration tools DHCP and DNS configuration Active Directory User and Computer administration console to manage Objects, including Organisation Units, Computer Objects, User objects, User attributes Group Policy Administration Domain Health and Security diagnostics Automation and replication Enterprise Storeage Management (NETAPP), Snapshots, Replication, Recovery Datacentre Migrations and Service Transformation Configuration, OS Imaging & Deployment, Software deployment, patch management, reporting, Scripting, and problem resolution Software Packaging, Unattended Installs, Software Deployment Good understanding of the OSI model IP Networking, understanding of core protocols, IPv4 addressing and subnetting, IP routing protocols. Core Infrastructure services, DNS and DHCP, Network Policy Server, RADIUS, VPN Firewall Administration Management of server room facilities Highly Desirable Meraki SD-WAN Linux Serevr Administration Palo Alto Firewall Net-App SAN ON-TAP Oracle Server Comvault Backup Solutions VMware vCentre/ESXi At Gleeson Recruitment Group, we embrace inclusivity and welcome applicants of all backgrounds, experiences, and abilities. We are proud to be a disability confident employer. By applying you will be registered as a candidate with Gleeson Recruitment Limited. Our Privacy Policy is available on our website and explains how we will use your data.
27/06/2024
Full time
Gleeson Recruitment Group have just been briefed on a fantastic opportunity for an experienced Systems Engineer to join a leading Nottingham based business. Reporting to the IT Infrastructure & Security Manager, the Systems Engineer is part of the IT infrastructure team. They support and maintain the businesses Network and Server Infrastructure, ensuring maximum uptime, availability and adherence to IT Policies and Processes. IT infrastructure support across all locations, including Stores, Head Office, Tech Centre and Virtual workloads. Coverage includes core business operational hours and out-of-hours 24x7 on-call service for priority issues. Providing proactive support and maintenance, system monitoring, backups and capacity planning for on-premises, hosted and cloud environments for 1500+ Servers and 1700+ Network devices. Responding to incidents logged directly or escalated from 2nd line support teams, the Systems Engineers are the network and IT infrastructure custodians, including the management of Operating Systems, physical and virtual Servers, hosting, and system security. The engineer works across support and project-based activities, providing remote and onsite capability as required. The role requires a close working relationship with the global IT teams. Key Responsibilities: Provide 2nd and 3rd Line support as defined by the Information Technology Infrastructure Library (ITIL) 2nd Level Support takes over incidents that cannot be solved immediately with the means of 1st Level Support. If necessary, it will request external support, eg, from software or hardware manufacturers. The aim is to restore a failed IT Service as quickly as possible. If no solution can be found, the 2nd Level Support passes on the Incident or Problem Management Team. Provide 3rd-line support, as defined by the Information Technology Infrastructure Library (ITIL), for internal systems where no external vendor support is available or is not required for the nature of the incident. Ensure system monitoring alerts are responded to per the KPIs defined by the Operational or Service Level agreements. Provide 3rd-line support for all the business's physical and virtual IT assets. Liaising with Application Owners and business functions, including; Dell and HP Server Hardware Microsoft and Linux Operating environment VMware Virtual server environment Data stores and backup devices (NetApp/Comvault) Cloud and Hosted Infrastructure Microsoft 365 Applications and SSO Information Security Systems Security Appliances Cisco and Meraki Networking Data Centre Facilities management Change Management Accurate Documentation As defined by ITIL escalation procedures for 3rd Line support services to Desktop Analysts and Store Support Teams, be an escalation point. Liaise with third-party vendors concerning application/software support and hardware maintenance. Daily tasks and duties, as defined in the ISMS policies and procedures, including but not limited to: Successful data retention and back policies System monitoring Endpoint security management and reporting Key Skills Linux/Unix Operating Systems (RedHat, SUSE and Oracle) Installation and low level configuration Server Administration Management of Printer Queues Scripting/CRON/Batch Jobs System Patching and Updates Application Installation Storage Management User account administration Security and Compliance Windows Server Operating Systems (Server 2008, 2012, 2016, 2019) Installation Administration PowerShell Scripting User account management System Updates and Housekeeping Security and Compliance Server administration tools DHCP and DNS configuration Active Directory User and Computer administration console to manage Objects, including Organisation Units, Computer Objects, User objects, User attributes Group Policy Administration Domain Health and Security diagnostics Automation and replication Enterprise Storeage Management (NETAPP), Snapshots, Replication, Recovery Datacentre Migrations and Service Transformation Configuration, OS Imaging & Deployment, Software deployment, patch management, reporting, Scripting, and problem resolution Software Packaging, Unattended Installs, Software Deployment Good understanding of the OSI model IP Networking, understanding of core protocols, IPv4 addressing and subnetting, IP routing protocols. Core Infrastructure services, DNS and DHCP, Network Policy Server, RADIUS, VPN Firewall Administration Management of server room facilities Highly Desirable Meraki SD-WAN Linux Serevr Administration Palo Alto Firewall Net-App SAN ON-TAP Oracle Server Comvault Backup Solutions VMware vCentre/ESXi At Gleeson Recruitment Group, we embrace inclusivity and welcome applicants of all backgrounds, experiences, and abilities. We are proud to be a disability confident employer. By applying you will be registered as a candidate with Gleeson Recruitment Limited. Our Privacy Policy is available on our website and explains how we will use your data.
Venesky-Brown's client, a public sector organisation in Edinburgh, is currently looking to recruit a Technology Support Officer until the 6th September on a rate of £165.48/day (inside of IR35). Responsibilities: - Second-line point of local expert contact for IT support, including hardware, software, and learning technology, coordinating with the rest of the IT team and acting as a backup for other team members' specialities where needed. - Support academic and administrative staff members' individual use of SharePoint for Intranet, synchronised storage, or for collaborative working, providing expert advice, ensuring optimal use of the underlying technology and available opportunities, while maintaining a secure working environment. - Provide desktop support and specialist advice to the School's staff and research student communities. - Participate in the maintenance of all school IT hardware (desktop PCs, Mac and Windows laptops, iPads), operating systems and applications, using centrally provided managed desktops whenever possible. Ensure equipment is managed via School's IT hardware asset register. - Participate in major hardware, software, and related process changes by communicating with School staff regarding IS services and local upgrades/changes. - Represent the organisation on technical working groups and panels. Other duties as required by line manager or Management. - Plan own work activities to ensure effective service delivery, resolving conflicting timescales and priorities independently - Critically review and make suggestions for improvements to existing processes and procedures - Where appropriate, participate in liaison meetings with IS staff and other relevant technology experts - Liaise regularly with line manager to discuss progress, ongoing issues, and plan improvement of services and local practice - Assist in projecting and tracking of equipment expenditure, based on agreed replacement cycles and current market value of equipment - Ensure work is carried out and performed to required time and quality standards - Respond to urgent problems, crises and service disruptions with the appropriate level of priority relative to long term goals - Plan the introduction and installation of new systems, and managing the life cycle of existing systems - Responsible for planning and prioritising own work within agreed overall priorities - Investigate and analyse technical problems, explore and evaluate solutions using judgement and experience to select best response. - Provide guidance and discuss with staff to agree appropriate delivery platforms and methods for particular and novel learning technology requirements. Assist with issues of planning and data processing for staff and student support. - Determine whether to refer to others or resolve problems and issues independently based on experience and workload. -Use a professional and friendly 'bedside manner' to deal appropriately with inexpert, frustrated, or irate technology users. - Decide on the best mechanism for resolving technical problems using all the resources available. - Independently make day-to-day decisions associated with routine support tasks - Decide when to route support calls and report emerging issues directly to Information Services helpdesk - Manage staff expectations regarding appropriate use of technology and its capabilities - Balance ongoing support tasks against projects and other work - Deputise for line manager when necessary - Take decisions on good information governance with line manager Essential Skills: -A degree in a relevant subject, plus typically 2 years' relevant IT support experience in a mixed OS environment -or- - HNC/HND or equivalent level qualifications plus typically 3 years' relevant IT support experience in a mixed OS environment -or- -Typically 5 years' IT support experience in a mixed OS environment, demonstrating development through involvement in progressively more demanding work/roles - Experience of installing, maintaining, troubleshooting and testing computers (Windows and Mac) and associated peripherals. - Well-developed written and verbal communication skills, and the ability to communicate with a diverse audience, with a wide range of technical expertise. - Ability to identify, prioritise, plan and manage work independently without direct supervision, and flexibility to accommodate peaks and ad hoc changes in workload. - Ability to quickly learn to use new tools and interfaces effectively and to liaise effectively with IT professional and administrative staff to secure enhancements. - Awareness of information security and data protection issues, their application to computing, and the appropriate actions in cases of policy breaches. - A customer-focused approach to the delivery of services. Desirable Skills: - Foundation-level ITIL 4 certification. - Experience of managing service issues using an enterprise Call Management System. - Experience in supporting users of the Learn VLE, Collaborate, TopHat personal response software. - Experience of developing, and knowledge of supporting, Sharepoint-based intranets. - Knowledge of high-performance and/or cloud computing. If you would like to hear more about these opportunities, please get in touch.
