Cloud Engineer Remote Inside IR35 6 month initial Our Financial Sector-based client is looking for a Cloud Engineer. The Cloud RTB WAF Engineer will be working on the ECB Programme which aims to deploy WAF solutions on all domain/names related to covering internet-facing and the internal web applications in order to meet the Banks regulatory requirement. CORE SKILLS/TECHNICAL REQUIREMENT experience with multiple WAF solutions for edge, cloud, and on-premise experience with cloud services and their WAF controls, ideally including one or more of the following: AWS, Azure, and GCP understanding of Web Application security attack methods and mitigations in WAF tuning and configuration, coupled with a strong foundation in web security principles and practices. custom WAF rules and features, addressing gaps and enhancing overall security measures to design and implement bespoke WAF processes and documentation, underpinned by a thorough understanding of web application security. skills to review and align platforms with MVP and Baseline Configurations, leveraging a deep knowledge of WAF functionalities and limitations. DevSecOps pipeline maintenance support for the automation works with IDAM protocols and access control measures for WAF management, informed by strong web security knowledge. of HTTPS inspection, including Termination and Certificate management, grounded in robust web security practices. in rate limiting techniques and their integration into security configurations of version control and update mechanisms for WAF solutions in identifying and documenting platform and organizational logging options, with a focus on security implications and cloud environments. interfacing with SOC during WAF related security incidents connectivity / network issue management / service management experience OTHER SKILLS stakeholder management skills to detail in analysing large data sets interpersonal skills with strong communication skills both written and verbally working in Agile, or knowledge of the key principles of the methodology experience working on either Information Security/Cyber Security/IT Security projects and Infrastructure projects would be desirable. contribute and work to team objectives. who can work pro-actively with minimum supervision JBRP1_UKTJ
May 01, 2024
Full time
Cloud Engineer Remote Inside IR35 6 month initial Our Financial Sector-based client is looking for a Cloud Engineer. The Cloud RTB WAF Engineer will be working on the ECB Programme which aims to deploy WAF solutions on all domain/names related to covering internet-facing and the internal web applications in order to meet the Banks regulatory requirement. CORE SKILLS/TECHNICAL REQUIREMENT experience with multiple WAF solutions for edge, cloud, and on-premise experience with cloud services and their WAF controls, ideally including one or more of the following: AWS, Azure, and GCP understanding of Web Application security attack methods and mitigations in WAF tuning and configuration, coupled with a strong foundation in web security principles and practices. custom WAF rules and features, addressing gaps and enhancing overall security measures to design and implement bespoke WAF processes and documentation, underpinned by a thorough understanding of web application security. skills to review and align platforms with MVP and Baseline Configurations, leveraging a deep knowledge of WAF functionalities and limitations. DevSecOps pipeline maintenance support for the automation works with IDAM protocols and access control measures for WAF management, informed by strong web security knowledge. of HTTPS inspection, including Termination and Certificate management, grounded in robust web security practices. in rate limiting techniques and their integration into security configurations of version control and update mechanisms for WAF solutions in identifying and documenting platform and organizational logging options, with a focus on security implications and cloud environments. interfacing with SOC during WAF related security incidents connectivity / network issue management / service management experience OTHER SKILLS stakeholder management skills to detail in analysing large data sets interpersonal skills with strong communication skills both written and verbally working in Agile, or knowledge of the key principles of the methodology experience working on either Information Security/Cyber Security/IT Security projects and Infrastructure projects would be desirable. contribute and work to team objectives. who can work pro-actively with minimum supervision JBRP1_UKTJ
SENIOR BIG DATA ENGINEER - DV CLEARED BRAND NEW PERMANENT JOB OPPORTUNITY AVAILABLE WITHIN A GLOBALLY LEADING NATIONAL SECURITY COMPANY FOR A BIG DATA ENGINEER WITH DV CLEARANCE Permanent job opportunity for a Big Data Engineer Globally leading defence / cyber security company Salary up to £75,000 plus clearance bonus London based organisation in an easily accessible location Permanent Software Engineer To apply please call or email WHO WE ARE? We are recruiting a big data Engineer to work with a multi-national, industry leading national security company in central London. WHAT WILL THE BIG DATA ENGINEER BE DOING? You will be joining a leading cyber team to develop and maintain a suite of applications. We are looking for someone who has had responsibility for packages of work and is used to dealing with customers. You should be able to deploy applications in a controlled and repeatable way as well as being able to develop technical specialisms. WE NEED THE BIG DATA ENGINEER TO HAVE . Current DV clearance (Enhanced) Must have experience with big data tools such as Hadoop, Cloudera or Elasticsearch Experience working in an Agile Scrum environment Experience in design, development, test and integration of software Willingness to learn new technologies on the Java stack IT WOULD BE NICE FOR THE BIG DATA ENGINEER TO HAVE . Cloud based architectures Microservice architecture or server-less architecture Messaging / routing technologies such as Apache Nifi / RabbitMQ Experience of DevSecOps automated deployment tools such as Jenkins, Ansible, Docker TO BE CONSIDERED . Please either apply by clicking online or emailing me directly to For further information please call me on or . I can make myself available outside of normal working hours to suit from 7am until 10pm. If unavailable, please leave a message and either myself or one of my colleagues will respond. By applying for this role, you give express consent for us to process & submit (subject to required skills) your application to our client in conjunction with this vacancy only. Also feel free to connect with me on LinkedIn, just search Dominic Barbet. I look forward to hearing from you. BIG DATA ENGINEER - DV CLEARED KEY SKILLS: BIG DATA DEVELOPER / BIG DATA ENGINEER / SENIOR BIG DATA DEVELOPER / SENIOR BIG DATA ENIGNEER / DATA ENGINEER / DATA DEVELOPER / SENIOR SOFTWARE DEVELOPER LEAD SOFTWARE ENGINEER / LEAD SOFTWARE DEVELOPER / SENIOR SOFTWARE DEVELOPER / DV CLEARED / DV CLEARANCE / DEVELOPPED VETTING / DEVELOPED VETTED / DEEP VETTING / DEEP VETTED / SC CLEARED / SC CLEARANCE / SECURITY CLEARED / SECURITY CLEARANCE / NIFI / CLOUDERA / HADOOP / KAFKA / ELASTIC SEARCH
May 01, 2024
Full time
SENIOR BIG DATA ENGINEER - DV CLEARED BRAND NEW PERMANENT JOB OPPORTUNITY AVAILABLE WITHIN A GLOBALLY LEADING NATIONAL SECURITY COMPANY FOR A BIG DATA ENGINEER WITH DV CLEARANCE Permanent job opportunity for a Big Data Engineer Globally leading defence / cyber security company Salary up to £75,000 plus clearance bonus London based organisation in an easily accessible location Permanent Software Engineer To apply please call or email WHO WE ARE? We are recruiting a big data Engineer to work with a multi-national, industry leading national security company in central London. WHAT WILL THE BIG DATA ENGINEER BE DOING? You will be joining a leading cyber team to develop and maintain a suite of applications. We are looking for someone who has had responsibility for packages of work and is used to dealing with customers. You should be able to deploy applications in a controlled and repeatable way as well as being able to develop technical specialisms. WE NEED THE BIG DATA ENGINEER TO HAVE . Current DV clearance (Enhanced) Must have experience with big data tools such as Hadoop, Cloudera or Elasticsearch Experience working in an Agile Scrum environment Experience in design, development, test and integration of software Willingness to learn new technologies on the Java stack IT WOULD BE NICE FOR THE BIG DATA ENGINEER TO HAVE . Cloud based architectures Microservice architecture or server-less architecture Messaging / routing technologies such as Apache Nifi / RabbitMQ Experience of DevSecOps automated deployment tools such as Jenkins, Ansible, Docker TO BE CONSIDERED . Please either apply by clicking online or emailing me directly to For further information please call me on or . I can make myself available outside of normal working hours to suit from 7am until 10pm. If unavailable, please leave a message and either myself or one of my colleagues will respond. By applying for this role, you give express consent for us to process & submit (subject to required skills) your application to our client in conjunction with this vacancy only. Also feel free to connect with me on LinkedIn, just search Dominic Barbet. I look forward to hearing from you. BIG DATA ENGINEER - DV CLEARED KEY SKILLS: BIG DATA DEVELOPER / BIG DATA ENGINEER / SENIOR BIG DATA DEVELOPER / SENIOR BIG DATA ENIGNEER / DATA ENGINEER / DATA DEVELOPER / SENIOR SOFTWARE DEVELOPER LEAD SOFTWARE ENGINEER / LEAD SOFTWARE DEVELOPER / SENIOR SOFTWARE DEVELOPER / DV CLEARED / DV CLEARANCE / DEVELOPPED VETTING / DEVELOPED VETTED / DEEP VETTING / DEEP VETTED / SC CLEARED / SC CLEARANCE / SECURITY CLEARED / SECURITY CLEARANCE / NIFI / CLOUDERA / HADOOP / KAFKA / ELASTIC SEARCH
LEAD BIG DATA ENGINEER - DV CLEARED BRAND NEW PERMANENT JOB OPPORTUNITY AVAILABLE WITHIN A GLOBALLY LEADING NATIONAL SECURITY COMPANY FOR A LEAD BIG DATA ENGINEER WITH DV CLEARANCE Permanent job opportunity for a Lead Big Data Engineer Globally leading defence / cyber security company Salary up to £90,000 plus clearance bonus London based organisation in an easily accessible location Permanent Software Engineer To apply please call / or email WHO WE ARE? We are recruiting a lead Big Data Engineer to work with a multi-national, industry leading national security company in central London. WHAT WILL THE LEAD BIG DATA ENGINEER BE DOING? You will be joining a leading cyber team to design and develop packages of work. We are looking for someone who has had responsibility mentoring / line manager experience. You should be able to deploy applications in a controlled and repeatable way as well as being able to develop technical specialisms. WE NEED THE LEAD BIG DATA ENGINEER TO HAVE . Current DV clearance (Enhanced) Must have experience with big data tools such as Hadoop, Cloudera or Elasticsearch Demonstratable experience in a professional Java environment Experience of DevSecOps automated deployment tools such as Jenkins, Ansible, Docker Experience working in an Agile Scrum environment with tools such as Confluence / Jira Experience in design, development, test and integration of software Willingness to learn new technologies on the Java stack IT WOULD BE NICE FOR THE LEAD BIG DATA ENGINEER TO HAVE . Cloud based architectures Microservice architecture or server-less architecture Messaging / routing technologies such as Apache Nifi / RabbitMQ TO BE CONSIDERED . Please either apply by clicking online or emailing me directly to For further information please call me on or . I can make myself available outside of normal working hours to suit from 7am until 10pm. If unavailable, please leave a message and either myself or one of my colleagues will respond. By applying for this role, you give express consent for us to process & submit (subject to required skills) your application to our client in conjunction with this vacancy only. Also feel free to connect with me on LinkedIn, just search Dominic Barbet. I look forward to hearing from you. LEAD BIG DATA ENGINEER - DV CLEARED KEY SKILLS: BIG DATA DEVELOPER / BIG DATA ENGINEER / SENIOR BIG DATA DEVELOPER / SENIOR BIG DATA ENIGNEER / DATA ENGINEER / DATA DEVELOPER / SENIOR SOFTWARE DEVELOPER LEAD SOFTWARE ENGINEER / LEAD SOFTWARE DEVELOPER / SENIOR SOFTWARE DEVELOPER / DV CLEARED / DV CLEARANCE / DEVELOPPED VETTING / DEVELOPED VETTED / DEEP VETTING / DEEP VETTED / SC CLEARED / SC CLEARANCE / SECURITY CLEARED / SECURITY CLEARANCE / NIFI / CLOUDERA / HADOOP / KAFKA / ELASTIC SEARCH / LEAD BIG DATA ENGINEER / LEAD BIG DATA DEVELOPER
May 01, 2024
Full time
LEAD BIG DATA ENGINEER - DV CLEARED BRAND NEW PERMANENT JOB OPPORTUNITY AVAILABLE WITHIN A GLOBALLY LEADING NATIONAL SECURITY COMPANY FOR A LEAD BIG DATA ENGINEER WITH DV CLEARANCE Permanent job opportunity for a Lead Big Data Engineer Globally leading defence / cyber security company Salary up to £90,000 plus clearance bonus London based organisation in an easily accessible location Permanent Software Engineer To apply please call / or email WHO WE ARE? We are recruiting a lead Big Data Engineer to work with a multi-national, industry leading national security company in central London. WHAT WILL THE LEAD BIG DATA ENGINEER BE DOING? You will be joining a leading cyber team to design and develop packages of work. We are looking for someone who has had responsibility mentoring / line manager experience. You should be able to deploy applications in a controlled and repeatable way as well as being able to develop technical specialisms. WE NEED THE LEAD BIG DATA ENGINEER TO HAVE . Current DV clearance (Enhanced) Must have experience with big data tools such as Hadoop, Cloudera or Elasticsearch Demonstratable experience in a professional Java environment Experience of DevSecOps automated deployment tools such as Jenkins, Ansible, Docker Experience working in an Agile Scrum environment with tools such as Confluence / Jira Experience in design, development, test and integration of software Willingness to learn new technologies on the Java stack IT WOULD BE NICE FOR THE LEAD BIG DATA ENGINEER TO HAVE . Cloud based architectures Microservice architecture or server-less architecture Messaging / routing technologies such as Apache Nifi / RabbitMQ TO BE CONSIDERED . Please either apply by clicking online or emailing me directly to For further information please call me on or . I can make myself available outside of normal working hours to suit from 7am until 10pm. If unavailable, please leave a message and either myself or one of my colleagues will respond. By applying for this role, you give express consent for us to process & submit (subject to required skills) your application to our client in conjunction with this vacancy only. Also feel free to connect with me on LinkedIn, just search Dominic Barbet. I look forward to hearing from you. LEAD BIG DATA ENGINEER - DV CLEARED KEY SKILLS: BIG DATA DEVELOPER / BIG DATA ENGINEER / SENIOR BIG DATA DEVELOPER / SENIOR BIG DATA ENIGNEER / DATA ENGINEER / DATA DEVELOPER / SENIOR SOFTWARE DEVELOPER LEAD SOFTWARE ENGINEER / LEAD SOFTWARE DEVELOPER / SENIOR SOFTWARE DEVELOPER / DV CLEARED / DV CLEARANCE / DEVELOPPED VETTING / DEVELOPED VETTED / DEEP VETTING / DEEP VETTED / SC CLEARED / SC CLEARANCE / SECURITY CLEARED / SECURITY CLEARANCE / NIFI / CLOUDERA / HADOOP / KAFKA / ELASTIC SEARCH / LEAD BIG DATA ENGINEER / LEAD BIG DATA DEVELOPER
Senior Cloud Security Engineer required by a high-tech software company with technical teams in the UK and US. The successful Senior Cloud Security Engineer will be join a growing security team within the business tasked with ensuring the secure architecture and operation of their SaaS products. The successful Senior Cloud Security Engineer is likely to have a technical background in infrastructure or devops and should have proven commercial experience in the cloud security space. The successful Senior Cloud Security Engineer will work closely with software development and devops teams and will be responsible for - Defining security requirements and solutions for SaaS services Maintaining and developing a culture of security Identifying, preventing and solving service vulnerabilities Providing general security oversight of SaaS services Working with DevOps teams to establish and maintain efficient DevSecOps processes Establishing security policies and standards for SaaS services 100% remote working Key experience A passion for software and/or cyber security In depth knowledge of AWS and Azure services Extensive experience working with multi-tenant cloud environments Scripting experience eg Bash, PowerShell, Python or similar Experience in any of the following areas would be advantageous but is not essential DevOps IaC technologies eg Terraform, CloudFormation or similar CI/CD If you are seeking a role of this nature please get in touch for more information. The role would be remote based with no requirement to work in the office. Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy.
May 01, 2024
Full time
Senior Cloud Security Engineer required by a high-tech software company with technical teams in the UK and US. The successful Senior Cloud Security Engineer will be join a growing security team within the business tasked with ensuring the secure architecture and operation of their SaaS products. The successful Senior Cloud Security Engineer is likely to have a technical background in infrastructure or devops and should have proven commercial experience in the cloud security space. The successful Senior Cloud Security Engineer will work closely with software development and devops teams and will be responsible for - Defining security requirements and solutions for SaaS services Maintaining and developing a culture of security Identifying, preventing and solving service vulnerabilities Providing general security oversight of SaaS services Working with DevOps teams to establish and maintain efficient DevSecOps processes Establishing security policies and standards for SaaS services 100% remote working Key experience A passion for software and/or cyber security In depth knowledge of AWS and Azure services Extensive experience working with multi-tenant cloud environments Scripting experience eg Bash, PowerShell, Python or similar Experience in any of the following areas would be advantageous but is not essential DevOps IaC technologies eg Terraform, CloudFormation or similar CI/CD If you are seeking a role of this nature please get in touch for more information. The role would be remote based with no requirement to work in the office. Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy.
Overview of Citi: Citi, the world leading global bank, has approximately 200 million customer accounts and a presence in more than 160 countries and jurisdictions worldwide. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. Citi enables clients to achieve their strategic financial objectives by providing them with cutting-edge ideas, best-in-class products and solutions, and unparalleled access to capital and liquidity. The Team: The Chief Information Security Office (CISO) is responsible for looking after the cyber security of all of Citi's technical assets. It has several new and exciting programmes utilising cutting edge cloud and container technologies, with a view to ensuring that our cyber security is best in class and offers reassurance to our wider business lines and clients alike. The Job: This is a great opportunity to join in a role that sits within the Container Security team, which is responsible for ensuring, maintaining, and improving the security of our container technologies within the firm. You will be responsible for engineering automated security solutions that both secure and harden internal platforms as well as reduce friction for developers in their daily development lifecycle. You will be improving the container SDLC (software development lifecycle) for internal developers from an image scanning perspective, engineering firm-wide solutions and partnering with centralised platform teams, DevOps teams and our developer community where appropriate. Job Skills/ Qualifications: Highly motivated self-starter with excellent interpersonal and problem-solving skills Experience of the full lifecycle of design, implementation and running of enterprise software solutions involving cross functional team collaboration Experience contributing to the architecture and design (architecture, design patterns, reliability, scaling) of new and current systems Experience of k8s and container technologies such as Docker, Podman and Openshift Experience of security fundamentals with relation to a k8s platform and DevSecOps a bonus Expertise in a major programming language such as Python or Java, and associated tooling (Git, Maven, IDEs, Jenkins, Bitbucket etc) Experience using Container Image Scanning platforms and tooling Expertise with DevOps, CI/CD and agile methodology Education Bachelor's degree or equivalent work experience What we'll provide you By joining Citi London, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive base salary (which is annually reviewed), and enjoy a whole host of additional benefits such as: 27 days annual leave (plus bank holidays) A discretional annual performance related bonus Private Medical Care & Life Insurance Employee Assistance Program Pension Plan Paid Parental Leave Special discounts for employees, family, and friends Access to an array of learning and development resources Alongside these benefits Citi is committed to ensuring our workplace is where everyone feels comfortable coming to work as their whole self, every day. We want the best talent around the world to be energized to join us, motivated to stay and empowered to thrive. Job Family Group: Technology Job Family: Systems & Engineering Time Type: Full time Citi is an equal opportunity and affirmative action employer. Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi . View the " EEO is the Law " poster. View the EEO is the Law Supplement . View the EEO Policy Statement . View the Pay Transparency Posting
May 01, 2024
Full time
Overview of Citi: Citi, the world leading global bank, has approximately 200 million customer accounts and a presence in more than 160 countries and jurisdictions worldwide. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. Citi enables clients to achieve their strategic financial objectives by providing them with cutting-edge ideas, best-in-class products and solutions, and unparalleled access to capital and liquidity. The Team: The Chief Information Security Office (CISO) is responsible for looking after the cyber security of all of Citi's technical assets. It has several new and exciting programmes utilising cutting edge cloud and container technologies, with a view to ensuring that our cyber security is best in class and offers reassurance to our wider business lines and clients alike. The Job: This is a great opportunity to join in a role that sits within the Container Security team, which is responsible for ensuring, maintaining, and improving the security of our container technologies within the firm. You will be responsible for engineering automated security solutions that both secure and harden internal platforms as well as reduce friction for developers in their daily development lifecycle. You will be improving the container SDLC (software development lifecycle) for internal developers from an image scanning perspective, engineering firm-wide solutions and partnering with centralised platform teams, DevOps teams and our developer community where appropriate. Job Skills/ Qualifications: Highly motivated self-starter with excellent interpersonal and problem-solving skills Experience of the full lifecycle of design, implementation and running of enterprise software solutions involving cross functional team collaboration Experience contributing to the architecture and design (architecture, design patterns, reliability, scaling) of new and current systems Experience of k8s and container technologies such as Docker, Podman and Openshift Experience of security fundamentals with relation to a k8s platform and DevSecOps a bonus Expertise in a major programming language such as Python or Java, and associated tooling (Git, Maven, IDEs, Jenkins, Bitbucket etc) Experience using Container Image Scanning platforms and tooling Expertise with DevOps, CI/CD and agile methodology Education Bachelor's degree or equivalent work experience What we'll provide you By joining Citi London, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive base salary (which is annually reviewed), and enjoy a whole host of additional benefits such as: 27 days annual leave (plus bank holidays) A discretional annual performance related bonus Private Medical Care & Life Insurance Employee Assistance Program Pension Plan Paid Parental Leave Special discounts for employees, family, and friends Access to an array of learning and development resources Alongside these benefits Citi is committed to ensuring our workplace is where everyone feels comfortable coming to work as their whole self, every day. We want the best talent around the world to be energized to join us, motivated to stay and empowered to thrive. Job Family Group: Technology Job Family: Systems & Engineering Time Type: Full time Citi is an equal opportunity and affirmative action employer. Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi . View the " EEO is the Law " poster. View the EEO is the Law Supplement . View the EEO Policy Statement . View the Pay Transparency Posting
Cloud Engineer - WAF Technical Skills & Experience:• Strong experience with multiple WAF solutions for edge, cloud, and on-premise• Strong experience with cloud services and their WAF controls, ideally including one or more of the following: AWS, Azure, and GCP• Strong understanding of Web Application security attack methods and mitigations• Proficiency in WAF tuning and configuration and a strong foundation in web security principles and practices.• Develop custom WAF rules and features, addressing gaps and enhancing overall security measures• Capability to design and implement bespoke WAF processes and documentation, underpinned by a thorough understanding of web application security.• Analytical skills to review and align platforms with MVP and Baseline Configurations, leveraging a deep knowledge of WAF functionalities and limitations.• Providing DevSecOps pipeline maintenance support for the automation works• Familiarity with IDAM protocols and access control measures for WAF management, informed by strong web security knowledge.• Understanding of HTTPS inspection, including Termination and Certificate management, grounded in robust web security practices.• Experience in rate limiting techniques and their integration into security configurations• Experience of version control and update mechanisms for WAF solutions• Competency in identifying and documenting platform and organizational logging options, focusing on security implications and cloud environments.• Experience interfacing with SOC during WAF-related security incidents• General connectivity/network issue management/service management experience OTHER SKILLS• Strong stakeholder management skills• Attention to detail in analysing large data sets• Excellent interpersonal skills with strong communication skills both written and verbally• Experience working in Agile, or knowledge of the key principles of the methodology• Previous experience working on either Information Security/Cyber Security/IT Security projects and Infrastructure projects would be desirable.• Positively contribute and work to team objectives.• Self-starter, who can work pro-actively with minimum supervision
May 01, 2024
Full time
Cloud Engineer - WAF Technical Skills & Experience:• Strong experience with multiple WAF solutions for edge, cloud, and on-premise• Strong experience with cloud services and their WAF controls, ideally including one or more of the following: AWS, Azure, and GCP• Strong understanding of Web Application security attack methods and mitigations• Proficiency in WAF tuning and configuration and a strong foundation in web security principles and practices.• Develop custom WAF rules and features, addressing gaps and enhancing overall security measures• Capability to design and implement bespoke WAF processes and documentation, underpinned by a thorough understanding of web application security.• Analytical skills to review and align platforms with MVP and Baseline Configurations, leveraging a deep knowledge of WAF functionalities and limitations.• Providing DevSecOps pipeline maintenance support for the automation works• Familiarity with IDAM protocols and access control measures for WAF management, informed by strong web security knowledge.• Understanding of HTTPS inspection, including Termination and Certificate management, grounded in robust web security practices.• Experience in rate limiting techniques and their integration into security configurations• Experience of version control and update mechanisms for WAF solutions• Competency in identifying and documenting platform and organizational logging options, focusing on security implications and cloud environments.• Experience interfacing with SOC during WAF-related security incidents• General connectivity/network issue management/service management experience OTHER SKILLS• Strong stakeholder management skills• Attention to detail in analysing large data sets• Excellent interpersonal skills with strong communication skills both written and verbally• Experience working in Agile, or knowledge of the key principles of the methodology• Previous experience working on either Information Security/Cyber Security/IT Security projects and Infrastructure projects would be desirable.• Positively contribute and work to team objectives.• Self-starter, who can work pro-actively with minimum supervision
Minimum of SC Clearance, MOD DV would be a preferrable Competivie salary plus Benefits and Bonuses Gloucester location - 3 days on site WHAT WILL THE SENIOR SYSTEMS ENGINEER BE DOING? As a Senior Systems Engineer, you'll join an expanding Corporate Services IT department that supports mission critical work completed by over 1000 end users across hundreds of servers. The unique nature of the business areas you and your team will support create complex and often time-critical demands to deliver effective, reliable and enduring IT platforms across 'conventional' on-premise systems, cloud computing and 'air-gapped' systems. As a Senior Systems Engineer, you'll be understanding, maintaining and developing specific aspects of an enterprise IT environment; encompassing tasks across technical design, implementation and support. SKILLS & EXPERIENCE REQUIRED: Systems engineering experience at technical lead level with vendor technologies such as Microsoft, Amazon (AWS), VMWare, RedHat of similar. Able to design, support and maintain internal IT environments, platforms and services at SME level or above. Awareness of Defence or National Security IT standards, a background within these domains would be preferential; including within environments that operate at multiple classification levels. Some exposure to Solution or Enterprise Architecture methods, you do not need to be a practitioner. KEY TECHNOLOGIES: Cloud platforms: Primarily AWS and Azure covering organisation design (layout), tenancy/account management, security, identity management, service provisioning and reporting functions. Identity and Directory services: Design, management and maintenance of Microsoft Active Directory, OpenLDAP, KeyCloak and Microsoft's enterprise Single Sign-On technologies. Mobile device management: Covering 300+ deployed mobile devices, applying best practice and industry standards. Cyber security and information assurance: Managing and maintaining intrusion detection apparatus, supporting queries/investigations and hardened configuration of IT equipment. DevSecOps and Site Reliability Engineering: Supporting enterprise software teams and their Ci/CD requirements using tools such as GitLab, Jenkins or SonarQube etc. Successful applicant must be a British national and must hold a minimum of SC Clearance, MOD DV security clearance would be preferred. TO BE CONSIDERED . Please either apply by clicking online or emailing me directly to - I can make myself available outside of normal working hours to suit from 7am until 10pm. If unavailable, please leave a message and either myself or one of my colleagues will respond. By applying for this role, you express consent for us to process & submit (subject to required skills) your application to our client in conjunction with this vacancy only. Also feel free to connect with me on LinkedIn, just search Henry Clay-Davies. I look forward to hearing from you. SENIOR SYSTEMS ENGINEER KEY SKILLS: SENIOR SYSTEMS ENGINEER / SYSTEMS ENGINEER / NATIONAL SECURITY / DEFENCE / GOVERNMENT / SECURITY CLEARED / SECURITY CLEARANCE / SECURITY CHECK / SC CLEARED / SC CLEARANCE / DEVELOPED VETTING / DEVELOPED VETTED / DV CLEARED / DV CLEARANCE / DEEP VETTED / DEEP VETTING
May 01, 2024
Full time
Minimum of SC Clearance, MOD DV would be a preferrable Competivie salary plus Benefits and Bonuses Gloucester location - 3 days on site WHAT WILL THE SENIOR SYSTEMS ENGINEER BE DOING? As a Senior Systems Engineer, you'll join an expanding Corporate Services IT department that supports mission critical work completed by over 1000 end users across hundreds of servers. The unique nature of the business areas you and your team will support create complex and often time-critical demands to deliver effective, reliable and enduring IT platforms across 'conventional' on-premise systems, cloud computing and 'air-gapped' systems. As a Senior Systems Engineer, you'll be understanding, maintaining and developing specific aspects of an enterprise IT environment; encompassing tasks across technical design, implementation and support. SKILLS & EXPERIENCE REQUIRED: Systems engineering experience at technical lead level with vendor technologies such as Microsoft, Amazon (AWS), VMWare, RedHat of similar. Able to design, support and maintain internal IT environments, platforms and services at SME level or above. Awareness of Defence or National Security IT standards, a background within these domains would be preferential; including within environments that operate at multiple classification levels. Some exposure to Solution or Enterprise Architecture methods, you do not need to be a practitioner. KEY TECHNOLOGIES: Cloud platforms: Primarily AWS and Azure covering organisation design (layout), tenancy/account management, security, identity management, service provisioning and reporting functions. Identity and Directory services: Design, management and maintenance of Microsoft Active Directory, OpenLDAP, KeyCloak and Microsoft's enterprise Single Sign-On technologies. Mobile device management: Covering 300+ deployed mobile devices, applying best practice and industry standards. Cyber security and information assurance: Managing and maintaining intrusion detection apparatus, supporting queries/investigations and hardened configuration of IT equipment. DevSecOps and Site Reliability Engineering: Supporting enterprise software teams and their Ci/CD requirements using tools such as GitLab, Jenkins or SonarQube etc. Successful applicant must be a British national and must hold a minimum of SC Clearance, MOD DV security clearance would be preferred. TO BE CONSIDERED . Please either apply by clicking online or emailing me directly to - I can make myself available outside of normal working hours to suit from 7am until 10pm. If unavailable, please leave a message and either myself or one of my colleagues will respond. By applying for this role, you express consent for us to process & submit (subject to required skills) your application to our client in conjunction with this vacancy only. Also feel free to connect with me on LinkedIn, just search Henry Clay-Davies. I look forward to hearing from you. SENIOR SYSTEMS ENGINEER KEY SKILLS: SENIOR SYSTEMS ENGINEER / SYSTEMS ENGINEER / NATIONAL SECURITY / DEFENCE / GOVERNMENT / SECURITY CLEARED / SECURITY CLEARANCE / SECURITY CHECK / SC CLEARED / SC CLEARANCE / DEVELOPED VETTING / DEVELOPED VETTED / DV CLEARED / DV CLEARANCE / DEEP VETTED / DEEP VETTING
SOC Senior Security Analyst £70k 1-2 days pw READING - Daytimes only, NO SHIFTS plus good bens, hols, pension, training budget. I'm a security specialist recruiter, looking for a skilled technical experienced SOC / Technical Security analyst who MUST be resident and eligible to work in the UK, unsupported by a visa. This is a really unusual and varied role, that can take you into the inner workings of a large internal SOC, where opportunity and growth is quite literally unlimited. The team is responsible for more than just transactional detect and respond, like you might find in a commercial / 3rd party SOC. We're looking to find senior SOC people, with experience in MS Sentinel, Defender, SOAR and automation, SIEM Use cases building, working with MDR and more. You'll be able to take advantage of excellent pkg and conditions like: Hybrid work for a technical progressive organisation, with no night/late shifts! (occasional oncall potential for incidents ofc) Empowerment to learn and specialise in IR, DevSecOps automation and more Chances to work more on growing engineering and 3rd line skills, rather than low level false positives You'll ideall have a few years in a senior SOC role perhaps with some earlier experience in engineering, or sus admin. Quick overview of the things we'd love to see on a CV At least 5 years of Cyber / SOC / Defensive security and hands on. MS Sentinel and Defender, MS stack SIEM use cases Azure, MS Inf and scripting and automation skills, KQL, Python, Architecture of feeds /logs, SOAR Some strong t3 / Incident response experience Knowledge share / mentoring and guidance for less senior members of the team I'm on LinkedIn and happy to connect to UK eligible security candidates. Due to the volume of overseas candidates i cannot accept invites from inelligible job seekers. I'm available on security ( aT ) Circlerecruitment ( dOt ) cOm as well if you don't want to upload a CV. Thanks for reading, Tariq Dirania Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role! We also offer an iPad if you refer a new client to us and we recruit for them. Follow us on Facebook - Circle Recruitment , Twitter and LinkedIn - Circle Recruitment.
May 01, 2024
Full time
SOC Senior Security Analyst £70k 1-2 days pw READING - Daytimes only, NO SHIFTS plus good bens, hols, pension, training budget. I'm a security specialist recruiter, looking for a skilled technical experienced SOC / Technical Security analyst who MUST be resident and eligible to work in the UK, unsupported by a visa. This is a really unusual and varied role, that can take you into the inner workings of a large internal SOC, where opportunity and growth is quite literally unlimited. The team is responsible for more than just transactional detect and respond, like you might find in a commercial / 3rd party SOC. We're looking to find senior SOC people, with experience in MS Sentinel, Defender, SOAR and automation, SIEM Use cases building, working with MDR and more. You'll be able to take advantage of excellent pkg and conditions like: Hybrid work for a technical progressive organisation, with no night/late shifts! (occasional oncall potential for incidents ofc) Empowerment to learn and specialise in IR, DevSecOps automation and more Chances to work more on growing engineering and 3rd line skills, rather than low level false positives You'll ideall have a few years in a senior SOC role perhaps with some earlier experience in engineering, or sus admin. Quick overview of the things we'd love to see on a CV At least 5 years of Cyber / SOC / Defensive security and hands on. MS Sentinel and Defender, MS stack SIEM use cases Azure, MS Inf and scripting and automation skills, KQL, Python, Architecture of feeds /logs, SOAR Some strong t3 / Incident response experience Knowledge share / mentoring and guidance for less senior members of the team I'm on LinkedIn and happy to connect to UK eligible security candidates. Due to the volume of overseas candidates i cannot accept invites from inelligible job seekers. I'm available on security ( aT ) Circlerecruitment ( dOt ) cOm as well if you don't want to upload a CV. Thanks for reading, Tariq Dirania Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role! We also offer an iPad if you refer a new client to us and we recruit for them. Follow us on Facebook - Circle Recruitment , Twitter and LinkedIn - Circle Recruitment.
About Our Client My client- an organisation within the Financial Services sector are looking for an IT Security Architect- join their site in London remotely on an initial 6-month contract! Job Description The successful candidate for the IT Security Architect- Financial Services Sector 6-month contract role will fulfil the following responsibilities: Working with IT Architecture, Production, and Information Security colleagues to design IT and InfoSec solution architectures. They will take end-to-end responsibility for the security solution, driving the high-level design, and supporting engineering in the low-level design, through to architecture assurance reviews of the delivered solution. Working with Information Security colleagues to identify and assess security risks, define security control requirements, and understand the changing nature of risk as the IT landscape evolves. Produce effective architecture documentation that enables all relevant business and technical audiences and communicate these across IT where appropriate. Provide security architecture consultancy services to internal customers by offering technical security guidance, and ensuring architecture principles, design standards and operational requirements are met. Provide security coaching and advice to senior developers, Tech Leads and Head of Tech. Design and implement cloud security strategies and policies that meet an organisation's specific needs. Ensure the security of cloud-based data and applications against unauthorized access, theft, and other threats. Over and conduct regular security assessments and audits of our technology stack to identify vulnerabilities and develop plans to address them. Collaborate with other IT professionals, including network engineers, developers, and system administrators, to integrate cloud security measures into existing systems and processes. Champion best practices, quality and sound data management, work with engineers, developers, and Heads of Technology to ensure roadmap alignment, whilst acting as the bridge between the business, security and technology. Offer coaching and consultancy to the Technology & Security and project teams. The Successful Applicant To be considered for the IT Security Architect- Financial Services Sector contract role in London the candidate must present evidence of the following: Demonstrable experience in designing, recommending, and implementing enterprise-wide security architectures. Previous experience in delivering and maintaining technical security solutions for systems such as End Point Protection, Email & Communications Security, Cloud Security, Network Security, Security Monitoring and Response, and Data Loss Prevention Technologies. Thorough knowledge of Microsoft Azure and M365 core services and products and expert knowledge of security-related products and services. Working knowledge of Secure Software Development Lifecycle and DevSecOps. Strong knowledge and understanding of Information security risk management. Strong knowledge and understanding of architectural frameworks (COBIT/TOGAF) and information security frameworks and controls (NIST, ISO27001, CIS). Experience in security governance. Successful applicant must: Be an articulate communicator, capable of clearly explaining technical cyber and information security issues in business terms to a wide range of audiences. Be comfortable briefing and communicating with C-Suite and business leaders as regards security principles and technologies. Be able to produce clear and structured documentation for all levels of the business. Be able to work under their initiative. Have CISSP/CISM qualifications. Stay up to date on the latest cloud security technologies, trends, and best practices. Candidates should be strongly motivated by BII's development mission and ideally demonstrate some commitment to development or social goals through previous executive or non-executive activity. Our cultural values We look for team members who aspire, as we do, to work at our best and to be: Impact-led, commercially rigorous Tenacious in the face of challenges Collaborative and caring Our client is committed to diversity and inclusion and welcomes all applicants regardless of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, gender, sexual orientation or educational background. What's on Offer An initial 6 month contract inside IR35. Pay rate up to £750 daily. 2 days p/week in their central London office, 3 days p/week working remotely from home.
Apr 28, 2024
Full time
About Our Client My client- an organisation within the Financial Services sector are looking for an IT Security Architect- join their site in London remotely on an initial 6-month contract! Job Description The successful candidate for the IT Security Architect- Financial Services Sector 6-month contract role will fulfil the following responsibilities: Working with IT Architecture, Production, and Information Security colleagues to design IT and InfoSec solution architectures. They will take end-to-end responsibility for the security solution, driving the high-level design, and supporting engineering in the low-level design, through to architecture assurance reviews of the delivered solution. Working with Information Security colleagues to identify and assess security risks, define security control requirements, and understand the changing nature of risk as the IT landscape evolves. Produce effective architecture documentation that enables all relevant business and technical audiences and communicate these across IT where appropriate. Provide security architecture consultancy services to internal customers by offering technical security guidance, and ensuring architecture principles, design standards and operational requirements are met. Provide security coaching and advice to senior developers, Tech Leads and Head of Tech. Design and implement cloud security strategies and policies that meet an organisation's specific needs. Ensure the security of cloud-based data and applications against unauthorized access, theft, and other threats. Over and conduct regular security assessments and audits of our technology stack to identify vulnerabilities and develop plans to address them. Collaborate with other IT professionals, including network engineers, developers, and system administrators, to integrate cloud security measures into existing systems and processes. Champion best practices, quality and sound data management, work with engineers, developers, and Heads of Technology to ensure roadmap alignment, whilst acting as the bridge between the business, security and technology. Offer coaching and consultancy to the Technology & Security and project teams. The Successful Applicant To be considered for the IT Security Architect- Financial Services Sector contract role in London the candidate must present evidence of the following: Demonstrable experience in designing, recommending, and implementing enterprise-wide security architectures. Previous experience in delivering and maintaining technical security solutions for systems such as End Point Protection, Email & Communications Security, Cloud Security, Network Security, Security Monitoring and Response, and Data Loss Prevention Technologies. Thorough knowledge of Microsoft Azure and M365 core services and products and expert knowledge of security-related products and services. Working knowledge of Secure Software Development Lifecycle and DevSecOps. Strong knowledge and understanding of Information security risk management. Strong knowledge and understanding of architectural frameworks (COBIT/TOGAF) and information security frameworks and controls (NIST, ISO27001, CIS). Experience in security governance. Successful applicant must: Be an articulate communicator, capable of clearly explaining technical cyber and information security issues in business terms to a wide range of audiences. Be comfortable briefing and communicating with C-Suite and business leaders as regards security principles and technologies. Be able to produce clear and structured documentation for all levels of the business. Be able to work under their initiative. Have CISSP/CISM qualifications. Stay up to date on the latest cloud security technologies, trends, and best practices. Candidates should be strongly motivated by BII's development mission and ideally demonstrate some commitment to development or social goals through previous executive or non-executive activity. Our cultural values We look for team members who aspire, as we do, to work at our best and to be: Impact-led, commercially rigorous Tenacious in the face of challenges Collaborative and caring Our client is committed to diversity and inclusion and welcomes all applicants regardless of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, gender, sexual orientation or educational background. What's on Offer An initial 6 month contract inside IR35. Pay rate up to £750 daily. 2 days p/week in their central London office, 3 days p/week working remotely from home.
THE SEARCH: Altus Partners are excited to be partnering with an investor-backed software unicorn which has secured significant funding from some of the world's leading private equity and venture capital funds. Their investment will help fuel an ambitious push into the US market, as well as further develop new innovative technology - allowing them to remain at the forefront of their industry, and drive toward an eventual, high-profile IPO. They are seeking a VP of Information Security to lead on the security strategy and operations across the business, and ensure their platform upholds the highest possible security standards. This is a senior role and requires someone capable of partnering closely with the leadership team and building cross functional relationships across most of the business. This is an exciting opportunity for an innovative VP of Information Security to join a technology unicorn that is considered of Europe's most exciting SaaS businesses. THE ROLE: Oversee cloud security, DevSecOps, security operations and security strategy. Ensure the reliability, scalability and security of the systems Own the Cybersecurity strategy - and ensure detection, incident response, prevention and recovery plans are covered Ensure data protection is adhered to - with access controls, encryption and data classification central to this Establish security policies and ensure these are upheld Identify security risks and manage these accordingly Incident response in the event of security breaches Develop and conduct security awareness training programmes Maintain a high level of compliance - including maintenance of ISO27001 and supporting legal around other areas such as GDPR Manage third party vendors and partners and assess and manage associated risks Identify weaknesses in the systems through audits, testing and assessments THE REQUIREMENTS: 12+ years of relevant security experience Strong track record leading a security team within a high growth business (ideally a software business) Deep knowledge of regulations and security standards Excellent online and cloud security knowledge Good understanding of IP networking and operating system level security principles Good understanding of large scale infrastructure and software deployments Experience using new and emerging technologies would be a plus
Apr 27, 2024
Full time
THE SEARCH: Altus Partners are excited to be partnering with an investor-backed software unicorn which has secured significant funding from some of the world's leading private equity and venture capital funds. Their investment will help fuel an ambitious push into the US market, as well as further develop new innovative technology - allowing them to remain at the forefront of their industry, and drive toward an eventual, high-profile IPO. They are seeking a VP of Information Security to lead on the security strategy and operations across the business, and ensure their platform upholds the highest possible security standards. This is a senior role and requires someone capable of partnering closely with the leadership team and building cross functional relationships across most of the business. This is an exciting opportunity for an innovative VP of Information Security to join a technology unicorn that is considered of Europe's most exciting SaaS businesses. THE ROLE: Oversee cloud security, DevSecOps, security operations and security strategy. Ensure the reliability, scalability and security of the systems Own the Cybersecurity strategy - and ensure detection, incident response, prevention and recovery plans are covered Ensure data protection is adhered to - with access controls, encryption and data classification central to this Establish security policies and ensure these are upheld Identify security risks and manage these accordingly Incident response in the event of security breaches Develop and conduct security awareness training programmes Maintain a high level of compliance - including maintenance of ISO27001 and supporting legal around other areas such as GDPR Manage third party vendors and partners and assess and manage associated risks Identify weaknesses in the systems through audits, testing and assessments THE REQUIREMENTS: 12+ years of relevant security experience Strong track record leading a security team within a high growth business (ideally a software business) Deep knowledge of regulations and security standards Excellent online and cloud security knowledge Good understanding of IP networking and operating system level security principles Good understanding of large scale infrastructure and software deployments Experience using new and emerging technologies would be a plus
Job Title: Application Security Architect Day Rate: Excellent Day Rate (Inside IR35) Contract Length: 6 months Initial (expected to extend multiple times) Hybrid Model: 3 days per week in office, 2 days remote Office Location: Central London Industry/Sector: Financial Services About the Role: My client, a highly prestigious, globally renowned name in financial services is seeking a vastly experienced Application Security Architect to join the in-house security team on an initial 6-month basis. The Application Security Architect will be responsible for translating the group-wide information and cyber security strategy and requirement into secure-by-design Application architecture throughout the organisation. Key Responsibilities: Develop reference patterns for security architecture Design effective application security solutions aligned to the Information Security and business strategy. Act as Subject Matter Expert for Application threat modelling, secure coding practices in Java and C++, and DevSecOps practices. Contribute to the security technology roadmap, policies and standards. Support development teams in implementing threat modelling, secure development practices and use of application security assurance tools. Ensuring that architecture and solution designs are secure by design Developing Application based security policies and standards Experience Required: Strong professional background in Financial Services Outstanding understanding of Application Security Strong experience developing patterns for application security architecture Subject Matter Expertise in application threat modelling, secure coding practices in Java and C++, and DevSecOps practices Experience of automated build and deployment pipelines Experience of operating one or more of SAST, SCA, DAST, IAST, MAST Relevant qualifications or certifications To be considered, please ensure you complete your application on the Computappoint website. Services offered by Computappoint Limited are those of an Employment Business and/or Employment Agency in relation to this vacancy.
Apr 26, 2024
Contractor
Job Title: Application Security Architect Day Rate: Excellent Day Rate (Inside IR35) Contract Length: 6 months Initial (expected to extend multiple times) Hybrid Model: 3 days per week in office, 2 days remote Office Location: Central London Industry/Sector: Financial Services About the Role: My client, a highly prestigious, globally renowned name in financial services is seeking a vastly experienced Application Security Architect to join the in-house security team on an initial 6-month basis. The Application Security Architect will be responsible for translating the group-wide information and cyber security strategy and requirement into secure-by-design Application architecture throughout the organisation. Key Responsibilities: Develop reference patterns for security architecture Design effective application security solutions aligned to the Information Security and business strategy. Act as Subject Matter Expert for Application threat modelling, secure coding practices in Java and C++, and DevSecOps practices. Contribute to the security technology roadmap, policies and standards. Support development teams in implementing threat modelling, secure development practices and use of application security assurance tools. Ensuring that architecture and solution designs are secure by design Developing Application based security policies and standards Experience Required: Strong professional background in Financial Services Outstanding understanding of Application Security Strong experience developing patterns for application security architecture Subject Matter Expertise in application threat modelling, secure coding practices in Java and C++, and DevSecOps practices Experience of automated build and deployment pipelines Experience of operating one or more of SAST, SCA, DAST, IAST, MAST Relevant qualifications or certifications To be considered, please ensure you complete your application on the Computappoint website. Services offered by Computappoint Limited are those of an Employment Business and/or Employment Agency in relation to this vacancy.
You: Ideally we are looking for a Senior Engineer (3-5 years hands-on experience) who has the experience or desire to lean in to design/architecture. In this post you will remain hands-on initially but will be leaning into the design aspect of the infrastructure by aiding the CTO(s) with their high level designs (HLD). You should have a minimum of SC Clearance active. Experience: Systems engineering experience at technical lead level with technologies such as Microsoft, Amazon (AWS), VMWare, RedHat or similar. Able to design, support and maintain internal IT environments, platforms and services at SME level or above. Awareness of Defence or National Security IT standards, a background within these domains would be preferential; including within environments that operate at multiple classification levels. Some exposure to Solution or Enterprise Architecture methods, you do not need to be a practitioner. Key Tools: Corporate Microsoft Estate: 1000+ desktops and hundreds of servers. This includes 'On-Prem' Microsoft full stack alongside 0365, Azure and AWS offerings. Cloud platforms: Primarily AWS and Azure covering organisation design (layout), tenancy/account management, security, identity management, service provisioning and reporting functions. Identity and Directory services: Design, management and maintenance of Microsoft Active Directory, OpenLDAP, KeyCloak and Microsoft's enterprise Single Sign-On technologies. Mobile device management: Covering 300+ deployed mobile devices, applying best practice and industry standards. Cyber security and information assurance: Managing and maintaining intrusion detection apparatus, supporting queries/investigations and hardened configuration of IT equipment. DevSecOps and Site Reliability Engineering: Supporting enterprise software teams and their Ci/CD requirements using tools such as GitLab, Jenkins or
Apr 25, 2024
Full time
You: Ideally we are looking for a Senior Engineer (3-5 years hands-on experience) who has the experience or desire to lean in to design/architecture. In this post you will remain hands-on initially but will be leaning into the design aspect of the infrastructure by aiding the CTO(s) with their high level designs (HLD). You should have a minimum of SC Clearance active. Experience: Systems engineering experience at technical lead level with technologies such as Microsoft, Amazon (AWS), VMWare, RedHat or similar. Able to design, support and maintain internal IT environments, platforms and services at SME level or above. Awareness of Defence or National Security IT standards, a background within these domains would be preferential; including within environments that operate at multiple classification levels. Some exposure to Solution or Enterprise Architecture methods, you do not need to be a practitioner. Key Tools: Corporate Microsoft Estate: 1000+ desktops and hundreds of servers. This includes 'On-Prem' Microsoft full stack alongside 0365, Azure and AWS offerings. Cloud platforms: Primarily AWS and Azure covering organisation design (layout), tenancy/account management, security, identity management, service provisioning and reporting functions. Identity and Directory services: Design, management and maintenance of Microsoft Active Directory, OpenLDAP, KeyCloak and Microsoft's enterprise Single Sign-On technologies. Mobile device management: Covering 300+ deployed mobile devices, applying best practice and industry standards. Cyber security and information assurance: Managing and maintaining intrusion detection apparatus, supporting queries/investigations and hardened configuration of IT equipment. DevSecOps and Site Reliability Engineering: Supporting enterprise software teams and their Ci/CD requirements using tools such as GitLab, Jenkins or
ABOUT MILKFLOAT milkFloat is a highly autonomous team within BAE Systems Digital Intelligence that harnesses learnings and ways of working from the startup community and applies them to the benefit of our National Security customers. We work at the forefront of our parent organisation to utilise the best of latest technology, engineering best practices and cloud offerings to present new and exciting opportunities to our customers. Our work is highly varied and our methods accelerate and champion innovative solutions to our customers' hardest problems through a set of short, dynamic, focused offerings. JOB ROLE AND SUMMARY At milkFloat we're passionate about solving our customers' hardest problems. We leverage new ways of working and the best of modern technology to provide tailored offerings that adapt to our customers needs and relentlessly focus on providing actionable insight and compelling prototypes. Working as part of our highly experienced, multi-disciplinary team, our talented engineers are central to this - applying their technical expertise, creativity and problem solving skills to ensure our customers always get the best experience. milkFloat is seeking a Technical Team Lead to front our new "Alpha Capability" - delivering pilot-grade solutions to our customers in regular 8-12 week projects. In this role, you will lead an agile, multi-disciplinary team of engineers, working across the stack to deliver compelling pilots of new capability for our National Security customers. Building on innovative solution concepts and technical prototypes created during our "Solution Workshop" and "Rapid Prototyping" engagements respectively you will mature these into solutions that can be deployed into customer environments and trialed with end-users, ensuring the solution has all the right foundations for it to evolve into a sustainable, scaled, production capability in due course. With innovation being central to our offerings, you will have the opportunity to regularly work with new technologies and work to combine these pragmatically with established technology, engineering and architectural best practice. DUTIES AND RESPONSIBILITIES As a milkFloat Technical Team Lead you will be responsible for: Setting the technical vision for the team Establishing overarching architecture and engineering standards. Evolving and delivering against the high-level design Managing engineers of a range of specialisms - empowering and unblocking them to succeed Working with customers to agree sprint goals & acceptance criteria. Contributing to story delivery Story definition, allocation & tracking Tracking and reporting progress EXPERIENCE Necessary Experience as an established or emerging technical team leader - able to direct, manage and empower a team of engineers to successfully deliver against agreed outcomes. Deep familiarity with agile methodologies and ceremonies (e.g. Scrum) Familiar with and comfortable with a breadth of technologies across the stack and a strong appreciation of how they can be combined and applied to solve customer problems. A particular specialism in either front-end or server-side technologies and keen and able to contribute directly to team tasks where necessary. Strong communication skills - comfortable in customer-facing situations and able to discuss technical approaches clearly with non-technical stakeholders Experience working "in the cloud", using cloud-native patterns and building upon high-order cloud services (AWS experience preferable) Experience establishing a strong DevSecOps culture, with knowledge and experience of best practice continuous integration and delivery techniques and tooling. Desirable Additions Experience with containers and container Orchestration Tools (e.g. Docker, Kubernetes, Openshift). Knowledge of front-end frameworks like React and application of design systems. Comfortable working with "big data" and associated technologies and patterns Experience working with Infrastructure-as-Code (Terraform/CDK) Experience of applying security best practice when writing code or configuring and deploying new technologies to cloud environments Knowledge of the Government Domain and High Side working HYBRID WORKING We are a hybrid working team, working remotely utilising video conferencing, Slack, Trello and other collaboration tools, as well as working together in person in our exciting office spaces in central London. We decide on a week to week basis what combination will suit the team's work-life balance and project commitments best. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance well-being. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence BAE Systems Digital Intelligence is home to 4,800 digital, cyber and intelligence experts. We work collaboratively across 16 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments. Launched in 2022, Digital Intelligence is part of BAE Systems, and has a rich heritage in helping to defend nations and businesses around the world from advanced threats.
Sep 23, 2022
Full time
ABOUT MILKFLOAT milkFloat is a highly autonomous team within BAE Systems Digital Intelligence that harnesses learnings and ways of working from the startup community and applies them to the benefit of our National Security customers. We work at the forefront of our parent organisation to utilise the best of latest technology, engineering best practices and cloud offerings to present new and exciting opportunities to our customers. Our work is highly varied and our methods accelerate and champion innovative solutions to our customers' hardest problems through a set of short, dynamic, focused offerings. JOB ROLE AND SUMMARY At milkFloat we're passionate about solving our customers' hardest problems. We leverage new ways of working and the best of modern technology to provide tailored offerings that adapt to our customers needs and relentlessly focus on providing actionable insight and compelling prototypes. Working as part of our highly experienced, multi-disciplinary team, our talented engineers are central to this - applying their technical expertise, creativity and problem solving skills to ensure our customers always get the best experience. milkFloat is seeking a Technical Team Lead to front our new "Alpha Capability" - delivering pilot-grade solutions to our customers in regular 8-12 week projects. In this role, you will lead an agile, multi-disciplinary team of engineers, working across the stack to deliver compelling pilots of new capability for our National Security customers. Building on innovative solution concepts and technical prototypes created during our "Solution Workshop" and "Rapid Prototyping" engagements respectively you will mature these into solutions that can be deployed into customer environments and trialed with end-users, ensuring the solution has all the right foundations for it to evolve into a sustainable, scaled, production capability in due course. With innovation being central to our offerings, you will have the opportunity to regularly work with new technologies and work to combine these pragmatically with established technology, engineering and architectural best practice. DUTIES AND RESPONSIBILITIES As a milkFloat Technical Team Lead you will be responsible for: Setting the technical vision for the team Establishing overarching architecture and engineering standards. Evolving and delivering against the high-level design Managing engineers of a range of specialisms - empowering and unblocking them to succeed Working with customers to agree sprint goals & acceptance criteria. Contributing to story delivery Story definition, allocation & tracking Tracking and reporting progress EXPERIENCE Necessary Experience as an established or emerging technical team leader - able to direct, manage and empower a team of engineers to successfully deliver against agreed outcomes. Deep familiarity with agile methodologies and ceremonies (e.g. Scrum) Familiar with and comfortable with a breadth of technologies across the stack and a strong appreciation of how they can be combined and applied to solve customer problems. A particular specialism in either front-end or server-side technologies and keen and able to contribute directly to team tasks where necessary. Strong communication skills - comfortable in customer-facing situations and able to discuss technical approaches clearly with non-technical stakeholders Experience working "in the cloud", using cloud-native patterns and building upon high-order cloud services (AWS experience preferable) Experience establishing a strong DevSecOps culture, with knowledge and experience of best practice continuous integration and delivery techniques and tooling. Desirable Additions Experience with containers and container Orchestration Tools (e.g. Docker, Kubernetes, Openshift). Knowledge of front-end frameworks like React and application of design systems. Comfortable working with "big data" and associated technologies and patterns Experience working with Infrastructure-as-Code (Terraform/CDK) Experience of applying security best practice when writing code or configuring and deploying new technologies to cloud environments Knowledge of the Government Domain and High Side working HYBRID WORKING We are a hybrid working team, working remotely utilising video conferencing, Slack, Trello and other collaboration tools, as well as working together in person in our exciting office spaces in central London. We decide on a week to week basis what combination will suit the team's work-life balance and project commitments best. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance well-being. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence BAE Systems Digital Intelligence is home to 4,800 digital, cyber and intelligence experts. We work collaboratively across 16 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments. Launched in 2022, Digital Intelligence is part of BAE Systems, and has a rich heritage in helping to defend nations and businesses around the world from advanced threats.
The job on offer Our Global Cybersecurity Practice (of over 4,000 professionals) delivers projects, consulting and Managed Run services in all areas of IT and OT, from networks to cloud services and everything in between. We offer a comprehensive portfolio of services that maps across IT advisory, design, implementation and ongoing management, to serve as true an end-to-end capability partner entirely aligned to business outcomes. A solution that is efficient, scalable and secure, that strikes a balance between flexibility and cost, while facilitating innovation and future business planning. The result is improved service quality, productivity and end-user gratification. Your role Whilst this is predominantly a delivery role, you will also have the opportunity to be involved in business development activities such as responses to our clients' Request for Proposals (RFPs) and questionnaires, collaboration with other business units, partners and legal teams and development of our Cloud service offerings. You will also share your knowledge and play an important role in developing our other consultants and our graduate and apprentice community to ensure our Cloud security capability continues to grow Your work with us will include one or more of the following areas: • Helping clients create and develop enterprise security use cases which align to their Cloud security strategy and security baseline. • Designing, developing and building security reference architectures for public, private, and hybrid Cloud based systems. • Identifying, designing and deploying solutions to secure cloud usage. • Working with Capgemini's wider business to develop standards, choose appropriate technology solutions and enable complete integration with or migration of our clients' environments. • Identifying, recommending and co-ordinating training sessions to coach other teams about security-relevant technologies, processes and tools. Your profile You will be comfortable working alone or as part of a team bringing to use your experience in one or more of the following • Security, configuration and deployment models for "as a service" systems. • Experience of cloud platforms. • Design and implementation of secure cloud architectures and designs. • Cloud protection and governance at various levels from network to application. • Service oriented architecture (SOA) and microservices. • Secure software development. • Threat modelling and design reviews of new technologies. • Deployment orchestration, automation, and security configuration management. • Knowledge of one or more of the following areas is desirable; DevOps, DevSecOps, Devsecops, WAF, API Gateways, SIEM, CASB, SDN, Puppet, Chef, Docker, SOA, AWS, Azure, Google Cloud, SaaS, PaaS, IaaS, FaaS, O365 security, Salesforce, Threat modelling This role requires current SC clearance Why Capgemini is unique Employee wellbeing is vitally important to us as an organisation. We see a healthy and happy workforce a critical component for us to achieve our organisational ambitions. To help support wellbeing we have trained 'Mental Health Champions' across each of our business areas. We have also invested in wellbeing apps such as Thrive and Peppy. We work with a range of clients all with a unique set of business, technological and societal ambitions. Working for Capgemini you get to be at the forefront of designing future experiences, which truly impact our clients and wider society for the better. About Capgemini Capgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. The Group is guided everyday by its purpose of unleashing human energy through technology for an inclusive and sustainable future. It is a responsible and diverse organization of over 340,000 team members in more than 50 countries. With its strong 55-year heritage and deep industry expertise, Capgemini is trusted by its clients to address the entire breadth of their business needs, from strategy and design to operations, fueled by the fast evolving and innovative world of cloud, data, AI, connectivity, software, digital engineering and platforms. The Group reported in 2021 global revenues of €18 billion.
Sep 23, 2022
Full time
The job on offer Our Global Cybersecurity Practice (of over 4,000 professionals) delivers projects, consulting and Managed Run services in all areas of IT and OT, from networks to cloud services and everything in between. We offer a comprehensive portfolio of services that maps across IT advisory, design, implementation and ongoing management, to serve as true an end-to-end capability partner entirely aligned to business outcomes. A solution that is efficient, scalable and secure, that strikes a balance between flexibility and cost, while facilitating innovation and future business planning. The result is improved service quality, productivity and end-user gratification. Your role Whilst this is predominantly a delivery role, you will also have the opportunity to be involved in business development activities such as responses to our clients' Request for Proposals (RFPs) and questionnaires, collaboration with other business units, partners and legal teams and development of our Cloud service offerings. You will also share your knowledge and play an important role in developing our other consultants and our graduate and apprentice community to ensure our Cloud security capability continues to grow Your work with us will include one or more of the following areas: • Helping clients create and develop enterprise security use cases which align to their Cloud security strategy and security baseline. • Designing, developing and building security reference architectures for public, private, and hybrid Cloud based systems. • Identifying, designing and deploying solutions to secure cloud usage. • Working with Capgemini's wider business to develop standards, choose appropriate technology solutions and enable complete integration with or migration of our clients' environments. • Identifying, recommending and co-ordinating training sessions to coach other teams about security-relevant technologies, processes and tools. Your profile You will be comfortable working alone or as part of a team bringing to use your experience in one or more of the following • Security, configuration and deployment models for "as a service" systems. • Experience of cloud platforms. • Design and implementation of secure cloud architectures and designs. • Cloud protection and governance at various levels from network to application. • Service oriented architecture (SOA) and microservices. • Secure software development. • Threat modelling and design reviews of new technologies. • Deployment orchestration, automation, and security configuration management. • Knowledge of one or more of the following areas is desirable; DevOps, DevSecOps, Devsecops, WAF, API Gateways, SIEM, CASB, SDN, Puppet, Chef, Docker, SOA, AWS, Azure, Google Cloud, SaaS, PaaS, IaaS, FaaS, O365 security, Salesforce, Threat modelling This role requires current SC clearance Why Capgemini is unique Employee wellbeing is vitally important to us as an organisation. We see a healthy and happy workforce a critical component for us to achieve our organisational ambitions. To help support wellbeing we have trained 'Mental Health Champions' across each of our business areas. We have also invested in wellbeing apps such as Thrive and Peppy. We work with a range of clients all with a unique set of business, technological and societal ambitions. Working for Capgemini you get to be at the forefront of designing future experiences, which truly impact our clients and wider society for the better. About Capgemini Capgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. The Group is guided everyday by its purpose of unleashing human energy through technology for an inclusive and sustainable future. It is a responsible and diverse organization of over 340,000 team members in more than 50 countries. With its strong 55-year heritage and deep industry expertise, Capgemini is trusted by its clients to address the entire breadth of their business needs, from strategy and design to operations, fueled by the fast evolving and innovative world of cloud, data, AI, connectivity, software, digital engineering and platforms. The Group reported in 2021 global revenues of €18 billion.
We are IT Recruitment Specialists partnered with a prestigious Global Consultancy who require a Global Head of Secure Development for one of their Public sector Clients based in London . IR35 - This role is inside of IR35 Location-London (100% onsite) Job Description: An inquisitive approach, always asking how to achieve goals in a smarter and more effective way An ability and interest to learn and experiment with new approaches to achieve business and cybersecurity outcomes, in different and often challenge contexts. Proven ability to forge innovative approaches to complex and complicated problems, including the use of research and/or experimentation, in-role or via academia. Key Skills required: Strong Risk and Controls understanding Knowledge and exposure of the application of Risk and Control Management and associated frameworks, preferably from a multi-market institution Fluent ability in articulating technical threats, scenarios, controls and risks to both technical and business stakeholders. Strong Technical background Proven experience in senior/leadership roles in security development, application security and/or security architecture Proven experience in DevOps/DevSecOps including Agile and Waterfall Software Development life cycles Proven experience working in a large scale, multi-national and technologically diverse environment Proven experience on integration of various security technologies (eg SAST, DAST, IAST, container security) and practises (eg Policy-as-Code) within DevOps pipelines (Jenkins, GitHub, Chef, Ansible, Nexus, etc) Expert understanding of Security concepts and principles. Excellent understanding of platform-specific security risks, common vulnerabilities for web and mobile applications, micro-services (REST, SOAP) architecture and their mitigations Good understanding of security flaws in common programming languages Knowledge and experience with network, host and application security practices Understanding of emerging technologies and its corresponding security threats would be a plus Proven experience with common public cloud environment (eg AWS, GCP, Azure, Alicloud) Strong technical understanding and experience of assessing vulnerabilities and identifying weaknesses in diverse enterprise IT assets Professional IT Security qualifications and/or certification Knowledge of Governance, Risk & Compliance Experience in continuous improvement and process optimisation. Strong stakeholder management and communications skills Ability to engage with and influence executive leadership Experience in managing, developing and retaining high-performing individuals in different geographies, often remotely Experience in engaging with business, technology, regional and regulator stakeholders Ability to prepare concise presentations, reports and updates for senior management Effective Leadership Possess strong leadership skills to bring out the best in a team. This includes both direct leadership and cross-functional capabilities Experience within fast-moving, complex and demanding corporate environments and able to provide appropriate direction to the team whilst dealing with ambiguity and change Act as a role-model for more junior members of Cybersecurity and Technology Interpersonal Skills Influential, credible and persuasive, active listener, embraces client Values, shows good judgement and demonstrates high level of communication skills in order to achieve effective stakeholder management If you are interested in this position and would like to learn more please send through your CV and we will get in touch with you as soon as possible. Please note, candidates are often Shortlisted within 48 hours.
Nov 05, 2021
Contractor
We are IT Recruitment Specialists partnered with a prestigious Global Consultancy who require a Global Head of Secure Development for one of their Public sector Clients based in London . IR35 - This role is inside of IR35 Location-London (100% onsite) Job Description: An inquisitive approach, always asking how to achieve goals in a smarter and more effective way An ability and interest to learn and experiment with new approaches to achieve business and cybersecurity outcomes, in different and often challenge contexts. Proven ability to forge innovative approaches to complex and complicated problems, including the use of research and/or experimentation, in-role or via academia. Key Skills required: Strong Risk and Controls understanding Knowledge and exposure of the application of Risk and Control Management and associated frameworks, preferably from a multi-market institution Fluent ability in articulating technical threats, scenarios, controls and risks to both technical and business stakeholders. Strong Technical background Proven experience in senior/leadership roles in security development, application security and/or security architecture Proven experience in DevOps/DevSecOps including Agile and Waterfall Software Development life cycles Proven experience working in a large scale, multi-national and technologically diverse environment Proven experience on integration of various security technologies (eg SAST, DAST, IAST, container security) and practises (eg Policy-as-Code) within DevOps pipelines (Jenkins, GitHub, Chef, Ansible, Nexus, etc) Expert understanding of Security concepts and principles. Excellent understanding of platform-specific security risks, common vulnerabilities for web and mobile applications, micro-services (REST, SOAP) architecture and their mitigations Good understanding of security flaws in common programming languages Knowledge and experience with network, host and application security practices Understanding of emerging technologies and its corresponding security threats would be a plus Proven experience with common public cloud environment (eg AWS, GCP, Azure, Alicloud) Strong technical understanding and experience of assessing vulnerabilities and identifying weaknesses in diverse enterprise IT assets Professional IT Security qualifications and/or certification Knowledge of Governance, Risk & Compliance Experience in continuous improvement and process optimisation. Strong stakeholder management and communications skills Ability to engage with and influence executive leadership Experience in managing, developing and retaining high-performing individuals in different geographies, often remotely Experience in engaging with business, technology, regional and regulator stakeholders Ability to prepare concise presentations, reports and updates for senior management Effective Leadership Possess strong leadership skills to bring out the best in a team. This includes both direct leadership and cross-functional capabilities Experience within fast-moving, complex and demanding corporate environments and able to provide appropriate direction to the team whilst dealing with ambiguity and change Act as a role-model for more junior members of Cybersecurity and Technology Interpersonal Skills Influential, credible and persuasive, active listener, embraces client Values, shows good judgement and demonstrates high level of communication skills in order to achieve effective stakeholder management If you are interested in this position and would like to learn more please send through your CV and we will get in touch with you as soon as possible. Please note, candidates are often Shortlisted within 48 hours.
We're looking for security-conscious engineers Join our security team and help secure our organization through maintaining, engineering and deploying security solutions. We use industry-standard security tools, in an automated fashion, to ensure our security teams can operate effectively and provide security to the company. Responsibilities As an individual contributor on our Cybersecurity engineering team, you'll have a broad set of responsibilities including (the mix will depend on your interests and skill level): Troubleshooting security problems Assist in the management and deployment of security products on endpoints, servers, and virtual desktops Design, operate, and maintain a vulnerability management program Assist the Security Team in responding to and remediating system and/or network security breaches Plan, implement, manage, monitor, and upgrade security measures for the protection of the organization's data, systems, and networks Ensure that the organization's data and infrastructure are protected by enabling the appropriate security controls Plan, create, and implement cybersecurity processes and policies Engage in domain-specific threat modeling and attack surface analysis/reduction Identify information and logs to monitor, then design and engineer the process for gathering that information Promotes best practices and design patterns Required Skills Proficient in exploring, evaluating, and integrating new technologies, programming languages, data models, or frameworks. Easily pick up new technologies and are keen to expand your knowledge Experience in the development of projects related to network and security automation. Experience in infrastructure and automation processes and tools including Ansible, and Terraform Fundamental knowledge of SSH, TCP/IP, UDP, SSL, HTTP, HTTPS, PKI, DNS, and other common protocols. Advanced experience in development in languages such as Python, bash, or Golang Advanced knowledge of security controls, audits, and configurations related to: Windows, Linux, ChromeOS, and macOS AWS Preferred Experience (Optional but valued) Experience in common continuous integration tools such as GitHub Actions, Jenkins and CircleCI. Advanced experience with the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Framework Experienced DevOps or DevSecOps practitioner Advanced knowledge of security controls, audits, and configurations including SIEM (Splunk, QRadar) & EDR (Crowdstrike, Carbon Black) What we offer Challenging work in a fun and collaborative environment Attractive compensation and time-off benefits Spacious open-concept and centrally located offices Full-time employment with flexible working hours Fully stocked pantry with fresh fruit and snacks Team lunches and company events every quarter Multicultural teams represented by 30+ nationalities Reports initially to the Cybersecurity Manager, and then the Lead Cybersecurity Engineer. Note: Please upload your resume as a PDF and do not include any salary or compensation information in it.
Nov 04, 2021
Full time
We're looking for security-conscious engineers Join our security team and help secure our organization through maintaining, engineering and deploying security solutions. We use industry-standard security tools, in an automated fashion, to ensure our security teams can operate effectively and provide security to the company. Responsibilities As an individual contributor on our Cybersecurity engineering team, you'll have a broad set of responsibilities including (the mix will depend on your interests and skill level): Troubleshooting security problems Assist in the management and deployment of security products on endpoints, servers, and virtual desktops Design, operate, and maintain a vulnerability management program Assist the Security Team in responding to and remediating system and/or network security breaches Plan, implement, manage, monitor, and upgrade security measures for the protection of the organization's data, systems, and networks Ensure that the organization's data and infrastructure are protected by enabling the appropriate security controls Plan, create, and implement cybersecurity processes and policies Engage in domain-specific threat modeling and attack surface analysis/reduction Identify information and logs to monitor, then design and engineer the process for gathering that information Promotes best practices and design patterns Required Skills Proficient in exploring, evaluating, and integrating new technologies, programming languages, data models, or frameworks. Easily pick up new technologies and are keen to expand your knowledge Experience in the development of projects related to network and security automation. Experience in infrastructure and automation processes and tools including Ansible, and Terraform Fundamental knowledge of SSH, TCP/IP, UDP, SSL, HTTP, HTTPS, PKI, DNS, and other common protocols. Advanced experience in development in languages such as Python, bash, or Golang Advanced knowledge of security controls, audits, and configurations related to: Windows, Linux, ChromeOS, and macOS AWS Preferred Experience (Optional but valued) Experience in common continuous integration tools such as GitHub Actions, Jenkins and CircleCI. Advanced experience with the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Framework Experienced DevOps or DevSecOps practitioner Advanced knowledge of security controls, audits, and configurations including SIEM (Splunk, QRadar) & EDR (Crowdstrike, Carbon Black) What we offer Challenging work in a fun and collaborative environment Attractive compensation and time-off benefits Spacious open-concept and centrally located offices Full-time employment with flexible working hours Fully stocked pantry with fresh fruit and snacks Team lunches and company events every quarter Multicultural teams represented by 30+ nationalities Reports initially to the Cybersecurity Manager, and then the Lead Cybersecurity Engineer. Note: Please upload your resume as a PDF and do not include any salary or compensation information in it.
Infrastructure Test Engineer (Automation) Xpertise Recruitment have partnered with an award-winning business in Central Manchester to help on board an infrastructure Test engineer. The business is a Cyber security consultancy who complete all their work in house (or remotely) at their stunning Salford Quays offices for their clients, who range from central government organisations to industry leading engineering firms. As a result of recent clients wins and new greenfield projects undertaken, they are looking to expand their permanent team with an infrastructure test engineer. Our client are looking for a Platform Infrastructure / Automation tester to join the team during a time of growth. Somebody passionate about DevSecOps practices with cloud native infrastructure. The role requires active participation within the Platform team to provide assurance for the best practice, security, and compliance of deployed solutions through automated testing. The ideal candidate will not only be passionate about testing, but also its impact on the delivery pipeline, and possess an interest in testing new technologies, such as cloud systems. Additionally, an understanding of continuous deployments and experience of using automated testing tools within pipelines would be advantageous. Key responsibilities include: Building new, and updating existing test scripts within our defined testing framework Working on ways to automate the testing of deployments and releases Identifying and escalating any discovered risks to Team Manager / Test Lead Participating in the design process within Platform team to assist with best practices Researching and implementing automated security tools within the CI/CD pipelines Ensuring security best practice at all stages of the delivery lifecycle Contributing to the Infrastructure test strategy Participating in the continued development of automation test frameworks for cloud Infrastructure Participating in Kanban/SCRUM processes and policies by actively participating in stand-ups, retrospectives and other team meetings. In return you will receive: Competitive basic salary up to £45,000 Company bonus scheme (up to 20%) Flexible hours and hybrid working (2-3 days from home, core hours 10am - 3pm) Access to health insurance Generous pension contribution Self-development budget (learn new skills and complete certifications) For more information apply now or contact the job poster directly!
Oct 07, 2021
Full time
Infrastructure Test Engineer (Automation) Xpertise Recruitment have partnered with an award-winning business in Central Manchester to help on board an infrastructure Test engineer. The business is a Cyber security consultancy who complete all their work in house (or remotely) at their stunning Salford Quays offices for their clients, who range from central government organisations to industry leading engineering firms. As a result of recent clients wins and new greenfield projects undertaken, they are looking to expand their permanent team with an infrastructure test engineer. Our client are looking for a Platform Infrastructure / Automation tester to join the team during a time of growth. Somebody passionate about DevSecOps practices with cloud native infrastructure. The role requires active participation within the Platform team to provide assurance for the best practice, security, and compliance of deployed solutions through automated testing. The ideal candidate will not only be passionate about testing, but also its impact on the delivery pipeline, and possess an interest in testing new technologies, such as cloud systems. Additionally, an understanding of continuous deployments and experience of using automated testing tools within pipelines would be advantageous. Key responsibilities include: Building new, and updating existing test scripts within our defined testing framework Working on ways to automate the testing of deployments and releases Identifying and escalating any discovered risks to Team Manager / Test Lead Participating in the design process within Platform team to assist with best practices Researching and implementing automated security tools within the CI/CD pipelines Ensuring security best practice at all stages of the delivery lifecycle Contributing to the Infrastructure test strategy Participating in the continued development of automation test frameworks for cloud Infrastructure Participating in Kanban/SCRUM processes and policies by actively participating in stand-ups, retrospectives and other team meetings. In return you will receive: Competitive basic salary up to £45,000 Company bonus scheme (up to 20%) Flexible hours and hybrid working (2-3 days from home, core hours 10am - 3pm) Access to health insurance Generous pension contribution Self-development budget (learn new skills and complete certifications) For more information apply now or contact the job poster directly!
Want to do the best work of your life? With 24 million customers in 7 countries, make your mark at Europe's leading media and entertainment brand. A workplace where you can proudly be yourself; our people make Sky a truly exciting and inclusive place to work. Sky is redefining the way in which software is secured, so we can keep giving customers a reliable and trusted experience. At the heart of this transformation is making security easy for the sky development community. As a member of DevSecOps engineering, you will build products that empower developers to secure applications from idea to production. To succeed in this role, you need to be a full stack developer. Ideally, you will also have experience with security tools and practices used in engineering workflows. What you'll do: - Work with DevSecOps product managers to deliver our engineering roadmap - Build products and tools that address unique security needs of our development teams - Build integrations for commercial appsec products and adapt them to our ways of working - Ensure our products are reliable and supported - Suggest features that improve developer productivity and security - Mentor rising talent What you'll bring: - Proficiency in at least one programming language, preferably Python or Java or NodeJS or React - Experience with system design and architecture - Deep understanding of continuous delivery and cloud technologies - Passionate about software trust and safety issues. - Exposure to application security technologies like SCA, SAST, DASP, RASP etc. - Superb communication and inter-personal skills Team Overview Strategy & Security: We play an important role in creating a cohesive tech strategy across all of our teams - uniting our tech teams to work towards clear and common goals. Behind the scenes, we're protecting our business and our customers from cyber threats. Join a team that's kickstarting and leading mission-critical work across Sky. The Rewards: There's a reason people can't stop talking about #LifeAtSky. Our great range of rewards really are something special, here are just a few: - Sky Q, for the TV you love all in one place - A generous pension package - Private healthcare - Discounted mobile and broadband Where you'll work: Osterley: Our Osterley campus is a 10-minute walk from Syon Lane train station. Or you can hop on one of our free shuttle buses that run to and from Osterley, Chiswick Park, Gunnersbury, Acton Town and Ealing Broadway tube stations. There's also plenty of parking, bike shelters and showers. On campus you'll find six subsidised restaurants and a Waitrose. You can keep in shape at our subsidised gym, catch the latest shows and movies at our cinema, get your car washed and even get pampered at our beauty salon. Inclusion: Recognised as an 'Inclusive Top 50 Employer' and a 'Times Top 50 Employer for Women', we're working hard to ensure we're a truly inclusive place to work. This means we don't just look at your CV. We're more focused on who you are and the potential you'll bring to Sky. We also know that everyone has a life outside work, so we're happy to discuss flexible working. And we'll do everything we can to support you during your application. If you need us to make any adjustments to our recruitment process, speak to our recruitment team who will be happy to support you. Why wait? Apply now to build an amazing career and be part of a brilliant team. We can't wait to hear from you. To find out more about working with us, search #LifeAtSky on social media. A job you love to talk about. Just so you know: if your application is successful, we'll ask you to complete a criminal record check. And depending on the role you have applied for and the nature of any convictions you may have, we might have to withdraw the offer. #LI-Tech
Sep 24, 2021
Full time
Want to do the best work of your life? With 24 million customers in 7 countries, make your mark at Europe's leading media and entertainment brand. A workplace where you can proudly be yourself; our people make Sky a truly exciting and inclusive place to work. Sky is redefining the way in which software is secured, so we can keep giving customers a reliable and trusted experience. At the heart of this transformation is making security easy for the sky development community. As a member of DevSecOps engineering, you will build products that empower developers to secure applications from idea to production. To succeed in this role, you need to be a full stack developer. Ideally, you will also have experience with security tools and practices used in engineering workflows. What you'll do: - Work with DevSecOps product managers to deliver our engineering roadmap - Build products and tools that address unique security needs of our development teams - Build integrations for commercial appsec products and adapt them to our ways of working - Ensure our products are reliable and supported - Suggest features that improve developer productivity and security - Mentor rising talent What you'll bring: - Proficiency in at least one programming language, preferably Python or Java or NodeJS or React - Experience with system design and architecture - Deep understanding of continuous delivery and cloud technologies - Passionate about software trust and safety issues. - Exposure to application security technologies like SCA, SAST, DASP, RASP etc. - Superb communication and inter-personal skills Team Overview Strategy & Security: We play an important role in creating a cohesive tech strategy across all of our teams - uniting our tech teams to work towards clear and common goals. Behind the scenes, we're protecting our business and our customers from cyber threats. Join a team that's kickstarting and leading mission-critical work across Sky. The Rewards: There's a reason people can't stop talking about #LifeAtSky. Our great range of rewards really are something special, here are just a few: - Sky Q, for the TV you love all in one place - A generous pension package - Private healthcare - Discounted mobile and broadband Where you'll work: Osterley: Our Osterley campus is a 10-minute walk from Syon Lane train station. Or you can hop on one of our free shuttle buses that run to and from Osterley, Chiswick Park, Gunnersbury, Acton Town and Ealing Broadway tube stations. There's also plenty of parking, bike shelters and showers. On campus you'll find six subsidised restaurants and a Waitrose. You can keep in shape at our subsidised gym, catch the latest shows and movies at our cinema, get your car washed and even get pampered at our beauty salon. Inclusion: Recognised as an 'Inclusive Top 50 Employer' and a 'Times Top 50 Employer for Women', we're working hard to ensure we're a truly inclusive place to work. This means we don't just look at your CV. We're more focused on who you are and the potential you'll bring to Sky. We also know that everyone has a life outside work, so we're happy to discuss flexible working. And we'll do everything we can to support you during your application. If you need us to make any adjustments to our recruitment process, speak to our recruitment team who will be happy to support you. Why wait? Apply now to build an amazing career and be part of a brilliant team. We can't wait to hear from you. To find out more about working with us, search #LifeAtSky on social media. A job you love to talk about. Just so you know: if your application is successful, we'll ask you to complete a criminal record check. And depending on the role you have applied for and the nature of any convictions you may have, we might have to withdraw the offer. #LI-Tech
Exciting opportunity for an experienced Consultant Solution / Technical Architect. Offering career development that will provide you with the opportunity to support a wide range of UK public sector and defence organisations at the same time as building your skills and experience in information technology consulting and solution architecture. Duties will include: Defining end-to-end solution architectures including Business, Information, Applications and Infrastructure views. Solution definition on large-scale IT projects with responsibilities for defining complex technical requirements and evaluating supplier responses. Supporting large ICT procurements, including developing procurement documentation, and evaluation strategies and evaluating bids. Providing technical assurance to ensure that solutions are fit for purpose. Providing technical expertise to your colleagues on other projects as needed. Applicants must possess: Experience in the application of any of the following would be desirable: Enterprise and Solution Architecture development and review using EA frameworks and methods e.g. TOGAF, MODAF Business or systems analysis methods and tools, e.g. BPMN, UML Software delivery methods and techniques e.g. Agile methods such as SCRUM Software and API development DevSecOps and CI/CD technologies Information security policy standards e.g. ISO27001 / ISO27002, Cyber Essentials Programme and Project Management methods e.g. MSP, PRINCE2, DSDM, Scaled Agile Framework Public sector best practice guidance, e.g. ITIL, OGC toolkit Standard methodologies for: Systems integration and testing; Requirements capture and analysis; Feasibility studies and business case development; Information systems security. Preference is given to candidates with a STEM based degree (2.1 or above) and/or post-graduate qualification. Should you have any questions or wish to apply please do not hesitate to contact Clear Legal Recruitment Limited. Please Note: Due to the number of applications we receive we may be unable to respond to every application directly. If you have not heard from us within 3 working days, please assume your application has been unsuccessful.
Sep 15, 2021
Full time
Exciting opportunity for an experienced Consultant Solution / Technical Architect. Offering career development that will provide you with the opportunity to support a wide range of UK public sector and defence organisations at the same time as building your skills and experience in information technology consulting and solution architecture. Duties will include: Defining end-to-end solution architectures including Business, Information, Applications and Infrastructure views. Solution definition on large-scale IT projects with responsibilities for defining complex technical requirements and evaluating supplier responses. Supporting large ICT procurements, including developing procurement documentation, and evaluation strategies and evaluating bids. Providing technical assurance to ensure that solutions are fit for purpose. Providing technical expertise to your colleagues on other projects as needed. Applicants must possess: Experience in the application of any of the following would be desirable: Enterprise and Solution Architecture development and review using EA frameworks and methods e.g. TOGAF, MODAF Business or systems analysis methods and tools, e.g. BPMN, UML Software delivery methods and techniques e.g. Agile methods such as SCRUM Software and API development DevSecOps and CI/CD technologies Information security policy standards e.g. ISO27001 / ISO27002, Cyber Essentials Programme and Project Management methods e.g. MSP, PRINCE2, DSDM, Scaled Agile Framework Public sector best practice guidance, e.g. ITIL, OGC toolkit Standard methodologies for: Systems integration and testing; Requirements capture and analysis; Feasibility studies and business case development; Information systems security. Preference is given to candidates with a STEM based degree (2.1 or above) and/or post-graduate qualification. Should you have any questions or wish to apply please do not hesitate to contact Clear Legal Recruitment Limited. Please Note: Due to the number of applications we receive we may be unable to respond to every application directly. If you have not heard from us within 3 working days, please assume your application has been unsuccessful.
Category: Information Technology Location: London - POST-LON, United Kingdom Citizenship Required: United Kingdom Citizenship Clearance Type: Developed Vetting (DV) Telecommute: Yes- May Consider Occasional/Part-Time Teleworking for this position Travel Required: No Positions Available: 1 At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Are you an experienced Big Data Software Developer who wants to join a leading cyber team within an evolving and dynamic organisation? Due to the success of a number of strategic based programmes, we are growing our Software Development team with creative and ambitious Software Engineers. For us, innovation is key and we have immediate opportunities for talented software engineers to join our team to help us develop and maintain a suite of applications. We are in a phase of rapid growth and there are various opportunities to develop your career with us to meet your aspirations. You will be helping us to solve our customer's problems within an agile team. You will have opportunities throughout the Software Lifecycle from requirements capture through to R&D (Research & Development), implementation, automation and test in a wide range of technologies.As a Big Data Software Developer you will have had responsibility for the design and delivery of packages of work; leading teams and working with customers. You will be able to deploy applications in a controlled, repeatable way and be developing technical specialisms in frameworks and/or toolsets. For this role we would like you to have experience of mentoring or line management, to support your team.Key criteria required... Proven experience in professional Java development, writing well-designed, testable code Proven experience in open source big data technologies such as Hadoop, Cloudera or Elasticsearch Keen to learn a broad range of technologies on the Java stack Experience of DevSecOps automated deployment technologies such as Jenkins, Docker, Ansible Agile Scrum methodologies using tools such as Confluence and Jira Also, we'd love it if you have experience of... Cloud-based architectures; certification is a bonus. Microservice-orientated or serverless architectures Messaging and Routing Technologies such as NiFi or RabbitMQ Supporting business development through contributions to customer proposals and R&D projects Northrop Grumman is committed to equality and diversity in our workplace. Northrop Grumman provides equal employment opportunity to all employees and applicants without regard to an individual's protected status, including race/ethnic origin, color, nationality, national origin, ancestry, sex/gender, gender identity/expression, gender reassignment, sexual orientation, marriage/civil partnership, pregnancy/maternity, religion or belief, creed, age, disability, genetic information, or any other protected status or characteristic.
Sep 15, 2021
Full time
Category: Information Technology Location: London - POST-LON, United Kingdom Citizenship Required: United Kingdom Citizenship Clearance Type: Developed Vetting (DV) Telecommute: Yes- May Consider Occasional/Part-Time Teleworking for this position Travel Required: No Positions Available: 1 At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Are you an experienced Big Data Software Developer who wants to join a leading cyber team within an evolving and dynamic organisation? Due to the success of a number of strategic based programmes, we are growing our Software Development team with creative and ambitious Software Engineers. For us, innovation is key and we have immediate opportunities for talented software engineers to join our team to help us develop and maintain a suite of applications. We are in a phase of rapid growth and there are various opportunities to develop your career with us to meet your aspirations. You will be helping us to solve our customer's problems within an agile team. You will have opportunities throughout the Software Lifecycle from requirements capture through to R&D (Research & Development), implementation, automation and test in a wide range of technologies.As a Big Data Software Developer you will have had responsibility for the design and delivery of packages of work; leading teams and working with customers. You will be able to deploy applications in a controlled, repeatable way and be developing technical specialisms in frameworks and/or toolsets. For this role we would like you to have experience of mentoring or line management, to support your team.Key criteria required... Proven experience in professional Java development, writing well-designed, testable code Proven experience in open source big data technologies such as Hadoop, Cloudera or Elasticsearch Keen to learn a broad range of technologies on the Java stack Experience of DevSecOps automated deployment technologies such as Jenkins, Docker, Ansible Agile Scrum methodologies using tools such as Confluence and Jira Also, we'd love it if you have experience of... Cloud-based architectures; certification is a bonus. Microservice-orientated or serverless architectures Messaging and Routing Technologies such as NiFi or RabbitMQ Supporting business development through contributions to customer proposals and R&D projects Northrop Grumman is committed to equality and diversity in our workplace. Northrop Grumman provides equal employment opportunity to all employees and applicants without regard to an individual's protected status, including race/ethnic origin, color, nationality, national origin, ancestry, sex/gender, gender identity/expression, gender reassignment, sexual orientation, marriage/civil partnership, pregnancy/maternity, religion or belief, creed, age, disability, genetic information, or any other protected status or characteristic.