Company: Finning International Inc. Number of Openings: 1 Worker Type: Permanent Position Overview: With a reporting line to the Security Operations Manager, the Intermediate Security Operations Analyst will be globally responsible for improving the security posture of all Finning regions regarding governance policy compliance, firewall policy management, vulnerability management, SIEM alert management, email hygiene, anti-virus management, and incident response. The ideal candidate for this position is a proven thought leader, problem solver and integrator of people and processes, as well as an effective global internal consultant. The Intermediate Security Operations Analyst must possess solid domain competencies in a number of IT-security-related disciplines, including risk, business continuity management, privacy and compliance. Job Description: Major Job Functions: Governance policy compliance, including validating policy compliance, contributing towards team budget development and management, security awareness training Firewall policy management, including annual policy review, reviewing and approving planned and ad-hoc policy rules changes, reviewing and approving IPS policy rules and onboarding new firewalls Vulnerability management, including asset scans and mapping SIEM alert management, including identifying log parsing errors, advising on remediation activities, reviewing/action of alerts and collaborating on alert optimization- Email hygiene and anti-virus management, including investigating/responding to alerts, system monitoring and contributing towards continuous improvements and upgrades Incident response, including reviewing logs and collaborating to prevent/isolate traffic, solution development and threat analysis Providing insight into incident management, continuous improvement to procedures and policies Benefits: In addition to 25 days holiday, an annual bonus, a competitive salary, life insurance, and up to 7% pension, you will benefit from: Private medical insurance Enhanced maternity and paternity packages Family-friendly policies to support working parents Enhanced flexible working options Support from a team of 40+ Mental Health first-aiders Employee wellbeing solutions Electric car scheme (UK) The opportunity to work with your charity of choice Length of service or recognition awards. Specific Skills: Awareness of Identity and access management (IAM) solutions P articipation in the configuration of endpoint protection technologies and techniques, Web application firewalls and intrusion prevention, and encryption methodologies K nowledge of access control methodologies (MAC, DAC, RBAC) Working experience with firewall monitoring, content filtering, IDS/IPS systems, SIEM tools and network scanners, and cyber security techniques E xperience working with a variety of firewalls, including trouble-shooting, log review and configuration E xperience with onboarding security requirements for new Projects Knowledge: Basic knowledge of a broad range of standards and frameworks - for example, International Standards Organization (ISO) 27001, IT Infrastructure Library (ITIL), Payment Card Industry - Data Security Standard (PCI DSS), Bill-198, Personal Information Protection and Electronics Documents Act (PIPEDA) Knowledge of common risk management methodologies - for example, Control Objectives for Information and Related Technology (COBIT5) Understanding of strategic business risks Ability to develop a comprehensive understanding of Finning's business, market and industry and relate that knowledge to identified operations- and IT-related risks Knowledge necessary to propose relevant IT responses to changing business risks and regulatory changes Knowledge and use of User and entity behaviour analytics (UEBA) Experience with social engineering, penetration testing, vulnerability risk assessments, cloud computing Education & Experience: Bachelor's degree in Computer Science or equivalent experience Obtained or working towards one of the Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control, Certified Ethical Hacker, Global Information Assurance Certification (GIAC) Three to six years of experience in IT security management or a related discipline (for example, risk, privacy, business continuity management or compliance). At Finning, we prioritize creating a diverse and inclusive environment. We are proud to be an equal opportunity employer, and we actively encourage all individuals to express themselves and achieve their full potential. As a company, we continuously strive to enhance our outreach to individuals of all backgrounds and identities. We do not discriminate against applicants based on gender identity, race, national and ethnic origin, religion, age, sexual orientation, marital and family status, and/or mental or physical disabilities. Furthermore, Finning is committed to collaborating with and providing reasonable accommodations /adjustments to individuals with disabilities. If you require an adjustment/accommodation at any point during the recruitment process, please inform your recruiter.
May 02, 2024
Full time
Company: Finning International Inc. Number of Openings: 1 Worker Type: Permanent Position Overview: With a reporting line to the Security Operations Manager, the Intermediate Security Operations Analyst will be globally responsible for improving the security posture of all Finning regions regarding governance policy compliance, firewall policy management, vulnerability management, SIEM alert management, email hygiene, anti-virus management, and incident response. The ideal candidate for this position is a proven thought leader, problem solver and integrator of people and processes, as well as an effective global internal consultant. The Intermediate Security Operations Analyst must possess solid domain competencies in a number of IT-security-related disciplines, including risk, business continuity management, privacy and compliance. Job Description: Major Job Functions: Governance policy compliance, including validating policy compliance, contributing towards team budget development and management, security awareness training Firewall policy management, including annual policy review, reviewing and approving planned and ad-hoc policy rules changes, reviewing and approving IPS policy rules and onboarding new firewalls Vulnerability management, including asset scans and mapping SIEM alert management, including identifying log parsing errors, advising on remediation activities, reviewing/action of alerts and collaborating on alert optimization- Email hygiene and anti-virus management, including investigating/responding to alerts, system monitoring and contributing towards continuous improvements and upgrades Incident response, including reviewing logs and collaborating to prevent/isolate traffic, solution development and threat analysis Providing insight into incident management, continuous improvement to procedures and policies Benefits: In addition to 25 days holiday, an annual bonus, a competitive salary, life insurance, and up to 7% pension, you will benefit from: Private medical insurance Enhanced maternity and paternity packages Family-friendly policies to support working parents Enhanced flexible working options Support from a team of 40+ Mental Health first-aiders Employee wellbeing solutions Electric car scheme (UK) The opportunity to work with your charity of choice Length of service or recognition awards. Specific Skills: Awareness of Identity and access management (IAM) solutions P articipation in the configuration of endpoint protection technologies and techniques, Web application firewalls and intrusion prevention, and encryption methodologies K nowledge of access control methodologies (MAC, DAC, RBAC) Working experience with firewall monitoring, content filtering, IDS/IPS systems, SIEM tools and network scanners, and cyber security techniques E xperience working with a variety of firewalls, including trouble-shooting, log review and configuration E xperience with onboarding security requirements for new Projects Knowledge: Basic knowledge of a broad range of standards and frameworks - for example, International Standards Organization (ISO) 27001, IT Infrastructure Library (ITIL), Payment Card Industry - Data Security Standard (PCI DSS), Bill-198, Personal Information Protection and Electronics Documents Act (PIPEDA) Knowledge of common risk management methodologies - for example, Control Objectives for Information and Related Technology (COBIT5) Understanding of strategic business risks Ability to develop a comprehensive understanding of Finning's business, market and industry and relate that knowledge to identified operations- and IT-related risks Knowledge necessary to propose relevant IT responses to changing business risks and regulatory changes Knowledge and use of User and entity behaviour analytics (UEBA) Experience with social engineering, penetration testing, vulnerability risk assessments, cloud computing Education & Experience: Bachelor's degree in Computer Science or equivalent experience Obtained or working towards one of the Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control, Certified Ethical Hacker, Global Information Assurance Certification (GIAC) Three to six years of experience in IT security management or a related discipline (for example, risk, privacy, business continuity management or compliance). At Finning, we prioritize creating a diverse and inclusive environment. We are proud to be an equal opportunity employer, and we actively encourage all individuals to express themselves and achieve their full potential. As a company, we continuously strive to enhance our outreach to individuals of all backgrounds and identities. We do not discriminate against applicants based on gender identity, race, national and ethnic origin, religion, age, sexual orientation, marital and family status, and/or mental or physical disabilities. Furthermore, Finning is committed to collaborating with and providing reasonable accommodations /adjustments to individuals with disabilities. If you require an adjustment/accommodation at any point during the recruitment process, please inform your recruiter.
Job title: Cyber Lead Location: Glascoed, Radway Green or Washington We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: £52k - £62k per annum What you'll be doing: Provide security architecture / technical input into the development of secure solutions for IM&T, Cyber and Operational Technology Support development of strategy and continual service improvement for the Cyber Assurance function at Business and Sector Level and act as a subject matter expert for the wider organisation Line management responsibility for members of the team of cyber analysts Defining Cyber Security requirements, with development and execution of a plan to gain compliance to the NIST Cyber framework in line with Corporate Guidance covering Enterprise Systems, Operational Technologies services and Cloud Conducting and reporting compliance assessments of Land UK IM&T capabilities to identify Cyber Security Risks in line with business risk appetite and the changing cyber threat Identification of risk and appropriate mitigations, development & analysis of secure solutions and assessment of compliance with internal and external standards and regulations Defining a schedule of assurance activities to review security control compliance with standards on a prioritised risk basis Deliver documentation and conduct impact assessments to demonstrate compliance to internal and external stakeholders Your skills and experiences: Essential Relevant experience in a related discipline (ICT/Computing, assurance, risk management, vulnerability/threat assessment) Wide ranging knowledge of application, infrastructure and security technologies and familiarity with implementing them in a secure configuration Desirable Previous experience of providing security input and advice to projects in the Government sector or commercial organisations Knowledge of security policies, NIST, DEFSTAN 05-138 (or other similar standards) and good practice guidance regarding their application Experience of working in a project environment and awareness of system development lifecycle methodologies CCP, CISM or CISSP qualification Benefits: You'll receive benefits including a competitive pension scheme, enhanced annual leave allowance and a Company contributed Share Incentive Plan. You'll also have access to additional benefits such as flexible working, an employee assistance programme, Cycle2work and employee discounts - you may also be eligible for an annual incentive. The IM&T team: Within a dedicated team providing a wide range of IT services and further exploiting our digital landscape, the successful candidate will play a key role in keeping our systems and data secure. This role will provide you with the opportunity to work on critical business change programmes, adding great value and collaborating with various functions in a growing business. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome candidates from all backgrounds and particularly from sections of the community who are currently underrepresented within our industry, including women, ethnic minorities, people with disabilities and LGBTQ+ individuals. We also want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles working for BAE Systems will be subject to both security and export control restrictions. These restrictions mean that factors including your nationality, any previous nationalities you have held, and your place of birth may limit those roles you can perform for the organisation. Closing Date: 14th May 2023 We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible.
May 02, 2024
Full time
Job title: Cyber Lead Location: Glascoed, Radway Green or Washington We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: £52k - £62k per annum What you'll be doing: Provide security architecture / technical input into the development of secure solutions for IM&T, Cyber and Operational Technology Support development of strategy and continual service improvement for the Cyber Assurance function at Business and Sector Level and act as a subject matter expert for the wider organisation Line management responsibility for members of the team of cyber analysts Defining Cyber Security requirements, with development and execution of a plan to gain compliance to the NIST Cyber framework in line with Corporate Guidance covering Enterprise Systems, Operational Technologies services and Cloud Conducting and reporting compliance assessments of Land UK IM&T capabilities to identify Cyber Security Risks in line with business risk appetite and the changing cyber threat Identification of risk and appropriate mitigations, development & analysis of secure solutions and assessment of compliance with internal and external standards and regulations Defining a schedule of assurance activities to review security control compliance with standards on a prioritised risk basis Deliver documentation and conduct impact assessments to demonstrate compliance to internal and external stakeholders Your skills and experiences: Essential Relevant experience in a related discipline (ICT/Computing, assurance, risk management, vulnerability/threat assessment) Wide ranging knowledge of application, infrastructure and security technologies and familiarity with implementing them in a secure configuration Desirable Previous experience of providing security input and advice to projects in the Government sector or commercial organisations Knowledge of security policies, NIST, DEFSTAN 05-138 (or other similar standards) and good practice guidance regarding their application Experience of working in a project environment and awareness of system development lifecycle methodologies CCP, CISM or CISSP qualification Benefits: You'll receive benefits including a competitive pension scheme, enhanced annual leave allowance and a Company contributed Share Incentive Plan. You'll also have access to additional benefits such as flexible working, an employee assistance programme, Cycle2work and employee discounts - you may also be eligible for an annual incentive. The IM&T team: Within a dedicated team providing a wide range of IT services and further exploiting our digital landscape, the successful candidate will play a key role in keeping our systems and data secure. This role will provide you with the opportunity to work on critical business change programmes, adding great value and collaborating with various functions in a growing business. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome candidates from all backgrounds and particularly from sections of the community who are currently underrepresented within our industry, including women, ethnic minorities, people with disabilities and LGBTQ+ individuals. We also want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles working for BAE Systems will be subject to both security and export control restrictions. These restrictions mean that factors including your nationality, any previous nationalities you have held, and your place of birth may limit those roles you can perform for the organisation. Closing Date: 14th May 2023 We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible.
Information Security Vulnerability Analyst 50,000 - 55,000 Hybrid - 2 days per week in either Horley/Portsmouth office depending on location We are looking for a brilliant Vulnerability Analyst to join a constantly growing UK utilities company as they embark on a 5 year long transformation of their IT Security team while they help revolutionise the UK energy industry. As a UK Critical National Infrastructure provider, Information Security is an integral part of their business operation, so this role is critical to the business. Within this role, you will be responsible for the IT and OT vulnerabilities across the organisation's estate. You will triage, assess, and prioritise identified security vulnerabilities, ensuring mitigating controls are identified and implemented where necessary. You will support security assessments and third parties' cyber exercises that identify security vulnerabilities, while tracking remediation, risks, and exceptions. We are looking for an individual that has: At least 2 years' cyber security experience, with a background in IT infrastructure or networking Experience or knowledge of vulnerability management tools such as Qualys, Nessus, etc. Good understanding of Cyber Assurance Framework Experience with working with Regulators and providing compliance updates for OT environment are highly desirable. In turn, we can offer you: A permanent role which has huge career progression and training in Information Security Salary sacrifice pension scheme 25 days holiday + Bank Holidays This role requires SC Clearance, so you will need to be eligible for this in order to be put forward for the role. This is a huge opportunity to be a part of an extraordinary transition taking place as the organisation decarbonises their networks. If this sounds of interest, please apply.
