IT Cyber Security Manager Surrey - Hybrid Working My client is a leading financial services organisation based in Surrey who are recruiting for a IT Cyber Security Manager As a IT Cyber Security Manager, you will Provide Security Input for projects in a Digital Transformation Programme as well as establish and maintain cyber security policies and procedures. Own threat management and response. Manage and mentor the cyber security team. Manage Security tooling risks and processes. Own vulnerability management through the whole lifecycle from internal and external monitoring and identification to remediation and reporting. IT Cyber Security Manager Benefits: 22 days holiday + 8 Bank Holiday (Holiday's increase to 27, 1 additional day per year worked) Healthy contributed pension Training and development Access to a number of financial based products Dress down Fridays As a IT Cyber Security Manager, you will perform the following tasks: Establish and maintain robust cyber security policies, playbooks, and procedures, ensuring compliance with regulatory requirements industry standards and the Cyber Security Strategy. Identify, evaluate, and mitigate cyber threats. Lead incident response activities and investigations into security breaches. Conduct regular risk assessments, audits, and testing of the security infrastructure to identify vulnerabilities and implement necessary improvements. Act as the escalation point on monitoring of corporate environment to identify security issues or incidents (Threat Hunting) Manage and mentor the security analyst, (monitoring, Investigation, root cause analysis of Security alerts from multiple information sources. Including, but not limited to Darktrace, LogPoint, WithSecure, Mimecast, while ensuring the team stays relevant to the latest Cyber Security trends and technologies. Introduce processes to maintain the integrity and protection of corporate and customer data. Responsible for managing the business IT vulnerabilities and provide to the service desk team, paths to remediation, through the whole lifecycle to ensure safety and compliance for the business. Investigate and analyse escalated security matters, identify methods and solutions in response to security related queries including the ones, submitted by end users. Perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incident response capabilities and overall security posture Perform malware analysis and digital forensics where appropriate Drive internal phishing campaigns (KnowBe4 platform) and work with management and HR - Training to raise Cyber awareness within the corporate environment, (new hire inductions, periodic training, etc) Own maintenance, renewal and distribution of SSL Certificates Manage and own the process of achieving and maintaining Security related certifications (CE+, PCI, etc) Ensure readiness, appropriate versioning and health, of the security systems used on security operations Identify and promote continual service improvement of all cyber security systems and procedures Share knowledge with and cross-train other members of the other IT teams IT Cyber Security Manager Documentation & Reporting: Assist in development of company-wide best practices for Cyber Security Document all security alerts, incidents and actions taken for both internal and regulatory use Contribute to maintenance of Cyber Security Operations Manual Manage cyber security actions in audits, cyber security exercises and provide supporting documentation Provide cyber security related reporting dashboards for use at different levels within the business (Regulatory, Board updates, Vulnerabilities, etc) IT Cyber Security Manager Key Skills & Experience: At least 5 year experience in a similar Cyber/IT Security/InfoSec based role Experience in a wide range of Cyber Security areas. Experience with security tool sets (SIEM, FIM, EDR, NDR) The ability to contextualise, categorise and prioritise security events, incidents, and alerts Knowledge of security framework and standards implementation (NiST, ISO27001, PCI-DSS, etc) Demonstrable passion and enthusiasm for security, including the ability to keep current with the latest threats, technologies, and trends Thorough understanding of adversarial tactics, techniques, and procedures Knowledge of security related skills within infrastructure, cloud, virtualisation and network concepts and technologies, particularly in a Microsoft-centric environment (Defender for Cloud, Cloud apps, Security scores, Purview including Data classification and retention, Identity Management, and conditional Access) Strong attention to detail with an analytical mindset and the ability to spot and investigate anomalous behaviour Strong Communication skills and the ability to communicate and present at all levels IT Cyber Security Manager Technologies involved: SIEM - Logpoint Automated Intrusion and response - Darktrace AntiVirus / Malware detection Email Filtering & Web Security - Mimecast FIM - Tripwire VMware & VDI Horizon Windows Environment Microsoft Azure & O365 (Purview, IAM, PIM, Defender for cloud, cloud apps, endpoint) AWS WAF Duo Multifactor Authentication IT Cyber Security Manager Additional points if: CISSP Experience in financial sector or other highly regulated environment Experience and understanding of Network Security Services advertised by Gold Group are those of an Agency and/or an Employment Business. We will contact you within the next 14 days if you are selected for interview. For a copy of our privacy policy please visit our website.
Apr 30, 2024
Full time
IT Cyber Security Manager Surrey - Hybrid Working My client is a leading financial services organisation based in Surrey who are recruiting for a IT Cyber Security Manager As a IT Cyber Security Manager, you will Provide Security Input for projects in a Digital Transformation Programme as well as establish and maintain cyber security policies and procedures. Own threat management and response. Manage and mentor the cyber security team. Manage Security tooling risks and processes. Own vulnerability management through the whole lifecycle from internal and external monitoring and identification to remediation and reporting. IT Cyber Security Manager Benefits: 22 days holiday + 8 Bank Holiday (Holiday's increase to 27, 1 additional day per year worked) Healthy contributed pension Training and development Access to a number of financial based products Dress down Fridays As a IT Cyber Security Manager, you will perform the following tasks: Establish and maintain robust cyber security policies, playbooks, and procedures, ensuring compliance with regulatory requirements industry standards and the Cyber Security Strategy. Identify, evaluate, and mitigate cyber threats. Lead incident response activities and investigations into security breaches. Conduct regular risk assessments, audits, and testing of the security infrastructure to identify vulnerabilities and implement necessary improvements. Act as the escalation point on monitoring of corporate environment to identify security issues or incidents (Threat Hunting) Manage and mentor the security analyst, (monitoring, Investigation, root cause analysis of Security alerts from multiple information sources. Including, but not limited to Darktrace, LogPoint, WithSecure, Mimecast, while ensuring the team stays relevant to the latest Cyber Security trends and technologies. Introduce processes to maintain the integrity and protection of corporate and customer data. Responsible for managing the business IT vulnerabilities and provide to the service desk team, paths to remediation, through the whole lifecycle to ensure safety and compliance for the business. Investigate and analyse escalated security matters, identify methods and solutions in response to security related queries including the ones, submitted by end users. Perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incident response capabilities and overall security posture Perform malware analysis and digital forensics where appropriate Drive internal phishing campaigns (KnowBe4 platform) and work with management and HR - Training to raise Cyber awareness within the corporate environment, (new hire inductions, periodic training, etc) Own maintenance, renewal and distribution of SSL Certificates Manage and own the process of achieving and maintaining Security related certifications (CE+, PCI, etc) Ensure readiness, appropriate versioning and health, of the security systems used on security operations Identify and promote continual service improvement of all cyber security systems and procedures Share knowledge with and cross-train other members of the other IT teams IT Cyber Security Manager Documentation & Reporting: Assist in development of company-wide best practices for Cyber Security Document all security alerts, incidents and actions taken for both internal and regulatory use Contribute to maintenance of Cyber Security Operations Manual Manage cyber security actions in audits, cyber security exercises and provide supporting documentation Provide cyber security related reporting dashboards for use at different levels within the business (Regulatory, Board updates, Vulnerabilities, etc) IT Cyber Security Manager Key Skills & Experience: At least 5 year experience in a similar Cyber/IT Security/InfoSec based role Experience in a wide range of Cyber Security areas. Experience with security tool sets (SIEM, FIM, EDR, NDR) The ability to contextualise, categorise and prioritise security events, incidents, and alerts Knowledge of security framework and standards implementation (NiST, ISO27001, PCI-DSS, etc) Demonstrable passion and enthusiasm for security, including the ability to keep current with the latest threats, technologies, and trends Thorough understanding of adversarial tactics, techniques, and procedures Knowledge of security related skills within infrastructure, cloud, virtualisation and network concepts and technologies, particularly in a Microsoft-centric environment (Defender for Cloud, Cloud apps, Security scores, Purview including Data classification and retention, Identity Management, and conditional Access) Strong attention to detail with an analytical mindset and the ability to spot and investigate anomalous behaviour Strong Communication skills and the ability to communicate and present at all levels IT Cyber Security Manager Technologies involved: SIEM - Logpoint Automated Intrusion and response - Darktrace AntiVirus / Malware detection Email Filtering & Web Security - Mimecast FIM - Tripwire VMware & VDI Horizon Windows Environment Microsoft Azure & O365 (Purview, IAM, PIM, Defender for cloud, cloud apps, endpoint) AWS WAF Duo Multifactor Authentication IT Cyber Security Manager Additional points if: CISSP Experience in financial sector or other highly regulated environment Experience and understanding of Network Security Services advertised by Gold Group are those of an Agency and/or an Employment Business. We will contact you within the next 14 days if you are selected for interview. For a copy of our privacy policy please visit our website.
Senior Cyber Security Engineer required by our market leading, award-winning, professional services organisation based in Cirencester. This will be a hybrid role based on 1-2 days a week onsite with flexibility. The successful Senior Cyber Security Engineer will play a pivotal role in shaping and delivering cyber security across the wider organisation, through leading engineering projects, managing the existing tools and developing new capability. The successful candidate will lead new security deployments, as well as be responsible for managing the existing tools and capabilities, working closely with operational teams to manage upgrades, on-going maintenance, and integration with other tools. Main Responsibilities: Set the direction of security engineering for the business, defining your own strategy for delivery, and feeding into our clients broader Cyber Security Strategy for the business. Identify and set your own priorities, reviewing control and capability landscape and identifying opportunities for improvement and the selection of new technologies. Manage the existing security toolset (end to end), including technologies for vulnerability management, privileged account management, container security and security monitoring and alerting (SIEM). Develop integrations based on security operations requirements, leveraging existing tools and information sources for threat detection and analysis. Review products that can advance security capabilities, such as tools that support analysis, to detection capabilities and other emerging technologies. Act as the point of contact and expertise for projects, and other IT teams on security best practice, and day to day security engineering requirements. Ideal Background: A background in cloud cyber security, primarily AWS (Azure experience is advantageous). Bachelor's Degree or UK Level 6 Qualification in Computer Security Cloud Certifications (AWS Preferable) Experience working with one or more of the major (AWS/Azure/GCP) cloud environments, and deployment of the relevant security technologies. Strong working knowledge of SIEM and Data Analytics Platforms, from data ingestion through to management of the platforms and performance monitoring. Strong working Knowledge of the foundations of IT systems management, from Windows domain functions though to TCP/IP, OSI Model, DNS, DHCP, Routing, Load Balancing and VPNs. This fantastic role comes with a basic salary of £60,000-65,000 p/a and is accompanied with a benefits package which includes a performance based, 20% annual bonus, BUPA PHC, 28 days holiday with bank holidays on top (With the option to buy/sell additional days), a 10% non-contributory pension (Which rises with length of employment), a share incentive plan and additional flexible benefits.
Apr 25, 2024
Full time
Senior Cyber Security Engineer required by our market leading, award-winning, professional services organisation based in Cirencester. This will be a hybrid role based on 1-2 days a week onsite with flexibility. The successful Senior Cyber Security Engineer will play a pivotal role in shaping and delivering cyber security across the wider organisation, through leading engineering projects, managing the existing tools and developing new capability. The successful candidate will lead new security deployments, as well as be responsible for managing the existing tools and capabilities, working closely with operational teams to manage upgrades, on-going maintenance, and integration with other tools. Main Responsibilities: Set the direction of security engineering for the business, defining your own strategy for delivery, and feeding into our clients broader Cyber Security Strategy for the business. Identify and set your own priorities, reviewing control and capability landscape and identifying opportunities for improvement and the selection of new technologies. Manage the existing security toolset (end to end), including technologies for vulnerability management, privileged account management, container security and security monitoring and alerting (SIEM). Develop integrations based on security operations requirements, leveraging existing tools and information sources for threat detection and analysis. Review products that can advance security capabilities, such as tools that support analysis, to detection capabilities and other emerging technologies. Act as the point of contact and expertise for projects, and other IT teams on security best practice, and day to day security engineering requirements. Ideal Background: A background in cloud cyber security, primarily AWS (Azure experience is advantageous). Bachelor's Degree or UK Level 6 Qualification in Computer Security Cloud Certifications (AWS Preferable) Experience working with one or more of the major (AWS/Azure/GCP) cloud environments, and deployment of the relevant security technologies. Strong working knowledge of SIEM and Data Analytics Platforms, from data ingestion through to management of the platforms and performance monitoring. Strong working Knowledge of the foundations of IT systems management, from Windows domain functions though to TCP/IP, OSI Model, DNS, DHCP, Routing, Load Balancing and VPNs. This fantastic role comes with a basic salary of £60,000-65,000 p/a and is accompanied with a benefits package which includes a performance based, 20% annual bonus, BUPA PHC, 28 days holiday with bank holidays on top (With the option to buy/sell additional days), a 10% non-contributory pension (Which rises with length of employment), a share incentive plan and additional flexible benefits.
Cyber Security Lead (Windows Azure SIEM) WFH / Epsom to £85k Are you an experienced Security Engineer / Analyst with a strong knowledge of Windows and Azure security? You could be progressing your career in a hands-on Cyber Security Lead role at an Independent Building Society that specialise in savings and mortgages, in a friendly and supportive environment where you can work with autonomy and enjoy flexible working. As a Cyber Security Lead, you will take ownership of threat management and response, establishing and maintaining robust cyber security policies, playbooks and procedure to ensure compliance with regulatory requirements, industry standards in an Operational role. You'll remain hands-on, acting as an escalation point for the Service Desk, investigating and remediating security threats. You'll perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incident response capabilities and overall security posture. Office & WFH Policy: You'll have flexibility to work from home, meeting up with colleagues in the Epsom office three days a week; there's flexible start and finish times too. Requirements: You have experience in a similar Senior Cyber Security Analyst / Engineer role You have experience using security tools (such as SIEM, FIM, EDR, or NDR) and security framework and standards implementation (NiST, ISO27001, PCI-DSS, etc) You have experience of a Windows and Azure environment You have strong analysis and problem solving skills with meticulous attention to detail You have excellent communication and collaboration skills including stakeholder management and are happy to mentor one other Salary & Benefits: As a Cyber Security Lead, you can expect to earn competitive salary (up to £85k) plus benefits. Pension (up to 10% contribution) Private Healthcare Life Assurance Company bonus Professional study support Apply now to find out more about this Cyber Security Lead (Windows Azure SIEM) role. At Client Server we believe in a diverse workplace that allows people to play to their strengths and continually learn. We're an equal opportunities employer whose people come from all walks of life and will never discriminate based on race, colour, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. The clients we work with share our values.
Apr 24, 2024
Full time
Cyber Security Lead (Windows Azure SIEM) WFH / Epsom to £85k Are you an experienced Security Engineer / Analyst with a strong knowledge of Windows and Azure security? You could be progressing your career in a hands-on Cyber Security Lead role at an Independent Building Society that specialise in savings and mortgages, in a friendly and supportive environment where you can work with autonomy and enjoy flexible working. As a Cyber Security Lead, you will take ownership of threat management and response, establishing and maintaining robust cyber security policies, playbooks and procedure to ensure compliance with regulatory requirements, industry standards in an Operational role. You'll remain hands-on, acting as an escalation point for the Service Desk, investigating and remediating security threats. You'll perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incident response capabilities and overall security posture. Office & WFH Policy: You'll have flexibility to work from home, meeting up with colleagues in the Epsom office three days a week; there's flexible start and finish times too. Requirements: You have experience in a similar Senior Cyber Security Analyst / Engineer role You have experience using security tools (such as SIEM, FIM, EDR, or NDR) and security framework and standards implementation (NiST, ISO27001, PCI-DSS, etc) You have experience of a Windows and Azure environment You have strong analysis and problem solving skills with meticulous attention to detail You have excellent communication and collaboration skills including stakeholder management and are happy to mentor one other Salary & Benefits: As a Cyber Security Lead, you can expect to earn competitive salary (up to £85k) plus benefits. Pension (up to 10% contribution) Private Healthcare Life Assurance Company bonus Professional study support Apply now to find out more about this Cyber Security Lead (Windows Azure SIEM) role. At Client Server we believe in a diverse workplace that allows people to play to their strengths and continually learn. We're an equal opportunities employer whose people come from all walks of life and will never discriminate based on race, colour, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. The clients we work with share our values.
We are looking for people to join our fantastic team at Somerset House Trust. As the home of cultural innovators, the Trust connects creativity and the arts with the broader society. Somerset House pursues a ‘Step Inside, Think Outside’ spirit and is born from the creative community we nurture - the experience and perspectives we host across background, age, race, and stage, and the intersections and crossovers we encourage. About the role: The Support Analyst is a critical part of the diverse and exciting technology operations at Somerset House. Working within the IT Department’s helpdesk function, the post holder will be a primary contact for 1st, 2nd and 3rd line IT and network support. You will help to ensure our IT services to our residents, members, and the Trust staff, are of the highest quality. You will work across a range of technologies and systems, from desktops to SaaS, maintaining ownership of cases from start to finish. Additionally, the role will have the opportunity to participate in the implementation of various IT solutions and projects as we work to improve our digital capabilities. Please note that this is an onsite role, based at Somerset House in central London, running Monday - Friday.
Responsibilities:
To be the primary point of contact for residents, members, event partners, and Trust IT support issues and requests. This includes 1st, 2nd, and 3rd line support.
Resolve all reported IT issues in a professional and timely manner, documenting all activity on the helpdesk ticketing system, conforming to SLA’s and adjusting priorities to deal with urgent issues and requests.
Monitor and manage ticket queues, alerts, automated tickets, and perform daily checks on various systems.
Proactively research and identify solutions that may benefit the team and the Trust.
Where appropriate, escalate issues to external vendors as required and monitor the escalation to ensure satisfactory resolution.
Assist in the delivery of IT services across all events and event spaces, including wired connections, wireless connections, AV components, and VoIP telephony.
Assist with the configuration of resident office moves, liaising closely with the property team, and the IT Solutions Lead.
As required, to assist in the testing and implementing of new solutions and adaptations/upgrades to IT services.
Undertake the training of Trust staff members as required.
Where occasionally required by key live events, exhibitions, and regular system maintenance taking place at Somerset House, to be able to shift working hours and days to provide support coverage.
Create and update IT and related documentation to allow retention and sharing of knowledge within the team and the Trust.
Participate as a team player in the support of colleagues within the department and across the Trust’s operations.
Undertake other duties that may be asked of you from time to time.
Skills, knowledge & expertise required for the role:
Experience :
Demonstrable technical knowledge of working in an IT service desk or team.
Demonstrable knowledge supporting and installing operating systems (Windows 10/11 primarily, some Windows Server 2012/2016/2019, some Mac OS) and standard productivity applications (Office 365, Teams, OneDrive, Adobe, AutoCAD, etc.).
Demonstrable knowledge supporting desktop hardware (primarily Dell laptops) and mobile devices (iOS and Android mobile phones and tablets).
Supporting of Active Directory, Office 365 (including Exchange), and Azure users, including password resets, account creation, and group policies.
Demonstrable knowledge of cyber security concepts and best practice, including Multi Factor Authentication, phishing, ransomware, passwords, firewalls, social engineering.
ITIL Foundation certification and technical Microsoft qualifications are desirable.
Skills :
A good knowledge of network infrastructure, both wired and wireless.
A good knowledge of logical network concepts, including VLANs, IPs, DNS and DHCP.
Strong communication skills with the flexibility to deal with a varied customer base.
Coaching or training end users in technical expertise.
Knowledge of VoIP telephony.
Knowledge of system backups, for example, Microsoft Azure Backup Service.
Skills in supporting a range of specific solutions are desirable, including hypervisors (Hyper-V), Cisco Meraki, Mimecast, Bitdefender, AlienVault SIEM, PaperCut, PRTG, Jira, EPOS systems, PDQ Deploy, Access Finance, Nexudus, Priava or similar events management software, and Tessitura.
As part of the recruitment process, there will be a practical task to help us assess hands-on technical skills.
Benefits to working at Somerset House:
Mental Health & Wellbeing - Access to our external Employee Assistance Programme (CiC) for free 24/7 confidential advice and support, including up to 6 free counselling sessions per year where needed- Mental health support and guidance from our in-house trained Mental Health First Aiders - Hybrid working based on having 3 days in the office per week (pro rata if part-time) - Contribution towards eye tests and glasses - Trust life insurance scheme Holiday - Enhanced annual leave – 25 days plus bank holidays - Birthday leave - additional day leave on or within a week of your birthday- Festive day - additional discretionary day off around the Christmas period Other Leave - Sick leave – 20 days full pay, followed by 20 days half pay - Emergency dependent care – option to use 25% of paid sick leave for emergency care of a dependent- Enhanced maternity pay Pension - 8% employer pension contributions- No minimum requirement for employee contributions- Option for salary exchange- Interest-free loans- Season ticket loan- Cycle to Work scheme Discounts, offers and free stuff - The list is endless and includes tickets to Somerset House events and entrance to other London Heritage sites - Discounts in Somerset House cafes and restaurants - Discounts with various high street retailers and restaurants - Discount to local leisure centres
About Somerset House Trust
Somerset House hosts the UK’s largest and most exciting creative community right in the heart of London, and are always looking for new talent to join our team. We welcome 3 million annual visitors to share our unique combination of cultural events, the creative industries and history. This mix informs and powers our programme and organisational culture, making us a singular, compelling and inclusive place to visit and work.
The Trust reserves the right to close a job before its application deadline. Our Commitment to Anti-Racism, Diversity and Inclusion:
Somerset House is open to all and we value the unique skills of everyone. Somerset House Trust is an equal opportunities employer and is committed to championing equality, diversity and inclusion in our workplace, so if you’re a suitably qualified applicant, we encourage your application whatever your age, disability, gender, gender identity, race, religion or belief, sexual orientation or socio-economic background. Somerset House is actively anti-racist, you can read about our Anti-Racism Pledge and the action we’re taking here . We are working hard to ensure our people, our onsite community and our sector reflect, represent and include all of society. With some recruitment stages, where candidates are equally qualified, we will seek to prioritise diversity to help us to increase representation across the creative economy and the Trust.We anonymise all job applications to help avoid discrimination in the initial screening stage of our recruitment process and reinforces our commitment to focus on skills and qualifications of all applications from the start. Please get in touch if you have any questions or require any adjustments to be made during the recruitment process.
Mar 26, 2024
Full time
We are looking for people to join our fantastic team at Somerset House Trust. As the home of cultural innovators, the Trust connects creativity and the arts with the broader society. Somerset House pursues a ‘Step Inside, Think Outside’ spirit and is born from the creative community we nurture - the experience and perspectives we host across background, age, race, and stage, and the intersections and crossovers we encourage. About the role: The Support Analyst is a critical part of the diverse and exciting technology operations at Somerset House. Working within the IT Department’s helpdesk function, the post holder will be a primary contact for 1st, 2nd and 3rd line IT and network support. You will help to ensure our IT services to our residents, members, and the Trust staff, are of the highest quality. You will work across a range of technologies and systems, from desktops to SaaS, maintaining ownership of cases from start to finish. Additionally, the role will have the opportunity to participate in the implementation of various IT solutions and projects as we work to improve our digital capabilities. Please note that this is an onsite role, based at Somerset House in central London, running Monday - Friday.
Responsibilities:
To be the primary point of contact for residents, members, event partners, and Trust IT support issues and requests. This includes 1st, 2nd, and 3rd line support.
Resolve all reported IT issues in a professional and timely manner, documenting all activity on the helpdesk ticketing system, conforming to SLA’s and adjusting priorities to deal with urgent issues and requests.
Monitor and manage ticket queues, alerts, automated tickets, and perform daily checks on various systems.
Proactively research and identify solutions that may benefit the team and the Trust.
Where appropriate, escalate issues to external vendors as required and monitor the escalation to ensure satisfactory resolution.
Assist in the delivery of IT services across all events and event spaces, including wired connections, wireless connections, AV components, and VoIP telephony.
Assist with the configuration of resident office moves, liaising closely with the property team, and the IT Solutions Lead.
As required, to assist in the testing and implementing of new solutions and adaptations/upgrades to IT services.
Undertake the training of Trust staff members as required.
Where occasionally required by key live events, exhibitions, and regular system maintenance taking place at Somerset House, to be able to shift working hours and days to provide support coverage.
Create and update IT and related documentation to allow retention and sharing of knowledge within the team and the Trust.
Participate as a team player in the support of colleagues within the department and across the Trust’s operations.
Undertake other duties that may be asked of you from time to time.
Skills, knowledge & expertise required for the role:
Experience :
Demonstrable technical knowledge of working in an IT service desk or team.
Demonstrable knowledge supporting and installing operating systems (Windows 10/11 primarily, some Windows Server 2012/2016/2019, some Mac OS) and standard productivity applications (Office 365, Teams, OneDrive, Adobe, AutoCAD, etc.).
Demonstrable knowledge supporting desktop hardware (primarily Dell laptops) and mobile devices (iOS and Android mobile phones and tablets).
Supporting of Active Directory, Office 365 (including Exchange), and Azure users, including password resets, account creation, and group policies.
Demonstrable knowledge of cyber security concepts and best practice, including Multi Factor Authentication, phishing, ransomware, passwords, firewalls, social engineering.
ITIL Foundation certification and technical Microsoft qualifications are desirable.
Skills :
A good knowledge of network infrastructure, both wired and wireless.
A good knowledge of logical network concepts, including VLANs, IPs, DNS and DHCP.
Strong communication skills with the flexibility to deal with a varied customer base.
Coaching or training end users in technical expertise.
Knowledge of VoIP telephony.
Knowledge of system backups, for example, Microsoft Azure Backup Service.
Skills in supporting a range of specific solutions are desirable, including hypervisors (Hyper-V), Cisco Meraki, Mimecast, Bitdefender, AlienVault SIEM, PaperCut, PRTG, Jira, EPOS systems, PDQ Deploy, Access Finance, Nexudus, Priava or similar events management software, and Tessitura.
As part of the recruitment process, there will be a practical task to help us assess hands-on technical skills.
Benefits to working at Somerset House:
Mental Health & Wellbeing - Access to our external Employee Assistance Programme (CiC) for free 24/7 confidential advice and support, including up to 6 free counselling sessions per year where needed- Mental health support and guidance from our in-house trained Mental Health First Aiders - Hybrid working based on having 3 days in the office per week (pro rata if part-time) - Contribution towards eye tests and glasses - Trust life insurance scheme Holiday - Enhanced annual leave – 25 days plus bank holidays - Birthday leave - additional day leave on or within a week of your birthday- Festive day - additional discretionary day off around the Christmas period Other Leave - Sick leave – 20 days full pay, followed by 20 days half pay - Emergency dependent care – option to use 25% of paid sick leave for emergency care of a dependent- Enhanced maternity pay Pension - 8% employer pension contributions- No minimum requirement for employee contributions- Option for salary exchange- Interest-free loans- Season ticket loan- Cycle to Work scheme Discounts, offers and free stuff - The list is endless and includes tickets to Somerset House events and entrance to other London Heritage sites - Discounts in Somerset House cafes and restaurants - Discounts with various high street retailers and restaurants - Discount to local leisure centres
About Somerset House Trust
Somerset House hosts the UK’s largest and most exciting creative community right in the heart of London, and are always looking for new talent to join our team. We welcome 3 million annual visitors to share our unique combination of cultural events, the creative industries and history. This mix informs and powers our programme and organisational culture, making us a singular, compelling and inclusive place to visit and work.
The Trust reserves the right to close a job before its application deadline. Our Commitment to Anti-Racism, Diversity and Inclusion:
Somerset House is open to all and we value the unique skills of everyone. Somerset House Trust is an equal opportunities employer and is committed to championing equality, diversity and inclusion in our workplace, so if you’re a suitably qualified applicant, we encourage your application whatever your age, disability, gender, gender identity, race, religion or belief, sexual orientation or socio-economic background. Somerset House is actively anti-racist, you can read about our Anti-Racism Pledge and the action we’re taking here . We are working hard to ensure our people, our onsite community and our sector reflect, represent and include all of society. With some recruitment stages, where candidates are equally qualified, we will seek to prioritise diversity to help us to increase representation across the creative economy and the Trust.We anonymise all job applications to help avoid discrimination in the initial screening stage of our recruitment process and reinforces our commitment to focus on skills and qualifications of all applications from the start. Please get in touch if you have any questions or require any adjustments to be made during the recruitment process.
Overview: Ensure all your application information is up to date and in order before applying for this opportunity. The Senior Infrastructure Analyst will manage and participate in the delivery and support of IT infrastructure and IT infrastructure security for new and existing systems / solutions. You will ensure RSSB infrastructure is secure and adheres to Cyber Security standards, manage DR processes and business continuity. Where appropriate, you will assist other team members in the provision of 2nd and 3rd line technical IM&T support (Desktop, Software, Infrastructure and Telephony), as well as maintain and deliver a high degree of customer service for all RSSB IM&T support queries and Requests for Change. Responsibilities: Proactively respond to security vulnerabilities identified by monitoring tools, performing remediation tasks Responsible for monitoring and reporting for on-premise and cloud infrastructure systems, for the early identification of issues Act as escalation point for technical issues Responsible for the security, effective management, administration and operation of the RSSB cloud and onsite physical infrastructure environment Management and oversight of the network infrastructure, including network switches, routers, firewalls and virtualised environment. Analyse and make recommendations to improve infrastructure, network, security and reliability of systems Responsible for system and data backups, restores and DR tests Work with the wider IM&T Team, business, internal and external business partners to ensure that security is factored into the evaluation, selection, installation, delivery and configuration process of solutions and systems Plan, manage and communicate infrastructure change with IT Operation Team Leads, Information Security manager and wider IM&T / business departments Mentor and coach colleagues and provide peer to peer advice, as required Qualifications: Computer science, Microsoft, CompTIA or related field qualifications / certifications or relevant demonstrable experience Proactive with a willingness to take ownership and responsibility for work tasks and issues, delivering a high standard of work Proficient in Windows Server v2008/2012/2019+ management to include Active Directory (AD) and Group Policy (GPO) and SQL Server Deploy patches and software applications using InTune / WSUS Knowledge of administering and supporting Azure AD, Azure IaaS/PaaS Management of backup/recovery solutions (g. Veeam, Arcserve) Experience with operating system hardening, vulnerability assessments, security audits, penetration testing, intrusion prevention systems and other security control systems for example PAM, SIEM, IDR etc. Practical experience with endpoint security, content filtering, vulnerability scanning and anti-malware Knowledge of at least one scripting language (e.g., PowerShell) MS InTune device management (mobile and Windows 10 OS) Effective communication, stakeholder' and supplier management skills Ability to work in Teams and individually using own initiative and capable of self-managing workload. Demonstrable knowledge of common vulnerabilities and exploitation techniques would be beneficial Familiarity with Cyber Essentials/Plus or ISO 27001 and ITIL best practice - Incident, Problem and Change management would be beneficial Early applications are encouraged, as we may close this vacancy before the advertised deadline if sufficient numbers of applications are received. We value diversity and equal opportunities in employment and are committed to creating a workplace which is inclusive to everyone. As a member of the Disability Confident Scheme, we encourage candidates with disabilities who meet the minimum criteria, to apply for our jobs. If you have applied under the Disability Confident Scheme, please let us know in advance by emailing If you require any reasonable adjustments with respect to our selection process including information in an alternative format, please contact us at We understand the importance of work-life balance and we offer our staff the flexibility to work within our core hours and the option to vary their location between both the office and home. If you are looking for further flexibility, speak to us at interview stage so that we can consider your request. We value our staff and we offer a competitive benefits package to ensure our staff can achieve their best throughout their journey with us. This includes 30 days annual leave (plus bank holidays); a holiday buy and sell scheme; private medical and dental cover; a season ticket loan and travel subsidy; access to a cycle to work scheme; volunteer leave; a performance related bonus and pension.
Sep 24, 2022
Full time
Overview: Ensure all your application information is up to date and in order before applying for this opportunity. The Senior Infrastructure Analyst will manage and participate in the delivery and support of IT infrastructure and IT infrastructure security for new and existing systems / solutions. You will ensure RSSB infrastructure is secure and adheres to Cyber Security standards, manage DR processes and business continuity. Where appropriate, you will assist other team members in the provision of 2nd and 3rd line technical IM&T support (Desktop, Software, Infrastructure and Telephony), as well as maintain and deliver a high degree of customer service for all RSSB IM&T support queries and Requests for Change. Responsibilities: Proactively respond to security vulnerabilities identified by monitoring tools, performing remediation tasks Responsible for monitoring and reporting for on-premise and cloud infrastructure systems, for the early identification of issues Act as escalation point for technical issues Responsible for the security, effective management, administration and operation of the RSSB cloud and onsite physical infrastructure environment Management and oversight of the network infrastructure, including network switches, routers, firewalls and virtualised environment. Analyse and make recommendations to improve infrastructure, network, security and reliability of systems Responsible for system and data backups, restores and DR tests Work with the wider IM&T Team, business, internal and external business partners to ensure that security is factored into the evaluation, selection, installation, delivery and configuration process of solutions and systems Plan, manage and communicate infrastructure change with IT Operation Team Leads, Information Security manager and wider IM&T / business departments Mentor and coach colleagues and provide peer to peer advice, as required Qualifications: Computer science, Microsoft, CompTIA or related field qualifications / certifications or relevant demonstrable experience Proactive with a willingness to take ownership and responsibility for work tasks and issues, delivering a high standard of work Proficient in Windows Server v2008/2012/2019+ management to include Active Directory (AD) and Group Policy (GPO) and SQL Server Deploy patches and software applications using InTune / WSUS Knowledge of administering and supporting Azure AD, Azure IaaS/PaaS Management of backup/recovery solutions (g. Veeam, Arcserve) Experience with operating system hardening, vulnerability assessments, security audits, penetration testing, intrusion prevention systems and other security control systems for example PAM, SIEM, IDR etc. Practical experience with endpoint security, content filtering, vulnerability scanning and anti-malware Knowledge of at least one scripting language (e.g., PowerShell) MS InTune device management (mobile and Windows 10 OS) Effective communication, stakeholder' and supplier management skills Ability to work in Teams and individually using own initiative and capable of self-managing workload. Demonstrable knowledge of common vulnerabilities and exploitation techniques would be beneficial Familiarity with Cyber Essentials/Plus or ISO 27001 and ITIL best practice - Incident, Problem and Change management would be beneficial Early applications are encouraged, as we may close this vacancy before the advertised deadline if sufficient numbers of applications are received. We value diversity and equal opportunities in employment and are committed to creating a workplace which is inclusive to everyone. As a member of the Disability Confident Scheme, we encourage candidates with disabilities who meet the minimum criteria, to apply for our jobs. If you have applied under the Disability Confident Scheme, please let us know in advance by emailing If you require any reasonable adjustments with respect to our selection process including information in an alternative format, please contact us at We understand the importance of work-life balance and we offer our staff the flexibility to work within our core hours and the option to vary their location between both the office and home. If you are looking for further flexibility, speak to us at interview stage so that we can consider your request. We value our staff and we offer a competitive benefits package to ensure our staff can achieve their best throughout their journey with us. This includes 30 days annual leave (plus bank holidays); a holiday buy and sell scheme; private medical and dental cover; a season ticket loan and travel subsidy; access to a cycle to work scheme; volunteer leave; a performance related bonus and pension.
This is a new position which means we are looking for a motivated and enthusiastic Cyber Security Manager to help establish and develop good practice within the service and the wider Authority. The role offers the opportunity for hybrid working in a flexible service.
The post holder will become the Authority’s expert in Cyber Security. They will have responsibility for the effective operational management of the Cyber Security agenda across the Authority, ensuring the protection of IT Systems utilised to support customer and back-office functions. This person is expected to become expert in and up to date with policies, procedures, legislation, and good practice surrounding Cyber Security.
This is a varied hands-on role that involves working closely with all areas of ICT Services and the wider organisation to promote and develop a security first approach and practice.
You will support the ICT Service teams in strategic security projects focusing on patching and vulnerability management.
Responsibilities / Essential Skills
Reporting to the Head of Digital and Technology, you will be responsible for driving and implementing security initiatives to protect the business from security threats and cyber-attacks, delivering best practice security controls and processes
Establish and execute the security strategy for the development of information security technologies, cyber risk management and policies and practices while ensuring information security and compliance within applicable regulations
Providing hands-on leadership in risk identification to accurately map out critical security issues and recommendations
Plan and manage security testing and simulations, including red assessments and phishing simulations.
Investigate and respond to breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities
Scheduling and conducting periodic security assessments, including desktop and red team exercises.
Proven experience of strategically leading security operations.
Ability to communicate at all levels (technical / non-technical) with clarity and precision, both written and verbally.
Ideally hold at least one Security Compliance certification (CISSP, CEH, CISM)
Main Skills/ Requirements:
Security Incident Management and Crisis Management experience
Sound knowledge and experience with compliance frameworks such as NIST, MITRE ATT&CK, and PCI DSS
Experience with SIEM systems
Scripting with Python and/or PowerShell
Experience of Data Leakage prevention strategies
Excellent understanding across multiple technology areas - Networking, Operating Systems (Windows, Linux, and Mac), Application Security, AWS.
Experience leading investigations, threat hunting and writing playbooks.
Knowledge of Mitre security framework, NIST standards and Controls, ISO27001 and PCI-DSS
Knowledge of Microsoft Azure Sentinel and Defender Advanced Threat Protection.
Knowledge of Microsoft Active Directory.
For an informal discussion please contact David Strong on 01228 817298 or David.Strong@carlisle.gov.uk
We offer an excellent benefits package with flexible working, a generous pension scheme and fabulous development opportunities.
For further details and an application form please visit our website www.carlisle.gov.uk/Jobs
The closing date for applications is 12 noon on Friday 22 October 2021 and interviews are anticipated to take place week commencing 8 November 2021.
Oct 01, 2021
Full time
This is a new position which means we are looking for a motivated and enthusiastic Cyber Security Manager to help establish and develop good practice within the service and the wider Authority. The role offers the opportunity for hybrid working in a flexible service.
The post holder will become the Authority’s expert in Cyber Security. They will have responsibility for the effective operational management of the Cyber Security agenda across the Authority, ensuring the protection of IT Systems utilised to support customer and back-office functions. This person is expected to become expert in and up to date with policies, procedures, legislation, and good practice surrounding Cyber Security.
This is a varied hands-on role that involves working closely with all areas of ICT Services and the wider organisation to promote and develop a security first approach and practice.
You will support the ICT Service teams in strategic security projects focusing on patching and vulnerability management.
Responsibilities / Essential Skills
Reporting to the Head of Digital and Technology, you will be responsible for driving and implementing security initiatives to protect the business from security threats and cyber-attacks, delivering best practice security controls and processes
Establish and execute the security strategy for the development of information security technologies, cyber risk management and policies and practices while ensuring information security and compliance within applicable regulations
Providing hands-on leadership in risk identification to accurately map out critical security issues and recommendations
Plan and manage security testing and simulations, including red assessments and phishing simulations.
Investigate and respond to breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities
Scheduling and conducting periodic security assessments, including desktop and red team exercises.
Proven experience of strategically leading security operations.
Ability to communicate at all levels (technical / non-technical) with clarity and precision, both written and verbally.
Ideally hold at least one Security Compliance certification (CISSP, CEH, CISM)
Main Skills/ Requirements:
Security Incident Management and Crisis Management experience
Sound knowledge and experience with compliance frameworks such as NIST, MITRE ATT&CK, and PCI DSS
Experience with SIEM systems
Scripting with Python and/or PowerShell
Experience of Data Leakage prevention strategies
Excellent understanding across multiple technology areas - Networking, Operating Systems (Windows, Linux, and Mac), Application Security, AWS.
Experience leading investigations, threat hunting and writing playbooks.
Knowledge of Mitre security framework, NIST standards and Controls, ISO27001 and PCI-DSS
Knowledge of Microsoft Azure Sentinel and Defender Advanced Threat Protection.
Knowledge of Microsoft Active Directory.
For an informal discussion please contact David Strong on 01228 817298 or David.Strong@carlisle.gov.uk
We offer an excellent benefits package with flexible working, a generous pension scheme and fabulous development opportunities.
For further details and an application form please visit our website www.carlisle.gov.uk/Jobs
The closing date for applications is 12 noon on Friday 22 October 2021 and interviews are anticipated to take place week commencing 8 November 2021.