27/06/2024
Project-based
Venesky-Brown's client, a public sector organisation in Edinburgh, is currently looking to recruit a Technology Support Officer until the 6th September on a rate of £165.48/day (inside of IR35). Responsibilities: - Second-line point of local expert contact for IT support, including hardware, software, and learning technology, coordinating with the rest of the IT team and acting as a backup for other team members' specialities where needed. - Support academic and administrative staff members' individual use of SharePoint for Intranet, synchronised storage, or for collaborative working, providing expert advice, ensuring optimal use of the underlying technology and available opportunities, while maintaining a secure working environment. - Provide desktop support and specialist advice to the School's staff and research student communities. - Participate in the maintenance of all school IT hardware (desktop PCs, Mac and Windows laptops, iPads), operating systems and applications, using centrally provided managed desktops whenever possible. Ensure equipment is managed via School's IT hardware asset register. - Participate in major hardware, software, and related process changes by communicating with School staff regarding IS services and local upgrades/changes. - Represent the organisation on technical working groups and panels. Other duties as required by line manager or Management. - Plan own work activities to ensure effective service delivery, resolving conflicting timescales and priorities independently - Critically review and make suggestions for improvements to existing processes and procedures - Where appropriate, participate in liaison meetings with IS staff and other relevant technology experts - Liaise regularly with line manager to discuss progress, ongoing issues, and plan improvement of services and local practice - Assist in projecting and tracking of equipment expenditure, based on agreed replacement cycles and current market value of equipment - Ensure work is carried out and performed to required time and quality standards - Respond to urgent problems, crises and service disruptions with the appropriate level of priority relative to long term goals - Plan the introduction and installation of new systems, and managing the life cycle of existing systems - Responsible for planning and prioritising own work within agreed overall priorities - Investigate and analyse technical problems, explore and evaluate solutions using judgement and experience to select best response. - Provide guidance and discuss with staff to agree appropriate delivery platforms and methods for particular and novel learning technology requirements. Assist with issues of planning and data processing for staff and student support. - Determine whether to refer to others or resolve problems and issues independently based on experience and workload. -Use a professional and friendly 'bedside manner' to deal appropriately with inexpert, frustrated, or irate technology users. - Decide on the best mechanism for resolving technical problems using all the resources available. - Independently make day-to-day decisions associated with routine support tasks - Decide when to route support calls and report emerging issues directly to Information Services helpdesk - Manage staff expectations regarding appropriate use of technology and its capabilities - Balance ongoing support tasks against projects and other work - Deputise for line manager when necessary - Take decisions on good information governance with line manager Essential Skills: -A degree in a relevant subject, plus typically 2 years' relevant IT support experience in a mixed OS environment -or- - HNC/HND or equivalent level qualifications plus typically 3 years' relevant IT support experience in a mixed OS environment -or- -Typically 5 years' IT support experience in a mixed OS environment, demonstrating development through involvement in progressively more demanding work/roles - Experience of installing, maintaining, troubleshooting and testing computers (Windows and Mac) and associated peripherals. - Well-developed written and verbal communication skills, and the ability to communicate with a diverse audience, with a wide range of technical expertise. - Ability to identify, prioritise, plan and manage work independently without direct supervision, and flexibility to accommodate peaks and ad hoc changes in workload. - Ability to quickly learn to use new tools and interfaces effectively and to liaise effectively with IT professional and administrative staff to secure enhancements. - Awareness of information security and data protection issues, their application to computing, and the appropriate actions in cases of policy breaches. - A customer-focused approach to the delivery of services. Desirable Skills: - Foundation-level ITIL 4 certification. - Experience of managing service issues using an enterprise Call Management System. - Experience in supporting users of the Learn VLE, Collaborate, TopHat personal response software. - Experience of developing, and knowledge of supporting, Sharepoint-based intranets. - Knowledge of high-performance and/or cloud computing. If you would like to hear more about these opportunities, please get in touch.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Manager. Candidate will be responsible for leading the Governance, Risk Compliance (GRC) team and the programs within the group. The position is hands-on personnel and program manager role and performs key risk management functions within the Security Governance department. Primary functions include management of client responses, Policy & Standards, Security Vendor Risk program management, Security Awareness, Controls Assurance, Compliance Management, and GRC tool management. Responsibilities: Program management: Lead the GRC program roadmap, status reporting on initiatives, metrics, and delivery of the program services. Policy management: Lead in the creation and maintenance of security policies, standards, processes, and guidelines. Evaluate exception requests and make approval recommendations to management. Security training and awareness: Lead and mature the security awareness and phishing program. This includes roadmap development, plan, coordinate, measure, and evaluate cyber training/education courses, methods, and techniques based on instructional needs. Program assessments: Manage and support the 3rd Party Security Vendor Risk Management program, management of SOC2 reporting and ISO27001 certification, and assessments or security requests from clients. Risk management: Manage control testing, issues management (findings, remediation plans, and exception requests), risk register and reporting. Governance: Analyze and stay current with regulations that impact information security/privacy program. Qualifications: Bachelor's degree is highly preferred Seven (7) + years of direct experience (Information Security/Governance) is required. Four (4) + years of Information Security experience required. Candidates containing hands on technical experience are preferred. Four (4) + years of management experience required. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC2, SIG are required. Strong knowledge of risk management principles and practices is required. Technical writing experience is required. Business Intelligence/Analytics (Qlik, Tableau, PowerBI) is preferred. Prior IT Security experience in the legal industry experience is preferred. Experience with instructional content, educational writing, and technical writing strongly preferred. Three (3) + years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Ability to perform as primary Security Subject Matter Expert (SSME) in a senior or lead capacity. Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm's security program and controls. Ability to communicate an effective security awareness message throughout the organization. Demonstrate ability to create and maintain security policy, standard, guideline, and procedure documents. Demonstrate ability to effectively communicate deeply technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users Additional skills mapped to Knowledge, Skills, and Abilities (KSAs) based on NIST SP 800-181. Technologies/Software Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Strong knowledge of Access/Identity Management technologies. Strong knowledge of BI/Analytics tools. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
26/06/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Manager. Candidate will be responsible for leading the Governance, Risk Compliance (GRC) team and the programs within the group. The position is hands-on personnel and program manager role and performs key risk management functions within the Security Governance department. Primary functions include management of client responses, Policy & Standards, Security Vendor Risk program management, Security Awareness, Controls Assurance, Compliance Management, and GRC tool management. Responsibilities: Program management: Lead the GRC program roadmap, status reporting on initiatives, metrics, and delivery of the program services. Policy management: Lead in the creation and maintenance of security policies, standards, processes, and guidelines. Evaluate exception requests and make approval recommendations to management. Security training and awareness: Lead and mature the security awareness and phishing program. This includes roadmap development, plan, coordinate, measure, and evaluate cyber training/education courses, methods, and techniques based on instructional needs. Program assessments: Manage and support the 3rd Party Security Vendor Risk Management program, management of SOC2 reporting and ISO27001 certification, and assessments or security requests from clients. Risk management: Manage control testing, issues management (findings, remediation plans, and exception requests), risk register and reporting. Governance: Analyze and stay current with regulations that impact information security/privacy program. Qualifications: Bachelor's degree is highly preferred Seven (7) + years of direct experience (Information Security/Governance) is required. Four (4) + years of Information Security experience required. Candidates containing hands on technical experience are preferred. Four (4) + years of management experience required. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC2, SIG are required. Strong knowledge of risk management principles and practices is required. Technical writing experience is required. Business Intelligence/Analytics (Qlik, Tableau, PowerBI) is preferred. Prior IT Security experience in the legal industry experience is preferred. Experience with instructional content, educational writing, and technical writing strongly preferred. Three (3) + years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Ability to perform as primary Security Subject Matter Expert (SSME) in a senior or lead capacity. Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm's security program and controls. Ability to communicate an effective security awareness message throughout the organization. Demonstrate ability to create and maintain security policy, standard, guideline, and procedure documents. Demonstrate ability to effectively communicate deeply technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users Additional skills mapped to Knowledge, Skills, and Abilities (KSAs) based on NIST SP 800-181. Technologies/Software Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Strong knowledge of Access/Identity Management technologies. Strong knowledge of BI/Analytics tools. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
isk Compliance Manager - 6 months contract - Remote Our client is a global Pharma company and they are looking for a Risk Compliance Manager to deliver specialised risk and compliance management services related to SOX controls within IT, Finance, or People & Operations. These services will support system security activities and encompass various projects under the Human Capital Management (HCM) program, including integration (T3-11) and Time & Attendance Transformation Analysing and summarizing expected compliance risks in finance, IT, or HR related to the projects and their various go-live dates, ensuring necessary controls are in place before launch. This includes work instruction descriptions, configuring required reports in Workday, obtaining needed approvals, and training personnel on executing the controls. Collecting input from various teams (IT, Security, People & Operations, Finance Reporting & Analytics, Finance Controls & Compliance) to provide a comprehensive understanding of project risk and compliance issues. Reporting and following up on newly discovered project compliance issues until resolution. Supporting updates of SOX IT step-out documents to reflect program needs on an ad hoc basis.
26/06/2024
Project-based
isk Compliance Manager - 6 months contract - Remote Our client is a global Pharma company and they are looking for a Risk Compliance Manager to deliver specialised risk and compliance management services related to SOX controls within IT, Finance, or People & Operations. These services will support system security activities and encompass various projects under the Human Capital Management (HCM) program, including integration (T3-11) and Time & Attendance Transformation Analysing and summarizing expected compliance risks in finance, IT, or HR related to the projects and their various go-live dates, ensuring necessary controls are in place before launch. This includes work instruction descriptions, configuring required reports in Workday, obtaining needed approvals, and training personnel on executing the controls. Collecting input from various teams (IT, Security, People & Operations, Finance Reporting & Analytics, Finance Controls & Compliance) to provide a comprehensive understanding of project risk and compliance issues. Reporting and following up on newly discovered project compliance issues until resolution. Supporting updates of SOX IT step-out documents to reflect program needs on an ad hoc basis.
Job Description We are seeking a highly skilled DevOps Engineer with extensive knowledge in Identity and Access Management (IAM). Your primary role will be to streamline and automate the software development life cycle, fostering seamless collaboration, and delivering high-quality software products. You excel in complex environments, possess a keen problem-solving mindset, and are quick to adapt to new challenges. Your ability to bridge the gap between business and technology-driven queries makes you an indispensable asset to our team. Key Responsibilities Develop and deploy applications and services using Azure Pipelines on both Windows and Linux platforms. Utilize your programming expertise in HTML5, JavaScript, CSS, C#, and PowerShell. Leverage your in-depth knowledge of authentication technologies such as Kerberos, OIDC, SAML, ADFS, Azure, Multi-Factor Authentication, FIDO2, Security Keys, Passkeys, Single Sign-On, and Entra ID. Work with Azure DevOps, Entra Application Proxy, and manage a mixed on-premise and cloud-based environment. Experience with Identity Governance and Administration systems like (Quest) One Identity and/or Microsoft Identity Manager is a plus. Manage LDAP directories such as Active Directory, Red Hat Directory Server, and/or OpenLDAP is a plus. Core Duties Solution Development : Translate business requirements into effective solutions, leading to tangible improvements and enhanced user satisfaction. Continuous Improvement : Collaborate with team members to consistently enhance our authentication tools and processes. End-to-End Management : Oversee the entire development cycle from initial concept to testing, implementation, and ongoing support. Qualifications and Skills Educational Background : Bachelor's or Master's degree in a relevant field. Technical Proficiency : Senior-level experience with IAM technologies and tools mentioned above. Communication Skills : Excellent verbal and written communication skills in English. Competencies : Judgement & Decision Making Agility Complex Problem Solving Why Join Us? You will be part of a dedicated team that supports secure and user-friendly IAM solutions for a large user base. Your contributions will be crucial in maintaining and advancing our authentication services, ensuring that employees and partners have the right access to resources at the right time. We believe in the power of diverse perspectives and are eager to see what unique strengths you can bring to our team. Join us in our mission to innovate and enhance our IAM capabilities, making a meaningful impact on our organization's operations and risk management.
26/06/2024
Project-based
Job Description We are seeking a highly skilled DevOps Engineer with extensive knowledge in Identity and Access Management (IAM). Your primary role will be to streamline and automate the software development life cycle, fostering seamless collaboration, and delivering high-quality software products. You excel in complex environments, possess a keen problem-solving mindset, and are quick to adapt to new challenges. Your ability to bridge the gap between business and technology-driven queries makes you an indispensable asset to our team. Key Responsibilities Develop and deploy applications and services using Azure Pipelines on both Windows and Linux platforms. Utilize your programming expertise in HTML5, JavaScript, CSS, C#, and PowerShell. Leverage your in-depth knowledge of authentication technologies such as Kerberos, OIDC, SAML, ADFS, Azure, Multi-Factor Authentication, FIDO2, Security Keys, Passkeys, Single Sign-On, and Entra ID. Work with Azure DevOps, Entra Application Proxy, and manage a mixed on-premise and cloud-based environment. Experience with Identity Governance and Administration systems like (Quest) One Identity and/or Microsoft Identity Manager is a plus. Manage LDAP directories such as Active Directory, Red Hat Directory Server, and/or OpenLDAP is a plus. Core Duties Solution Development : Translate business requirements into effective solutions, leading to tangible improvements and enhanced user satisfaction. Continuous Improvement : Collaborate with team members to consistently enhance our authentication tools and processes. End-to-End Management : Oversee the entire development cycle from initial concept to testing, implementation, and ongoing support. Qualifications and Skills Educational Background : Bachelor's or Master's degree in a relevant field. Technical Proficiency : Senior-level experience with IAM technologies and tools mentioned above. Communication Skills : Excellent verbal and written communication skills in English. Competencies : Judgement & Decision Making Agility Complex Problem Solving Why Join Us? You will be part of a dedicated team that supports secure and user-friendly IAM solutions for a large user base. Your contributions will be crucial in maintaining and advancing our authentication services, ensuring that employees and partners have the right access to resources at the right time. We believe in the power of diverse perspectives and are eager to see what unique strengths you can bring to our team. Join us in our mission to innovate and enhance our IAM capabilities, making a meaningful impact on our organization's operations and risk management.
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Manager. Candidate will be responsible for leading the Governance, Risk Compliance (GRC) team and the programs within the group. The position is hands-on personnel and program manager role and performs key risk management functions within the Security Governance department. Primary functions include management of client responses, Policy & Standards, Security Vendor Risk program management, Security Awareness, Controls Assurance, Compliance Management, and GRC tool management. Responsibilities: Program management: Lead the GRC program roadmap, status reporting on initiatives, metrics, and delivery of the program services. Policy management: Lead in the creation and maintenance of security policies, standards, processes, and guidelines. Evaluate exception requests and make approval recommendations to management. Security training and awareness: Lead and mature the security awareness and phishing program. This includes roadmap development, plan, coordinate, measure, and evaluate cyber training/education courses, methods, and techniques based on instructional needs. Program assessments: Manage and support the 3rd Party Security Vendor Risk Management program, management of SOC2 reporting and ISO27001 certification, and assessments or security requests from clients. Risk management: Manage control testing, issues management (findings, remediation plans, and exception requests), risk register and reporting. Governance: Analyze and stay current with regulations that impact information security/privacy program. Qualifications: Bachelor's degree is highly preferred Seven (7) + years of direct experience (Information Security/Governance) is required. Four (4) + years of Information Security experience required. Candidates containing hands on technical experience are preferred. Four (4) + years of management experience required. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC2, SIG are required. Strong knowledge of risk management principles and practices is required. Technical writing experience is required. Business Intelligence/Analytics (Qlik, Tableau, PowerBI) is preferred. Prior IT Security experience in the legal industry experience is preferred. Experience with instructional content, educational writing, and technical writing strongly preferred. Three (3) + years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Ability to perform as primary Security Subject Matter Expert (SSME) in a senior or lead capacity. Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm's security program and controls. Ability to communicate an effective security awareness message throughout the organization. Demonstrate ability to create and maintain security policy, standard, guideline, and procedure documents. Demonstrate ability to effectively communicate deeply technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users Additional skills mapped to Knowledge, Skills, and Abilities (KSAs) based on NIST SP 800-181. Technologies/Software Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Strong knowledge of Access/Identity Management technologies. Strong knowledge of BI/Analytics tools. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
25/06/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Manager. Candidate will be responsible for leading the Governance, Risk Compliance (GRC) team and the programs within the group. The position is hands-on personnel and program manager role and performs key risk management functions within the Security Governance department. Primary functions include management of client responses, Policy & Standards, Security Vendor Risk program management, Security Awareness, Controls Assurance, Compliance Management, and GRC tool management. Responsibilities: Program management: Lead the GRC program roadmap, status reporting on initiatives, metrics, and delivery of the program services. Policy management: Lead in the creation and maintenance of security policies, standards, processes, and guidelines. Evaluate exception requests and make approval recommendations to management. Security training and awareness: Lead and mature the security awareness and phishing program. This includes roadmap development, plan, coordinate, measure, and evaluate cyber training/education courses, methods, and techniques based on instructional needs. Program assessments: Manage and support the 3rd Party Security Vendor Risk Management program, management of SOC2 reporting and ISO27001 certification, and assessments or security requests from clients. Risk management: Manage control testing, issues management (findings, remediation plans, and exception requests), risk register and reporting. Governance: Analyze and stay current with regulations that impact information security/privacy program. Qualifications: Bachelor's degree is highly preferred Seven (7) + years of direct experience (Information Security/Governance) is required. Four (4) + years of Information Security experience required. Candidates containing hands on technical experience are preferred. Four (4) + years of management experience required. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC2, SIG are required. Strong knowledge of risk management principles and practices is required. Technical writing experience is required. Business Intelligence/Analytics (Qlik, Tableau, PowerBI) is preferred. Prior IT Security experience in the legal industry experience is preferred. Experience with instructional content, educational writing, and technical writing strongly preferred. Three (3) + years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Ability to perform as primary Security Subject Matter Expert (SSME) in a senior or lead capacity. Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm's security program and controls. Ability to communicate an effective security awareness message throughout the organization. Demonstrate ability to create and maintain security policy, standard, guideline, and procedure documents. Demonstrate ability to effectively communicate deeply technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users Additional skills mapped to Knowledge, Skills, and Abilities (KSAs) based on NIST SP 800-181. Technologies/Software Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Strong knowledge of Access/Identity Management technologies. Strong knowledge of BI/Analytics tools. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
Request Technology - Craig Johnson
Chelmsford, Massachusetts
*We are unable to sponsor for this permanent Full time onsite role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking an Senior Manager Oracle Applications DBA. Candidate will be very hands-on, and will be ensuring production up-time service levels are maintained and made available per requirements that include backup, recovery, refresh, performance tuning, and security (physical and data). Responsibilities: You will support the following levels: Physical - you will be responsible for the physical and technical oriented aspects eg, storage, security, networking and more; Application - you will handle all application-related issues (eg, queries, users, Embedded SQL's etc.) You will ensure database resources are sized properly and a design strategy is developed to make sure that the database is maintained at a healthy size. You will ensure availability and performance of multi database and application environments with very large volumes and sizes. Responsible to manage Oracle Cloud OCI platform and maintain the ongoing integrations and configurations to keep the Cloud platform in a healthy condition. You will manage or perform routine DBA tasks like database maintenance, backups, recovery, table space management, upgrades, etc. You will execute periodic health checks for databases and recommend changes that should be executed in the production environment to ensure optimal performance. You will interact and work with multiple infrastructure, Security and IT teams as part of environment setup, maintenance and support. This is an important function of this role. Plans and responds to service outages including backup and restore. Monitors system performance diagnosing software and hardware failures to resolution Provides patch management and distribution capabilities to prevent new threats with minimized physical infrastructure impacts. Creates and tests data backups. Provides data cleansing services, verifies data integrity, and implements access controls. Performs database configuration, monitoring, and tuning. Routine maintenance including problem defect analysis and resolution, space, storage, object management, physical database layout, rollback segment management, and temporary space management. Supports logs and alerts, access rights and roles, database instance version control. New IDs, roles, authorizations, audits, locked/unlocked status, revocation. Performs memory usage monitoring, database parameter configuration, database resources, I/O distribution. Ensures system health, maintenance, technical security, recovery, and basic application technical tuning. Maintains Oracle Quarterly Releases and patch management schedules. Supports Systems Development, Migration, and Integration efforts as needed. Significant contributor to work plans for security analysis and recommendations Qualifications: Bachelor's Degree Computer Science or similar required 10+ years Oracle EBS (11i/R12) Minimum five (5) years in ERP Cloud platform 20+ years of experience as Oracle ERP APPS DBA Must have executed a minimum of two Upgrade cycles in the past. Will be responsible for Cutover Downtime reduction thru process improvements in each Upgrade iteration, Must have experience in EBS Application architecture, Concurrent managers, Workflow, layout of application on infrastructure, etc. Must have excellent knowledge in cloning, patching, backup recovery of ERP application including knowledge of ODI, FAW/ADW, Performance tuning, SQL profiling Must have hands on experience of RMAN, Backup Management and different Recovery techniques. Design and Implement disaster recovery plans. Support Oracle Cloud and EBS developers for custom coding, code migration, workflow and concurrent requests Knowledge of system administration functionality within Oracle Cloud ERP, Unix Shell Scripting skills on Oracle ODA's and OVM's Excellent interpersonal communication skills Ability to work with team members located in multiple geographies and time zones. Ability to manage and supervise DBA staff in the team. Responsible for providing day-to-day status and maintenance for Oracle EBS and ERP Cloud.
25/06/2024
Full time
*We are unable to sponsor for this permanent Full time onsite role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking an Senior Manager Oracle Applications DBA. Candidate will be very hands-on, and will be ensuring production up-time service levels are maintained and made available per requirements that include backup, recovery, refresh, performance tuning, and security (physical and data). Responsibilities: You will support the following levels: Physical - you will be responsible for the physical and technical oriented aspects eg, storage, security, networking and more; Application - you will handle all application-related issues (eg, queries, users, Embedded SQL's etc.) You will ensure database resources are sized properly and a design strategy is developed to make sure that the database is maintained at a healthy size. You will ensure availability and performance of multi database and application environments with very large volumes and sizes. Responsible to manage Oracle Cloud OCI platform and maintain the ongoing integrations and configurations to keep the Cloud platform in a healthy condition. You will manage or perform routine DBA tasks like database maintenance, backups, recovery, table space management, upgrades, etc. You will execute periodic health checks for databases and recommend changes that should be executed in the production environment to ensure optimal performance. You will interact and work with multiple infrastructure, Security and IT teams as part of environment setup, maintenance and support. This is an important function of this role. Plans and responds to service outages including backup and restore. Monitors system performance diagnosing software and hardware failures to resolution Provides patch management and distribution capabilities to prevent new threats with minimized physical infrastructure impacts. Creates and tests data backups. Provides data cleansing services, verifies data integrity, and implements access controls. Performs database configuration, monitoring, and tuning. Routine maintenance including problem defect analysis and resolution, space, storage, object management, physical database layout, rollback segment management, and temporary space management. Supports logs and alerts, access rights and roles, database instance version control. New IDs, roles, authorizations, audits, locked/unlocked status, revocation. Performs memory usage monitoring, database parameter configuration, database resources, I/O distribution. Ensures system health, maintenance, technical security, recovery, and basic application technical tuning. Maintains Oracle Quarterly Releases and patch management schedules. Supports Systems Development, Migration, and Integration efforts as needed. Significant contributor to work plans for security analysis and recommendations Qualifications: Bachelor's Degree Computer Science or similar required 10+ years Oracle EBS (11i/R12) Minimum five (5) years in ERP Cloud platform 20+ years of experience as Oracle ERP APPS DBA Must have executed a minimum of two Upgrade cycles in the past. Will be responsible for Cutover Downtime reduction thru process improvements in each Upgrade iteration, Must have experience in EBS Application architecture, Concurrent managers, Workflow, layout of application on infrastructure, etc. Must have excellent knowledge in cloning, patching, backup recovery of ERP application including knowledge of ODI, FAW/ADW, Performance tuning, SQL profiling Must have hands on experience of RMAN, Backup Management and different Recovery techniques. Design and Implement disaster recovery plans. Support Oracle Cloud and EBS developers for custom coding, code migration, workflow and concurrent requests Knowledge of system administration functionality within Oracle Cloud ERP, Unix Shell Scripting skills on Oracle ODA's and OVM's Excellent interpersonal communication skills Ability to work with team members located in multiple geographies and time zones. Ability to manage and supervise DBA staff in the team. Responsible for providing day-to-day status and maintenance for Oracle EBS and ERP Cloud.
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for an IT Security/GRC Manager. This manager will be a hands-on manager in enterprise GRC for applications, Infrastructure, 3rd party security, vendor risk management, and program management. This manager will manage a team of 2-4 individuals. This role will require experience with SOC2 reporting, ISO27001, NIST, technical writing, etc. Responsibilities: Lead the GRC program roadmap, status reporting on initiatives, metrics, and delivery of the program services. Lead in the creation and maintenance of security policies, standards, processes, and guidelines. Evaluate exception requests and make approval recommendations to management. Lead and mature the security awareness and phishing program. This includes roadmap development, plan, coordinate, measure, and evaluate cyber training/education courses, methods, and techniques based on instructional needs. Manage and support the 3rd Party Security Vendor Risk Management program, management of SOC2 reporting and ISO27001 certification, and assessments or security requests from clients. Manage control testing, issues management (findings, remediation plans, and exception requests), risk register and reporting. Analyze and stay current with regulations that impact information security/privacy program. Qualifications Bachelor's degree Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Seven (7) + years of direct experience (Information Security/Governance) Four (4) + years of Information Security experience required. Candidates containing hands on technical experience. Four (4) + years of management experience required. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC2, SIG are required. Strong knowledge of risk management principles and practices is required. Technical writing experience is required. Business Intelligence/Analytics (Qlik, Tableau, PowerBI) is preferred. Experience with instructional content, educational writing, and technical writing strongly preferred. Governance, Risk, and Compliance (GRC) tool management is preferred. Ability to perform as primary Security Subject Matter Expert (SSME) in a senior or lead capacity. Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Demonstrate ability to effectively communicate deeply technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users Additional skills mapped to Knowledge, Skills, and Abilities (KSAs) based on NIST SP 800-181. Technologies/Software Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Strong knowledge of Access/Identity Management technologies. Strong knowledge of BI/Analytics tools. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions.
25/06/2024
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for an IT Security/GRC Manager. This manager will be a hands-on manager in enterprise GRC for applications, Infrastructure, 3rd party security, vendor risk management, and program management. This manager will manage a team of 2-4 individuals. This role will require experience with SOC2 reporting, ISO27001, NIST, technical writing, etc. Responsibilities: Lead the GRC program roadmap, status reporting on initiatives, metrics, and delivery of the program services. Lead in the creation and maintenance of security policies, standards, processes, and guidelines. Evaluate exception requests and make approval recommendations to management. Lead and mature the security awareness and phishing program. This includes roadmap development, plan, coordinate, measure, and evaluate cyber training/education courses, methods, and techniques based on instructional needs. Manage and support the 3rd Party Security Vendor Risk Management program, management of SOC2 reporting and ISO27001 certification, and assessments or security requests from clients. Manage control testing, issues management (findings, remediation plans, and exception requests), risk register and reporting. Analyze and stay current with regulations that impact information security/privacy program. Qualifications Bachelor's degree Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Seven (7) + years of direct experience (Information Security/Governance) Four (4) + years of Information Security experience required. Candidates containing hands on technical experience. Four (4) + years of management experience required. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC2, SIG are required. Strong knowledge of risk management principles and practices is required. Technical writing experience is required. Business Intelligence/Analytics (Qlik, Tableau, PowerBI) is preferred. Experience with instructional content, educational writing, and technical writing strongly preferred. Governance, Risk, and Compliance (GRC) tool management is preferred. Ability to perform as primary Security Subject Matter Expert (SSME) in a senior or lead capacity. Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Demonstrate ability to effectively communicate deeply technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users Additional skills mapped to Knowledge, Skills, and Abilities (KSAs) based on NIST SP 800-181. Technologies/Software Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Strong knowledge of Access/Identity Management technologies. Strong knowledge of BI/Analytics tools. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions.