Our client are a global giant in the retail world in home furnishings. The group is made up of a number of companies with a top UK brand at the heart of it based in Nottingham. Due to continued growth and an ever changing world they are looking to boost their Cyber Security Team Fully Remote - UK Remote Only - Candidates must have Full Unrestricted Right To Work in the UK without future Visa End Date Role Purpose: We are seeking a Senior Identity and Access Management Analyst (IAM) who will be responsible for administration, monitoring, and operational activities related to Identity and Access Management (IAM). This is joining the Global Cyber Security team of a large Retailer and can be fully remote anywhere in the UK What you will be doing: As the Senior Identity and Access Management Analyst (IAM) you will be responsible for administration, monitoring, and operational activities related to Identity and Access Management (IAM) under the purview of the Identity and Access Management Director. What experience you'll have: • Accredited CISSP is a Must Have • Strong Identity and Access Management Analyst (IAM) • Hands-on experience with Okta for SSO (Single Sign-On) and MFA (Multi Factor Authentication) • Experience of IGA (Identity Governance Administration) would be a benefit • Previous knowledge of design, implementation, and support of IAM technologies including IGA, PAM and MFA • Troubleshooting security and workflow issues independently or in collaboration with other Information Systems teams and/or stakeholders, while adhering to internal service standards You'll have an understanding of: • Proactively leading ongoing auditing and risk assessments, and implementation of audit recommendations • Developing and maintain detailed documentation on standard operating procedures, system configurations, and technical settings for internal team use, end user support, and other teams as needed • Generating reports to perform in-depth analysis and data collection to assist in continuous improvement of IAM processes and standards • Monitor IAM tools for anomalies or unauthorized access, responding to alerts and coordinating with the Security Operations Team as appropriate Fully Remote - UK Remote Only - Candidates must have Full Unrestricted Right To Work in the UK without future Visa End Date Note: This job description is not intended to be all-inclusive. The employee may perform other related duties as required to meet the ongoing needs of the organisation. Concerned that you might not perfectly meet all the criteria for this role? At Recruitment Collective, we hold a strong commitment to fostering inclusivity for all and establishing opportunities where individuals from diverse personal and professional backgrounds can excel. Therefore, if you're enthusiastic about this position but find that your previous experiences don't align precisely with every aspect of the job description, we strongly encourage you to register with us. You may well be the ideal candidate for another role or opportunity, and our recruitment team is here to assist in evaluating how your skills can be a valuable fit for our clients.
May 01, 2024
Full time
Our client are a global giant in the retail world in home furnishings. The group is made up of a number of companies with a top UK brand at the heart of it based in Nottingham. Due to continued growth and an ever changing world they are looking to boost their Cyber Security Team Fully Remote - UK Remote Only - Candidates must have Full Unrestricted Right To Work in the UK without future Visa End Date Role Purpose: We are seeking a Senior Identity and Access Management Analyst (IAM) who will be responsible for administration, monitoring, and operational activities related to Identity and Access Management (IAM). This is joining the Global Cyber Security team of a large Retailer and can be fully remote anywhere in the UK What you will be doing: As the Senior Identity and Access Management Analyst (IAM) you will be responsible for administration, monitoring, and operational activities related to Identity and Access Management (IAM) under the purview of the Identity and Access Management Director. What experience you'll have: • Accredited CISSP is a Must Have • Strong Identity and Access Management Analyst (IAM) • Hands-on experience with Okta for SSO (Single Sign-On) and MFA (Multi Factor Authentication) • Experience of IGA (Identity Governance Administration) would be a benefit • Previous knowledge of design, implementation, and support of IAM technologies including IGA, PAM and MFA • Troubleshooting security and workflow issues independently or in collaboration with other Information Systems teams and/or stakeholders, while adhering to internal service standards You'll have an understanding of: • Proactively leading ongoing auditing and risk assessments, and implementation of audit recommendations • Developing and maintain detailed documentation on standard operating procedures, system configurations, and technical settings for internal team use, end user support, and other teams as needed • Generating reports to perform in-depth analysis and data collection to assist in continuous improvement of IAM processes and standards • Monitor IAM tools for anomalies or unauthorized access, responding to alerts and coordinating with the Security Operations Team as appropriate Fully Remote - UK Remote Only - Candidates must have Full Unrestricted Right To Work in the UK without future Visa End Date Note: This job description is not intended to be all-inclusive. The employee may perform other related duties as required to meet the ongoing needs of the organisation. Concerned that you might not perfectly meet all the criteria for this role? At Recruitment Collective, we hold a strong commitment to fostering inclusivity for all and establishing opportunities where individuals from diverse personal and professional backgrounds can excel. Therefore, if you're enthusiastic about this position but find that your previous experiences don't align precisely with every aspect of the job description, we strongly encourage you to register with us. You may well be the ideal candidate for another role or opportunity, and our recruitment team is here to assist in evaluating how your skills can be a valuable fit for our clients.
SailPoint Specialist: Remote (UK) Would shaping the security frameworks and practices of a company with a presence in over 100 counties appeal to you? If so please read on! I have partnered with one of the worlds leading manufacturing organisations who are looking to grow out their Cyber and IAM function rapidly. They have a number of high profile projects and implementations that are key to the company this year and need the best Analysts to come on board for the journey. Such is the importance of the role you will report to the Global CISO. What will you be responsible for? You will manage the product life cycle (provision/ securing and prevention of access) using recognised IAM tools and practices - SailPoint or BeyondTrust or Okta SSO ideally Accurately detail and document all life-cycle changes Identity issues and liaise with development and management teams to collaboratively overcome both workflow and security issues Continuing the collaboration theme IAM design/ implementation and support (IGA/ PAM etc) will be a key aspect of the role Provide in-depth analysis to improve IAM processes and standards Keep a key eye out for anomalies/ unauthorised access/ alert notifications and other SecOps red flags Preparation of detailed and analytical reports and observations Be the champion for company wide access compliance and cybersecurity standards What you will need for this position: CISSP certification is a must have for this role Demonstrable hands on experience using SailPoint is essential If you have used other security related tech such as BeyondTrust/ Okta SSO that would be another great addition A minimum of 4 years working within IAM and related projects Advanced knowledge of security best practices Knowledge of compliance mechanisms IAM technologies Being highly organised and with the ability to communicate (both written and verbally) clearly and efficiently If this role sounds like your next opportunity then please do apply right away!
May 01, 2024
Full time
SailPoint Specialist: Remote (UK) Would shaping the security frameworks and practices of a company with a presence in over 100 counties appeal to you? If so please read on! I have partnered with one of the worlds leading manufacturing organisations who are looking to grow out their Cyber and IAM function rapidly. They have a number of high profile projects and implementations that are key to the company this year and need the best Analysts to come on board for the journey. Such is the importance of the role you will report to the Global CISO. What will you be responsible for? You will manage the product life cycle (provision/ securing and prevention of access) using recognised IAM tools and practices - SailPoint or BeyondTrust or Okta SSO ideally Accurately detail and document all life-cycle changes Identity issues and liaise with development and management teams to collaboratively overcome both workflow and security issues Continuing the collaboration theme IAM design/ implementation and support (IGA/ PAM etc) will be a key aspect of the role Provide in-depth analysis to improve IAM processes and standards Keep a key eye out for anomalies/ unauthorised access/ alert notifications and other SecOps red flags Preparation of detailed and analytical reports and observations Be the champion for company wide access compliance and cybersecurity standards What you will need for this position: CISSP certification is a must have for this role Demonstrable hands on experience using SailPoint is essential If you have used other security related tech such as BeyondTrust/ Okta SSO that would be another great addition A minimum of 4 years working within IAM and related projects Advanced knowledge of security best practices Knowledge of compliance mechanisms IAM technologies Being highly organised and with the ability to communicate (both written and verbally) clearly and efficiently If this role sounds like your next opportunity then please do apply right away!
Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high-growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, they explore and they implement the new ideas helping us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an IT role at BDO, you'll become part of a team that act as the backbone for our business. No matter who you are or what your skillset is, we'll give you the training and support you need to achieve whatever you put your mind to. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. The Security Operations Manager role is integral to BDO, ensuring that we protect our colleagues, clients and partners information as we rapidly expand our digital footprint. Reporting into the Head of IT Security, you'll ensure the delivery of cybersecurity improvement initiatives, operational excellence, technical security assurance and develop a talent pipeline. You'll work closely alongside the Head of IT Security to instill the right structure and processes to support the delivery of continual Cybersecurity improvements across BDO and will have direct line management responsibilities of 3x Cybersecurity Analysts where you will conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members. You'll also: Deliver security operations technology roadmaps in conjunction with the wider Cybersecurity strategy. Propose changes to existing policies, procedures and configurations to ensure operating efficiency and regulatory compliance. Contribute to the security strategy, ensuring that technical and structural considerations regarding design, build and run components are considered. Aid the Head of IT Security in chairing various defined security management working groups, ensuring that reporting against progress vs plan is developed. Manage security operational production incidents and participate in problem and change management forums. Serve as an active participant in the information security governance process, working with Business Analysts, Governance and PMO functions in order to ensure that cyber risks are accurately reported, assessed and mitigated. Consult with IT and support staff to ensure that security is factored into the evaluation, selection, installation and configuration of new products and services. Report on the implementation of technical controls to support and enforce defined security policies. Report on the technical aspects of security management against pre-defined Cybersecurity operational metrics. Engage with the MSSP re Service Level Agreements (SLA's), monitoring metrics, including contract and performance metrics Own day-to-day management IT Security Service Requests and tickets, including: Reporting, Knowledge Management, Root Cause Analysis and Proactive Problem Repetition Avoidance. Contribute to a Cybersecurity knowledgebase comprising technical reference libraries, security advisories and alerts, information on security trends and practices, and laws and regulations. Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements. Contribute to the development of a Cybersecurity Operations Resource and Capacity planner managed through BDO's Azure DevOps environment. Oversee incident response, threat detection, and mitigation efforts You'll be someone with: A good understanding of monitoring frameworks eg MITRE ATT&CK and SIEM technologies eg Microsoft Sentinel An interest in automation of Security operation function including artificial intelligence An understanding of Microsoft security product portfolio CISSP/CISM (Desired) CCSP/SSCP (Desired) Proven experience in Cybersecurity and IT Operations (Required) DLP, EDR/XDR, CASB, E-mail Security, SWG and ZTNA/SASE You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we're always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions We've got a clear purpose, and we're confident in our future, because we're adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.
May 01, 2024
Full time
Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high-growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, they explore and they implement the new ideas helping us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an IT role at BDO, you'll become part of a team that act as the backbone for our business. No matter who you are or what your skillset is, we'll give you the training and support you need to achieve whatever you put your mind to. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. The Security Operations Manager role is integral to BDO, ensuring that we protect our colleagues, clients and partners information as we rapidly expand our digital footprint. Reporting into the Head of IT Security, you'll ensure the delivery of cybersecurity improvement initiatives, operational excellence, technical security assurance and develop a talent pipeline. You'll work closely alongside the Head of IT Security to instill the right structure and processes to support the delivery of continual Cybersecurity improvements across BDO and will have direct line management responsibilities of 3x Cybersecurity Analysts where you will conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members. You'll also: Deliver security operations technology roadmaps in conjunction with the wider Cybersecurity strategy. Propose changes to existing policies, procedures and configurations to ensure operating efficiency and regulatory compliance. Contribute to the security strategy, ensuring that technical and structural considerations regarding design, build and run components are considered. Aid the Head of IT Security in chairing various defined security management working groups, ensuring that reporting against progress vs plan is developed. Manage security operational production incidents and participate in problem and change management forums. Serve as an active participant in the information security governance process, working with Business Analysts, Governance and PMO functions in order to ensure that cyber risks are accurately reported, assessed and mitigated. Consult with IT and support staff to ensure that security is factored into the evaluation, selection, installation and configuration of new products and services. Report on the implementation of technical controls to support and enforce defined security policies. Report on the technical aspects of security management against pre-defined Cybersecurity operational metrics. Engage with the MSSP re Service Level Agreements (SLA's), monitoring metrics, including contract and performance metrics Own day-to-day management IT Security Service Requests and tickets, including: Reporting, Knowledge Management, Root Cause Analysis and Proactive Problem Repetition Avoidance. Contribute to a Cybersecurity knowledgebase comprising technical reference libraries, security advisories and alerts, information on security trends and practices, and laws and regulations. Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements. Contribute to the development of a Cybersecurity Operations Resource and Capacity planner managed through BDO's Azure DevOps environment. Oversee incident response, threat detection, and mitigation efforts You'll be someone with: A good understanding of monitoring frameworks eg MITRE ATT&CK and SIEM technologies eg Microsoft Sentinel An interest in automation of Security operation function including artificial intelligence An understanding of Microsoft security product portfolio CISSP/CISM (Desired) CCSP/SSCP (Desired) Proven experience in Cybersecurity and IT Operations (Required) DLP, EDR/XDR, CASB, E-mail Security, SWG and ZTNA/SASE You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we're always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions We've got a clear purpose, and we're confident in our future, because we're adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.
Excited to grow your career? Our purpose is to empower people to save and invest with confidence. We are looking for great people to join us, so please come and invest in YOUR future at HL. We know that sometimes people can be put off applying for a job if they don't tick every box. If you're excited about working for us and have most of the skills or experience we're looking for, please go ahead and apply. We'd love to hear from you! About the role Hargreaves Lansdown (HL) are now recruiting for a Senior Cloud Security Analyst to join the team. The Senior Cloud Security Analyst is a specialist role with the primary focus on Cloud Security Governance, Risk & Compliance. You will be supporting the Information Security function to ensure HL remains effective in protecting critical information assets within risk appetite. What you'll be doing Leading the technical aspects of cloud security risk and controls by overseeing and conducting, as necessary, Cloud Compliance assessments for AWS and Azure risk assessments. Assisting the Senior Information Security Team in ensuring HL's Information Security Management System remains effective in protecting HL critical information assets within risk appetite. Conducting analysis of cloud-based assets pertaining to information security incidents, audits, and testing while adhering to best practices. Leading in the identification and reporting of remediation and mitigation activities related to cloud security findings across multiple cloud platforms (AWS and Azure). Identifying gaps in cloud security posture and prioritise remediation efforts. Approve within delegated limits risk assessments and 3rd party due diligence assessments that have been carried out by analysts and apprentices and provide guidance where needed. Building relationships across multiple business functions, locations, and technical stakeholders to accomplish goals. You will help deliver the strategy by emphasising the importance of AWS Well Architected Framework, Shared responsibility model and good cloud governance. About you Previous experience in Information Security, with demonstrable experience of cloud security risks and controls in a DevSecOps cloud context. Strong knowledge of common web technologies, cloud technologies, enterprise, and network architecture. Experience in a regulated environment. Certified to advanced security standards, for example CISSP, CCSP, CCSK, CRISC. Practical work-based experience across the areas of security policy, culture, audit, and risk management. Good exposure to and experience of carrying out security reviews against recognised security control frameworks such as ISO27017/27001, NIST CSF, or PCI-DSS. Ability to evaluate the adequacy of cloud security controls, and how they are applied in a business context. Familiarity and use of some of the following tools is a must: AWS Audit Manager, AWS Security Hub, Macie, Wiz, Microsoft Compliance Portal/Purview, Azure Information Protection (AIP), Azure Security Centre. Experience of carrying out security reviews against recognised security control frameworks such as NIST CSF. Effective interpersonal skills to engage and collaborate with multiple internal and external stakeholders. Interview process The interview process for this role will be a 2 stage interview including a task. Working Schedule This role is based in Bristol head office, BS1 5HL. This role is permanent, full time, 37.5 hours per week, Monday to Friday. We have returned to the office, however for this role we offer a hybrid flexible working pattern to enable you the option of working from home and coming into the office. Why us? Here at HL, we're the UK's number 1 investment platform for private investors, based in Bristol. For more than 40 years we've helped investors save time, tax and money on their investments. To achieve our mission, we believe we have a workplace like no other, with constant learning, dynamic teams, and a great ethos. We're steered by core values that promote service, quality, innovation, and opportunity in everything we do. What's on offer? Discretionary annual bonus & annual pay review 25 days holiday plus bank holidays and 1-day additional Christmas closure time Option to purchase an additional 5 days holiday per year at annual enrolment Flexible working options available, including hybrid working Enhanced parental leave Pension scheme up to 11% employer contribution Sharesave scheme - have a real stake in HL's future Income Protection & Life insurance (4 x salary core level of cover) Private medical insurance Health care cash plans - including optical, dental, and out patientcare and an Employee Assistance Programme Gympass - gym memberships and wellbeing apps available Variety of travel to work schemes with free bike storage and shower facilities An inhouse barista serving subsidised coffee and snacks Join HL's sports, I&D networks and volunteering groups (two paid volunteering days per year) LifeWorks Discounts on services, restaurants and retailers dependant on role level Hargreaves Lansdown is an inclusive employer that values diversity in its workforce. We encourage applications from all individuals without regard to race, religion, gender, sexual orientation, national origin, disability or age. This role may also be available on a flexible working or part time basis - please ask the Recruitment & Onboarding team for more information. Please note, we are unable to provide employment sponsorship to candidates.
May 01, 2024
Full time
Excited to grow your career? Our purpose is to empower people to save and invest with confidence. We are looking for great people to join us, so please come and invest in YOUR future at HL. We know that sometimes people can be put off applying for a job if they don't tick every box. If you're excited about working for us and have most of the skills or experience we're looking for, please go ahead and apply. We'd love to hear from you! About the role Hargreaves Lansdown (HL) are now recruiting for a Senior Cloud Security Analyst to join the team. The Senior Cloud Security Analyst is a specialist role with the primary focus on Cloud Security Governance, Risk & Compliance. You will be supporting the Information Security function to ensure HL remains effective in protecting critical information assets within risk appetite. What you'll be doing Leading the technical aspects of cloud security risk and controls by overseeing and conducting, as necessary, Cloud Compliance assessments for AWS and Azure risk assessments. Assisting the Senior Information Security Team in ensuring HL's Information Security Management System remains effective in protecting HL critical information assets within risk appetite. Conducting analysis of cloud-based assets pertaining to information security incidents, audits, and testing while adhering to best practices. Leading in the identification and reporting of remediation and mitigation activities related to cloud security findings across multiple cloud platforms (AWS and Azure). Identifying gaps in cloud security posture and prioritise remediation efforts. Approve within delegated limits risk assessments and 3rd party due diligence assessments that have been carried out by analysts and apprentices and provide guidance where needed. Building relationships across multiple business functions, locations, and technical stakeholders to accomplish goals. You will help deliver the strategy by emphasising the importance of AWS Well Architected Framework, Shared responsibility model and good cloud governance. About you Previous experience in Information Security, with demonstrable experience of cloud security risks and controls in a DevSecOps cloud context. Strong knowledge of common web technologies, cloud technologies, enterprise, and network architecture. Experience in a regulated environment. Certified to advanced security standards, for example CISSP, CCSP, CCSK, CRISC. Practical work-based experience across the areas of security policy, culture, audit, and risk management. Good exposure to and experience of carrying out security reviews against recognised security control frameworks such as ISO27017/27001, NIST CSF, or PCI-DSS. Ability to evaluate the adequacy of cloud security controls, and how they are applied in a business context. Familiarity and use of some of the following tools is a must: AWS Audit Manager, AWS Security Hub, Macie, Wiz, Microsoft Compliance Portal/Purview, Azure Information Protection (AIP), Azure Security Centre. Experience of carrying out security reviews against recognised security control frameworks such as NIST CSF. Effective interpersonal skills to engage and collaborate with multiple internal and external stakeholders. Interview process The interview process for this role will be a 2 stage interview including a task. Working Schedule This role is based in Bristol head office, BS1 5HL. This role is permanent, full time, 37.5 hours per week, Monday to Friday. We have returned to the office, however for this role we offer a hybrid flexible working pattern to enable you the option of working from home and coming into the office. Why us? Here at HL, we're the UK's number 1 investment platform for private investors, based in Bristol. For more than 40 years we've helped investors save time, tax and money on their investments. To achieve our mission, we believe we have a workplace like no other, with constant learning, dynamic teams, and a great ethos. We're steered by core values that promote service, quality, innovation, and opportunity in everything we do. What's on offer? Discretionary annual bonus & annual pay review 25 days holiday plus bank holidays and 1-day additional Christmas closure time Option to purchase an additional 5 days holiday per year at annual enrolment Flexible working options available, including hybrid working Enhanced parental leave Pension scheme up to 11% employer contribution Sharesave scheme - have a real stake in HL's future Income Protection & Life insurance (4 x salary core level of cover) Private medical insurance Health care cash plans - including optical, dental, and out patientcare and an Employee Assistance Programme Gympass - gym memberships and wellbeing apps available Variety of travel to work schemes with free bike storage and shower facilities An inhouse barista serving subsidised coffee and snacks Join HL's sports, I&D networks and volunteering groups (two paid volunteering days per year) LifeWorks Discounts on services, restaurants and retailers dependant on role level Hargreaves Lansdown is an inclusive employer that values diversity in its workforce. We encourage applications from all individuals without regard to race, religion, gender, sexual orientation, national origin, disability or age. This role may also be available on a flexible working or part time basis - please ask the Recruitment & Onboarding team for more information. Please note, we are unable to provide employment sponsorship to candidates.
Senior SOC Analyst - Network Security - DDoS - 70-95k Responsibilities: The duties and responsibilities of this Security Services role include, but are not limited to, the following: In-depth response to security incidents generated via analysis and automated tools. Be able to make high quality decisions, often with incomplete information, and actively and reactively engage with customers to mitigate DDoS attacks in their environment, providing high levels of support and interaction. Troubleshoot problems and issues with customer policies and controls. Research and analyze data sources to provide insight into new threats to customer environment. collaborating with other members of the SOC to identify emerging trends and threats. Work with the customer to resolve issues on their networking edge. Determine root cause and engage with customers to resolve issues in their network security environment. Research and analyze sources of network security issues and provide insight into new methods to detect and resolve them including contributing to a knowledge-based 'library.' Troubleshoot problems and issues with customer networks and virtual environment. Align with the CTO, VP of Product Mgmt, Engineering, Professional Services, Sales and Marketing to understand the market trends and implement programs to help drive initiatives and opportunities for Sales. Requirements Bachelor's degree in Computer Science or equivalent. 2+ years' experience working with systems and networks. Customer-facing skills required. Network Troubleshooting skills required. Experience using Linux and other related tools. Solid knowledge and understanding of network protocols (TCP/IP) required. Experience using Splunk or other SIEMs preferred. Experience of infrastructure design and management in mission critical environments preferred. Understanding of Virtual Infrastructure preferred Juniper experience would be additionally desirable. JNCIA, CISSP, CISA, GIAC or network specific certifications preferred. Effective communication, organizational, problem-solving and presentation skills Self-motivated and, in time while supported, able to work with minimal supervision. Ability to build trusting, collaborative relationships with peers yet with a strong sense of accountability and ownership. Senior SOC Analyst - Network Security - DDoS - 70-95k
May 01, 2024
Full time
Senior SOC Analyst - Network Security - DDoS - 70-95k Responsibilities: The duties and responsibilities of this Security Services role include, but are not limited to, the following: In-depth response to security incidents generated via analysis and automated tools. Be able to make high quality decisions, often with incomplete information, and actively and reactively engage with customers to mitigate DDoS attacks in their environment, providing high levels of support and interaction. Troubleshoot problems and issues with customer policies and controls. Research and analyze data sources to provide insight into new threats to customer environment. collaborating with other members of the SOC to identify emerging trends and threats. Work with the customer to resolve issues on their networking edge. Determine root cause and engage with customers to resolve issues in their network security environment. Research and analyze sources of network security issues and provide insight into new methods to detect and resolve them including contributing to a knowledge-based 'library.' Troubleshoot problems and issues with customer networks and virtual environment. Align with the CTO, VP of Product Mgmt, Engineering, Professional Services, Sales and Marketing to understand the market trends and implement programs to help drive initiatives and opportunities for Sales. Requirements Bachelor's degree in Computer Science or equivalent. 2+ years' experience working with systems and networks. Customer-facing skills required. Network Troubleshooting skills required. Experience using Linux and other related tools. Solid knowledge and understanding of network protocols (TCP/IP) required. Experience using Splunk or other SIEMs preferred. Experience of infrastructure design and management in mission critical environments preferred. Understanding of Virtual Infrastructure preferred Juniper experience would be additionally desirable. JNCIA, CISSP, CISA, GIAC or network specific certifications preferred. Effective communication, organizational, problem-solving and presentation skills Self-motivated and, in time while supported, able to work with minimal supervision. Ability to build trusting, collaborative relationships with peers yet with a strong sense of accountability and ownership. Senior SOC Analyst - Network Security - DDoS - 70-95k
At Direct Line Group, insurance is just the start. Combining decades of industry experience with talented people in every field from data, technology, customer care and auto repair, to HR, finance and procurement , we're a customer-obsessed market powerhouse. And we all work together to be brilliant for customers, every single day. We're evolving, to be a more digitally-focused data-driven insurance company of the future - and your unique talent, skills and ideas can drive our success. Like us, you thrive on collaboration, exploration and innovation. And like you, we take tech seriously. That's why we're embracing the move to a more digital, flexible world. With constant investment in the newest tools, programmes and equipment for our teams, it all adds up to creating the best possible user experience for customers. And a great career for you. Join us. Own the evolution. We have an exciting opportunity for a Senior Security Operations Analyst to join our re-energised Cyber Defence team! Reporting into the Cyber Defence Security Operations Lead, you will act as the as a secondary contact and escalation point for the team. You'll manage a team of Security Analysts to oversee the day-to-day operational delivery of services provided by our third party 24x7 Security Operations Centre, and will take ownership of our security presence and identify any gaps by working with various stakeholders across the business. What else you'll be doing: Maintaining security oversight of the technical infrastructure delivered by third party suppliers and raising concerns/issues that pose a security risk to the organisation accordingly. You will also manage any operational risk remediation to conclusion and take ownership within the team. Managing development and improvements required for detection engineering and associated technologies. Responsible for the operational and threat malware analysis for the group. Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management. Responsible for the level 2 / 3 operational Cyber incident response. Escalating in a timely manner any incidents and anomalies that are detected within DLG and providing subject matter expertise and guidance for operational challenges. Monitoring and responding to emerging threat patterns, vulnerabilities and anomalies and providing escalations of any unknown threats to relevant areas within the company. Collating metrics on the status of technical information security controls across the DLG estate, highlighting risk areas and working to develop and manage remediation plans as required. Collaborating with all CISO teams to report appropriate operational issues that may be resolved at an architecture level Operational On-Call Requirement This role has a shared, rotational 24/7 on-call requirement and forms part of information security incident response capability. You will act as the single point of contact for all security related response actions and decisions, including management of each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions. What you'll need: Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over IP (VoIP), firewall zoning. Ability to read and understand system data including security event logs, system logs, application logs, and device logs, etc. Knowledge and experience of enterprise grade technologies including operating systems, databases, and web applications. Knowledge and experience of performing network traffic analysis for identifying any developing patterns. Ability to assist with knowledge transfer and mentoring/up skilling of junior team members Security Analysis for CompTIA CySA+ or similar level of certification It would be beneficial if you have: Experience with any of the following technologies: Data Loss Prevention, Intrusion Prevention/Detection Systems, Firewalls, SIEM. Knowledge of reporting suites such as Power BI Good understanding of Microsoft security suites and associated qualifications Threat identification. Security certifications such as CISM, CISSP, M.Inst.ISP, CISA by a recognised professional body Technical certifications by a recognised professional body in network or systems engineering Fundamental Cloud Concepts for AWS. OWASP Top 10: API Security Playbook. Ways of Working This role is based out of our London Bridge office. Our hybrid model way of working offers a 'best of both worlds' approach combining the best parts of home and office-working, offering flexibility for everyone. When you'll be in the office depends on your role, but most colleagues are in 2 days a week, and we'll consider the flexible working options that work best for you. Read our flexible working approach here Benefits We wouldn't be where we are today without our people and the wide variety of perspectives and life experiences they bring. That's why we offer excellent benefits to suit your lifestyle and a flexible working model combining the best parts of home and office-working, varying with the nature of your role. Our core benefits include: 9% employer contributed pension Up to 10% bonus 50% off home, motor and pet insurance plus free travel insurance and Green Flag breakdown cover Additional optional Health and Dental insurance EV car scheme which allows all colleagues to lease a brand new electric or plug-in hybrid car in a tax efficient way. 25 days annual leave Buy as you earn share scheme Employee discounts and cashback Plus many more!
Apr 30, 2024
Full time
At Direct Line Group, insurance is just the start. Combining decades of industry experience with talented people in every field from data, technology, customer care and auto repair, to HR, finance and procurement , we're a customer-obsessed market powerhouse. And we all work together to be brilliant for customers, every single day. We're evolving, to be a more digitally-focused data-driven insurance company of the future - and your unique talent, skills and ideas can drive our success. Like us, you thrive on collaboration, exploration and innovation. And like you, we take tech seriously. That's why we're embracing the move to a more digital, flexible world. With constant investment in the newest tools, programmes and equipment for our teams, it all adds up to creating the best possible user experience for customers. And a great career for you. Join us. Own the evolution. We have an exciting opportunity for a Senior Security Operations Analyst to join our re-energised Cyber Defence team! Reporting into the Cyber Defence Security Operations Lead, you will act as the as a secondary contact and escalation point for the team. You'll manage a team of Security Analysts to oversee the day-to-day operational delivery of services provided by our third party 24x7 Security Operations Centre, and will take ownership of our security presence and identify any gaps by working with various stakeholders across the business. What else you'll be doing: Maintaining security oversight of the technical infrastructure delivered by third party suppliers and raising concerns/issues that pose a security risk to the organisation accordingly. You will also manage any operational risk remediation to conclusion and take ownership within the team. Managing development and improvements required for detection engineering and associated technologies. Responsible for the operational and threat malware analysis for the group. Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management. Responsible for the level 2 / 3 operational Cyber incident response. Escalating in a timely manner any incidents and anomalies that are detected within DLG and providing subject matter expertise and guidance for operational challenges. Monitoring and responding to emerging threat patterns, vulnerabilities and anomalies and providing escalations of any unknown threats to relevant areas within the company. Collating metrics on the status of technical information security controls across the DLG estate, highlighting risk areas and working to develop and manage remediation plans as required. Collaborating with all CISO teams to report appropriate operational issues that may be resolved at an architecture level Operational On-Call Requirement This role has a shared, rotational 24/7 on-call requirement and forms part of information security incident response capability. You will act as the single point of contact for all security related response actions and decisions, including management of each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions. What you'll need: Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over IP (VoIP), firewall zoning. Ability to read and understand system data including security event logs, system logs, application logs, and device logs, etc. Knowledge and experience of enterprise grade technologies including operating systems, databases, and web applications. Knowledge and experience of performing network traffic analysis for identifying any developing patterns. Ability to assist with knowledge transfer and mentoring/up skilling of junior team members Security Analysis for CompTIA CySA+ or similar level of certification It would be beneficial if you have: Experience with any of the following technologies: Data Loss Prevention, Intrusion Prevention/Detection Systems, Firewalls, SIEM. Knowledge of reporting suites such as Power BI Good understanding of Microsoft security suites and associated qualifications Threat identification. Security certifications such as CISM, CISSP, M.Inst.ISP, CISA by a recognised professional body Technical certifications by a recognised professional body in network or systems engineering Fundamental Cloud Concepts for AWS. OWASP Top 10: API Security Playbook. Ways of Working This role is based out of our London Bridge office. Our hybrid model way of working offers a 'best of both worlds' approach combining the best parts of home and office-working, offering flexibility for everyone. When you'll be in the office depends on your role, but most colleagues are in 2 days a week, and we'll consider the flexible working options that work best for you. Read our flexible working approach here Benefits We wouldn't be where we are today without our people and the wide variety of perspectives and life experiences they bring. That's why we offer excellent benefits to suit your lifestyle and a flexible working model combining the best parts of home and office-working, varying with the nature of your role. Our core benefits include: 9% employer contributed pension Up to 10% bonus 50% off home, motor and pet insurance plus free travel insurance and Green Flag breakdown cover Additional optional Health and Dental insurance EV car scheme which allows all colleagues to lease a brand new electric or plug-in hybrid car in a tax efficient way. 25 days annual leave Buy as you earn share scheme Employee discounts and cashback Plus many more!
Senior Cyber Security Analyst Salary: £50,000 - £55,000Glasgow Hybrid: 2 Days a Week in the Office In this role will be responsible for implementing, developing, and executing security operations to protect users, infrastructure, and data from various threats. This role involves monitoring networks and systems, detecting security threats, analysing and assessing alarms, and reporting on threats and intrusion attempts. Key Responsibilities: Stay updated with the latest security and technology developments. Research and evaluate emerging cyber security threats. Plan and create contingency plans for disaster recovery. Monitor for attacks, intrusions, and unusual activities. Test and evaluate security products. Design and upgrade security systems. Use advanced analytics to determine threat patterns and vulnerabilities. Liaise with stakeholders on cyber security issues. Manage 3rd party relationships. Skills/Experience: Essential: CompTIA Security+ Sentinel Experience Knowledge of cyber security essentials and ISO 27001/22301. Experience with network and application firewalls, intrusion prevention, anti-virus, and security tooling. Familiarity with Microsoft 365/Azure. Desirable: SSCP or CISSP CISM Ethical Hacking/Purple Teaming
Apr 30, 2024
Full time
Senior Cyber Security Analyst Salary: £50,000 - £55,000Glasgow Hybrid: 2 Days a Week in the Office In this role will be responsible for implementing, developing, and executing security operations to protect users, infrastructure, and data from various threats. This role involves monitoring networks and systems, detecting security threats, analysing and assessing alarms, and reporting on threats and intrusion attempts. Key Responsibilities: Stay updated with the latest security and technology developments. Research and evaluate emerging cyber security threats. Plan and create contingency plans for disaster recovery. Monitor for attacks, intrusions, and unusual activities. Test and evaluate security products. Design and upgrade security systems. Use advanced analytics to determine threat patterns and vulnerabilities. Liaise with stakeholders on cyber security issues. Manage 3rd party relationships. Skills/Experience: Essential: CompTIA Security+ Sentinel Experience Knowledge of cyber security essentials and ISO 27001/22301. Experience with network and application firewalls, intrusion prevention, anti-virus, and security tooling. Familiarity with Microsoft 365/Azure. Desirable: SSCP or CISSP CISM Ethical Hacking/Purple Teaming
Senior Cyber Security Analyst Salary: Up to £55,000 Glasgow Hybrid: 2 Days a Week in the Office In this role will be responsible for implementing, developing, and executing security operations to protect users, infrastructure, and data from various threats. This role involves monitoring networks and systems, detecting security threats, analysing and assessing alarms, and reporting on threats and intrusion attempts. Looking ideally for people available within a month. Key Responsibilities: Stay updated with the latest security and technology developments. Research and evaluate emerging cyber security threats. Plan and create contingency plans for disaster recovery. Monitor for attacks, intrusions, and unusual activities. Test and evaluate security products. Design and upgrade security systems. Use advanced analytics to determine threat patterns and vulnerabilities. Liaise with stakeholders on cyber security issues. Skills/Experience: Essential: CompTIA Security+ Sentinel Experience Knowledge of cyber security essentials and ISO 27001/22301. Experience with network and application Firewalls, intrusion prevention, anti-virus, and security tooling. Familiarity with Microsoft 365/Azure. Desirable: SSCP or CISSP CISM Ethical Hacking/Purple Teaming
Apr 30, 2024
Full time
Senior Cyber Security Analyst Salary: Up to £55,000 Glasgow Hybrid: 2 Days a Week in the Office In this role will be responsible for implementing, developing, and executing security operations to protect users, infrastructure, and data from various threats. This role involves monitoring networks and systems, detecting security threats, analysing and assessing alarms, and reporting on threats and intrusion attempts. Looking ideally for people available within a month. Key Responsibilities: Stay updated with the latest security and technology developments. Research and evaluate emerging cyber security threats. Plan and create contingency plans for disaster recovery. Monitor for attacks, intrusions, and unusual activities. Test and evaluate security products. Design and upgrade security systems. Use advanced analytics to determine threat patterns and vulnerabilities. Liaise with stakeholders on cyber security issues. Skills/Experience: Essential: CompTIA Security+ Sentinel Experience Knowledge of cyber security essentials and ISO 27001/22301. Experience with network and application Firewalls, intrusion prevention, anti-virus, and security tooling. Familiarity with Microsoft 365/Azure. Desirable: SSCP or CISSP CISM Ethical Hacking/Purple Teaming
Global Information Security Operations Manager This is a senior technical lead position that will focus on MLP's security incident response and manage global security operations staff. The role will also include maintenance, monitoring and administration of key information security technologies. The Information Security Team fosters a collaborative environment and is building a best of breed practice to partner with the business to protect the Firm's information and computer systems. The successful candidate must have hands-on technical experience in supporting infrastructure platforms and providing leadership to junior members of the team. The role is suited to individuals with prior experience developing and implementing security procedures and controls as well as management experience in a Security Operations Center (SOC) environment. Millennium is a complex and robust technical environment and securing the Firm from external and internal threats is a top priority which makes this role very challenging. Principal Responsibilities Responsible for the daily operation of enterprise security systems including SIEM, SOAR, Elastic, ticketing, alerting, and messaging systems. Manage junior level analysts in the daily operation of enterprise security systems including shift rotations and hand-offs. Work closely with Managed Security Providers (MSP) to maintain runbooks, escalation procedures, and consume available threat intelligence. Utilize detective controls to develop rules and alerts to drive security monitoring. Perform hunt activities across our log aggregation and SIEM platforms. Recommend, test, tune and implement SIEM and other tooling correlation rules. Identify false-positives from alerting, and perform incident response, triage, incident analysis and remediation tasks. Recommend and develop new SIEM use cases/rules with engineering teams. Maintain documentation for the SOC function, including training program for new Security Operations personnel. Participate in Information Security Incident Response activities for the Firm's environment. Enforce security policies and procedures by administering and monitoring appropriate systems, events and answering client queries. Perform threat and vulnerability management functions including vulnerability scans and/or analyze results of scans and assist with remediation as required. Collaborate with the Information Security Team to consume feeds from a suite of security tools including AV, Advanced Malware Detection, SIEM, IDS, Vulnerability scanners, etc. Ensure MLP enterprise security products are functioning and protecting the environment as expected while providing stability and maintaining policies and procedures. Actively monitor new and emerging security and privacy related technologies, trends, issues, and solutions and assess their applicability to Millennium key business initiatives and business strategies. Provide technical support to IT staff in the detection and resolution of security problems. Develop and maintain documentation of all Security products including specific tools, technologies and processes. Qualifications/Skills Required Experience performing security monitoring and incident response and triage work in a 24/7 environment. Experience with people management in a technical role, preferably in a SOC setting. Experience with ticketing systems and API integration work. Hands-on experience with one of the major SIEM platforms in use i.e Splunk, Q1Radar, etc Excellent understanding of common exploit scenarios and indicators of compromise (IOCs) Log analysis and experience reviewing security events. Ability to manipulate data and produce relevant metrics and reporting around security incidents. Excellent understanding and experience across broad spectrum of technologies - including operating system, cloud, Active Directory, Group Policy, DNS, Messaging. High level understanding of internetworking, data transmission and encryption protocols. Experience with vulnerability management scanning platforms. Ability to handle sensitive and/or confidential materials with appropriate discretion. Scripting and development skills (Python, Powershell, VBscript, Rest a plus). Possess a passion for Information Security and Technology. Able to prioritize in a fast moving, high pressure, constantly changing environment; High sense of urgency Ability to communicate and collaborate across technology teams. Bachelor's degree (Computer Science or Engineering preferred) with strong IT background. Have substantial experience working in a technical role and extensive experience concentrating on information security, financial industry At least one security certification (CISSP, CEH, GCIA, CISM, etc.).
Apr 30, 2024
Full time
Global Information Security Operations Manager This is a senior technical lead position that will focus on MLP's security incident response and manage global security operations staff. The role will also include maintenance, monitoring and administration of key information security technologies. The Information Security Team fosters a collaborative environment and is building a best of breed practice to partner with the business to protect the Firm's information and computer systems. The successful candidate must have hands-on technical experience in supporting infrastructure platforms and providing leadership to junior members of the team. The role is suited to individuals with prior experience developing and implementing security procedures and controls as well as management experience in a Security Operations Center (SOC) environment. Millennium is a complex and robust technical environment and securing the Firm from external and internal threats is a top priority which makes this role very challenging. Principal Responsibilities Responsible for the daily operation of enterprise security systems including SIEM, SOAR, Elastic, ticketing, alerting, and messaging systems. Manage junior level analysts in the daily operation of enterprise security systems including shift rotations and hand-offs. Work closely with Managed Security Providers (MSP) to maintain runbooks, escalation procedures, and consume available threat intelligence. Utilize detective controls to develop rules and alerts to drive security monitoring. Perform hunt activities across our log aggregation and SIEM platforms. Recommend, test, tune and implement SIEM and other tooling correlation rules. Identify false-positives from alerting, and perform incident response, triage, incident analysis and remediation tasks. Recommend and develop new SIEM use cases/rules with engineering teams. Maintain documentation for the SOC function, including training program for new Security Operations personnel. Participate in Information Security Incident Response activities for the Firm's environment. Enforce security policies and procedures by administering and monitoring appropriate systems, events and answering client queries. Perform threat and vulnerability management functions including vulnerability scans and/or analyze results of scans and assist with remediation as required. Collaborate with the Information Security Team to consume feeds from a suite of security tools including AV, Advanced Malware Detection, SIEM, IDS, Vulnerability scanners, etc. Ensure MLP enterprise security products are functioning and protecting the environment as expected while providing stability and maintaining policies and procedures. Actively monitor new and emerging security and privacy related technologies, trends, issues, and solutions and assess their applicability to Millennium key business initiatives and business strategies. Provide technical support to IT staff in the detection and resolution of security problems. Develop and maintain documentation of all Security products including specific tools, technologies and processes. Qualifications/Skills Required Experience performing security monitoring and incident response and triage work in a 24/7 environment. Experience with people management in a technical role, preferably in a SOC setting. Experience with ticketing systems and API integration work. Hands-on experience with one of the major SIEM platforms in use i.e Splunk, Q1Radar, etc Excellent understanding of common exploit scenarios and indicators of compromise (IOCs) Log analysis and experience reviewing security events. Ability to manipulate data and produce relevant metrics and reporting around security incidents. Excellent understanding and experience across broad spectrum of technologies - including operating system, cloud, Active Directory, Group Policy, DNS, Messaging. High level understanding of internetworking, data transmission and encryption protocols. Experience with vulnerability management scanning platforms. Ability to handle sensitive and/or confidential materials with appropriate discretion. Scripting and development skills (Python, Powershell, VBscript, Rest a plus). Possess a passion for Information Security and Technology. Able to prioritize in a fast moving, high pressure, constantly changing environment; High sense of urgency Ability to communicate and collaborate across technology teams. Bachelor's degree (Computer Science or Engineering preferred) with strong IT background. Have substantial experience working in a technical role and extensive experience concentrating on information security, financial industry At least one security certification (CISSP, CEH, GCIA, CISM, etc.).
At Direct Line Group, insurance is just the start. Combining decades of industry experience with talented people in every field from data, technology, customer care and auto repair, to HR, finance and procurement , we're a customer-obsessed market powerhouse. And we all work together to be brilliant for customers, every single day. We're evolving, to be a more digitally-focused data-driven insurance company of the future - and your unique talent, skills and ideas can drive our success. Like us, you thrive on collaboration, exploration and innovation. And like you, we take tech seriously. That's why we're embracing the move to a more digital, flexible world. With constant investment in the newest tools, programmes and equipment for our teams, it all adds up to creating the best possible user experience for customers. And a great career for you. Join us. Own the evolution. We have an exciting opportunity for a Senior Security Operations Analyst to join our re-energised Cyber Defence team! Reporting into the Cyber Defence Security Operations Lead, you will act as the as a secondary contact and escalation point for the team. You'll manage a team of Security Analysts to oversee the day-to-day operational delivery of services provided by our third party 24x7 Security Operations Centre, and will take ownership of our security presence and identify any gaps by working with various stakeholders across the business. What else you'll be doing: Maintaining security oversight of the technical infrastructure delivered by third party suppliers and raising concerns/issues that pose a security risk to the organisation accordingly. You will also manage any operational risk remediation to conclusion and take ownership within the team. Managing development and improvements required for detection engineering and associated technologies. Responsible for the operational and threat malware analysis for the group. Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management. Responsible for the level 2 / 3 operational Cyber incident response. Escalating in a timely manner any incidents and anomalies that are detected within DLG and providing subject matter expertise and guidance for operational challenges. Monitoring and responding to emerging threat patterns, vulnerabilities and anomalies and providing escalations of any unknown threats to relevant areas within the company. Collating metrics on the status of technical information security controls across the DLG estate, highlighting risk areas and working to develop and manage remediation plans as required. Collaborating with all CISO teams to report appropriate operational issues that may be resolved at an architecture level Operational On-Call Requirement This role has a shared, rotational 24/7 on-call requirement and forms part of information security incident response capability. You will act as the single point of contact for all security related response actions and decisions, including management of each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions. What you'll need: Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over IP (VoIP), firewall zoning. Ability to read and understand system data including security event logs, system logs, application logs, and device logs, etc. Knowledge and experience of enterprise grade technologies including operating systems, databases, and web applications. Knowledge and experience of performing network traffic analysis for identifying any developing patterns. Ability to assist with knowledge transfer and mentoring/up skilling of junior team members Security Analysis for CompTIA CySA+ or similar level of certification It would be beneficial if you have: Experience with any of the following technologies: Data Loss Prevention, Intrusion Prevention/Detection Systems, Firewalls, SIEM. Knowledge of reporting suites such as Power BI Good understanding of Microsoft security suites and associated qualifications Threat identification. Security certifications such as CISM, CISSP, M.Inst.ISP, CISA by a recognised professional body Technical certifications by a recognised professional body in network or systems engineering Fundamental Cloud Concepts for AWS. OWASP Top 10: API Security Playbook. Ways of Working This role is based out of our London Bridge office. Our hybrid model way of working offers a 'best of both worlds' approach combining the best parts of home and office-working, offering flexibility for everyone. When you'll be in the office depends on your role, but most colleagues are in 2 days a week, and we'll consider the flexible working options that work best for you. Read our flexible working approach here Benefits We wouldn't be where we are today without our people and the wide variety of perspectives and life experiences they bring. That's why we offer excellent benefits to suit your lifestyle and a flexible working model combining the best parts of home and office-working, varying with the nature of your role. Our core benefits include: 9% employer contributed pension Up to 10% bonus 50% off home, motor and pet insurance plus free travel insurance and Green Flag breakdown cover Additional optional Health and Dental insurance EV car scheme which allows all colleagues to lease a brand new electric or plug-in hybrid car in a tax efficient way. 25 days annual leave Buy as you earn share scheme Employee discounts and cashback Plus many more! Being yourself Difference makes us who we are. We believe everyone should feel comfortable to bring their whole selves to work - that's why we champion diverse voices, build workplaces that work for people, and invest in the things that matter. From senior leadership to inclusivity networks, adaptive working to inclusion training, we've made it our mission to give you everything you need to be authentically you. Discover more at Together we're one of a kind.
Apr 29, 2024
Full time
At Direct Line Group, insurance is just the start. Combining decades of industry experience with talented people in every field from data, technology, customer care and auto repair, to HR, finance and procurement , we're a customer-obsessed market powerhouse. And we all work together to be brilliant for customers, every single day. We're evolving, to be a more digitally-focused data-driven insurance company of the future - and your unique talent, skills and ideas can drive our success. Like us, you thrive on collaboration, exploration and innovation. And like you, we take tech seriously. That's why we're embracing the move to a more digital, flexible world. With constant investment in the newest tools, programmes and equipment for our teams, it all adds up to creating the best possible user experience for customers. And a great career for you. Join us. Own the evolution. We have an exciting opportunity for a Senior Security Operations Analyst to join our re-energised Cyber Defence team! Reporting into the Cyber Defence Security Operations Lead, you will act as the as a secondary contact and escalation point for the team. You'll manage a team of Security Analysts to oversee the day-to-day operational delivery of services provided by our third party 24x7 Security Operations Centre, and will take ownership of our security presence and identify any gaps by working with various stakeholders across the business. What else you'll be doing: Maintaining security oversight of the technical infrastructure delivered by third party suppliers and raising concerns/issues that pose a security risk to the organisation accordingly. You will also manage any operational risk remediation to conclusion and take ownership within the team. Managing development and improvements required for detection engineering and associated technologies. Responsible for the operational and threat malware analysis for the group. Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management. Responsible for the level 2 / 3 operational Cyber incident response. Escalating in a timely manner any incidents and anomalies that are detected within DLG and providing subject matter expertise and guidance for operational challenges. Monitoring and responding to emerging threat patterns, vulnerabilities and anomalies and providing escalations of any unknown threats to relevant areas within the company. Collating metrics on the status of technical information security controls across the DLG estate, highlighting risk areas and working to develop and manage remediation plans as required. Collaborating with all CISO teams to report appropriate operational issues that may be resolved at an architecture level Operational On-Call Requirement This role has a shared, rotational 24/7 on-call requirement and forms part of information security incident response capability. You will act as the single point of contact for all security related response actions and decisions, including management of each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions. What you'll need: Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over IP (VoIP), firewall zoning. Ability to read and understand system data including security event logs, system logs, application logs, and device logs, etc. Knowledge and experience of enterprise grade technologies including operating systems, databases, and web applications. Knowledge and experience of performing network traffic analysis for identifying any developing patterns. Ability to assist with knowledge transfer and mentoring/up skilling of junior team members Security Analysis for CompTIA CySA+ or similar level of certification It would be beneficial if you have: Experience with any of the following technologies: Data Loss Prevention, Intrusion Prevention/Detection Systems, Firewalls, SIEM. Knowledge of reporting suites such as Power BI Good understanding of Microsoft security suites and associated qualifications Threat identification. Security certifications such as CISM, CISSP, M.Inst.ISP, CISA by a recognised professional body Technical certifications by a recognised professional body in network or systems engineering Fundamental Cloud Concepts for AWS. OWASP Top 10: API Security Playbook. Ways of Working This role is based out of our London Bridge office. Our hybrid model way of working offers a 'best of both worlds' approach combining the best parts of home and office-working, offering flexibility for everyone. When you'll be in the office depends on your role, but most colleagues are in 2 days a week, and we'll consider the flexible working options that work best for you. Read our flexible working approach here Benefits We wouldn't be where we are today without our people and the wide variety of perspectives and life experiences they bring. That's why we offer excellent benefits to suit your lifestyle and a flexible working model combining the best parts of home and office-working, varying with the nature of your role. Our core benefits include: 9% employer contributed pension Up to 10% bonus 50% off home, motor and pet insurance plus free travel insurance and Green Flag breakdown cover Additional optional Health and Dental insurance EV car scheme which allows all colleagues to lease a brand new electric or plug-in hybrid car in a tax efficient way. 25 days annual leave Buy as you earn share scheme Employee discounts and cashback Plus many more! Being yourself Difference makes us who we are. We believe everyone should feel comfortable to bring their whole selves to work - that's why we champion diverse voices, build workplaces that work for people, and invest in the things that matter. From senior leadership to inclusivity networks, adaptive working to inclusion training, we've made it our mission to give you everything you need to be authentically you. Discover more at Together we're one of a kind.
Senior Cyber Security Analyst Utilities Hybrid: 2-3 days per week in Taunton or Exeter 6 months+ £650 - £700 per day In short: Classic Cyber Security Analyst required to join a major utilities company in SOC-related activities. In full: Reporting to the Senior Cyber Solutions Architect, you will be responsible for the development, delivery and support of new cyber security systems and processes within the department specialising in OT and Telecoms cyber security. You will also be a subject matter expert and a point of escalation for the business and cyber security analysts. Main Responsibilities Responsible for the management and development of SIEM reports and dashboards. Conduct vulnerability assessments within IT & OT and resolve any identified vulnerabilities, in collaboration with system owners. Responsible for investigating and resolving security queries in relation to company systems. Evaluating security processes against benchmarks. Developing specific cyber security metrics / KPI's. Deliver service improvements, such as process automation, platform tuning and configuration management. Provide subject matter expertise in relation to cyber risks and threats. Respond to cyber security incidents. Identify cyber security training needs. Carry out forensics on systems and hardware as required. Monitoring and assessment of threat intelligence feeds. Analyse the output of various security reports and advise/escalate where required. Liaise with Business System owners on security matters. Participate in and manage penetration tests. You should have an appropriate level of experience within an IT Environment, working with OT and cyber security. It would be advantageous to have or be working towards a recognised Cyber Security qualification such as OSCP, CISSP, CCNA Security etc. Experience and/or knowledge of OT/SCADA, Telecoms and control systems would be beneficial. The successful candidate may initially be appointed on a designate basis and all candidates will be required to undertake and successfully complete a Security Check (SC). Candidates will ideally show evidence of the above in their CV in order to be considered.Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunities employer.
Apr 26, 2024
Full time
Senior Cyber Security Analyst Utilities Hybrid: 2-3 days per week in Taunton or Exeter 6 months+ £650 - £700 per day In short: Classic Cyber Security Analyst required to join a major utilities company in SOC-related activities. In full: Reporting to the Senior Cyber Solutions Architect, you will be responsible for the development, delivery and support of new cyber security systems and processes within the department specialising in OT and Telecoms cyber security. You will also be a subject matter expert and a point of escalation for the business and cyber security analysts. Main Responsibilities Responsible for the management and development of SIEM reports and dashboards. Conduct vulnerability assessments within IT & OT and resolve any identified vulnerabilities, in collaboration with system owners. Responsible for investigating and resolving security queries in relation to company systems. Evaluating security processes against benchmarks. Developing specific cyber security metrics / KPI's. Deliver service improvements, such as process automation, platform tuning and configuration management. Provide subject matter expertise in relation to cyber risks and threats. Respond to cyber security incidents. Identify cyber security training needs. Carry out forensics on systems and hardware as required. Monitoring and assessment of threat intelligence feeds. Analyse the output of various security reports and advise/escalate where required. Liaise with Business System owners on security matters. Participate in and manage penetration tests. You should have an appropriate level of experience within an IT Environment, working with OT and cyber security. It would be advantageous to have or be working towards a recognised Cyber Security qualification such as OSCP, CISSP, CCNA Security etc. Experience and/or knowledge of OT/SCADA, Telecoms and control systems would be beneficial. The successful candidate may initially be appointed on a designate basis and all candidates will be required to undertake and successfully complete a Security Check (SC). Candidates will ideally show evidence of the above in their CV in order to be considered.Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunities employer.
You'll do more than the expected. You'll do the unexpected. American Express is looking for a Senior Information Security Analyst to be a technical lead in our Cyber Fusion Center. The team provides rapid investigation and response to cyber security incidents which impact American Express globally. The Senior Information Security Analyst will serve as a leader and will be responsible for handling escalated security incidents, performing investigations, and driving operational maturity. If you want to be part of a diverse and inclusive world-class team, this could be the role for you. How will you make an impact in this role?: Provide advanced technical oversight and support to Information Security Analysts conducting cyber incident investigations Maintain awareness of real-world infosec threats and engage in the innovation of new analytic methods for detecting threats Support senior leadership in continuous development of incident response capabilities Coach and mentor Information Security Analysts Participate in rotational weekend coverage Required Skills/Qualifications: Substantial Information Security experience and technical understanding, including: Network, endpoint and OSINT security tools A range of cloud, Mac, Linux and Windows platforms Excellent business and technical risk analysis and prioritisation skills Excellent written and oral communication skills including in high pressure situations Committed to continuous learning and professional development, and passionate about developing others Preferred Additional Experience & Skills: Experience in a Security Operations Center (SOC), Computer Incident Response Team (CSIRT), Computer Security Incident Response Center (CSIRC), or Cyber Fusion Center Security industry certification (CISSP, CEH, OSCP, CCNP Security, GCFE, GCFA, GNFA, GREM) Specialism in one or more security domains (e.g platform hardening, vulnerability management, penetration testing, applied cryptography, network/application traffic control, forensics, or exploits and malware.) Experience in programming and/or scripting languages (python, javascript, php, sql, C/C++, Go) Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations. Why American Express? There's a difference between having a job and making a difference. Amex have been making a difference in people's lives for over 160 years, backing them in moments big and small, granting access, tools, and resources to take on their biggest challenges and reap the greatest rewards. We've also made a difference in the lives of our people, providing a culture of learning and collaboration, and helping them with what they need to succeed and thrive. We have their backs as they grow their skills, conquer new challenges, or even take time to spend with their family or community. And when they're ready to take on a new career path, we're right there with them, giving them the guidance and momentum into the best future they envision. When you join , you become part of a diverse community of over 60,000 colleagues, all with a common goal to deliver an exceptional customer experience every day. We back our colleagues with the support they need to thrive, professionally and personally. That's why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually. Because we believe that the best way to back our customers is to back our people. The powerful backing of American Express. Don't make a difference without it. Don't live life without it. To complete your application please click on the links below. However, if you require any assistance with the completion of this process - or need any reasonable adjustments to be made - then please contact the Recruitment Team on
Sep 23, 2022
Full time
You'll do more than the expected. You'll do the unexpected. American Express is looking for a Senior Information Security Analyst to be a technical lead in our Cyber Fusion Center. The team provides rapid investigation and response to cyber security incidents which impact American Express globally. The Senior Information Security Analyst will serve as a leader and will be responsible for handling escalated security incidents, performing investigations, and driving operational maturity. If you want to be part of a diverse and inclusive world-class team, this could be the role for you. How will you make an impact in this role?: Provide advanced technical oversight and support to Information Security Analysts conducting cyber incident investigations Maintain awareness of real-world infosec threats and engage in the innovation of new analytic methods for detecting threats Support senior leadership in continuous development of incident response capabilities Coach and mentor Information Security Analysts Participate in rotational weekend coverage Required Skills/Qualifications: Substantial Information Security experience and technical understanding, including: Network, endpoint and OSINT security tools A range of cloud, Mac, Linux and Windows platforms Excellent business and technical risk analysis and prioritisation skills Excellent written and oral communication skills including in high pressure situations Committed to continuous learning and professional development, and passionate about developing others Preferred Additional Experience & Skills: Experience in a Security Operations Center (SOC), Computer Incident Response Team (CSIRT), Computer Security Incident Response Center (CSIRC), or Cyber Fusion Center Security industry certification (CISSP, CEH, OSCP, CCNP Security, GCFE, GCFA, GNFA, GREM) Specialism in one or more security domains (e.g platform hardening, vulnerability management, penetration testing, applied cryptography, network/application traffic control, forensics, or exploits and malware.) Experience in programming and/or scripting languages (python, javascript, php, sql, C/C++, Go) Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations. Why American Express? There's a difference between having a job and making a difference. Amex have been making a difference in people's lives for over 160 years, backing them in moments big and small, granting access, tools, and resources to take on their biggest challenges and reap the greatest rewards. We've also made a difference in the lives of our people, providing a culture of learning and collaboration, and helping them with what they need to succeed and thrive. We have their backs as they grow their skills, conquer new challenges, or even take time to spend with their family or community. And when they're ready to take on a new career path, we're right there with them, giving them the guidance and momentum into the best future they envision. When you join , you become part of a diverse community of over 60,000 colleagues, all with a common goal to deliver an exceptional customer experience every day. We back our colleagues with the support they need to thrive, professionally and personally. That's why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually. Because we believe that the best way to back our customers is to back our people. The powerful backing of American Express. Don't make a difference without it. Don't live life without it. To complete your application please click on the links below. However, if you require any assistance with the completion of this process - or need any reasonable adjustments to be made - then please contact the Recruitment Team on
Cyber Security Team Lead - Permanent - Edinburgh/Remote - Package Circa £95k Change Digital are partnering with a global organisation who have been reviewed as one of Edinburgh's best employers who are experiencing growth within their technology teams and are recruiting for an information/cyber security team lead to join the company and help shape a brand new team of security analysts. This position will involve applying security knowledge and expertise and making sure that the IT estate is secure. The successful candidate will be at senior level with some team lead experience, or already in a similar position. Skills required should include but not be limited to: - Azure Cloud - Experience of the security threat landscape - Information security and Cyber security - Windows/Linux - Team lead/mentoring experience - Any of the following qualifications, desirable (CISSP, CISM, GSEC, MCSA, RHCSA, Azure) This is a fantastic opportunity to join a company who offer a flexible, supportive, collaborative environment where the employee's come first, who also offer unlimited training and the opportunity to work with the latest technology. This position would require part week onsite post COVID, however a flexible approach depending on individual circumstances. If you are looking to progress your career and have the required skills, please forward your latest CV for immediate consideration.
Oct 07, 2021
Full time
Cyber Security Team Lead - Permanent - Edinburgh/Remote - Package Circa £95k Change Digital are partnering with a global organisation who have been reviewed as one of Edinburgh's best employers who are experiencing growth within their technology teams and are recruiting for an information/cyber security team lead to join the company and help shape a brand new team of security analysts. This position will involve applying security knowledge and expertise and making sure that the IT estate is secure. The successful candidate will be at senior level with some team lead experience, or already in a similar position. Skills required should include but not be limited to: - Azure Cloud - Experience of the security threat landscape - Information security and Cyber security - Windows/Linux - Team lead/mentoring experience - Any of the following qualifications, desirable (CISSP, CISM, GSEC, MCSA, RHCSA, Azure) This is a fantastic opportunity to join a company who offer a flexible, supportive, collaborative environment where the employee's come first, who also offer unlimited training and the opportunity to work with the latest technology. This position would require part week onsite post COVID, however a flexible approach depending on individual circumstances. If you are looking to progress your career and have the required skills, please forward your latest CV for immediate consideration.
IT Security Officer / IT Security Analyst / IT Risk Analyst - Security Audits, Risk Assessments, CISM, CISSP, CySA+, CASP+ etc; Security Standards. Guildford (2 days per week); Fully remote during pandemic, 2 days per week onsite post-return-to-office. Permanent. c.£55k- £65k + Benefits Global Insurance Company seeks an IT Security Officer / IT Security Analyst / IT Risk Analyst to assist in the development and dissemination of information security policies, procedures, and guidelines across the organisation. This is a Security Analysis role which will require the management of audits, risk assessments and the subsequent management and oversight of remedial actions taken by various software development and DevOps/SysAdmin teams and perimeter defence Network Engineering teams. The IT Security Officer / IT Security Analyst / IT Risk Analyst will monitor existing IT security controls to ensure compliance with security policies and procedures, identify vulnerabilities, take ownership of core security areas in active processes and projects on the security roadmap and create security policies which meet modern security compliance standards. This will involve managing the development of security procedures within the specific areas (software, network, production server, devops etc) and report to the Global Security team on the state of these areas. Day-to-day activities will require you to liaise with various business and technical departmental stakeholders to actively identify and resolve vulnerabilities in the technical environment. You will also need to identify areas for improvement in security policies and procedures relating to multiple enterprise systems and infrastructure environments operated by the corporate entity. You will employ a variety of standards covering aspects such as COBIT, IASME Cyber Security, GDPR and work to bring systems up to standards required by the German Federal Financial Supervisory Authority: BaFin (due to the company's presence and profile in Germany). We are searching for an IT Security Officer / IT Security Analyst / IT Risk Analyst who can bring procedural security knowledge, experience along with technical understanding of software, server and network environments and the application of security procedures within best practice. You will be an information security professional who holds certifications ranging from CySA+, CASP+, CISSP, Security+, CISA, CISM, and may have some exposure to frameworks such as COBIT, ISO27001 or have worked to FCA standards or indeed to BaFin standards within financial services. You will be familiar with undertaking risk assessments and reporting results and guidance to technical teams and business stakeholders alike and working closely with senior level business stakeholders to disseminate a security focussed approach. Excellent organisation and communication skills are pre-requisite. Excellent opportunity to work with one of the world's largest Insurance companies employing cutting edge technologies dispersed across a global enterprise. Excellent opportunity for career growth and personal development.
Oct 07, 2021
Full time
IT Security Officer / IT Security Analyst / IT Risk Analyst - Security Audits, Risk Assessments, CISM, CISSP, CySA+, CASP+ etc; Security Standards. Guildford (2 days per week); Fully remote during pandemic, 2 days per week onsite post-return-to-office. Permanent. c.£55k- £65k + Benefits Global Insurance Company seeks an IT Security Officer / IT Security Analyst / IT Risk Analyst to assist in the development and dissemination of information security policies, procedures, and guidelines across the organisation. This is a Security Analysis role which will require the management of audits, risk assessments and the subsequent management and oversight of remedial actions taken by various software development and DevOps/SysAdmin teams and perimeter defence Network Engineering teams. The IT Security Officer / IT Security Analyst / IT Risk Analyst will monitor existing IT security controls to ensure compliance with security policies and procedures, identify vulnerabilities, take ownership of core security areas in active processes and projects on the security roadmap and create security policies which meet modern security compliance standards. This will involve managing the development of security procedures within the specific areas (software, network, production server, devops etc) and report to the Global Security team on the state of these areas. Day-to-day activities will require you to liaise with various business and technical departmental stakeholders to actively identify and resolve vulnerabilities in the technical environment. You will also need to identify areas for improvement in security policies and procedures relating to multiple enterprise systems and infrastructure environments operated by the corporate entity. You will employ a variety of standards covering aspects such as COBIT, IASME Cyber Security, GDPR and work to bring systems up to standards required by the German Federal Financial Supervisory Authority: BaFin (due to the company's presence and profile in Germany). We are searching for an IT Security Officer / IT Security Analyst / IT Risk Analyst who can bring procedural security knowledge, experience along with technical understanding of software, server and network environments and the application of security procedures within best practice. You will be an information security professional who holds certifications ranging from CySA+, CASP+, CISSP, Security+, CISA, CISM, and may have some exposure to frameworks such as COBIT, ISO27001 or have worked to FCA standards or indeed to BaFin standards within financial services. You will be familiar with undertaking risk assessments and reporting results and guidance to technical teams and business stakeholders alike and working closely with senior level business stakeholders to disseminate a security focussed approach. Excellent organisation and communication skills are pre-requisite. Excellent opportunity to work with one of the world's largest Insurance companies employing cutting edge technologies dispersed across a global enterprise. Excellent opportunity for career growth and personal development.
Project Description Development of the reporting and analytics function for IT Risk and Security. Task Description Reporting to the head of Strategy and Planning, serving as the reporting and analytics lead for the ITRS group; accountable for all ITRS-related metrics data across IT and to the executive level. Develops a reporting schedule to provide an overview of ITRS value and performance. Manages the development and presentation of security related reporting, to identify and collect metric data for regularly published KPI reports and IT scorecards. Analyses data to identify trends and provide internal stakeholders with valuable insights they can use to improve operational and businesses practices. Facilitates performance reviews for service areas to benchmark against defined Cyber metrics. Drafts board-level management analytic and trending reports. Collaborates with 2nd LoD on security reporting activities and schedules. Assists in the definition of IT scorecard metrics (KPIs, KCIs, KRIs) for the ITRS tower. Evaluates existing reports and implements continuous feedback and assurance processes to improve data integrity and quality. Gathers key reporting requirements from Business Information Security Officers and produces metrics relevant to specific MR entities. Performs statistical analysis to predict trend in cyber security data. Configures and uses platforms such as PowerBI to showcase cyber analytics. Required working experience 7-10 years Required skills and qualifications Over 7 years' experience in Security Reporting and Analytics working with the Business and IT. A proactive self-starter who is able to develop and maintain effective working relationships with multiple stakeholders, the wider team from across the organisation and varying levels of seniority. Extensive experience of being accountable for Reporting and Analytics preferably in an Cyber Security context. Very good knowledge of complex IT organisations and experience with security-relevant topics, security metrics and a related knowledge of the market. Excellent writing and presentation skills. Experience with data visualisation platforms such as PoweBI/Tableau. Active and effective communicator with peers and senior management at board level. Developing data reporting and insights to enable management decisions. Customer orientation, strong negotiating and problem solving skills. Technical and functional aptitude to shape and lead initiatives. Strong stakeholder management skills and able to establish and manage expectations. Initiative, creativity and an open mind for innovation. Good knowledge of security standards (e.g. ISO 2700x, ISF's SoGP, NIST) and other frameworks. Attention to detail. Qualifications - · Batchelors degree ( in IT Preferably) · CISSP (preferred) Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
Oct 07, 2021
Contractor
Project Description Development of the reporting and analytics function for IT Risk and Security. Task Description Reporting to the head of Strategy and Planning, serving as the reporting and analytics lead for the ITRS group; accountable for all ITRS-related metrics data across IT and to the executive level. Develops a reporting schedule to provide an overview of ITRS value and performance. Manages the development and presentation of security related reporting, to identify and collect metric data for regularly published KPI reports and IT scorecards. Analyses data to identify trends and provide internal stakeholders with valuable insights they can use to improve operational and businesses practices. Facilitates performance reviews for service areas to benchmark against defined Cyber metrics. Drafts board-level management analytic and trending reports. Collaborates with 2nd LoD on security reporting activities and schedules. Assists in the definition of IT scorecard metrics (KPIs, KCIs, KRIs) for the ITRS tower. Evaluates existing reports and implements continuous feedback and assurance processes to improve data integrity and quality. Gathers key reporting requirements from Business Information Security Officers and produces metrics relevant to specific MR entities. Performs statistical analysis to predict trend in cyber security data. Configures and uses platforms such as PowerBI to showcase cyber analytics. Required working experience 7-10 years Required skills and qualifications Over 7 years' experience in Security Reporting and Analytics working with the Business and IT. A proactive self-starter who is able to develop and maintain effective working relationships with multiple stakeholders, the wider team from across the organisation and varying levels of seniority. Extensive experience of being accountable for Reporting and Analytics preferably in an Cyber Security context. Very good knowledge of complex IT organisations and experience with security-relevant topics, security metrics and a related knowledge of the market. Excellent writing and presentation skills. Experience with data visualisation platforms such as PoweBI/Tableau. Active and effective communicator with peers and senior management at board level. Developing data reporting and insights to enable management decisions. Customer orientation, strong negotiating and problem solving skills. Technical and functional aptitude to shape and lead initiatives. Strong stakeholder management skills and able to establish and manage expectations. Initiative, creativity and an open mind for innovation. Good knowledge of security standards (e.g. ISO 2700x, ISF's SoGP, NIST) and other frameworks. Attention to detail. Qualifications - · Batchelors degree ( in IT Preferably) · CISSP (preferred) Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
Security Analyst required to work for a Government department. This is an initial 12-month contract, paying £560 a day, inside IR35, hybrid working with at least 2 days a week in the London based office. Key Responsibilities: *Advice and support Business Managers, Senior Risk Owners and the Executive Team within Digital to ensure effective security risk measures are in place on delivery. *Ensure that all first line risk managers identify, assess and report all security risks and vulnerabilities and that incidents are actioned. *Ensuring consistency in approach for the delivery of risk-informed decisions regarding current and future security investments *Ensure consistency to protect the Department's assets and transform the Department's security architecture. *Highlight the strengths and weaknesses of security risk controls across the Department. *Manage the identification, assessment and remediation of security risks across the business, and the risk management lifecycle. *Work with business and technology stakeholders to develop, update or review security risk assessments and security risk management plans, providing a holistic and strategic view of delivery as required. *Work closely with internal and external stakeholders, to identify threats, vulnerabilities and how the resilience of the IT Infrastructure can be improved. *Identify, assess and measure emerging security risks and report to programme and senior stakeholders based on current trends and issues across Digital and the external environment. *Undertake Controls testing of counter measures to provide added assurance and feed results back into the risk assessment. *Mentor, support, supervise, knowledge transfer and line manage junior members of the team. Essential Skills / Criteria: *Governance, Risk and Compliance Professional (GRCP) qualification. *Certified in Risk and Information Systems Controls (CRISC) or equivalent risk management qualifications *Proven knowledge of risk management - identification, assessment, risk response and mitigation, control monitoring and reporting. * *ISO27005 Certified ISMS Risk Management (CIS RM) qualification (ISO 17024-certificated) *Experience of undertaking information assurance reviews such as ISO27001 assurance. *Certified Information Systems Security Manager (CISSP) or an equivalent security qualification. *Certified Information Security Manager (CISM) or an equivalent security qualification. Desirable Skills: *SC Clearance Please apply should you meet the above criteria. Badenoch + Clark acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. Badenoch + Clark UK is an Equal Opportunities Employer. By applying for this role your details will be submitted to Badenoch + Clark. Our Candidate Privacy Information Statement explains how we will use your information - please copy and paste the following link in to your browser: https://en-gb/candidate-privacy
Oct 07, 2021
Contractor
Security Analyst required to work for a Government department. This is an initial 12-month contract, paying £560 a day, inside IR35, hybrid working with at least 2 days a week in the London based office. Key Responsibilities: *Advice and support Business Managers, Senior Risk Owners and the Executive Team within Digital to ensure effective security risk measures are in place on delivery. *Ensure that all first line risk managers identify, assess and report all security risks and vulnerabilities and that incidents are actioned. *Ensuring consistency in approach for the delivery of risk-informed decisions regarding current and future security investments *Ensure consistency to protect the Department's assets and transform the Department's security architecture. *Highlight the strengths and weaknesses of security risk controls across the Department. *Manage the identification, assessment and remediation of security risks across the business, and the risk management lifecycle. *Work with business and technology stakeholders to develop, update or review security risk assessments and security risk management plans, providing a holistic and strategic view of delivery as required. *Work closely with internal and external stakeholders, to identify threats, vulnerabilities and how the resilience of the IT Infrastructure can be improved. *Identify, assess and measure emerging security risks and report to programme and senior stakeholders based on current trends and issues across Digital and the external environment. *Undertake Controls testing of counter measures to provide added assurance and feed results back into the risk assessment. *Mentor, support, supervise, knowledge transfer and line manage junior members of the team. Essential Skills / Criteria: *Governance, Risk and Compliance Professional (GRCP) qualification. *Certified in Risk and Information Systems Controls (CRISC) or equivalent risk management qualifications *Proven knowledge of risk management - identification, assessment, risk response and mitigation, control monitoring and reporting. * *ISO27005 Certified ISMS Risk Management (CIS RM) qualification (ISO 17024-certificated) *Experience of undertaking information assurance reviews such as ISO27001 assurance. *Certified Information Systems Security Manager (CISSP) or an equivalent security qualification. *Certified Information Security Manager (CISM) or an equivalent security qualification. Desirable Skills: *SC Clearance Please apply should you meet the above criteria. Badenoch + Clark acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. Badenoch + Clark UK is an Equal Opportunities Employer. By applying for this role your details will be submitted to Badenoch + Clark. Our Candidate Privacy Information Statement explains how we will use your information - please copy and paste the following link in to your browser: https://en-gb/candidate-privacy
City, London
Blackthorn Trace
Blackthorn Trace have partnered with a global leading financial services industry who are building a Cyber Threat team across the UK, US and Canada. With the financial services industry constantly under attack by sophisticated cyber adversaries that range from nation states to criminals. In response, my client are creating a Cyber Threat Center charged with ensuring all equities are secure against all tiers of adversaries. You will work within the central hub for Computer Operations and be on the front lines of security incident response, threat hunting, and intelligence. Hours - 6am - 2.30pm, 2 days per week from home. Responsibilities Act a senior member of the Cyber Threat Center who handles security events and incidents on a daily basis in a fast-paced environment. Acts as an Incident Handler who can handle minor and major security incidents within the defined Computer Security Incident Response process. Role embodies Cyber Network Defense and a successful Cyber Threat Analyst will be able to quickly analyze threats, understand risk, deploy effective countermeasures, make business critical incident response decisions, and work as part of a team of individuals dedicated to protecting the firm. Maintains situational awareness for cyber threats across the global firm and take action where necessary. Daily responsibilities include, but are not limited to: Countermeasure deployment across various technologies. Malware and exploit analysis. Intrusion monitoring and response. Assessing alerts and notifications of event activity from intrusion detection systems and responding accordingly to the threat. Continuing content development of threat detection and prevention systems. Data analysis and threat research. Experience and Skills Systems administrator experience in Linux, Unix, Windows or OSX operating systems. Knowledge of networking and the common network protocols. Demonstrated ability to create complex scripts, develop tools, or automate processes Knowledge of vulnerabilities and a comfort in manipulating exploit code for analysis. Demonstrated ability to perform static and dynamic malware analysis. Demonstrated ability to analyze large data sets and identify anomalies. Demonstrated ability to quickly create and deploy countermeasures under pressure. Familiarity with common infrastructure systems that can be used as enforcement points. One or more of the following certifications or the ability to obtain within 1 year: CISSP: Certified Information Systems Security Professional CCNA: Cisco Certified Network Associate SANS: GCIH - Incident Handler SANS: GCIA - Intrusion Analyst Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation. Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles. PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.
Feb 15, 2019
City, London
Blackthorn Trace
Blackthorn Trace have partnered with a global leading financial services industry who are building a Cyber Threat team across the UK, US and Canada. With the financial services industry constantly under attack by sophisticated cyber adversaries that range from nation states to criminals. In response, my client are creating a Cyber Threat Center charged with ensuring all equities are secure against all tiers of adversaries. You will work within the central hub for Computer Operations and be on the front lines of security incident response, threat hunting, and intelligence. Hours - 6am - 2.30pm, 2 days per week from home. Responsibilities Act a senior member of the Cyber Threat Center who handles security events and incidents on a daily basis in a fast-paced environment. Acts as an Incident Handler who can handle minor and major security incidents within the defined Computer Security Incident Response process. Role embodies Cyber Network Defense and a successful Cyber Threat Analyst will be able to quickly analyze threats, understand risk, deploy effective countermeasures, make business critical incident response decisions, and work as part of a team of individuals dedicated to protecting the firm. Maintains situational awareness for cyber threats across the global firm and take action where necessary. Daily responsibilities include, but are not limited to: Countermeasure deployment across various technologies. Malware and exploit analysis. Intrusion monitoring and response. Assessing alerts and notifications of event activity from intrusion detection systems and responding accordingly to the threat. Continuing content development of threat detection and prevention systems. Data analysis and threat research. Experience and Skills Systems administrator experience in Linux, Unix, Windows or OSX operating systems. Knowledge of networking and the common network protocols. Demonstrated ability to create complex scripts, develop tools, or automate processes Knowledge of vulnerabilities and a comfort in manipulating exploit code for analysis. Demonstrated ability to perform static and dynamic malware analysis. Demonstrated ability to analyze large data sets and identify anomalies. Demonstrated ability to quickly create and deploy countermeasures under pressure. Familiarity with common infrastructure systems that can be used as enforcement points. One or more of the following certifications or the ability to obtain within 1 year: CISSP: Certified Information Systems Security Professional CCNA: Cisco Certified Network Associate SANS: GCIH - Incident Handler SANS: GCIA - Intrusion Analyst Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation. Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles. PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.
Prism Digital
Information Security Analyst - SIEM - Famous Arts Institution A world-renowned arts institution based in South Kensington is looking for a Cyber Security Analyst You will be joining an IT department of circa 20 staff. Your role will be as a very hands on IT Security specialist to maintain the internal and external security of the business at a large scale; 3,000 devices and 1,200 end users. You will be responsible for the day-to-day actions that will ensure the established information security policies are adhered to by all staff and all systems. You will monitor all security and compliance systems regularly taking action where required or ensuring that others who are responsible for those systems are taking appropriate action. Main tasks: * Lead the development, documentation and maintenance of information security policies, procedures, and standards across the organisation * Proactively initiate, facilitate, and promote activities to create awareness of information security * Assist in system and software architecture and design to ensure that data and assets remain secure at all times * Perform Information Security Risk Assessments of all new systems implemented * Perform regular risk assessments and work closely with auditors to pre-empt, mitigate, and swiftly respond to any audit findings * To investigate suspected and actual security incidents in accordance with the security incident management standard, produce reports with recommendations and ensure any remedial action is taken * Work with the IT Security Manager to implement and maintain the Information Security Management System (ISMS) * Manage the Security Information and Event Management system (SIEM) and other security systems ensuring appropriate actions are taken for all issues flagged for action by the system * Monitor all security compliance reporting ensuring appropriate actions are taken in response to the report details and escalating issues as required * Monitor security risks using data from security vendors, application vendors, government security organisations and other appropriate information sources and highlight areas of concern to the IT Security Manager * Monitor all security systems for potential security breaches and recommend remedial actions to be taken * Manage regular penetration tests (internal and external) Monitor the SIEM for issues arising Check compliance reports daily and get others to make appropriate updates Work with the Programme Manager on developing further compliance reports for regular review Verify Windows patches are applied by performing random checks Implement Nessus scanner with Cyber Essentials rules for internal systems to verify compliance levels Follow up on any phishing attacks or other security events to ensure proper process and documentation is followed Assist in putting together an Information Security Risk Assessment template and then conducting those for each of our systems. Follow up on penetration test results liaising with internal teams and external vendors to deliver required remediation Essential requirements: * Formal Information Security qualification (CISM, CISSP/CISA or equivalent) * At least 3 years of experience in Information Security Management or IT Audit related role * Understanding of ISO27001, Cyber Essentials, business continuity and compliance and audit frameworks * Understanding of IT infrastructure, networking systems and information management systems * Experienced in the selection and implementation of appropriate security controls * Ability to produce clear written material for Senior Management * Ability to communicate technical information in a clear and understandable manner to non-technical stakeholders * Ability to direct, interact and effectively share technical issues with IT staff and end users Desirable requirements: * Familiar with the configuration and operation of Nessus * Working within an ISO27001 or Cyber Essentials compliant environment * Strong understanding of GDPR and PCIDSS * Excellent analytical and problem-solving skills * Experience establishing an ISMS and SIEM Benefits: 28 days holiday 10% Co. Pension - no personal contrib needed Season Ticket Loan Cycle to Work Scheme Heavily subsidised Staff Canteen 36 Working Hour Week with a degree of flex Information Security Analyst - SIEM - Famous Arts Institution This is an amazing company to work for and they are looking for someone to start ASAP!
Feb 15, 2019
Prism Digital
Information Security Analyst - SIEM - Famous Arts Institution A world-renowned arts institution based in South Kensington is looking for a Cyber Security Analyst You will be joining an IT department of circa 20 staff. Your role will be as a very hands on IT Security specialist to maintain the internal and external security of the business at a large scale; 3,000 devices and 1,200 end users. You will be responsible for the day-to-day actions that will ensure the established information security policies are adhered to by all staff and all systems. You will monitor all security and compliance systems regularly taking action where required or ensuring that others who are responsible for those systems are taking appropriate action. Main tasks: * Lead the development, documentation and maintenance of information security policies, procedures, and standards across the organisation * Proactively initiate, facilitate, and promote activities to create awareness of information security * Assist in system and software architecture and design to ensure that data and assets remain secure at all times * Perform Information Security Risk Assessments of all new systems implemented * Perform regular risk assessments and work closely with auditors to pre-empt, mitigate, and swiftly respond to any audit findings * To investigate suspected and actual security incidents in accordance with the security incident management standard, produce reports with recommendations and ensure any remedial action is taken * Work with the IT Security Manager to implement and maintain the Information Security Management System (ISMS) * Manage the Security Information and Event Management system (SIEM) and other security systems ensuring appropriate actions are taken for all issues flagged for action by the system * Monitor all security compliance reporting ensuring appropriate actions are taken in response to the report details and escalating issues as required * Monitor security risks using data from security vendors, application vendors, government security organisations and other appropriate information sources and highlight areas of concern to the IT Security Manager * Monitor all security systems for potential security breaches and recommend remedial actions to be taken * Manage regular penetration tests (internal and external) Monitor the SIEM for issues arising Check compliance reports daily and get others to make appropriate updates Work with the Programme Manager on developing further compliance reports for regular review Verify Windows patches are applied by performing random checks Implement Nessus scanner with Cyber Essentials rules for internal systems to verify compliance levels Follow up on any phishing attacks or other security events to ensure proper process and documentation is followed Assist in putting together an Information Security Risk Assessment template and then conducting those for each of our systems. Follow up on penetration test results liaising with internal teams and external vendors to deliver required remediation Essential requirements: * Formal Information Security qualification (CISM, CISSP/CISA or equivalent) * At least 3 years of experience in Information Security Management or IT Audit related role * Understanding of ISO27001, Cyber Essentials, business continuity and compliance and audit frameworks * Understanding of IT infrastructure, networking systems and information management systems * Experienced in the selection and implementation of appropriate security controls * Ability to produce clear written material for Senior Management * Ability to communicate technical information in a clear and understandable manner to non-technical stakeholders * Ability to direct, interact and effectively share technical issues with IT staff and end users Desirable requirements: * Familiar with the configuration and operation of Nessus * Working within an ISO27001 or Cyber Essentials compliant environment * Strong understanding of GDPR and PCIDSS * Excellent analytical and problem-solving skills * Experience establishing an ISMS and SIEM Benefits: 28 days holiday 10% Co. Pension - no personal contrib needed Season Ticket Loan Cycle to Work Scheme Heavily subsidised Staff Canteen 36 Working Hour Week with a degree of flex Information Security Analyst - SIEM - Famous Arts Institution This is an amazing company to work for and they are looking for someone to start ASAP!
A leading Government body requires a Cyber Security Analyst to join their team in Southport on a 12 month contract basis. Candidates who already hold Security Clearance are preferred but all candidates must be willing to go through SC.
As a Security Analyst, your role on the team will include leveraging your knowledge of industry best practices, good judgment and problem solving skills to execute security operations. Areas of concentration include firewalls, intrusion detection/prevention, encryption, antivirus, incident response, and security event management.
Technologies of specific interest (desirable but not essential) include:
Familiarity with Wireless NAC, ELK, and RSA Envision
In this position you will:
* Provide security monitoring for a growing environment; support incident responses and provide root cause analysis support for incidents.
* Provide Information Security Reporting and Metrics and provide input into improving information security reporting and metrics; identify/recommend improvements on internal investigation capabilities via tool building.
* Provide assistance in recovering from security breaches; participates in investigation and remediation of security incidents; establish configuration policies for security technologies.
* Review aggregated server logs, firewall logs, intrusion prevention logs, and network traffic for unusual or suspicious activity.
* Conduct research on emerging threats in support of security enhancement and development efforts; recommend security improvements, upgrades, and/or purchases.
* Create and maintain internal training materials and provide training to appropriate information systems staff; assist with propagating security awareness among employees.
* Working as part of a team, performing deep-dive incident analysis and determining if critical systems or data sets has been impacted.
* Coordinating the incident response of minor incidents by advising on remediation actions and escalating major incidents to the designated parties.
* Generating tailored reports of minor and major incidents. .
* Recording lessons learnt and improving existing processes and procedures.
* Processing incident communications to include initial reporting, follow-ups, requests for information, and resolution activity.
* Providing support for new analytic methods for detecting threats.
* Continuously seeking to identify potential service and process improvements.
Experience
- Have a strong IT technical background and experience working in a SOC environment. - Has functional knowledge of understanding and configuring open source toolsets. Examples are Splunk, Logstash, Redis, ElasticsSearch, and Kibana (ELK).
- Has utilised toolsets for analysis such as but not limited to SIEMs (e.g. Splunk, ELK, LogRhythm, MacAfee, IBM QRadar, etc.), IDS/IPS (e.g. network- and host-based), NAC, FIM, DLP, vulnerability management tools, network monitoring tools, Cyber Security Case management (eg SNow), etc.
- Functional knowledge of TCP/IP protocol suite, LAN/WAN technologies, switching, routing, VoIP and Telephony technologies, firewalls and VPN, intrusion prevention systems (IPS), vulnerability assessment and patch management tools.
- Functional knowledge of UNIX, Linux, Apple and Windows technologies.
- Functional knowledge of operating protocol analysers and analysing output.
- Functional experience performing monitoring, analysis and recovery procedures or security technologies.
- Functional experience performing deep-dive incident analysis by correlating data from various sources.
- Experience of using Security Information and Event Management (SIEM) platforms, and Case Management tools.
- Knowledge of targeted cyber attack analysis and response, and coordinating incident response processes.
- Active CISSP, SSCP, SANS certifications, Security or equivalents
Sep 09, 2016
A leading Government body requires a Cyber Security Analyst to join their team in Southport on a 12 month contract basis. Candidates who already hold Security Clearance are preferred but all candidates must be willing to go through SC.
As a Security Analyst, your role on the team will include leveraging your knowledge of industry best practices, good judgment and problem solving skills to execute security operations. Areas of concentration include firewalls, intrusion detection/prevention, encryption, antivirus, incident response, and security event management.
Technologies of specific interest (desirable but not essential) include:
Familiarity with Wireless NAC, ELK, and RSA Envision
In this position you will:
* Provide security monitoring for a growing environment; support incident responses and provide root cause analysis support for incidents.
* Provide Information Security Reporting and Metrics and provide input into improving information security reporting and metrics; identify/recommend improvements on internal investigation capabilities via tool building.
* Provide assistance in recovering from security breaches; participates in investigation and remediation of security incidents; establish configuration policies for security technologies.
* Review aggregated server logs, firewall logs, intrusion prevention logs, and network traffic for unusual or suspicious activity.
* Conduct research on emerging threats in support of security enhancement and development efforts; recommend security improvements, upgrades, and/or purchases.
* Create and maintain internal training materials and provide training to appropriate information systems staff; assist with propagating security awareness among employees.
* Working as part of a team, performing deep-dive incident analysis and determining if critical systems or data sets has been impacted.
* Coordinating the incident response of minor incidents by advising on remediation actions and escalating major incidents to the designated parties.
* Generating tailored reports of minor and major incidents. .
* Recording lessons learnt and improving existing processes and procedures.
* Processing incident communications to include initial reporting, follow-ups, requests for information, and resolution activity.
* Providing support for new analytic methods for detecting threats.
* Continuously seeking to identify potential service and process improvements.
Experience
- Have a strong IT technical background and experience working in a SOC environment. - Has functional knowledge of understanding and configuring open source toolsets. Examples are Splunk, Logstash, Redis, ElasticsSearch, and Kibana (ELK).
- Has utilised toolsets for analysis such as but not limited to SIEMs (e.g. Splunk, ELK, LogRhythm, MacAfee, IBM QRadar, etc.), IDS/IPS (e.g. network- and host-based), NAC, FIM, DLP, vulnerability management tools, network monitoring tools, Cyber Security Case management (eg SNow), etc.
- Functional knowledge of TCP/IP protocol suite, LAN/WAN technologies, switching, routing, VoIP and Telephony technologies, firewalls and VPN, intrusion prevention systems (IPS), vulnerability assessment and patch management tools.
- Functional knowledge of UNIX, Linux, Apple and Windows technologies.
- Functional knowledge of operating protocol analysers and analysing output.
- Functional experience performing monitoring, analysis and recovery procedures or security technologies.
- Functional experience performing deep-dive incident analysis by correlating data from various sources.
- Experience of using Security Information and Event Management (SIEM) platforms, and Case Management tools.
- Knowledge of targeted cyber attack analysis and response, and coordinating incident response processes.
- Active CISSP, SSCP, SANS certifications, Security or equivalents
Job Title: Senior Cyber Security Analyst
* Working for Home Office
* The Maximum Pay Rate: £350 - £450
* Location: Salford and Southport
* Contract Length: 12 months (12/10/2016 to 26/10/2017)
* Security Clearance Level Required: SC
* Additional Info:Please note that one role will be based in Salford and there will be a second role based in Southport Please specify on you're Cover letter which location you want to be based at.
Description:
Main Duties and Responsibilities: Lead, supervise or directly manage a team of Digital Security Specialists; Lead on development of plans to safeguard computer files against accidental or unauthorised modification, destruction, or disclosure and to meet emergency data processing needs; Confer with users to discuss issues such as computer data access needs, security violations, and programming changes; Monitor current reports of computer viruses to determine when to update virus protection systems; Modify computer security files to incorporate new software, correct errors, or change individual access status; Coordinate implementation of computer system plan with establishment personnel and outside vendors; Train users and promote security awareness to ensure system security and to improve server and network efficiency.
Key tasks and deliverables:
As a Security Analyst, your role on the team will include leveraging your knowledge of industry best practices, good judgment and problem solving skills to execute security operations. Areas of concentration include firewalls, intrusion detection/prevention, encryption, antivirus, incident response, and security event management. Technologies of specific interest (desirable but not essential) include: Familiarity with Wireless NAC, ELK, and RSA Envision
In this position you will:
* Provide security monitoring for a growing environment; support incident responses and provide root cause analysis support for incidents.
* Provide Information Security Reporting and Metrics and provide input into improving information security reporting and metrics; identify/recommend improvements on internal investigation capabilities via tool building.
* Provide assistance in recovering from security breaches; participates in investigation and remediation of security incidents; establish configuration policies for security technologies.
* Review aggregated server logs, firewall logs, intrusion prevention logs, and network traffic for unusual or suspicious activity.
* Conduct research on emerging threats in support of security enhancement and development efforts; recommend security improvements, upgrades, and/or purchases.
* Create and maintain internal training materials and provide training to appropriate information systems staff; assist with propagating security awareness among employees.
* Working as part of a team, performing deep-dive incident analysis and determining if critical systems or data sets has been impacted.
* Coordinating the incident response of minor incidents by advising on remediation actions and escalating major incidents to the designated parties.
* Generating tailored reports of minor and major incidents.
* Recording lessons learnt and improving existing processes and procedures.
* Processing incident communications to include initial reporting, follow-ups, requests for information, and resolution activity.
* Providing support for new analytic methods for detecting threats.
* Continuously seeking to identify potential service and process improvements.
Experience Required
1. Have a strong IT technical background and experience working in a SOC environment.
2. Has functional knowledge of understanding and configuring open source toolsets. Examples are Splunk, Logstash, Redis, ElasticsSearch, and Kibana (ELK).
3. Has utilised toolsets for analysis such as but not limited to SIEMs (e.g. Splunk, ELK, LogRhythm, MacAfee, IBM QRadar, etc.), IDS/IPS (e.g. network- and host-based), NAC, FIM, DLP, vulnerability management tools, network monitoring tools, Cyber Security Case management (eg SNow), etc.
4. Functional knowledge of TCP/IP protocol suite, LAN/WAN technologies, switching, routing, VoIP and Telephony technologies, firewalls and VPN, intrusion prevention systems (IPS), vulnerability assessment and patch management tools.
5. Functional knowledge of UNIX, Linux, Apple and Windows technologies.
6. Functional knowledge of operating protocol analysers and analysing output.
7. Functional experience performing monitoring, analysis and recovery procedures or security technologies.
8. Functional experience performing deep-dive incident analysis by correlating data from various sources.
9. Experience of using Security Information and Event Management (SIEM) platforms, and Case Management tools.
10. Knowledge of targeted cyber attack analysis and response, and coordinating incident response processes.
11. Active CISSP, SSCP, SANS certifications, Security or equivalents
12. Knowledge of building and consuming RESTful web services.
13. Knowledge of JASON, Query String Query, and Python (or similar).
This vacancy is being advertised by Netforte Ltd. Netforte is a recruitment consultancy, the services advertised are those of an Employment Agency.
If your CV matches our clients requirements, we will forward your details to them to confirm your suitability. By applying for this role, you consent to the submission of your details for this purpose only.
Whilst we do our best to contact all candidates, due to the high number of applications we receive we cannot guarantee this for every role. If you have not heard anything from us within 7 days of applying - then unfortunately you have been unsuccessful
Sep 09, 2016
Job Title: Senior Cyber Security Analyst
* Working for Home Office
* The Maximum Pay Rate: £350 - £450
* Location: Salford and Southport
* Contract Length: 12 months (12/10/2016 to 26/10/2017)
* Security Clearance Level Required: SC
* Additional Info:Please note that one role will be based in Salford and there will be a second role based in Southport Please specify on you're Cover letter which location you want to be based at.
Description:
Main Duties and Responsibilities: Lead, supervise or directly manage a team of Digital Security Specialists; Lead on development of plans to safeguard computer files against accidental or unauthorised modification, destruction, or disclosure and to meet emergency data processing needs; Confer with users to discuss issues such as computer data access needs, security violations, and programming changes; Monitor current reports of computer viruses to determine when to update virus protection systems; Modify computer security files to incorporate new software, correct errors, or change individual access status; Coordinate implementation of computer system plan with establishment personnel and outside vendors; Train users and promote security awareness to ensure system security and to improve server and network efficiency.
Key tasks and deliverables:
As a Security Analyst, your role on the team will include leveraging your knowledge of industry best practices, good judgment and problem solving skills to execute security operations. Areas of concentration include firewalls, intrusion detection/prevention, encryption, antivirus, incident response, and security event management. Technologies of specific interest (desirable but not essential) include: Familiarity with Wireless NAC, ELK, and RSA Envision
In this position you will:
* Provide security monitoring for a growing environment; support incident responses and provide root cause analysis support for incidents.
* Provide Information Security Reporting and Metrics and provide input into improving information security reporting and metrics; identify/recommend improvements on internal investigation capabilities via tool building.
* Provide assistance in recovering from security breaches; participates in investigation and remediation of security incidents; establish configuration policies for security technologies.
* Review aggregated server logs, firewall logs, intrusion prevention logs, and network traffic for unusual or suspicious activity.
* Conduct research on emerging threats in support of security enhancement and development efforts; recommend security improvements, upgrades, and/or purchases.
* Create and maintain internal training materials and provide training to appropriate information systems staff; assist with propagating security awareness among employees.
* Working as part of a team, performing deep-dive incident analysis and determining if critical systems or data sets has been impacted.
* Coordinating the incident response of minor incidents by advising on remediation actions and escalating major incidents to the designated parties.
* Generating tailored reports of minor and major incidents.
* Recording lessons learnt and improving existing processes and procedures.
* Processing incident communications to include initial reporting, follow-ups, requests for information, and resolution activity.
* Providing support for new analytic methods for detecting threats.
* Continuously seeking to identify potential service and process improvements.
Experience Required
1. Have a strong IT technical background and experience working in a SOC environment.
2. Has functional knowledge of understanding and configuring open source toolsets. Examples are Splunk, Logstash, Redis, ElasticsSearch, and Kibana (ELK).
3. Has utilised toolsets for analysis such as but not limited to SIEMs (e.g. Splunk, ELK, LogRhythm, MacAfee, IBM QRadar, etc.), IDS/IPS (e.g. network- and host-based), NAC, FIM, DLP, vulnerability management tools, network monitoring tools, Cyber Security Case management (eg SNow), etc.
4. Functional knowledge of TCP/IP protocol suite, LAN/WAN technologies, switching, routing, VoIP and Telephony technologies, firewalls and VPN, intrusion prevention systems (IPS), vulnerability assessment and patch management tools.
5. Functional knowledge of UNIX, Linux, Apple and Windows technologies.
6. Functional knowledge of operating protocol analysers and analysing output.
7. Functional experience performing monitoring, analysis and recovery procedures or security technologies.
8. Functional experience performing deep-dive incident analysis by correlating data from various sources.
9. Experience of using Security Information and Event Management (SIEM) platforms, and Case Management tools.
10. Knowledge of targeted cyber attack analysis and response, and coordinating incident response processes.
11. Active CISSP, SSCP, SANS certifications, Security or equivalents
12. Knowledge of building and consuming RESTful web services.
13. Knowledge of JASON, Query String Query, and Python (or similar).
This vacancy is being advertised by Netforte Ltd. Netforte is a recruitment consultancy, the services advertised are those of an Employment Agency.
If your CV matches our clients requirements, we will forward your details to them to confirm your suitability. By applying for this role, you consent to the submission of your details for this purpose only.
Whilst we do our best to contact all candidates, due to the high number of applications we receive we cannot guarantee this for every role. If you have not heard anything from us within 7 days of applying - then unfortunately you have been unsuccessful