May 01, 2024
Full time
Information Security Vulnerability Analyst 50,000 - 55,000 Hybrid - 2 days per week in either Horley/Portsmouth office depending on location We are looking for a brilliant Vulnerability Analyst to join a constantly growing UK utilities company as they embark on a 5 year long transformation of their IT Security team while they help revolutionise the UK energy industry. As a UK Critical National Infrastructure provider, Information Security is an integral part of their business operation, so this role is critical to the business. Within this role, you will be responsible for the IT and OT vulnerabilities across the organisation's estate. You will triage, assess, and prioritise identified security vulnerabilities, ensuring mitigating controls are identified and implemented where necessary. You will support security assessments and third parties' cyber exercises that identify security vulnerabilities, while tracking remediation, risks, and exceptions. We are looking for an individual that has: At least 2 years' cyber security experience, with a background in IT infrastructure or networking Experience or knowledge of vulnerability management tools such as Qualys, Nessus, etc. Good understanding of Cyber Assurance Framework Experience with working with Regulators and providing compliance updates for OT environment are highly desirable. In turn, we can offer you: A permanent role which has huge career progression and training in Information Security Salary sacrifice pension scheme 25 days holiday + Bank Holidays This role requires SC Clearance, so you will need to be eligible for this in order to be put forward for the role. This is a huge opportunity to be a part of an extraordinary transition taking place as the organisation decarbonises their networks. If this sounds of interest, please apply.
Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high-growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, they explore and they implement the new ideas helping us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an IT role at BDO, you'll become part of a team that act as the backbone for our business. No matter who you are or what your skillset is, we'll give you the training and support you need to achieve whatever you put your mind to. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. The Security Operations Manager role is integral to BDO, ensuring that we protect our colleagues, clients and partners information as we rapidly expand our digital footprint. Reporting into the Head of IT Security, you'll ensure the delivery of cybersecurity improvement initiatives, operational excellence, technical security assurance and develop a talent pipeline. You'll work closely alongside the Head of IT Security to instill the right structure and processes to support the delivery of continual Cybersecurity improvements across BDO and will have direct line management responsibilities of 3x Cybersecurity Analysts where you will conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members. You'll also: Deliver security operations technology roadmaps in conjunction with the wider Cybersecurity strategy. Propose changes to existing policies, procedures and configurations to ensure operating efficiency and regulatory compliance. Contribute to the security strategy, ensuring that technical and structural considerations regarding design, build and run components are considered. Aid the Head of IT Security in chairing various defined security management working groups, ensuring that reporting against progress vs plan is developed. Manage security operational production incidents and participate in problem and change management forums. Serve as an active participant in the information security governance process, working with Business Analysts, Governance and PMO functions in order to ensure that cyber risks are accurately reported, assessed and mitigated. Consult with IT and support staff to ensure that security is factored into the evaluation, selection, installation and configuration of new products and services. Report on the implementation of technical controls to support and enforce defined security policies. Report on the technical aspects of security management against pre-defined Cybersecurity operational metrics. Engage with the MSSP re Service Level Agreements (SLA's), monitoring metrics, including contract and performance metrics Own day-to-day management IT Security Service Requests and tickets, including: Reporting, Knowledge Management, Root Cause Analysis and Proactive Problem Repetition Avoidance. Contribute to a Cybersecurity knowledgebase comprising technical reference libraries, security advisories and alerts, information on security trends and practices, and laws and regulations. Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements. Contribute to the development of a Cybersecurity Operations Resource and Capacity planner managed through BDO's Azure DevOps environment. Oversee incident response, threat detection, and mitigation efforts You'll be someone with: A good understanding of monitoring frameworks eg MITRE ATT&CK and SIEM technologies eg Microsoft Sentinel An interest in automation of Security operation function including artificial intelligence An understanding of Microsoft security product portfolio CISSP/CISM (Desired) CCSP/SSCP (Desired) Proven experience in Cybersecurity and IT Operations (Required) DLP, EDR/XDR, CASB, E-mail Security, SWG and ZTNA/SASE You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we're always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions We've got a clear purpose, and we're confident in our future, because we're adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.
May 01, 2024
Full time
Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high-growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, they explore and they implement the new ideas helping us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an IT role at BDO, you'll become part of a team that act as the backbone for our business. No matter who you are or what your skillset is, we'll give you the training and support you need to achieve whatever you put your mind to. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. The Security Operations Manager role is integral to BDO, ensuring that we protect our colleagues, clients and partners information as we rapidly expand our digital footprint. Reporting into the Head of IT Security, you'll ensure the delivery of cybersecurity improvement initiatives, operational excellence, technical security assurance and develop a talent pipeline. You'll work closely alongside the Head of IT Security to instill the right structure and processes to support the delivery of continual Cybersecurity improvements across BDO and will have direct line management responsibilities of 3x Cybersecurity Analysts where you will conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members. You'll also: Deliver security operations technology roadmaps in conjunction with the wider Cybersecurity strategy. Propose changes to existing policies, procedures and configurations to ensure operating efficiency and regulatory compliance. Contribute to the security strategy, ensuring that technical and structural considerations regarding design, build and run components are considered. Aid the Head of IT Security in chairing various defined security management working groups, ensuring that reporting against progress vs plan is developed. Manage security operational production incidents and participate in problem and change management forums. Serve as an active participant in the information security governance process, working with Business Analysts, Governance and PMO functions in order to ensure that cyber risks are accurately reported, assessed and mitigated. Consult with IT and support staff to ensure that security is factored into the evaluation, selection, installation and configuration of new products and services. Report on the implementation of technical controls to support and enforce defined security policies. Report on the technical aspects of security management against pre-defined Cybersecurity operational metrics. Engage with the MSSP re Service Level Agreements (SLA's), monitoring metrics, including contract and performance metrics Own day-to-day management IT Security Service Requests and tickets, including: Reporting, Knowledge Management, Root Cause Analysis and Proactive Problem Repetition Avoidance. Contribute to a Cybersecurity knowledgebase comprising technical reference libraries, security advisories and alerts, information on security trends and practices, and laws and regulations. Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements. Contribute to the development of a Cybersecurity Operations Resource and Capacity planner managed through BDO's Azure DevOps environment. Oversee incident response, threat detection, and mitigation efforts You'll be someone with: A good understanding of monitoring frameworks eg MITRE ATT&CK and SIEM technologies eg Microsoft Sentinel An interest in automation of Security operation function including artificial intelligence An understanding of Microsoft security product portfolio CISSP/CISM (Desired) CCSP/SSCP (Desired) Proven experience in Cybersecurity and IT Operations (Required) DLP, EDR/XDR, CASB, E-mail Security, SWG and ZTNA/SASE You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we're always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions We've got a clear purpose, and we're confident in our future, because we're adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.
Information Security Vulnerability Analyst £50,000 - £55,000 Hybrid - 2 days per week in either Horley/Portsmouth office depending on location We are looking for a brilliant Vulnerability Analyst to join a constantly growing UK utilities company as they embark on a 5 year long transformation of their IT Security team while they help revolutionise the UK energy industry. As a UK Critical National Infrastructure provider, Information Security is an integral part of their business operation, so this role is critical to the business. Within this role, you will be responsible for the IT and OT vulnerabilities across the organisation's estate. You will triage, assess, and prioritise identified security vulnerabilities, ensuring mitigating controls are identified and implemented where necessary. You will support security assessments and third parties' cyber exercises that identify security vulnerabilities, while tracking remediation, risks, and exceptions. We are looking for an individual that has: At least 2 years' cyber security experience, with a background in IT infrastructure or networking Experience or knowledge of vulnerability management tools such as Qualys, Nessus, etc. Good understanding of Cyber Assurance Framework Experience with working with Regulators and providing compliance updates for OT environment are highly desirable. In turn, we can offer you: A permanent role which has huge career progression and training in Information Security Salary sacrifice pension scheme 25 days holiday + Bank Holidays This role requires SC Clearance, so you will need to be eligible for this in order to be put forward for the role. This is a huge opportunity to be a part of an extraordinary transition taking place as the organisation decarbonises their networks. If this sounds of interest, please apply.
May 01, 2024
Full time
Information Security Vulnerability Analyst £50,000 - £55,000 Hybrid - 2 days per week in either Horley/Portsmouth office depending on location We are looking for a brilliant Vulnerability Analyst to join a constantly growing UK utilities company as they embark on a 5 year long transformation of their IT Security team while they help revolutionise the UK energy industry. As a UK Critical National Infrastructure provider, Information Security is an integral part of their business operation, so this role is critical to the business. Within this role, you will be responsible for the IT and OT vulnerabilities across the organisation's estate. You will triage, assess, and prioritise identified security vulnerabilities, ensuring mitigating controls are identified and implemented where necessary. You will support security assessments and third parties' cyber exercises that identify security vulnerabilities, while tracking remediation, risks, and exceptions. We are looking for an individual that has: At least 2 years' cyber security experience, with a background in IT infrastructure or networking Experience or knowledge of vulnerability management tools such as Qualys, Nessus, etc. Good understanding of Cyber Assurance Framework Experience with working with Regulators and providing compliance updates for OT environment are highly desirable. In turn, we can offer you: A permanent role which has huge career progression and training in Information Security Salary sacrifice pension scheme 25 days holiday + Bank Holidays This role requires SC Clearance, so you will need to be eligible for this in order to be put forward for the role. This is a huge opportunity to be a part of an extraordinary transition taking place as the organisation decarbonises their networks. If this sounds of interest, please apply.
Join Police Digital Service in a NMC Senior Cyber Threat Intelligence Specialist role (Hybrid/Lancashire) £55,000-£60,000 Police Digital Service are looking to hire a Senior Cyber Threat Intelligence (CTI) Specialist. This role is recommended for those with significant cyber threat intelligence experience As a member of the Threat Intelligence team, you'll be involved with: Developing awareness for the policing community of the cyber risks to critical services by continually assessing the threat landscape and informing stakeholders. Reporting cyber risks to service, executive, and operational stakeholders for mitigation decisions. Limiting the impact of known cyber risks by engaging forces in pre-incident planning and preparatory activities. Constraining attack surfaces through proactive threat intelligence working directly alongside the threat hunting and malware service. About Police Digital Service We exist to harness the power of digital, data and technology to enable UK policing to better protect the communities it serves. Ours is a team of experts in commercial services, technical assurance, data, digital transformation and innovation, with a unique experience in policing and national programme delivery. The National Management Centre will provide visibility and control of information risks for Policing. It will support the 24x7x365 nature of the police operations, providing a threat detection and response capability for digital services before, during and after cyber attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and force level. Why Join us? You can find out more here:Benefits - Police Digital Service (pds.police.uk) Key Responsibilities Providing expertise and support through the use of analytical products to assist mitigation practices at a tactical and operational level. Analysis of advanced persistent threats including the tactics, techniques, and procedures (TTPs) of attackers. Conducting analysis at a tactical and operational level, identifying and using appropriate analytical tools and techniques to interpret gaps, patterns and trends, assess threat, risk and harm and make recommendations in support of decision making, prioritisation and resource allocation. Correlating intelligence from a variety of sources, to develop and lead understanding and analysis of contextually relevant threats. Performing a broad range of tasks, bringing together output from stakeholders within Cyber SOC, Malware, Threat Hunting and Vulnerability teams. Preparing and delivering analytical alerts, reports, and briefings to stakeholders to provide a clear and concise evidence-based understanding of the subject matter, including providing advice and guidance. Working proactively to serve the policing community with limited direct oversight (depending on role and capabilities), and to take ownership of deliverables. Identifying, developing and training other CTI analysts using appropriate analytical tools and techniques. What you need to succeed in the role Essential : Ability to acquire SC and NPPV3 level clearances Strong interest in cyber security and threat actors Insatiable thirst for knowledge Ability to translate complex cyber issues to relevant audiences, both verbally and written Experience in internal and external stakeholder management and engagement Knowledge of current threat landscape including specific awareness of adversarial cyber actors, including their TTPs Experience in utilising open-source intelligence and the development of tools to assist with this Experience in conducting malware, phishing, and SIEM log analysis Knowledge of relevant CTI sources Excellent knowledge of adversarial cyber actors, including their TTPs and the adversary lifecycle Comprehensive experience in conducting malware, phishing, and SIEM log analysis Experience with threat modelling systems and risk assessment models Extensive experience in utilising open-source intelligence Experienced CTI analyst with the ability to progress service provided to police forces, lead development, and train juniors Demonstrated ability to manage customer relationships Strong leadership skills with the ability to prioritise and operate in a methodical and disciplined manner Ability to operate in high-pressured environments with proven experience of support provided during cyber incidents Desirable: Relevant qualifications including: CREST Registered Threat Intelligence Analyst, GIAC Cyber Threat Intelligence (GCTI), and/or Completed Intelligence Analysis course (e.g. NIAT, RISC UK or similar) Demonstrated experience in developing and delivering cybercrime or risk reduction recommendations and / or strategies Understanding of UK Police cyber and IT environments Working Arrangements At the NMC, you will benefit from hybrid working, getting the advantages of both face-to-face team engagement and home working. NMC employees have the opportunity to work in our modern office environment for in-person collaboration, however you will also get the opportunity to work from home 2 days a week.
May 01, 2024
Full time
Join Police Digital Service in a NMC Senior Cyber Threat Intelligence Specialist role (Hybrid/Lancashire) £55,000-£60,000 Police Digital Service are looking to hire a Senior Cyber Threat Intelligence (CTI) Specialist. This role is recommended for those with significant cyber threat intelligence experience As a member of the Threat Intelligence team, you'll be involved with: Developing awareness for the policing community of the cyber risks to critical services by continually assessing the threat landscape and informing stakeholders. Reporting cyber risks to service, executive, and operational stakeholders for mitigation decisions. Limiting the impact of known cyber risks by engaging forces in pre-incident planning and preparatory activities. Constraining attack surfaces through proactive threat intelligence working directly alongside the threat hunting and malware service. About Police Digital Service We exist to harness the power of digital, data and technology to enable UK policing to better protect the communities it serves. Ours is a team of experts in commercial services, technical assurance, data, digital transformation and innovation, with a unique experience in policing and national programme delivery. The National Management Centre will provide visibility and control of information risks for Policing. It will support the 24x7x365 nature of the police operations, providing a threat detection and response capability for digital services before, during and after cyber attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and force level. Why Join us? You can find out more here:Benefits - Police Digital Service (pds.police.uk) Key Responsibilities Providing expertise and support through the use of analytical products to assist mitigation practices at a tactical and operational level. Analysis of advanced persistent threats including the tactics, techniques, and procedures (TTPs) of attackers. Conducting analysis at a tactical and operational level, identifying and using appropriate analytical tools and techniques to interpret gaps, patterns and trends, assess threat, risk and harm and make recommendations in support of decision making, prioritisation and resource allocation. Correlating intelligence from a variety of sources, to develop and lead understanding and analysis of contextually relevant threats. Performing a broad range of tasks, bringing together output from stakeholders within Cyber SOC, Malware, Threat Hunting and Vulnerability teams. Preparing and delivering analytical alerts, reports, and briefings to stakeholders to provide a clear and concise evidence-based understanding of the subject matter, including providing advice and guidance. Working proactively to serve the policing community with limited direct oversight (depending on role and capabilities), and to take ownership of deliverables. Identifying, developing and training other CTI analysts using appropriate analytical tools and techniques. What you need to succeed in the role Essential : Ability to acquire SC and NPPV3 level clearances Strong interest in cyber security and threat actors Insatiable thirst for knowledge Ability to translate complex cyber issues to relevant audiences, both verbally and written Experience in internal and external stakeholder management and engagement Knowledge of current threat landscape including specific awareness of adversarial cyber actors, including their TTPs Experience in utilising open-source intelligence and the development of tools to assist with this Experience in conducting malware, phishing, and SIEM log analysis Knowledge of relevant CTI sources Excellent knowledge of adversarial cyber actors, including their TTPs and the adversary lifecycle Comprehensive experience in conducting malware, phishing, and SIEM log analysis Experience with threat modelling systems and risk assessment models Extensive experience in utilising open-source intelligence Experienced CTI analyst with the ability to progress service provided to police forces, lead development, and train juniors Demonstrated ability to manage customer relationships Strong leadership skills with the ability to prioritise and operate in a methodical and disciplined manner Ability to operate in high-pressured environments with proven experience of support provided during cyber incidents Desirable: Relevant qualifications including: CREST Registered Threat Intelligence Analyst, GIAC Cyber Threat Intelligence (GCTI), and/or Completed Intelligence Analysis course (e.g. NIAT, RISC UK or similar) Demonstrated experience in developing and delivering cybercrime or risk reduction recommendations and / or strategies Understanding of UK Police cyber and IT environments Working Arrangements At the NMC, you will benefit from hybrid working, getting the advantages of both face-to-face team engagement and home working. NMC employees have the opportunity to work in our modern office environment for in-person collaboration, however you will also get the opportunity to work from home 2 days a week.
Join our dynamic team as a Cyber Security Analyst (Change Control) based in Faslane, Helensburgh. Enjoy the flexibility of our 4xFlex working pattern, with a condensed 4-day workweek (Monday to Thursday) and the option for hybrid working, typically spending 2 days onsite.Key responsibilities: Streamline and enhance Change Control processes. Collaborate on customer process enhancements aligned with ITIL4 practices. Deliver concise progress reports and compelling presentations to clients. Serve as a subject matter expert in Security Information and Event Management (SIEM), providing recommendations for product enhancements. Conduct thorough analysis of SIEM outputs, promptly identifying and escalating any incidents or breaches. Provide assurance support to team members on Secure by Design principles. Translate technical risks into understandable formats for non-technical stakeholders. Mentor junior team members. Effectively communicate with clients and managers across all levels. The successful candidate must be capable of achieving the appropriate level of security clearance (SC). For further information, please visit UK Security Vetting Clearance Levels Required skills, qualifications and experience Proven track record as a Cyber Security Analyst, Change Control Analyst, or related role. Preferred certification: Certified Information Systems Security Professional (CISSP). Experience in Government/Ministry of Defence settings is advantageous. Proficiency in implementing ITIL processes. Strong expertise in SIEM operations. Competence in Risk Management and NIST Cyber Security Controls. Client-facing experience with exceptional stakeholder management skills. Ability to thrive in a fast-paced environment, adapting to evolving priorities. Highly organized with a pragmatic approach, consistently meeting deadlines. Excellent interpersonal and communication skills, both written and verbal. Business Environment Lockheed Martin UK - Strategic Systems (LMUK SS) is the single contractor providing specialist Waterfront In-Service Support to one of the Royal Navy's Submarine Programs. The company provides the Ministry of Defence (MoD) with safe, efficient and responsive support. LMUK SS, as part of the ABL Alliance with AWE and Babcock, is also responsible for the management of operations at RNAD Coulport. Looking to the future, LMUK SS supports the joint US and UK submarine design efforts. Equal Opportunity Statement Lockheed Martin is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. Diversity and inclusion are fundamental to our culture and reflect our values of doing what's right, respecting others and performing with excellence. By engaging with all our employees' diverse talents and experiences every day, we can innovate different and better, creating cutting edge solutions and unparalleled customer value. We know that diversity of thought leads to better solutions for our customers. Our top priority is finding the best candidate for the job and if you are interested in the position, we'd love to hear how you might contribute to our mission and our team and would encourage you to apply, even if you don't believe you meet every one of the criteria set out in our job advert. In addition, we are committed to inclusion of all individuals and will make reasonable adjustments to our applications process. If you require assistance or adjustments to participate in the job application or interview process, please contact or call . Disclaimer: This vacancy is being advertised by Optamor Limited. Optamor is a specialist Recruitment Process Outsourcing provider. We provide a flexible full recruitment solution which takes care of all recruitment requirements from planning to on-boarding. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
May 01, 2024
Full time
Join our dynamic team as a Cyber Security Analyst (Change Control) based in Faslane, Helensburgh. Enjoy the flexibility of our 4xFlex working pattern, with a condensed 4-day workweek (Monday to Thursday) and the option for hybrid working, typically spending 2 days onsite.Key responsibilities: Streamline and enhance Change Control processes. Collaborate on customer process enhancements aligned with ITIL4 practices. Deliver concise progress reports and compelling presentations to clients. Serve as a subject matter expert in Security Information and Event Management (SIEM), providing recommendations for product enhancements. Conduct thorough analysis of SIEM outputs, promptly identifying and escalating any incidents or breaches. Provide assurance support to team members on Secure by Design principles. Translate technical risks into understandable formats for non-technical stakeholders. Mentor junior team members. Effectively communicate with clients and managers across all levels. The successful candidate must be capable of achieving the appropriate level of security clearance (SC). For further information, please visit UK Security Vetting Clearance Levels Required skills, qualifications and experience Proven track record as a Cyber Security Analyst, Change Control Analyst, or related role. Preferred certification: Certified Information Systems Security Professional (CISSP). Experience in Government/Ministry of Defence settings is advantageous. Proficiency in implementing ITIL processes. Strong expertise in SIEM operations. Competence in Risk Management and NIST Cyber Security Controls. Client-facing experience with exceptional stakeholder management skills. Ability to thrive in a fast-paced environment, adapting to evolving priorities. Highly organized with a pragmatic approach, consistently meeting deadlines. Excellent interpersonal and communication skills, both written and verbal. Business Environment Lockheed Martin UK - Strategic Systems (LMUK SS) is the single contractor providing specialist Waterfront In-Service Support to one of the Royal Navy's Submarine Programs. The company provides the Ministry of Defence (MoD) with safe, efficient and responsive support. LMUK SS, as part of the ABL Alliance with AWE and Babcock, is also responsible for the management of operations at RNAD Coulport. Looking to the future, LMUK SS supports the joint US and UK submarine design efforts. Equal Opportunity Statement Lockheed Martin is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. Diversity and inclusion are fundamental to our culture and reflect our values of doing what's right, respecting others and performing with excellence. By engaging with all our employees' diverse talents and experiences every day, we can innovate different and better, creating cutting edge solutions and unparalleled customer value. We know that diversity of thought leads to better solutions for our customers. Our top priority is finding the best candidate for the job and if you are interested in the position, we'd love to hear how you might contribute to our mission and our team and would encourage you to apply, even if you don't believe you meet every one of the criteria set out in our job advert. In addition, we are committed to inclusion of all individuals and will make reasonable adjustments to our applications process. If you require assistance or adjustments to participate in the job application or interview process, please contact or call . Disclaimer: This vacancy is being advertised by Optamor Limited. Optamor is a specialist Recruitment Process Outsourcing provider. We provide a flexible full recruitment solution which takes care of all recruitment requirements from planning to on-boarding. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
Pearson Whiffin Recruitment Ltd
West Malling, Kent
Cyber Security Analyst We are looking for an experience Cyber Security Analyst with experience of Azure cloud security, ideally passing either AZ-500 or MS-500 exams. The team support the organisation assuring the effectiveness of their security controls, governance and assurance activities as well as providing input and support to any change initiatives. Required Skills and Experience: Provide security expertise around Azure and M365, including both security and compliance controls. Produce risk assessments, implement actions to ensure all systems and protected. Support the overall security team across the ongoing monitoring of security activities across the company. Hands-on use of MS security tooling across cloud platforms. Solid understanding of risk assessment frameworks, cloud services. Hands-on technical expertise across security controls, systems and applications. Experience of firewalls, Anti-virus and access controls, ideally Cisco focused. Any formal certifications such as Azure (AZ-500), CISSP, CCSP would be a real advantage.
Apr 30, 2024
Full time
Cyber Security Analyst We are looking for an experience Cyber Security Analyst with experience of Azure cloud security, ideally passing either AZ-500 or MS-500 exams. The team support the organisation assuring the effectiveness of their security controls, governance and assurance activities as well as providing input and support to any change initiatives. Required Skills and Experience: Provide security expertise around Azure and M365, including both security and compliance controls. Produce risk assessments, implement actions to ensure all systems and protected. Support the overall security team across the ongoing monitoring of security activities across the company. Hands-on use of MS security tooling across cloud platforms. Solid understanding of risk assessment frameworks, cloud services. Hands-on technical expertise across security controls, systems and applications. Experience of firewalls, Anti-virus and access controls, ideally Cisco focused. Any formal certifications such as Azure (AZ-500), CISSP, CCSP would be a real advantage.
Overview: Our client is looking for an Information Security Assurance Analyst Operations. The aim of this role is the effective operation, reporting and evidencing of their technology and information security control environment and the overall Information Security Management System (ISMS). Based in Reigate £38,000 - £43,000 Hybrid Eligibility for annual bonus, up to 15% 27 days holiday per annum, plus bank holidays Company pension scheme Death in service benefit Employee Assistance Programme Job specification: Maintaining and improving our ISMS - Updating ISMS policies, procedures, standards, and guidance - Coordinate and provide necessary support in planning and completing internal ISMS reviews. Supplier onboarding and annual supplier security assessments - Maintaining and developing our security awareness and education programmes - Analysis of information security alerts and incidents - Report on incidents, risks, threats and vulnerabilities - Scheduling internal and external penetration and vulnerability tests and managing remediation planning Assist in evaluation of cyber security tools Manage online ISMS system. Assist the ISM to deliver Information Security projects Participate in technology and information security related audits, providing support regarding the collation and supply of evidence to requests. Ensuring information security controls are evaluated and effective - Identifying ISMS nonconformities - Respond to audit recommendations. Establish a good working relationship with all internal and external key stakeholders, and third-party vendors. Create reports on information security projects and activities - Report on information and cyber security incidents - Create ISMS reports based on key metrics - Articulate associated risks in both technical and non-technical terminology. Support the on-going review process to continually improve and refine the ISMS Support the ISM in performing targeted information security risk assessments. Identify risks, incidents, and breaches, in accordance with company policies and department procedures. Person specification: Appropriate level of education or professional risk/compliance/Information Security related qualifications Experience within technology risk management and/or audit function would be beneficial Experience of working in a regulated environment / awareness of requirements such as GDPR Experience in the maintenance of a certified IS027001 Information Security Management System and related controls (ISO27002) Understanding of technology and information security risk management frameworks Excellent verbal and communication skills Excellent team player who can establish strong working relationships
Apr 30, 2024
Full time
Overview: Our client is looking for an Information Security Assurance Analyst Operations. The aim of this role is the effective operation, reporting and evidencing of their technology and information security control environment and the overall Information Security Management System (ISMS). Based in Reigate £38,000 - £43,000 Hybrid Eligibility for annual bonus, up to 15% 27 days holiday per annum, plus bank holidays Company pension scheme Death in service benefit Employee Assistance Programme Job specification: Maintaining and improving our ISMS - Updating ISMS policies, procedures, standards, and guidance - Coordinate and provide necessary support in planning and completing internal ISMS reviews. Supplier onboarding and annual supplier security assessments - Maintaining and developing our security awareness and education programmes - Analysis of information security alerts and incidents - Report on incidents, risks, threats and vulnerabilities - Scheduling internal and external penetration and vulnerability tests and managing remediation planning Assist in evaluation of cyber security tools Manage online ISMS system. Assist the ISM to deliver Information Security projects Participate in technology and information security related audits, providing support regarding the collation and supply of evidence to requests. Ensuring information security controls are evaluated and effective - Identifying ISMS nonconformities - Respond to audit recommendations. Establish a good working relationship with all internal and external key stakeholders, and third-party vendors. Create reports on information security projects and activities - Report on information and cyber security incidents - Create ISMS reports based on key metrics - Articulate associated risks in both technical and non-technical terminology. Support the on-going review process to continually improve and refine the ISMS Support the ISM in performing targeted information security risk assessments. Identify risks, incidents, and breaches, in accordance with company policies and department procedures. Person specification: Appropriate level of education or professional risk/compliance/Information Security related qualifications Experience within technology risk management and/or audit function would be beneficial Experience of working in a regulated environment / awareness of requirements such as GDPR Experience in the maintenance of a certified IS027001 Information Security Management System and related controls (ISO27002) Understanding of technology and information security risk management frameworks Excellent verbal and communication skills Excellent team player who can establish strong working relationships
Let's be Join our team at ISS Market Intelligence, where you'll be at the forefront of building and maintaining our cutting-edge Global Distribution Platforms in the UK. As a leading provider of industry-leading financial insights and market intelligence to our SaaS customers in the financial industry, we're committed to driving innovation and excellence. As a Senior Software Engineer, you will work with a group of skilled developers and collaborate with international engineers and industry experts. Your work will play a vital role in ensuring our platform remains at the forefront of the industry. What you'll do Collaborate closely with other engineers and product owners to help define the scope of development projects, ensuring alignment with our strategic objectives and customer needs. Showcase your technical expertise by developing and supporting software, including applica Collaborate closely with engineers and business analysts to help define the scope of development projects, ensuring alignment with our strategic objectives and customer needs. tions, database integration, interfaces, and new functionality enhancements. Play a key role in supporting our Quality Assurance team during the testing and deployment phases of new products and features, ensuring a seamless and top-quality user experience. Stay at the forefront of technological advancements by continuously learning and working with different technologies and tools while adhering to industry standards and best practices. Qualifications and Skills Strong knowledge of either C# or JAVA Strong knowledge of SQL and RDBMS Database Design 7+ years of relevant work experience Familiarity with source control tools like git Experience building CI/CD pipelines (we use Gitlab) Good to have Experience with front-end development in Angular Experience with Agile or Scrum methodologies Experience with Linux Understanding of software security best practices Experience with Kubernetes Familiarity with cloud platforms (e.g., AWS, Azure, GCP) Financial industry experience Join our team and be part of an innovative company that is revolutionizing the financial industry. Together, we'll shape the future of our Global Distribution Platforms and provide unparalleled insights to our valued customers. Apply now to lead a team of exceptional developers and drive our business and technology solutions to new heights. This position is hybrid from our office located in London Bridge. Three days in-office and two days from home. What you can expect from us Our people are the moving force behind ISS STOXX. We are dedicated to hiring the best, most talented people in our industry and empowering them with the resources and support to enhance their career, health, financial and personal well-being. We are committed to fostering, cultivating, and preserving a culture of diversity and inclusion. We are invested in our people and are working every day to ensure a diverse, equitable, and inclusive workplace. Let's empower, collaborate, and inspire one another. Let's be . About ISS STOXX ISS STOXX GmbH is a leading provider of research and technology solutions for the financial market. Established in 1985, we offer top-notch benchmark and custom indices globally, helping clients identify investment opportunities and manage portfolio risks. Our services cover corporate governance, sustainability, cyber risk, and fund intelligence. Majority-owned by Deutsche Börse Group, ISS STOXX has over 3,400 professionals in 33 locations worldwide, serving around 6,400 clients, including institutional investors and companies focused on ESG, cyber, and governance risk. Clients trust our expertise to make informed decisions for their stakeholders' benefit. ISS Market Intelligence (ISS MI) is a leading provider of data, insights, and market engagement solutions to the global financial services industry. ISS MI empowers asset and wealth management firms, insurance companies, distributors, service providers, and technology firms to assess their target markets, identify and analyze the best opportunities within those markets, and execute on comprehensive go-to-market initiatives to grow their business. Clients benefit from our increasingly connected global platform that leverages a combination of proprietary data, powerful analytics, timely and relevant insights, in-depth research, as well as an extensive suite of industry-leading media brands that deliver unmatched market connectivity through news and editorial content, events, training, ratings, and awards. Visit our website: View additional open roles: Institutional Shareholder Services ("ISS") is committed to fostering, cultivating, and preserving a culture of diversity and inclusion. It is our policy to prohibit discrimination or harassment against any applicant or employee on the basis of race, color, ethnicity, creed, religion, sex, age, height, weight, citizenship status, national origin, social origin, sexual orientation, gender identity or gender expression, pregnancy status, marital status, familial status, mental or physical disability, veteran status, military service or status, genetic information, or any other characteristic protected by law (referred to as "protected status"). All activities including, but not limited to, recruiting and hiring, recruitment advertising, promotions, performance appraisals, training, job assignments, compensation, demotions, transfers, terminations (including layoffs), benefits, and other terms, conditions, and privileges of employment, are and will be administered on a non-discriminatory basis, consistent with all applicable federal, state, and local requirements.
Apr 30, 2024
Full time
Let's be Join our team at ISS Market Intelligence, where you'll be at the forefront of building and maintaining our cutting-edge Global Distribution Platforms in the UK. As a leading provider of industry-leading financial insights and market intelligence to our SaaS customers in the financial industry, we're committed to driving innovation and excellence. As a Senior Software Engineer, you will work with a group of skilled developers and collaborate with international engineers and industry experts. Your work will play a vital role in ensuring our platform remains at the forefront of the industry. What you'll do Collaborate closely with other engineers and product owners to help define the scope of development projects, ensuring alignment with our strategic objectives and customer needs. Showcase your technical expertise by developing and supporting software, including applica Collaborate closely with engineers and business analysts to help define the scope of development projects, ensuring alignment with our strategic objectives and customer needs. tions, database integration, interfaces, and new functionality enhancements. Play a key role in supporting our Quality Assurance team during the testing and deployment phases of new products and features, ensuring a seamless and top-quality user experience. Stay at the forefront of technological advancements by continuously learning and working with different technologies and tools while adhering to industry standards and best practices. Qualifications and Skills Strong knowledge of either C# or JAVA Strong knowledge of SQL and RDBMS Database Design 7+ years of relevant work experience Familiarity with source control tools like git Experience building CI/CD pipelines (we use Gitlab) Good to have Experience with front-end development in Angular Experience with Agile or Scrum methodologies Experience with Linux Understanding of software security best practices Experience with Kubernetes Familiarity with cloud platforms (e.g., AWS, Azure, GCP) Financial industry experience Join our team and be part of an innovative company that is revolutionizing the financial industry. Together, we'll shape the future of our Global Distribution Platforms and provide unparalleled insights to our valued customers. Apply now to lead a team of exceptional developers and drive our business and technology solutions to new heights. This position is hybrid from our office located in London Bridge. Three days in-office and two days from home. What you can expect from us Our people are the moving force behind ISS STOXX. We are dedicated to hiring the best, most talented people in our industry and empowering them with the resources and support to enhance their career, health, financial and personal well-being. We are committed to fostering, cultivating, and preserving a culture of diversity and inclusion. We are invested in our people and are working every day to ensure a diverse, equitable, and inclusive workplace. Let's empower, collaborate, and inspire one another. Let's be . About ISS STOXX ISS STOXX GmbH is a leading provider of research and technology solutions for the financial market. Established in 1985, we offer top-notch benchmark and custom indices globally, helping clients identify investment opportunities and manage portfolio risks. Our services cover corporate governance, sustainability, cyber risk, and fund intelligence. Majority-owned by Deutsche Börse Group, ISS STOXX has over 3,400 professionals in 33 locations worldwide, serving around 6,400 clients, including institutional investors and companies focused on ESG, cyber, and governance risk. Clients trust our expertise to make informed decisions for their stakeholders' benefit. ISS Market Intelligence (ISS MI) is a leading provider of data, insights, and market engagement solutions to the global financial services industry. ISS MI empowers asset and wealth management firms, insurance companies, distributors, service providers, and technology firms to assess their target markets, identify and analyze the best opportunities within those markets, and execute on comprehensive go-to-market initiatives to grow their business. Clients benefit from our increasingly connected global platform that leverages a combination of proprietary data, powerful analytics, timely and relevant insights, in-depth research, as well as an extensive suite of industry-leading media brands that deliver unmatched market connectivity through news and editorial content, events, training, ratings, and awards. Visit our website: View additional open roles: Institutional Shareholder Services ("ISS") is committed to fostering, cultivating, and preserving a culture of diversity and inclusion. It is our policy to prohibit discrimination or harassment against any applicant or employee on the basis of race, color, ethnicity, creed, religion, sex, age, height, weight, citizenship status, national origin, social origin, sexual orientation, gender identity or gender expression, pregnancy status, marital status, familial status, mental or physical disability, veteran status, military service or status, genetic information, or any other characteristic protected by law (referred to as "protected status"). All activities including, but not limited to, recruiting and hiring, recruitment advertising, promotions, performance appraisals, training, job assignments, compensation, demotions, transfers, terminations (including layoffs), benefits, and other terms, conditions, and privileges of employment, are and will be administered on a non-discriminatory basis, consistent with all applicable federal, state, and local requirements.
Tiger Resourcing Solutions Limited
Maidstone, Kent
This critical role provides an interface between the Security Operations and Technical Teams championing Patch Management and Vulnerability remediation in order to help us make sure we are meeting our strict security policies. You will be responsible for day to day oversight of business as usual processes, as well as analysing the output of penetration tests and vulnerability scans, and helping provide specialist knowledge of vulnerabilities and how they apply in their environment.As our Vulnerability Analyst you will:- Ensure that Vulnerability and Patch Management are implemented in line with policy, and in the most effective and efficient manner.- Work with key stakeholders within IT and across the wider business, as well as partner organisations, to ensure visibility of the threat landscape and provide reassurance of risk mitigation measures being taken.- Monitor for evolving threats and provide input and advice on their potential impact to the client and any appropriate remedial action.- Create, prioritise, tracking remediation tasks and provide regular reports.Who you'll beThis role is for you if you have a blend of up to date technical knowledge and an organised approach to analysis and task management, and experience of vulnerability and patch management. Ideally you will have worked in financially regulated organisation and an ITIL environment, or have relevant transferable skills, and are keen to make a difference to society. We are looking for:- Excellent awareness and experience of cyber security, vulnerability and patch management. - Experience of working with Microsoft technologies including Azure, M365, Windows Server & Desktop Operating Systems.
Apr 29, 2024
Full time
This critical role provides an interface between the Security Operations and Technical Teams championing Patch Management and Vulnerability remediation in order to help us make sure we are meeting our strict security policies. You will be responsible for day to day oversight of business as usual processes, as well as analysing the output of penetration tests and vulnerability scans, and helping provide specialist knowledge of vulnerabilities and how they apply in their environment.As our Vulnerability Analyst you will:- Ensure that Vulnerability and Patch Management are implemented in line with policy, and in the most effective and efficient manner.- Work with key stakeholders within IT and across the wider business, as well as partner organisations, to ensure visibility of the threat landscape and provide reassurance of risk mitigation measures being taken.- Monitor for evolving threats and provide input and advice on their potential impact to the client and any appropriate remedial action.- Create, prioritise, tracking remediation tasks and provide regular reports.Who you'll beThis role is for you if you have a blend of up to date technical knowledge and an organised approach to analysis and task management, and experience of vulnerability and patch management. Ideally you will have worked in financially regulated organisation and an ITIL environment, or have relevant transferable skills, and are keen to make a difference to society. We are looking for:- Excellent awareness and experience of cyber security, vulnerability and patch management. - Experience of working with Microsoft technologies including Azure, M365, Windows Server & Desktop Operating Systems.
Director of IT Opportunity for a Director of IT to join our clients leading non-profit organisation based in Birmingham. Salary up to £62,000 + additional benefits, including 28 days holiday + 8 bank holidays. Apply online or contact Declan Jones via / WHO WE ARE: We support young people across the West Midlands who are suffering with homelessness or are at risk of becoming homeless. OUR BENEFITS Technology Scheme Vouchers 28 days annual leave (+8 statutory bank holidays) Childcare Cycle to work and life assurance schemes. Intensive PIE - Psychologically Informed Environment training Shopping, leisure, and day out discounts WHAT WILL YOU BE DOING? Oversee the management of the IT department and the Performance Hub team. Develop and execute strategies for IT and Cybersecurity. Manage data collection systems, analysis, and reporting. Ensure alignment with organisational objectives and achievement of key performance indicators. Continuously evaluate and enhance services. Provide necessary IT and data support for operational functions. Identify and mitigate risks within your area of responsibility. Collaborate with other Directors to support Youth Services Managers and meet organisational objectives. Prepare comprehensive reports for Board, Committees, SLT, and YSMs. Work closely with the Finance Director to develop and monitor departmental budgets. Contribute to business planning and goal setting efforts. Optimise resource allocation within a Psychologically Informed Environment. Supervise a team of performance analysts. Develop and implement policies and strategies for organisational performance management. Implement monitoring systems for performance indicators. Analyse data to identify opportunities for improvement and propose actionable insights. Advise senior management on performance-related issues. Provide data-driven support to enhance performance across the organisation. Cultivate a culture of performance management at all levels. Deliver training sessions to managers and staff on performance improvement practices. Effectively communicate performance-related matters to all staff. Represent the organization in various meetings and events. Manage departmental budgets and expenses in line with approved allocations. Prepare and present reports to Board and Sub-Committees. Stay informed about developments in relevant areas. Coordinate the dissemination of performance indicator information to partners and funders. Assist in obtaining and maintaining external quality certifications. Provide data for the organisation's EDI Strategy objectives. Foster collaborative relationships with Finance and other key departments. Enhance performance reporting processes to reflect organisational evolution and technological advancements. Utilise external data and trends to inform decision-making processes. DIRECTOR OF IT - ESSENTIAL SKILLS Proficient in IT management and data analysis. Advanced skills in MS Power BI. Experience in developing reporting structures and conducting data analysis. Strong understanding of value creation and cybersecurity principles. Demonstrated leadership abilities. Experience managing budgets and operations in resource-constrained environments. Track record of providing strategic guidance at a leadership level. Experience in staff management and performance supervision. Proven success in optimising resources and promoting best practices. Ability to effectively communicate complex data through reports and presentations. Experience in building and maintaining relationships with external stakeholders. TO BE CONSIDERED Please either apply by clicking online or emailing me directly . For further information please call me on / . By applying for this role, you give express consent for us to process and submit (subject to required skills) your application to our client in conjunction with this vacancy only. Key Skills: Power BI, Planning, Budgeting, Team leadership, Data Capture and Analysis , Value creation, Cyber Security
Apr 29, 2024
Full time
Director of IT Opportunity for a Director of IT to join our clients leading non-profit organisation based in Birmingham. Salary up to £62,000 + additional benefits, including 28 days holiday + 8 bank holidays. Apply online or contact Declan Jones via / WHO WE ARE: We support young people across the West Midlands who are suffering with homelessness or are at risk of becoming homeless. OUR BENEFITS Technology Scheme Vouchers 28 days annual leave (+8 statutory bank holidays) Childcare Cycle to work and life assurance schemes. Intensive PIE - Psychologically Informed Environment training Shopping, leisure, and day out discounts WHAT WILL YOU BE DOING? Oversee the management of the IT department and the Performance Hub team. Develop and execute strategies for IT and Cybersecurity. Manage data collection systems, analysis, and reporting. Ensure alignment with organisational objectives and achievement of key performance indicators. Continuously evaluate and enhance services. Provide necessary IT and data support for operational functions. Identify and mitigate risks within your area of responsibility. Collaborate with other Directors to support Youth Services Managers and meet organisational objectives. Prepare comprehensive reports for Board, Committees, SLT, and YSMs. Work closely with the Finance Director to develop and monitor departmental budgets. Contribute to business planning and goal setting efforts. Optimise resource allocation within a Psychologically Informed Environment. Supervise a team of performance analysts. Develop and implement policies and strategies for organisational performance management. Implement monitoring systems for performance indicators. Analyse data to identify opportunities for improvement and propose actionable insights. Advise senior management on performance-related issues. Provide data-driven support to enhance performance across the organisation. Cultivate a culture of performance management at all levels. Deliver training sessions to managers and staff on performance improvement practices. Effectively communicate performance-related matters to all staff. Represent the organization in various meetings and events. Manage departmental budgets and expenses in line with approved allocations. Prepare and present reports to Board and Sub-Committees. Stay informed about developments in relevant areas. Coordinate the dissemination of performance indicator information to partners and funders. Assist in obtaining and maintaining external quality certifications. Provide data for the organisation's EDI Strategy objectives. Foster collaborative relationships with Finance and other key departments. Enhance performance reporting processes to reflect organisational evolution and technological advancements. Utilise external data and trends to inform decision-making processes. DIRECTOR OF IT - ESSENTIAL SKILLS Proficient in IT management and data analysis. Advanced skills in MS Power BI. Experience in developing reporting structures and conducting data analysis. Strong understanding of value creation and cybersecurity principles. Demonstrated leadership abilities. Experience managing budgets and operations in resource-constrained environments. Track record of providing strategic guidance at a leadership level. Experience in staff management and performance supervision. Proven success in optimising resources and promoting best practices. Ability to effectively communicate complex data through reports and presentations. Experience in building and maintaining relationships with external stakeholders. TO BE CONSIDERED Please either apply by clicking online or emailing me directly . For further information please call me on / . By applying for this role, you give express consent for us to process and submit (subject to required skills) your application to our client in conjunction with this vacancy only. Key Skills: Power BI, Planning, Budgeting, Team leadership, Data Capture and Analysis , Value creation, Cyber Security
Cyber Security Risk & Assurance Analyst - 45-50k + Bonus Job Accountabilities Effectively leverage the Digital Safety risk framework to identify, analyse and manage cyber risk reflecting in-depth knowledge and experience. Actively engage with numerous functions, from technical IT to business facing functions, to gather a comprehensive range of risk-related information to demonstrate broad organisational understanding. Apply the Digital Safety assurance processes to accurately identify and register risks, demonstrating strategic initiative and proactively. to perceive and register risks. Collaborate with the IT Quality and Risk function to identify significant areas of IT risk in the context of Digital Safety risks, demonstrating strong cross-functional teamwork. Report to senior management via appropriate forums on risk and assurance findings and risk treatment plans. Present and articulate findings at risk forums to facilitate the management of identified risks, showcasing nuanced understanding and strong communication skills. Maintain and update knowledge of the current threat landscape and evaluate its impact on the likelihood of risk events occurring, reflecting a commitment to knowledge development. Provide education, guidance and mentorship to colleagues outside of Risk and Assurance on the use of the risk methodology, fostering a companywide understanding of risk management and reporting. Supporting Risk and Assurance: Tracking, management and reporting of risk, control and deviation remediation activities, Facilitate in the preparation of material for internal or external auditors, Preside over meetings, ensuring key decisions and discussions are minute and action logs are maintained for future reference. Provide strategic support to the Digital Safety Risk and Assurance team to identify and capture gaps and information concerning our data governance framework. Responsible for updating the risk register of information assets with risks associated with each asset. Business skills Has sufficient communication skills for effective dialogue with customers, suppliers and partners. Is able to work in a team. Is able to plan, schedule and monitor own work within short time horizons. Demonstrates a rational and organised approach to work. Understands and uses appropriate methods, tools and applications. Identifies and negotiates own development opportunities. Is fully aware of and complies with essential organisational security practices expected of the individual. Analytical mind-set. Motivation to develop and maintain subject matter expertise. Enthusiastic, pro-active and positive attitude. Ability to work to deadlines, prioritize and multi-task. Ability to manage own workload and meeting schedule. Basic Report writing. Ability to absorb and learn technical information and communicate this in a way that is easy to understand. Cyber Security Risk & Assurance Analyst - 45-50k + Bonus .
Apr 29, 2024
Full time
Cyber Security Risk & Assurance Analyst - 45-50k + Bonus Job Accountabilities Effectively leverage the Digital Safety risk framework to identify, analyse and manage cyber risk reflecting in-depth knowledge and experience. Actively engage with numerous functions, from technical IT to business facing functions, to gather a comprehensive range of risk-related information to demonstrate broad organisational understanding. Apply the Digital Safety assurance processes to accurately identify and register risks, demonstrating strategic initiative and proactively. to perceive and register risks. Collaborate with the IT Quality and Risk function to identify significant areas of IT risk in the context of Digital Safety risks, demonstrating strong cross-functional teamwork. Report to senior management via appropriate forums on risk and assurance findings and risk treatment plans. Present and articulate findings at risk forums to facilitate the management of identified risks, showcasing nuanced understanding and strong communication skills. Maintain and update knowledge of the current threat landscape and evaluate its impact on the likelihood of risk events occurring, reflecting a commitment to knowledge development. Provide education, guidance and mentorship to colleagues outside of Risk and Assurance on the use of the risk methodology, fostering a companywide understanding of risk management and reporting. Supporting Risk and Assurance: Tracking, management and reporting of risk, control and deviation remediation activities, Facilitate in the preparation of material for internal or external auditors, Preside over meetings, ensuring key decisions and discussions are minute and action logs are maintained for future reference. Provide strategic support to the Digital Safety Risk and Assurance team to identify and capture gaps and information concerning our data governance framework. Responsible for updating the risk register of information assets with risks associated with each asset. Business skills Has sufficient communication skills for effective dialogue with customers, suppliers and partners. Is able to work in a team. Is able to plan, schedule and monitor own work within short time horizons. Demonstrates a rational and organised approach to work. Understands and uses appropriate methods, tools and applications. Identifies and negotiates own development opportunities. Is fully aware of and complies with essential organisational security practices expected of the individual. Analytical mind-set. Motivation to develop and maintain subject matter expertise. Enthusiastic, pro-active and positive attitude. Ability to work to deadlines, prioritize and multi-task. Ability to manage own workload and meeting schedule. Basic Report writing. Ability to absorb and learn technical information and communicate this in a way that is easy to understand. Cyber Security Risk & Assurance Analyst - 45-50k + Bonus .
Position: Senior Data Scientist - Cyber Risk Quantitative Risk Modeller Location: Bristol Our client, a pioneering reinsurance agency based in Bristol, UK, is seeking a highly skilled and experienced Senior Data Scientist - Cyber Risk Quantitative Risk Modeller to join their dynamic modelling team. They specialise in the cutting-edge domain of cyber risk and aim to redefine the landscape of cyber risk assessment and management. As a Senior Data Scientist, reporting into the Head of Data Science & Modelling, you will play a pivotal role in the development and operationalization of our client's proprietary stochastic cyber risk model. This position offers an exciting opportunity to contribute significantly to the advancement of analytical capabilities and the broader field of cyber risk modelling. Responsibilities: - Model Development and Operation: Be a key member of the team responsible for designing, developing, refining, and executing the stochastic cyber risk model, ensuring its accuracy, performance, and scalability. - Data Analysis: Perform complex data analysis to extract insights and identify trends in cyber risk using statistical and machine learning techniques. - Operationalization: Translate model insights into actionable strategies and tools for internal and external stakeholders. - Collaboration: Work closely with other team members, including underwriters, engineers, and cyber risk analysts, to integrate the cyber risk model with other systems and processes. - Innovation: Stay updated with the latest developments in data science, cyber security, and risk modelling and incorporate innovative techniques and technologies into our models. Qualifications: - Experience: Minimum of 5 years of experience as a data scientist/quantitative risk modeller, with a proven track record of operationalizing complex models and analytics. - Education: A degree in Computer Science, Engineering, Statistics, Mathematics, or a related field. Advanced degrees (MSc or PhD) are preferred. - Technical Skills: Expertise in applied machine learning, probability, statistics, and quantitative risk modelling. High proficiency in Python and SQL, with experience in big data technologies and tools (Databricks and Pyspark preferred). Familiarity with agile software development processes. - Industry Knowledge: Experience in insurance, cyber risk, or related domains is ideal. Understanding of the reinsurance industry and its challenges is a plus. - Soft Skills: Excellent problem-solving abilities, strong communication skills, and the capacity to work effectively in a team-oriented environment. Benefits: - Impact: Make a tangible impact on the future of cyber risk management and reinsurance. - Innovation: Work at the forefront of data science and cyber security, with opportunities to innovate and challenge the status quo. - Growth: Benefit from opportunities for professional development and advancement in a rapidly growing company. - Culture: Join a collaborative, supportive, and forward-thinking team that values innovation and excellence. Salary: £70,000 to £80,000 per year Contract Type: Permanent Working Pattern: Full Time Additional Perks: Health insurance, Hybrid working, Life assurance, Private Medical, 5% pension, 28 days annual leave plus bank holidays, Collaborative working If you have the skills, experience, and passion to excel in this role, apply now and be a part of our client's groundbreaking work in the field of cyber risk assessment and management. Adecco is a disability-confident employer. It is important to us that we run an inclusive and accessible recruitment process to support candidates of all backgrounds and all abilities to apply. Adecco is committed to building a supportive environment for you to explore the next steps in your career. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you.
Apr 26, 2024
Full time
Position: Senior Data Scientist - Cyber Risk Quantitative Risk Modeller Location: Bristol Our client, a pioneering reinsurance agency based in Bristol, UK, is seeking a highly skilled and experienced Senior Data Scientist - Cyber Risk Quantitative Risk Modeller to join their dynamic modelling team. They specialise in the cutting-edge domain of cyber risk and aim to redefine the landscape of cyber risk assessment and management. As a Senior Data Scientist, reporting into the Head of Data Science & Modelling, you will play a pivotal role in the development and operationalization of our client's proprietary stochastic cyber risk model. This position offers an exciting opportunity to contribute significantly to the advancement of analytical capabilities and the broader field of cyber risk modelling. Responsibilities: - Model Development and Operation: Be a key member of the team responsible for designing, developing, refining, and executing the stochastic cyber risk model, ensuring its accuracy, performance, and scalability. - Data Analysis: Perform complex data analysis to extract insights and identify trends in cyber risk using statistical and machine learning techniques. - Operationalization: Translate model insights into actionable strategies and tools for internal and external stakeholders. - Collaboration: Work closely with other team members, including underwriters, engineers, and cyber risk analysts, to integrate the cyber risk model with other systems and processes. - Innovation: Stay updated with the latest developments in data science, cyber security, and risk modelling and incorporate innovative techniques and technologies into our models. Qualifications: - Experience: Minimum of 5 years of experience as a data scientist/quantitative risk modeller, with a proven track record of operationalizing complex models and analytics. - Education: A degree in Computer Science, Engineering, Statistics, Mathematics, or a related field. Advanced degrees (MSc or PhD) are preferred. - Technical Skills: Expertise in applied machine learning, probability, statistics, and quantitative risk modelling. High proficiency in Python and SQL, with experience in big data technologies and tools (Databricks and Pyspark preferred). Familiarity with agile software development processes. - Industry Knowledge: Experience in insurance, cyber risk, or related domains is ideal. Understanding of the reinsurance industry and its challenges is a plus. - Soft Skills: Excellent problem-solving abilities, strong communication skills, and the capacity to work effectively in a team-oriented environment. Benefits: - Impact: Make a tangible impact on the future of cyber risk management and reinsurance. - Innovation: Work at the forefront of data science and cyber security, with opportunities to innovate and challenge the status quo. - Growth: Benefit from opportunities for professional development and advancement in a rapidly growing company. - Culture: Join a collaborative, supportive, and forward-thinking team that values innovation and excellence. Salary: £70,000 to £80,000 per year Contract Type: Permanent Working Pattern: Full Time Additional Perks: Health insurance, Hybrid working, Life assurance, Private Medical, 5% pension, 28 days annual leave plus bank holidays, Collaborative working If you have the skills, experience, and passion to excel in this role, apply now and be a part of our client's groundbreaking work in the field of cyber risk assessment and management. Adecco is a disability-confident employer. It is important to us that we run an inclusive and accessible recruitment process to support candidates of all backgrounds and all abilities to apply. Adecco is committed to building a supportive environment for you to explore the next steps in your career. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you.
COMPANY DESCRIPTION On May 31, 2023, Viasat completed its acquisition of Inmarsat, combining the teams, technologies and resources of the two companies to create a new global communications partner. About Viasat Viasat is a global communications company that believes everyone and everything in the world can be connected. With offices in 24 countries around the world, our mission shapes how consumers, businesses, governments and militaries around the world communicate and connect. Viasat is developing the ultimate global communications network to power high-quality, reliable, secure, affordable, fast connections to positively impact people's lives anywhere they are-on the ground, in the air or at sea, while building a sustainable future in space. Chief Operations Office The Chief Operations Office (COO) plays a vital role managing the services that keep our business running and delivering to our customers. COO consists of 9 functions including: Satellite Operations, Network Operations, Service Assurance, Service Delivery Aviation and Customer Assurance, Service Delivery and Supply Chain, Project Management Office, Global Cyber Security and Group IT JOB DESCRIPTION Key responsibilities of the position: Act as a first line security event analyst monitoring the Security Information and Event Management (SIEM) System. Monitor the alarm console; provide initial analysis of logs and network traffic; and make security event determinations on alarm severity, escalation, and response routing. Provide first line telephone, e-mail and ticket routing services for security event notifications and incident response processes. Deliver first level investigation and remediation activities as a member of the Security Incident Response Team. Participate in Security Incident Response Team (SIRT) events: Conduct research and assessments of security events; provide analysis of firewall, IDS, anti-virus and other network sensor produced events; present findings as input to SIRT. Participate in a Compliance/Vulnerability Assessment (VA) Scanning Capability. Follow a documented process for routine scanning of Inmarsat infrastructure and network elements. Develop mitigation and remediation plans as a result of the vulnerability assessment findings. Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs). Create and update security event investigation notes, conduct shift change reports on open cases, and maintain case data in the Incident Response Management platform. Document information security operations policies, process and procedures. The post may require working daytime, night time, and weekend work (adequate notification will be provided) QUALIFICATIONS Essential Knowledge and Skills: A University degree level education or equivalent in Information Security, Forensics, or Computer Science; related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis. Understanding of performing 1st level analysis and interpretation of information from SOC systems; incident identification/analysis, escalation procedures, and reduction of false-positives. A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be advantageous. Intermediate knowledge of Information Security fundamentals, technologies, and design principals. Understanding or proven experience in securing Windows, Linux, Oracle and VM platforms. Understanding or proven experience of QRadar or similar Security Information and Event Management (SIEM) tools for analysing network and security incidents. Experience in Tenable Network Security Nessus, BeyondTrust Retina or similar Vulnerability Assessment (VA) scanner operations for identifying network and platform risks and mis-configurations. Willingness to learn new skills and be self-motivated. Ability to work in a team environment, to work under pressure and show flexibility. Excellent verbal and written communication skills in English. ADDITIONAL INFORMATION You must be eligible to work in this location advertised. Our culture and ways of working Our values define our culture and represent what we believe in. Viasat employees aspire to behaviours that support our values, which create a stronger working environment and lie at the heart of our continued success as an organisation. Customer - we provide a unique value to our customers Accountability - we take ownership, we deliver results, and we keep our promises Respect - we collaborate, we embrace and celebrate diversity and we value difference Excellence - we create bold solutions for our customers and put quality at the heart of everything we do We also value and encourage a healthy work-life balance, so we offer flexible working wherever possible. Depending on the operational requirements of your job and your team, we can offer compressed hours (nine-day fortnight), hybrid office-remote working, and flexibility during your working day to take care of personal commitments. Diversity We want the best people for the job, and we warmly welcome applications from you if you're suitably qualified and eligible, regardless of your sex, gender, age, race, ethnicity, disability, sexuality, gender identity, neurodiverse qualities, religion or belief, marital status, pregnancy, or maternity status. We are signed up to the Halo Hair Code, which aims to protect employees who come to work with natural hair and protective hairstyles associated with their racial, ethnic, and cultural identities. To give you the best experience possible during your application process and interview, we can make adjustments. For example, if you're visually impaired we'll happily meet you locally and help you find your way to our office, or if you have neurodiverse qualities, we can provide you with additional support to help you prepare for your interview. Please let our Resourcing Team know if there are any ways in which we can support you.
Aug 15, 2023
Full time
COMPANY DESCRIPTION On May 31, 2023, Viasat completed its acquisition of Inmarsat, combining the teams, technologies and resources of the two companies to create a new global communications partner. About Viasat Viasat is a global communications company that believes everyone and everything in the world can be connected. With offices in 24 countries around the world, our mission shapes how consumers, businesses, governments and militaries around the world communicate and connect. Viasat is developing the ultimate global communications network to power high-quality, reliable, secure, affordable, fast connections to positively impact people's lives anywhere they are-on the ground, in the air or at sea, while building a sustainable future in space. Chief Operations Office The Chief Operations Office (COO) plays a vital role managing the services that keep our business running and delivering to our customers. COO consists of 9 functions including: Satellite Operations, Network Operations, Service Assurance, Service Delivery Aviation and Customer Assurance, Service Delivery and Supply Chain, Project Management Office, Global Cyber Security and Group IT JOB DESCRIPTION Key responsibilities of the position: Act as a first line security event analyst monitoring the Security Information and Event Management (SIEM) System. Monitor the alarm console; provide initial analysis of logs and network traffic; and make security event determinations on alarm severity, escalation, and response routing. Provide first line telephone, e-mail and ticket routing services for security event notifications and incident response processes. Deliver first level investigation and remediation activities as a member of the Security Incident Response Team. Participate in Security Incident Response Team (SIRT) events: Conduct research and assessments of security events; provide analysis of firewall, IDS, anti-virus and other network sensor produced events; present findings as input to SIRT. Participate in a Compliance/Vulnerability Assessment (VA) Scanning Capability. Follow a documented process for routine scanning of Inmarsat infrastructure and network elements. Develop mitigation and remediation plans as a result of the vulnerability assessment findings. Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs). Create and update security event investigation notes, conduct shift change reports on open cases, and maintain case data in the Incident Response Management platform. Document information security operations policies, process and procedures. The post may require working daytime, night time, and weekend work (adequate notification will be provided) QUALIFICATIONS Essential Knowledge and Skills: A University degree level education or equivalent in Information Security, Forensics, or Computer Science; related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis. Understanding of performing 1st level analysis and interpretation of information from SOC systems; incident identification/analysis, escalation procedures, and reduction of false-positives. A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be advantageous. Intermediate knowledge of Information Security fundamentals, technologies, and design principals. Understanding or proven experience in securing Windows, Linux, Oracle and VM platforms. Understanding or proven experience of QRadar or similar Security Information and Event Management (SIEM) tools for analysing network and security incidents. Experience in Tenable Network Security Nessus, BeyondTrust Retina or similar Vulnerability Assessment (VA) scanner operations for identifying network and platform risks and mis-configurations. Willingness to learn new skills and be self-motivated. Ability to work in a team environment, to work under pressure and show flexibility. Excellent verbal and written communication skills in English. ADDITIONAL INFORMATION You must be eligible to work in this location advertised. Our culture and ways of working Our values define our culture and represent what we believe in. Viasat employees aspire to behaviours that support our values, which create a stronger working environment and lie at the heart of our continued success as an organisation. Customer - we provide a unique value to our customers Accountability - we take ownership, we deliver results, and we keep our promises Respect - we collaborate, we embrace and celebrate diversity and we value difference Excellence - we create bold solutions for our customers and put quality at the heart of everything we do We also value and encourage a healthy work-life balance, so we offer flexible working wherever possible. Depending on the operational requirements of your job and your team, we can offer compressed hours (nine-day fortnight), hybrid office-remote working, and flexibility during your working day to take care of personal commitments. Diversity We want the best people for the job, and we warmly welcome applications from you if you're suitably qualified and eligible, regardless of your sex, gender, age, race, ethnicity, disability, sexuality, gender identity, neurodiverse qualities, religion or belief, marital status, pregnancy, or maternity status. We are signed up to the Halo Hair Code, which aims to protect employees who come to work with natural hair and protective hairstyles associated with their racial, ethnic, and cultural identities. To give you the best experience possible during your application process and interview, we can make adjustments. For example, if you're visually impaired we'll happily meet you locally and help you find your way to our office, or if you have neurodiverse qualities, we can provide you with additional support to help you prepare for your interview. Please let our Resourcing Team know if there are any ways in which we can support you.
COMPANY DESCRIPTION On May 31, 2023, Viasat completed its acquisition of Inmarsat, combining the teams, technologies and resources of the two companies to create a new global communications partner. About Viasat Viasat is a global communications company that believes everyone and everything in the world can be connected. With offices in 24 countries around the world, our mission shapes how consumers, businesses, governments and militaries around the world communicate and connect. Viasat is developing the ultimate global communications network to power high-quality, reliable, secure, affordable, fast connections to positively impact people's lives anywhere they are-on the ground, in the air or at sea, while building a sustainable future in space. Chief Operations Office The Chief Operations Office (COO) plays a vital role managing the services that keep our business running and delivering to our customers. COO consists of 9 functions including: Satellite Operations, Network Operations, Service Assurance, Service Delivery Aviation and Customer Assurance, Service Delivery and Supply Chain, Project Management Office, Global Cyber Security and Group IT JOB DESCRIPTION Key responsibilities of the position: Act as a first line security event analyst monitoring the Security Information and Event Management (SIEM) System. Monitor the alarm console; provide initial analysis of logs and network traffic; and make security event determinations on alarm severity, escalation, and response routing. Provide first line telephone, e-mail and ticket routing services for security event notifications and incident response processes. Deliver first level investigation and remediation activities as a member of the Security Incident Response Team. Participate in Security Incident Response Team (SIRT) events: Conduct research and assessments of security events; provide analysis of firewall, IDS, anti-virus and other network sensor produced events; present findings as input to SIRT. Participate in a Compliance/Vulnerability Assessment (VA) Scanning Capability. Follow a documented process for routine scanning of Inmarsat infrastructure and network elements. Develop mitigation and remediation plans as a result of the vulnerability assessment findings. Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs). Create and update security event investigation notes, conduct shift change reports on open cases, and maintain case data in the Incident Response Management platform. Document information security operations policies, process and procedures. The post may require working daytime, night time, and weekend work (adequate notification will be provided) QUALIFICATIONS Essential Knowledge and Skills: A University degree level education or equivalent in Information Security, Forensics, or Computer Science; related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis. Understanding of performing 1st level analysis and interpretation of information from SOC systems; incident identification/analysis, escalation procedures, and reduction of false-positives. A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be advantageous. Intermediate knowledge of Information Security fundamentals, technologies, and design principals. Understanding or proven experience in securing Windows, Linux, Oracle and VM platforms. Understanding or proven experience of QRadar or similar Security Information and Event Management (SIEM) tools for analysing network and security incidents. Experience in Tenable Network Security Nessus, BeyondTrust Retina or similar Vulnerability Assessment (VA) scanner operations for identifying network and platform risks and mis-configurations. Willingness to learn new skills and be self-motivated. Ability to work in a team environment, to work under pressure and show flexibility. Excellent verbal and written communication skills in English. ADDITIONAL INFORMATION You must be eligible to work in this location advertised. Our culture and ways of working Our values define our culture and represent what we believe in. Viasat employees aspire to behaviours that support our values, which create a stronger working environment and lie at the heart of our continued success as an organisation. Customer - we provide a unique value to our customers Accountability - we take ownership, we deliver results, and we keep our promises Respect - we collaborate, we embrace and celebrate diversity and we value difference Excellence - we create bold solutions for our customers and put quality at the heart of everything we do We also value and encourage a healthy work-life balance, so we offer flexible working wherever possible. Depending on the operational requirements of your job and your team, we can offer compressed hours (nine-day fortnight), hybrid office-remote working, and flexibility during your working day to take care of personal commitments. Diversity We want the best people for the job, and we warmly welcome applications from you if you're suitably qualified and eligible, regardless of your sex, gender, age, race, ethnicity, disability, sexuality, gender identity, neurodiverse qualities, religion or belief, marital status, pregnancy, or maternity status. We are signed up to the Halo Hair Code, which aims to protect employees who come to work with natural hair and protective hairstyles associated with their racial, ethnic, and cultural identities. To give you the best experience possible during your application process and interview, we can make adjustments. For example, if you're visually impaired we'll happily meet you locally and help you find your way to our office, or if you have neurodiverse qualities, we can provide you with additional support to help you prepare for your interview. Please let our Resourcing Team know if there are any ways in which we can support you.
Aug 14, 2023
Full time
COMPANY DESCRIPTION On May 31, 2023, Viasat completed its acquisition of Inmarsat, combining the teams, technologies and resources of the two companies to create a new global communications partner. About Viasat Viasat is a global communications company that believes everyone and everything in the world can be connected. With offices in 24 countries around the world, our mission shapes how consumers, businesses, governments and militaries around the world communicate and connect. Viasat is developing the ultimate global communications network to power high-quality, reliable, secure, affordable, fast connections to positively impact people's lives anywhere they are-on the ground, in the air or at sea, while building a sustainable future in space. Chief Operations Office The Chief Operations Office (COO) plays a vital role managing the services that keep our business running and delivering to our customers. COO consists of 9 functions including: Satellite Operations, Network Operations, Service Assurance, Service Delivery Aviation and Customer Assurance, Service Delivery and Supply Chain, Project Management Office, Global Cyber Security and Group IT JOB DESCRIPTION Key responsibilities of the position: Act as a first line security event analyst monitoring the Security Information and Event Management (SIEM) System. Monitor the alarm console; provide initial analysis of logs and network traffic; and make security event determinations on alarm severity, escalation, and response routing. Provide first line telephone, e-mail and ticket routing services for security event notifications and incident response processes. Deliver first level investigation and remediation activities as a member of the Security Incident Response Team. Participate in Security Incident Response Team (SIRT) events: Conduct research and assessments of security events; provide analysis of firewall, IDS, anti-virus and other network sensor produced events; present findings as input to SIRT. Participate in a Compliance/Vulnerability Assessment (VA) Scanning Capability. Follow a documented process for routine scanning of Inmarsat infrastructure and network elements. Develop mitigation and remediation plans as a result of the vulnerability assessment findings. Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs). Create and update security event investigation notes, conduct shift change reports on open cases, and maintain case data in the Incident Response Management platform. Document information security operations policies, process and procedures. The post may require working daytime, night time, and weekend work (adequate notification will be provided) QUALIFICATIONS Essential Knowledge and Skills: A University degree level education or equivalent in Information Security, Forensics, or Computer Science; related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis. Understanding of performing 1st level analysis and interpretation of information from SOC systems; incident identification/analysis, escalation procedures, and reduction of false-positives. A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be advantageous. Intermediate knowledge of Information Security fundamentals, technologies, and design principals. Understanding or proven experience in securing Windows, Linux, Oracle and VM platforms. Understanding or proven experience of QRadar or similar Security Information and Event Management (SIEM) tools for analysing network and security incidents. Experience in Tenable Network Security Nessus, BeyondTrust Retina or similar Vulnerability Assessment (VA) scanner operations for identifying network and platform risks and mis-configurations. Willingness to learn new skills and be self-motivated. Ability to work in a team environment, to work under pressure and show flexibility. Excellent verbal and written communication skills in English. ADDITIONAL INFORMATION You must be eligible to work in this location advertised. Our culture and ways of working Our values define our culture and represent what we believe in. Viasat employees aspire to behaviours that support our values, which create a stronger working environment and lie at the heart of our continued success as an organisation. Customer - we provide a unique value to our customers Accountability - we take ownership, we deliver results, and we keep our promises Respect - we collaborate, we embrace and celebrate diversity and we value difference Excellence - we create bold solutions for our customers and put quality at the heart of everything we do We also value and encourage a healthy work-life balance, so we offer flexible working wherever possible. Depending on the operational requirements of your job and your team, we can offer compressed hours (nine-day fortnight), hybrid office-remote working, and flexibility during your working day to take care of personal commitments. Diversity We want the best people for the job, and we warmly welcome applications from you if you're suitably qualified and eligible, regardless of your sex, gender, age, race, ethnicity, disability, sexuality, gender identity, neurodiverse qualities, religion or belief, marital status, pregnancy, or maternity status. We are signed up to the Halo Hair Code, which aims to protect employees who come to work with natural hair and protective hairstyles associated with their racial, ethnic, and cultural identities. To give you the best experience possible during your application process and interview, we can make adjustments. For example, if you're visually impaired we'll happily meet you locally and help you find your way to our office, or if you have neurodiverse qualities, we can provide you with additional support to help you prepare for your interview. Please let our Resourcing Team know if there are any ways in which we can support you.
Job Description: Job Title: Application Security Analyst Corporate Title: Vice President Location: Chester Role Description: Resource will function as a member of an enterprise network application layer intrusion, detection, prevention, and response team. Will develop and implement custom alerts and dashboards monitoring controls based on OSI layer 7 attack and threat indicators. Provides leadership in assessing new threat vectors and designing and implementing effective controls. Leverages advanced investigative skills using best in class data correlation and network/packet analysis tools. Will partner with senior leaders from lines of business organizations to triage security events and report on impacting security initiatives. Responsible for mentoring and developing the skill sets of less experienced team members. Develops and implements processes or controls in support of audit and risk requirements. The Team: The Network and Endpoint Cybersecurity Operations team provides the first line of defense for Bank of America's global network. It defends against various threats including DDoS, Malware, Web Based Attacks, Remote Attacks, and provides network access assurance across our network and endpoint boundaries. Provides network and endpoint anomaly monitoring for indicators of compromise, and a 24x7 rapid response capability for network and endpoint security related events and incidents. Core Skills: Required Skills: Strong Splunk skill set. The security analyst will leverage Splunk to analyze logs and other security events to find targeted attacks against network-based bank assets. Strong Intrusion Analysis background. Resource must be able to identify and interpret weblogs from various webservers. Knowledgeable of current exploits. Resource must be able to identify common exploits from the appropriate web and event logs. Working knowledge of Linux, Windows, and OS X operating systems. Comfortable with scripting languages and regular expressions Strong knowledge common network protocols Working knowledge of enterprise Client / Server architecture Working knowledge of OSI model 3 through 7 We are a front-line team that handles active security events and highly current threats. On call and after-hours work can be expected although we rotate to approximately one week every 2 months. The analyst will use new intelligence to update existing controls to detect new threats against the bank. Will be expected to have solid technical skills to operate independently and to support others within the security team. Preferred Skills: Experience doing packet captures and interpreting them (wireshark for example). Understanding of stateful firewalls and able to interpret firewall rules. Able to interpret SQL, Apache web logs, IIS, Active Directory and other security logs. Full understanding of modern web site deployments and technology. Familiarity with web application attacks including SQL injection, cross-site scripting, and remote file inclusion. Use tools to detect anomalous/malicious data transmissions on the network. Use advanced analytics / security tools to detect malware on the network. Bank of America: Every day, across the globe, our employees bring a commitment to our purpose and to driving responsible growth by living our values: deliver together, act responsibly, realize the power of our people and trust the team. A key aspect of driving responsible growth is doing so in a sustainable manner, a critical pillar of which is being a great place to work for our teammates. In line with these values, in EMEA we have 9 Employee Networks, a wide range of Sports & Social clubs, and other development and networking opportunities so that you can enjoy a range of experiences and connect with colleagues across the bank. We also offer exclusive discounts to some of the most iconic cultural experiences for you to enjoy in your spare time outside of work. Learn more about our benefits here. Good conduct and sound judgment is crucial to our long term success. It's important that all employees in the organisation understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mind-set are the cornerstones of our Code of Conduct and are at the heart of managing risk well. We are an equal opportunities employer, and ensure that no applicant is subject to less favourable treatment on the grounds of gender, gender identity, marital status, race, colour, nationality, ethnic or national origins, age, sexual orientation, socio-economic background, responsibilities for dependants, physical or mental disability. The Bank selects candidates for interview based on their skills, qualifications and experience. We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements. As part of our standard hiring process to manage risk, please note background screening checks will be conducted on all hires before commencing employment. Job Band: H5 Shift: Hours Per Week: 35 Weekly Schedule: Referral Bonus Amount: 0
Sep 24, 2022
Full time
Job Description: Job Title: Application Security Analyst Corporate Title: Vice President Location: Chester Role Description: Resource will function as a member of an enterprise network application layer intrusion, detection, prevention, and response team. Will develop and implement custom alerts and dashboards monitoring controls based on OSI layer 7 attack and threat indicators. Provides leadership in assessing new threat vectors and designing and implementing effective controls. Leverages advanced investigative skills using best in class data correlation and network/packet analysis tools. Will partner with senior leaders from lines of business organizations to triage security events and report on impacting security initiatives. Responsible for mentoring and developing the skill sets of less experienced team members. Develops and implements processes or controls in support of audit and risk requirements. The Team: The Network and Endpoint Cybersecurity Operations team provides the first line of defense for Bank of America's global network. It defends against various threats including DDoS, Malware, Web Based Attacks, Remote Attacks, and provides network access assurance across our network and endpoint boundaries. Provides network and endpoint anomaly monitoring for indicators of compromise, and a 24x7 rapid response capability for network and endpoint security related events and incidents. Core Skills: Required Skills: Strong Splunk skill set. The security analyst will leverage Splunk to analyze logs and other security events to find targeted attacks against network-based bank assets. Strong Intrusion Analysis background. Resource must be able to identify and interpret weblogs from various webservers. Knowledgeable of current exploits. Resource must be able to identify common exploits from the appropriate web and event logs. Working knowledge of Linux, Windows, and OS X operating systems. Comfortable with scripting languages and regular expressions Strong knowledge common network protocols Working knowledge of enterprise Client / Server architecture Working knowledge of OSI model 3 through 7 We are a front-line team that handles active security events and highly current threats. On call and after-hours work can be expected although we rotate to approximately one week every 2 months. The analyst will use new intelligence to update existing controls to detect new threats against the bank. Will be expected to have solid technical skills to operate independently and to support others within the security team. Preferred Skills: Experience doing packet captures and interpreting them (wireshark for example). Understanding of stateful firewalls and able to interpret firewall rules. Able to interpret SQL, Apache web logs, IIS, Active Directory and other security logs. Full understanding of modern web site deployments and technology. Familiarity with web application attacks including SQL injection, cross-site scripting, and remote file inclusion. Use tools to detect anomalous/malicious data transmissions on the network. Use advanced analytics / security tools to detect malware on the network. Bank of America: Every day, across the globe, our employees bring a commitment to our purpose and to driving responsible growth by living our values: deliver together, act responsibly, realize the power of our people and trust the team. A key aspect of driving responsible growth is doing so in a sustainable manner, a critical pillar of which is being a great place to work for our teammates. In line with these values, in EMEA we have 9 Employee Networks, a wide range of Sports & Social clubs, and other development and networking opportunities so that you can enjoy a range of experiences and connect with colleagues across the bank. We also offer exclusive discounts to some of the most iconic cultural experiences for you to enjoy in your spare time outside of work. Learn more about our benefits here. Good conduct and sound judgment is crucial to our long term success. It's important that all employees in the organisation understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mind-set are the cornerstones of our Code of Conduct and are at the heart of managing risk well. We are an equal opportunities employer, and ensure that no applicant is subject to less favourable treatment on the grounds of gender, gender identity, marital status, race, colour, nationality, ethnic or national origins, age, sexual orientation, socio-economic background, responsibilities for dependants, physical or mental disability. The Bank selects candidates for interview based on their skills, qualifications and experience. We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements. As part of our standard hiring process to manage risk, please note background screening checks will be conducted on all hires before commencing employment. Job Band: H5 Shift: Hours Per Week: 35 Weekly Schedule: Referral Bonus Amount: 0
Location Client Site in Barrow-in-Furness The job on offer Are you passionate about cybersecurity? Are you an excellent communicator with demonstrable experience of security analysts activities within organisations? Would you relish putting these skills into practice by taking on a role within Capgemini to protect our clients from cyber threats? As the Senior Security Analyst, you will be the lead Security Analyst within the a client account IT Security Operations Team. You will be joining a fantastic team of more than 400 UK based security professionals that deliver world-class security services day in and day out. Your role • Manage escalated Security Incidents from a people and process perspective • Identify and prioritise Security Incidents, Security Tickets and Security Service Requests • Bring incidents to successful conclusions with thorough remediation plans • Prioritising and differentiating between potential intrusion activity and false alarms • Conduct vulnerability analysis and create impact assessments • Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement • Work closely together with technical architects to produce design specifications according to information security policies, while fulfilling business needs Your profile • A good knowledge of Cyber Security and Information Assurance - an ability to demonstrate understanding of governance, compliance and risk from different perspectives i.e. across people, processes and technology • Someone who is an advocate for security good practice, with the ability to influence others • Hold, or be working towards, ISO27001 Lead Auditor • A working knowledge of ISO27001 required, and desirable to have knowledge of ISO33052, ISO33072 and METSec • Current NPPV3/SC clearance or the ability to be cleared to that level • Have been resident in the United Kingdom for at least five (5) years • Experience in the public sector preferred but not required • Due to the security classification of the work you will be involved in, you must be a UK national and must hold or be eligible to hold a SC security clearance. Why Capgemini is unique We aim to build an environment where employees can enjoy a positive work-life balance. Through our New Normal campaign, we are looking to embed hybrid working in all that we do and make flexible working arrangements the day-to-day reality for our people. All UK employees are eligible to request flexible working arrangements. We work with a range of clients all with a unique set of business, technological and societal ambitions. Working for Capgemini you get to be at the forefront of designing future experiences, which truly impact our clients and wider society for the better. We realise a Total Reward package should be move than just compensation. At Capgemini we offer range of core and flexible benefits and have a Peer Recognition Portal called Applaud Get the future you want Growing clients' businesses while building a more sustainable, more inclusive future is a tough ask. But when you join Capgemini, you join a thriving company and become part of a diverse collective of free-thinkers, entrepreneurs and industry experts. A powerful source of energy that drives us all to find new ways technology can help us reimagine what's possible. It's why, together, we seek out opportunities that will transform the world's leading businesses. And it's how you'll gain the experiences and connections you need to shape your future. By learning from each other every day, sharing knowledge and always pushing yourself to do better, you'll build the skills you want. And you'll use them to help our clients leverage technology to grow their business and give innovation that human touch the world needs. So, it might not always be easy, but making the world a better place rarely is. Capgemini. Get The Future You Want. About Capgemini Capgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. The Group is guided everyday by its purpose of unleashing human energy through technology for an inclusive and sustainable future. It is a responsible and diverse organization of over 340,000 team members in more than 50 countries. With its strong 55-year heritage and deep industry expertise, Capgemini is trusted by its clients to address the entire breadth of their business needs, from strategy and design to operations, fueled by the fast evolving and innovative world of cloud, data, AI, connectivity, software, digital engineering and platforms. The Group reported in 2021 global revenues of €18 billion. Get the Future You Want
Sep 24, 2022
Full time
Location Client Site in Barrow-in-Furness The job on offer Are you passionate about cybersecurity? Are you an excellent communicator with demonstrable experience of security analysts activities within organisations? Would you relish putting these skills into practice by taking on a role within Capgemini to protect our clients from cyber threats? As the Senior Security Analyst, you will be the lead Security Analyst within the a client account IT Security Operations Team. You will be joining a fantastic team of more than 400 UK based security professionals that deliver world-class security services day in and day out. Your role • Manage escalated Security Incidents from a people and process perspective • Identify and prioritise Security Incidents, Security Tickets and Security Service Requests • Bring incidents to successful conclusions with thorough remediation plans • Prioritising and differentiating between potential intrusion activity and false alarms • Conduct vulnerability analysis and create impact assessments • Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement • Work closely together with technical architects to produce design specifications according to information security policies, while fulfilling business needs Your profile • A good knowledge of Cyber Security and Information Assurance - an ability to demonstrate understanding of governance, compliance and risk from different perspectives i.e. across people, processes and technology • Someone who is an advocate for security good practice, with the ability to influence others • Hold, or be working towards, ISO27001 Lead Auditor • A working knowledge of ISO27001 required, and desirable to have knowledge of ISO33052, ISO33072 and METSec • Current NPPV3/SC clearance or the ability to be cleared to that level • Have been resident in the United Kingdom for at least five (5) years • Experience in the public sector preferred but not required • Due to the security classification of the work you will be involved in, you must be a UK national and must hold or be eligible to hold a SC security clearance. Why Capgemini is unique We aim to build an environment where employees can enjoy a positive work-life balance. Through our New Normal campaign, we are looking to embed hybrid working in all that we do and make flexible working arrangements the day-to-day reality for our people. All UK employees are eligible to request flexible working arrangements. We work with a range of clients all with a unique set of business, technological and societal ambitions. Working for Capgemini you get to be at the forefront of designing future experiences, which truly impact our clients and wider society for the better. We realise a Total Reward package should be move than just compensation. At Capgemini we offer range of core and flexible benefits and have a Peer Recognition Portal called Applaud Get the future you want Growing clients' businesses while building a more sustainable, more inclusive future is a tough ask. But when you join Capgemini, you join a thriving company and become part of a diverse collective of free-thinkers, entrepreneurs and industry experts. A powerful source of energy that drives us all to find new ways technology can help us reimagine what's possible. It's why, together, we seek out opportunities that will transform the world's leading businesses. And it's how you'll gain the experiences and connections you need to shape your future. By learning from each other every day, sharing knowledge and always pushing yourself to do better, you'll build the skills you want. And you'll use them to help our clients leverage technology to grow their business and give innovation that human touch the world needs. So, it might not always be easy, but making the world a better place rarely is. Capgemini. Get The Future You Want. About Capgemini Capgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. The Group is guided everyday by its purpose of unleashing human energy through technology for an inclusive and sustainable future. It is a responsible and diverse organization of over 340,000 team members in more than 50 countries. With its strong 55-year heritage and deep industry expertise, Capgemini is trusted by its clients to address the entire breadth of their business needs, from strategy and design to operations, fueled by the fast evolving and innovative world of cloud, data, AI, connectivity, software, digital engineering and platforms. The Group reported in 2021 global revenues of €18 billion. Get the Future You Want
Are you passionate about working with cutting-edge technology and self-motivated to find innovative solutions to complex challenges as part of a team who help keep the UK safe? Join BAE Systems as a Technical Team Lead. As a key member of a Software Engineering team, you'll be working with our National Security Customers to build systems that support their core mission capabilities. You'll work as part of empowered, autonomous DevOps teams with regular contact with end-users to flexibly and efficiently understand, design, develop, deploy and maintain applications and services. You'll be encouraged to identify new ways of solving problems and get to work in a range of different teams across our customer organisations. You will work in a small team given as much ownership and responsibility as you have the appetite for but part of a much bigger Engineering community to give you the support you need to grow in your career. We fully embrace DevOps ways of working in our teams, and build a very broad range of capabilities for our customers. We therefore value Engineers who enjoy playing a role in the full delivery lifecycle and are flexible to learn and pick up new technologies and approaches. You'll be playing a role in identifying the right technologies to use for the job and be supported with training as needed through access to services such as Pluralsight. Not only will your team be directly making a huge impact upon the systems you work on, you'll be doing it for an organisation who makes a huge impact to the security of the UK. About you You will have experience in many of the following: Designing innovative solutions that fit within business and technical constraints Taking responsibility for the technical output of your team Collaborating with other tech leads and architects to join-up solutions Communicating clearly and concisely, both verbally and in written form Championing quality assurance and best practices and mentoring individuals in their application Practical software development in one or more common languages, such as Java, C# or JavaScript Following an agile development methodology, such as SCRUM or SAFe Driving innovation within a team of engineers to find new solutions to difficult problems It would be great if you also had experience in some of these, but if not we'll help you with them: Cloud technology training and certification, such as AWS or Azure A scaled agile framework certification, such as SAFe or Experience in full-stack technical design Managing stakeholders, including users and management Familiarity with security concepts, including secure design and implementation Mentoring junior engineers and nurturing their passion for engineering Security Clearance is required for this vacancy. If you are not currently Security Cleared, you will need to be eligible for this and willing to go through the process. How we will support you Work-life balance is important; you can work around core hours with flexible and part-time working, and many of our roles include hybrid working enabling a mix of working from home and in the office You'll get 25 days holiday a year and the option to buy/sell and carry over from the year before Our flexible benefits package includes private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE You'll be part of our company bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. About our team Our people are what differentiates us, they are resourceful, innovative and dedicated. We have a mix of generalists and specialists and recognise that this diversity contributes to our success. We recognise the benefits of forming teams from a mix of disciplines, which allows us to come up with cutting edge, high quality solutions. Our breadth of work across the Public Sector provides diverse opportunities for our people to develop their careers in new areas of expertise and with new clients. You'll be part of a big company, but we try to create a culture that feels like a small one. The work will stretch you and be challenging, but we encourage a healthy work-life balance. Most of all, we know teams who work well together also perform well. We'll do everything we can to ensure you have fun at work, and in social activities outside of it whether that's virtually or in person, as conditions allow. You will be joining our National Security business which is the largest area within our UK business. Our mission is to be the most trusted partner for our National Security clients in delivery of their core mission. At the end of 2020 we had over 700 employees working across our security and law enforcement customers. This year, we are looking to build on our success and grow even further by recruiting over 100 new members to our team. We have a rich history of working within National Security. In fact, we have over 40 years' experience of delivering advice and solutions to our customers in this sector, supporting them in carrying out their vital missions. More about BAE Systems You will work for a division of BAE Systems who helps nations, governments and businesses around the world defend themselves against cyber crime, reduce their risk in the connected world, comply with regulation, and transform their operations. We're a consultancy and products business and employ smart, motivated individuals who work together across a range of projects and products. You'll get to work on a variety of different systems for different customers throughout your career with us. We're passionate about Diversity and Inclusion in our workforce and the people you'll work with will reflect this. We employ over 4,000 people across 18 countries in the Americas, APAC, UK and EMEA For more information please visit our website: Help us secure a connected world. Apply now and be inspired. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Government At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Government contracts are an area we have many decades of experience in. Our Government business unit houses four of our critical client groups: UK National Security, Global National Security, defence and central government. Government and key infrastructure networks are critical targets to defend as the effects of these networks being breached can be devastating. As a member of the Government business unit, you will defend the connected world and ensure the protection of nations. We all have a role to play in defending our clients, and this is yours.
Sep 22, 2022
Full time
Are you passionate about working with cutting-edge technology and self-motivated to find innovative solutions to complex challenges as part of a team who help keep the UK safe? Join BAE Systems as a Technical Team Lead. As a key member of a Software Engineering team, you'll be working with our National Security Customers to build systems that support their core mission capabilities. You'll work as part of empowered, autonomous DevOps teams with regular contact with end-users to flexibly and efficiently understand, design, develop, deploy and maintain applications and services. You'll be encouraged to identify new ways of solving problems and get to work in a range of different teams across our customer organisations. You will work in a small team given as much ownership and responsibility as you have the appetite for but part of a much bigger Engineering community to give you the support you need to grow in your career. We fully embrace DevOps ways of working in our teams, and build a very broad range of capabilities for our customers. We therefore value Engineers who enjoy playing a role in the full delivery lifecycle and are flexible to learn and pick up new technologies and approaches. You'll be playing a role in identifying the right technologies to use for the job and be supported with training as needed through access to services such as Pluralsight. Not only will your team be directly making a huge impact upon the systems you work on, you'll be doing it for an organisation who makes a huge impact to the security of the UK. About you You will have experience in many of the following: Designing innovative solutions that fit within business and technical constraints Taking responsibility for the technical output of your team Collaborating with other tech leads and architects to join-up solutions Communicating clearly and concisely, both verbally and in written form Championing quality assurance and best practices and mentoring individuals in their application Practical software development in one or more common languages, such as Java, C# or JavaScript Following an agile development methodology, such as SCRUM or SAFe Driving innovation within a team of engineers to find new solutions to difficult problems It would be great if you also had experience in some of these, but if not we'll help you with them: Cloud technology training and certification, such as AWS or Azure A scaled agile framework certification, such as SAFe or Experience in full-stack technical design Managing stakeholders, including users and management Familiarity with security concepts, including secure design and implementation Mentoring junior engineers and nurturing their passion for engineering Security Clearance is required for this vacancy. If you are not currently Security Cleared, you will need to be eligible for this and willing to go through the process. How we will support you Work-life balance is important; you can work around core hours with flexible and part-time working, and many of our roles include hybrid working enabling a mix of working from home and in the office You'll get 25 days holiday a year and the option to buy/sell and carry over from the year before Our flexible benefits package includes private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE You'll be part of our company bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. About our team Our people are what differentiates us, they are resourceful, innovative and dedicated. We have a mix of generalists and specialists and recognise that this diversity contributes to our success. We recognise the benefits of forming teams from a mix of disciplines, which allows us to come up with cutting edge, high quality solutions. Our breadth of work across the Public Sector provides diverse opportunities for our people to develop their careers in new areas of expertise and with new clients. You'll be part of a big company, but we try to create a culture that feels like a small one. The work will stretch you and be challenging, but we encourage a healthy work-life balance. Most of all, we know teams who work well together also perform well. We'll do everything we can to ensure you have fun at work, and in social activities outside of it whether that's virtually or in person, as conditions allow. You will be joining our National Security business which is the largest area within our UK business. Our mission is to be the most trusted partner for our National Security clients in delivery of their core mission. At the end of 2020 we had over 700 employees working across our security and law enforcement customers. This year, we are looking to build on our success and grow even further by recruiting over 100 new members to our team. We have a rich history of working within National Security. In fact, we have over 40 years' experience of delivering advice and solutions to our customers in this sector, supporting them in carrying out their vital missions. More about BAE Systems You will work for a division of BAE Systems who helps nations, governments and businesses around the world defend themselves against cyber crime, reduce their risk in the connected world, comply with regulation, and transform their operations. We're a consultancy and products business and employ smart, motivated individuals who work together across a range of projects and products. You'll get to work on a variety of different systems for different customers throughout your career with us. We're passionate about Diversity and Inclusion in our workforce and the people you'll work with will reflect this. We employ over 4,000 people across 18 countries in the Americas, APAC, UK and EMEA For more information please visit our website: Help us secure a connected world. Apply now and be inspired. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Government At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Government contracts are an area we have many decades of experience in. Our Government business unit houses four of our critical client groups: UK National Security, Global National Security, defence and central government. Government and key infrastructure networks are critical targets to defend as the effects of these networks being breached can be devastating. As a member of the Government business unit, you will defend the connected world and ensure the protection of nations. We all have a role to play in defending our clients, and this is yours.
We are recruiting for additional Security Architecture Consultants. The main purpose of this role for our clients is to support the design, development, procurement and assurance of information system solutions to ensure confidentiality, integrity and availability. This includes provision of expert advice on, the selection, design, justification, implementation and operation of relevant security controls as well as advising on the security processes through the project lifecycle. We are looking for candidates who are able to evidence experience in the following areas: • Security architecture contributor for secure systems integration projects • Analyses existing and proposed technical architectures for security risk • Advises on appropriate security controls to mitigate security architecture risks • Provides expert technical advice to support the design and development secure architectures • Applies secure architecture principles and practices to assure technical architectures • Assures implementation of security controls to mitigate risk • Develops security architecture frameworks/processes at programme level • Develops audit and compliance processes to assure technical security controls • Advises on technical management of secure environments Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals.
Sep 22, 2022
Full time
We are recruiting for additional Security Architecture Consultants. The main purpose of this role for our clients is to support the design, development, procurement and assurance of information system solutions to ensure confidentiality, integrity and availability. This includes provision of expert advice on, the selection, design, justification, implementation and operation of relevant security controls as well as advising on the security processes through the project lifecycle. We are looking for candidates who are able to evidence experience in the following areas: • Security architecture contributor for secure systems integration projects • Analyses existing and proposed technical architectures for security risk • Advises on appropriate security controls to mitigate security architecture risks • Provides expert technical advice to support the design and development secure architectures • Applies secure architecture principles and practices to assure technical architectures • Assures implementation of security controls to mitigate risk • Develops security architecture frameworks/processes at programme level • Develops audit and compliance processes to assure technical security controls • Advises on technical management of secure environments Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals.