eDiscovery Manager Temporary Contract Location: London (hybrid) Initial day rate 6 months with potential to roll over for another 6 months or become a permanent role Sector: Global Law firm Managing multiple eDiscovery matters including day-to-day engagement with instructing team members, liaising with stakeholders; partners and associates of the firm. Advising and implementing best practices. The role will involve managing a wide variety of cases, will also mentor more junior team members. Responsibilities Working under the direction of the Managers and/or senior managers to identify and understand client needs, will include being responsible for: Processing data (in Relativity and/or Nuix) Moving data into Relativity Running searches across Relativity Creating review batches and coding layouts in Relativity Preparing productions and exports from Relativity Supporting legal review teams with their review workflows (including running threading, near de-duplication and CAL) Additional responsibilities include: Maintaining the integrity of data, including evidence handling, processing and data tracking. Liaising with other team members to ensure that correct solutions and processes are implemented at a cost effective level and work is delivered on time. Acting as the bridge between junior and senior team members. Proactively QCing junior team members work. Ensuring internal procedures around quality control are being followed at all times. Collaborating with managers and other personnel to design and implement defensible workflows as needed. Ensuring tasks undertaken are carried out professionally and adhere to the project guidelines (where relevant). Reporting on the progress of assigned tasks in a concise and timely way. Participating in post case reviews. Advising on eDiscovery processes and protocols, including communicating with Client Technology/Litigation Support representatives of clients. Maintaining financial hygiene to ensure time recording is always accurate and up to date. To the extent that problems arise, in consultation with the eDiscovery Managers, trouble-shooting problems and liaising with the software providers to resolve any issues. Working with the eDiscovery Managers and Senior Managers to develop maintain and continuously improve best practice eDiscovery processes. Assisting with the reporting, billing and other team administration tasks Qualifications, skills and experience Ideally Must have 4-5+ years' eDiscovery experience (law firm or service provider) Deep understanding and practical day-to-day use of eDiscovery technology, specifically Relativity and Nuix, including data processing, data ingestion, database setup, searching, production, threading, near de-duplication, clustering and active learning. Strong documentation and communication skills, including effective collaboration with case teams, eDiscovery team, and service providers. Experience working within a similar team at the required level. Expertise supporting document reviews and case work. Strong problem-solving skills, with a proactive approach to dealing with multiple projects to very strict deadlines. Able to manage and resolve problems effectively, dealing confidently and concisely with internal stakeholders. About Brimstone Consulting : We specialise in finding highly qualified staff in the following areas: Forensic Accounting & Fraud - (AML/CTF, Investigation, CFE's etc.); Legal and LegalTech (E-Discovery, Digital Forensics, EDRM); Big Data and Data Analytics - (MI/BI/CI); InfoSec and Cyber Crime; Audit; Accountancy and Finance; FinTech (Payments etc.); Risk - (Credit, Regulatory, Liquidity, Market, Analysts - SAS, SPSS etc.); Compliance/Corporate Governance; IT - (full SDLC- BA's PM's , Architects, Developers etc.) Brimstone Consulting acts as an employment agency (permanent) and as an employment business (temporary) - a free and confidential service to candidates. Brimstone Consulting is an equal opportunities employer. Due to time constraints we can only reply to applicants that match our clients' specifications. We may store applications in our cloud storage facilities that may include dropbox. end
May 21, 2024
Full time
eDiscovery Manager Temporary Contract Location: London (hybrid) Initial day rate 6 months with potential to roll over for another 6 months or become a permanent role Sector: Global Law firm Managing multiple eDiscovery matters including day-to-day engagement with instructing team members, liaising with stakeholders; partners and associates of the firm. Advising and implementing best practices. The role will involve managing a wide variety of cases, will also mentor more junior team members. Responsibilities Working under the direction of the Managers and/or senior managers to identify and understand client needs, will include being responsible for: Processing data (in Relativity and/or Nuix) Moving data into Relativity Running searches across Relativity Creating review batches and coding layouts in Relativity Preparing productions and exports from Relativity Supporting legal review teams with their review workflows (including running threading, near de-duplication and CAL) Additional responsibilities include: Maintaining the integrity of data, including evidence handling, processing and data tracking. Liaising with other team members to ensure that correct solutions and processes are implemented at a cost effective level and work is delivered on time. Acting as the bridge between junior and senior team members. Proactively QCing junior team members work. Ensuring internal procedures around quality control are being followed at all times. Collaborating with managers and other personnel to design and implement defensible workflows as needed. Ensuring tasks undertaken are carried out professionally and adhere to the project guidelines (where relevant). Reporting on the progress of assigned tasks in a concise and timely way. Participating in post case reviews. Advising on eDiscovery processes and protocols, including communicating with Client Technology/Litigation Support representatives of clients. Maintaining financial hygiene to ensure time recording is always accurate and up to date. To the extent that problems arise, in consultation with the eDiscovery Managers, trouble-shooting problems and liaising with the software providers to resolve any issues. Working with the eDiscovery Managers and Senior Managers to develop maintain and continuously improve best practice eDiscovery processes. Assisting with the reporting, billing and other team administration tasks Qualifications, skills and experience Ideally Must have 4-5+ years' eDiscovery experience (law firm or service provider) Deep understanding and practical day-to-day use of eDiscovery technology, specifically Relativity and Nuix, including data processing, data ingestion, database setup, searching, production, threading, near de-duplication, clustering and active learning. Strong documentation and communication skills, including effective collaboration with case teams, eDiscovery team, and service providers. Experience working within a similar team at the required level. Expertise supporting document reviews and case work. Strong problem-solving skills, with a proactive approach to dealing with multiple projects to very strict deadlines. Able to manage and resolve problems effectively, dealing confidently and concisely with internal stakeholders. About Brimstone Consulting : We specialise in finding highly qualified staff in the following areas: Forensic Accounting & Fraud - (AML/CTF, Investigation, CFE's etc.); Legal and LegalTech (E-Discovery, Digital Forensics, EDRM); Big Data and Data Analytics - (MI/BI/CI); InfoSec and Cyber Crime; Audit; Accountancy and Finance; FinTech (Payments etc.); Risk - (Credit, Regulatory, Liquidity, Market, Analysts - SAS, SPSS etc.); Compliance/Corporate Governance; IT - (full SDLC- BA's PM's , Architects, Developers etc.) Brimstone Consulting acts as an employment agency (permanent) and as an employment business (temporary) - a free and confidential service to candidates. Brimstone Consulting is an equal opportunities employer. Due to time constraints we can only reply to applicants that match our clients' specifications. We may store applications in our cloud storage facilities that may include dropbox. end
Principal Digital Forensic Investigator Based in Leicester Permanent opportunity £50,000 - £60,000 per annum DOE Benefits packaged included Please note this role requires you to gain Security Clearance Job Description Main Responsibilities Conduct forensically sound acquisitions, analysis and examinations of computer systems and mobile devices and associated media, either on-site or in the lab, ensuring continuity of all exhibits and maintaining integrity throughout. Secure and retrieve data from computer systems in accordance with ACPO guidelines, utilising proprietary and bespoke software, in order to preserve evidence gathered during the course of investigations. To record the details of analysis and investigations undertaken and maintain the confidentiality of this information. To liaise with other bodies or agencies as and when required. To ensure the work meets quality standards in providing a service to all clients; to report or escalate issues, as appropriate, to the Digital Forensics Manager. Assist with the maintenance of IS0 9001, ISO 27001, ISO 17025 and FSR Codes. Prepare detailed reports, statements and exhibits to a standard suitable for use in criminal or civil court in support of these investigations. To present evidence in court in a clear and comprehensive manner. To ensure that appropriate security and access control of forensic tools, systems and evidence is maintained at all times. To develop experience and detailed technical knowledge of current technology and the wide variety of tools and techniques used to assist in the acquisition and analysis of evidence and the identification and recovery of data. Attend seminars and classes for training in specialised forensic software applications, forensic analysis techniques and other specialised areas. To assist in the training and development of any investigator or technician, when required to do so. Conduct and assist on complex cases beyond the competency of junior investigators. Work with Digital Forensics Manager to determine the best forensic analysis strategy required. To maintain professional liaison and membership in professional organisations for cross-feed of technical information. Candidates will be required to travel on business from time to time. A valid passport will, therefore, be required and a full UK driving licence. Skills and Experience At least 7 years of experience in undertaking digital forensic analysis of computers and mobile devices for Criminal or Corporate cases. Educated to degree level or with equivalent work-related experience. You must have expert level with main stream forensic software and will ideally have undertaken training to expert level (at least) in one or all of the following, EnCase, FTK, X-Ways, NUIX, Magnet Axiom, Cellebrite UFED and MSAB XRY. Ability to communicate at all levels, adapting the style of communication to meet the needs of the audience. Ability to remain calm and controlled and maintain good performance within a mission-critical service area. Ability to effectively plan and coordinate projects. Excellent written and verbal communication skills. Ability to work in a multi-discipline team responsible for providing Forensic Services. Demonstrate a high level of accuracy and attention to detail. Ability to absorb, understand and apply new Forensic Science Regulatory requirements Demonstrate a flexible approach to work and a high level of self-motivation. Ability to exercise discretion and confidentiality. Possess excellent IT skills and demonstrate competency in a number of systems and applications.
May 18, 2024
Full time
Principal Digital Forensic Investigator Based in Leicester Permanent opportunity £50,000 - £60,000 per annum DOE Benefits packaged included Please note this role requires you to gain Security Clearance Job Description Main Responsibilities Conduct forensically sound acquisitions, analysis and examinations of computer systems and mobile devices and associated media, either on-site or in the lab, ensuring continuity of all exhibits and maintaining integrity throughout. Secure and retrieve data from computer systems in accordance with ACPO guidelines, utilising proprietary and bespoke software, in order to preserve evidence gathered during the course of investigations. To record the details of analysis and investigations undertaken and maintain the confidentiality of this information. To liaise with other bodies or agencies as and when required. To ensure the work meets quality standards in providing a service to all clients; to report or escalate issues, as appropriate, to the Digital Forensics Manager. Assist with the maintenance of IS0 9001, ISO 27001, ISO 17025 and FSR Codes. Prepare detailed reports, statements and exhibits to a standard suitable for use in criminal or civil court in support of these investigations. To present evidence in court in a clear and comprehensive manner. To ensure that appropriate security and access control of forensic tools, systems and evidence is maintained at all times. To develop experience and detailed technical knowledge of current technology and the wide variety of tools and techniques used to assist in the acquisition and analysis of evidence and the identification and recovery of data. Attend seminars and classes for training in specialised forensic software applications, forensic analysis techniques and other specialised areas. To assist in the training and development of any investigator or technician, when required to do so. Conduct and assist on complex cases beyond the competency of junior investigators. Work with Digital Forensics Manager to determine the best forensic analysis strategy required. To maintain professional liaison and membership in professional organisations for cross-feed of technical information. Candidates will be required to travel on business from time to time. A valid passport will, therefore, be required and a full UK driving licence. Skills and Experience At least 7 years of experience in undertaking digital forensic analysis of computers and mobile devices for Criminal or Corporate cases. Educated to degree level or with equivalent work-related experience. You must have expert level with main stream forensic software and will ideally have undertaken training to expert level (at least) in one or all of the following, EnCase, FTK, X-Ways, NUIX, Magnet Axiom, Cellebrite UFED and MSAB XRY. Ability to communicate at all levels, adapting the style of communication to meet the needs of the audience. Ability to remain calm and controlled and maintain good performance within a mission-critical service area. Ability to effectively plan and coordinate projects. Excellent written and verbal communication skills. Ability to work in a multi-discipline team responsible for providing Forensic Services. Demonstrate a high level of accuracy and attention to detail. Ability to absorb, understand and apply new Forensic Science Regulatory requirements Demonstrate a flexible approach to work and a high level of self-motivation. Ability to exercise discretion and confidentiality. Possess excellent IT skills and demonstrate competency in a number of systems and applications.
Fantastic opportunity to join a world leading and global organisation where you will join an extremely successful consulting practice. This is a hands-on and operational management role with opportunities to grow into service line leadership. The successful candidate is expected to manage a broad range of cyber-security incidents as well as and help advance my clients incident response processes and methodologies. Responsibilities Manage and co-ordinate cyber security incidents for their clients, working closely with the head of cyber response. Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them. In order to be a good match for this position you should have a strong background in cyber-security and incident response. For example: You should be able to guide a client through an unstructured incident response process (such as an advanced network intrusion) managing resources and defining objectives at each stage of the incident response process; scoping and triage, containment, evidence preservation and extraction, eradication, recovery, forensic analysis and investigation. A broad understanding of the cyber security threat landscape. Strong technical background in computers and networks, and programming skills. Significant and proven experience of dealing with cyber security incidents and associated response measures. Experience of managing a rapid deployment incident response team. Excellent interpersonal, written and communication skills. This is an opportunity to join a growing practice and work within a highly reputable and prestigious organsation.
May 17, 2024
Full time
Fantastic opportunity to join a world leading and global organisation where you will join an extremely successful consulting practice. This is a hands-on and operational management role with opportunities to grow into service line leadership. The successful candidate is expected to manage a broad range of cyber-security incidents as well as and help advance my clients incident response processes and methodologies. Responsibilities Manage and co-ordinate cyber security incidents for their clients, working closely with the head of cyber response. Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them. In order to be a good match for this position you should have a strong background in cyber-security and incident response. For example: You should be able to guide a client through an unstructured incident response process (such as an advanced network intrusion) managing resources and defining objectives at each stage of the incident response process; scoping and triage, containment, evidence preservation and extraction, eradication, recovery, forensic analysis and investigation. A broad understanding of the cyber security threat landscape. Strong technical background in computers and networks, and programming skills. Significant and proven experience of dealing with cyber security incidents and associated response measures. Experience of managing a rapid deployment incident response team. Excellent interpersonal, written and communication skills. This is an opportunity to join a growing practice and work within a highly reputable and prestigious organsation.
Digital Forensic Lab Manager (UK) Location: Home Counties South, United Kingdom Salary: Competitive, £45k-£55k based on experience plus unique uncapped bonus element The Role: Our client is currently seeking an experienced Digital Forensic Lab Manager to lead and manage their team of forensic analysts. As the Department Head, your role will involve leading the growth of the team and business initiatives. Your duties will include developing business growth for the lab, optimising analysis, and improving processes. You will also manage the Mobile Device Lab. The role demands continuous improvement of performance to guarantee maximum and effective use of resources with a customer-focused mindset. Mostly an office-based position it demands a dynamic individual ready to make a significant contribution. Benefits include a comprehensive pension scheme, health coverage, generous holiday allowance, social events, and additional advantages like employee discounts on various products. Responsibilities: Lead the team members to achieve their best performance. Assist with some HR tasks, monitor performance, and provide constructive feedback during reviews Drive the business expansion with the support of the Senior Management Team Ensure analysts accurately record time and project notes - to guarantee adherence to quality and policy requirements Effectively assign casework to analysts and utilise the Case Manager to proactively manage individual caseloads. Ensure efficiency, meeting deadlines, and monitoring cases Ensure customer satisfaction Manage all aspects of current ISO standards, ensuring processes and documentation are up-to-date and followed Actively collaborate with internal and external teams to enhance efficiency and meet customer requirements Create and maintain a safe, secure, and legally compliant work environment and create personal growth opportunities for staff Achieve results by communicating job expectations, planning, monitoring, appraising, coaching, counselling, and disciplining employees Develop, coordinate, and enforce policies, procedures, and productivity standards Essential Skills / Qualifications 5 years+ of experience in Digital Forensics (with at least two years as a Manager or team leader) Good understanding of current ACPO guidelines and Forensic Regulator requirements for ISO17025 Excellent planning and organisational skills Ability to expand and drive business models for Digital Forensics outsourcing teams Demonstrable leadership skills in monitoring, improving, and adapting a forensic team Desired: Diagnose issues & problems with digital devices and perform necessary work Degree level qualification (2:2 or above) BSc in IT, Computer Science or Digital Forensics Previous Law Enforcement experience or having worked for Law Enforcement in the Digital Forensics space is useful Additional Requirements: Minimum five years residency in the UK for security Ability to obtain SC clearance within six months of employment Driver's license (optional) About Brimstone Consulting : We specialise in finding highly qualified staff in the following areas: Forensic Accounting & Fraud - (AML/CTF, Investigation, CFE's etc.); Legal and LegalTech (E-Discovery, Digital Forensics, EDRM); Big Data and Data Analytics - (MI/BI/CI); InfoSec and Cyber Crime; Audit; Accountancy and Finance; FinTech (Payments etc.); Risk - (Credit, Regulatory, Liquidity, Market, Analysts-SAS, SPSS etc.); Compliance/Corporate Governance; IT - (full SDLC - BA's PM's, Architects, Developers etc.) Brimstone Consulting acts as an employment agency (permanent) and as an employment business (temporary) - a free and confidential service to candidates. Brimstone Consulting is an equal opportunities employer. Due to time constraints we can only reply to applicants that match our clients' specifications. We may store applications in our cloud storage facilities that may include dropbox. end
May 17, 2024
Full time
Digital Forensic Lab Manager (UK) Location: Home Counties South, United Kingdom Salary: Competitive, £45k-£55k based on experience plus unique uncapped bonus element The Role: Our client is currently seeking an experienced Digital Forensic Lab Manager to lead and manage their team of forensic analysts. As the Department Head, your role will involve leading the growth of the team and business initiatives. Your duties will include developing business growth for the lab, optimising analysis, and improving processes. You will also manage the Mobile Device Lab. The role demands continuous improvement of performance to guarantee maximum and effective use of resources with a customer-focused mindset. Mostly an office-based position it demands a dynamic individual ready to make a significant contribution. Benefits include a comprehensive pension scheme, health coverage, generous holiday allowance, social events, and additional advantages like employee discounts on various products. Responsibilities: Lead the team members to achieve their best performance. Assist with some HR tasks, monitor performance, and provide constructive feedback during reviews Drive the business expansion with the support of the Senior Management Team Ensure analysts accurately record time and project notes - to guarantee adherence to quality and policy requirements Effectively assign casework to analysts and utilise the Case Manager to proactively manage individual caseloads. Ensure efficiency, meeting deadlines, and monitoring cases Ensure customer satisfaction Manage all aspects of current ISO standards, ensuring processes and documentation are up-to-date and followed Actively collaborate with internal and external teams to enhance efficiency and meet customer requirements Create and maintain a safe, secure, and legally compliant work environment and create personal growth opportunities for staff Achieve results by communicating job expectations, planning, monitoring, appraising, coaching, counselling, and disciplining employees Develop, coordinate, and enforce policies, procedures, and productivity standards Essential Skills / Qualifications 5 years+ of experience in Digital Forensics (with at least two years as a Manager or team leader) Good understanding of current ACPO guidelines and Forensic Regulator requirements for ISO17025 Excellent planning and organisational skills Ability to expand and drive business models for Digital Forensics outsourcing teams Demonstrable leadership skills in monitoring, improving, and adapting a forensic team Desired: Diagnose issues & problems with digital devices and perform necessary work Degree level qualification (2:2 or above) BSc in IT, Computer Science or Digital Forensics Previous Law Enforcement experience or having worked for Law Enforcement in the Digital Forensics space is useful Additional Requirements: Minimum five years residency in the UK for security Ability to obtain SC clearance within six months of employment Driver's license (optional) About Brimstone Consulting : We specialise in finding highly qualified staff in the following areas: Forensic Accounting & Fraud - (AML/CTF, Investigation, CFE's etc.); Legal and LegalTech (E-Discovery, Digital Forensics, EDRM); Big Data and Data Analytics - (MI/BI/CI); InfoSec and Cyber Crime; Audit; Accountancy and Finance; FinTech (Payments etc.); Risk - (Credit, Regulatory, Liquidity, Market, Analysts-SAS, SPSS etc.); Compliance/Corporate Governance; IT - (full SDLC - BA's PM's, Architects, Developers etc.) Brimstone Consulting acts as an employment agency (permanent) and as an employment business (temporary) - a free and confidential service to candidates. Brimstone Consulting is an equal opportunities employer. Due to time constraints we can only reply to applicants that match our clients' specifications. We may store applications in our cloud storage facilities that may include dropbox. end
Manager, Digital Forensics & Incident Response (DFIR) Are you a Cyber Security professional with experience in Digital Forensic and Incident response? Are you looking for tremendous exposure to a wide range of different cases and technologies, to be recognised for your accomplishments, while making a real impact? If yes, we would love to hear from you! Aon are recruiting for a Manager - DFIR to join our team. This is a hybrid role, meaning the flexibility to work from home and in our London office. If this sounds like you, but perhaps the commute is too far- please still get in touch! Aon is in the business of better decisions At Aon, we shape decisions for the better to protect and enrich the lives of people around the world. As an organisation, we are united through trust as one inclusive, diverse team, and we are passionate about helping our colleagues and clients succeed. What the day will look like As Manager, you are expected to bring extensive experience in the cybersecurity industry to bear on your casework. You will work at the direction of a Director or Managing Director in the unit to scope, coordinate, and provide peerless service on client cases which might require analysis of any technology used today: mobile devices, laptops and workstations, servers, networking switches, IoT devices, or cloud-based accounts and infrastructure. You will be expected to perform daily tasks associated with cyber breach response and investigations. As Manager, you are responsible for augmenting and strengthening your personal DFIR skill set, as well as helping develop the skills of the entire DFIR team. Support the most complex forensic analyses handled by the firm. Investigate network intrusions and other cybersecurity incidents to determine the cause and extent of the breach. Includes ability to perform host-based and network-based analysis across all major operating systems and network device platforms. Preserve, harvest and analyse data from electronic data sources, including laptop and desktop computers, servers, and mobile devices. Produce high-quality oral and written work product, presenting complex technical matters clearly and concisely. Form and articulate expert opinions based on analysis. Possess the experience, credibility, and integrity to perform as an expert witness. Consult with and take direction from supervisors, engagement managers, and clients regarding case investigation and status. Support the mentorship and technical development of junior Digital Forensics staff. Investigate instances of malicious code and documents to determine attack vectors and payloads. Develop and refine policies and procedures for forensic and malware analyses. Research, develop, and recommend hardware and software needed for incident response and help develop and maintain policies and procedures to analyse digital evidence. Participate in technical meetings and working groups to address issues related to cybersecurity and incident preparedness and ability to create targeted remediation plans for clients who have been compromised. How this opportunity is different We are the only team in the market that has the scope and breadth of services to offer clients in any area of the cyber life cycle. If you want to work on some of the highest profile and complex cases out there, we are that first responder. With teams in our state of the art DFIR labs, as well as virtual, your work will vary from day to day responding to breaches, nation state attacks, ransomware, just to name a few. The team works closely together to ensure learning, growth and career development. And we invest in you, in the form of mentorship and training budgets to attend security training and conferences. Skills and experience that will lead to success Digital forensics / incident response certification(s) such as SANS certifications (GCFA, GCIH etc), CREST certifications (CPIA, CRIA etc.), or equivalent. Deep experience with most common operating systems (Windows, macOS, Linux, iOS, Android) and their file systems (ext3/4, HFS+, APFS, NTFS, exFAT, etc.). Proficiency with industry-standard DFIR toolsets, such as X-Ways, EnCase, Axiom, Cellebrite, FTK and Volatility. Proficiency with database querying and analysis. Experience with cloud infrastructures for the enterprise, such as Amazon Web Services, G Suite, Office 365, and Azure. Experience with conducting log analysis of large datasets. Experience with command line tools (grep, sed, awk, python, and other programming languages. Familiarity with computer system hardware and software installation and troubleshooting. Well-developed analytic, qualitative, and quantitative reasoning skills and demonstrated creative problem-solving abilities. Proficiency with MS Office Applications, and familiarity with Windows, Macintosh and Linux operating systems. Preferred Experience Strong work ethic and motivation, with a demonstrated history of ability to lead a team and develop talent. Even stronger analytic, quantitative, and creative problem-solving abilities.Interest in building intellectual capital for the firm by writing blogs and creating internal tools for analysis.Ability to anticipate and respond to changing priorities and operate effectively in a dynamic, demand-based environment, requiring flexibility and responsiveness to client matters and needs.Strong verbal and written communication skills.Must be able to work collaboratively across departments and physical locations.Participation in technical meetings and working groups to address issues related to malware security, vulnerabilities, and issues of cybersecurity and preparedness.A high level of professionalism in all areas of performance.A constantly developed DFIR skill set, and proficiency with industry standard tools and practices, through outside training and research.Comfort with interm
May 17, 2024
Full time
Manager, Digital Forensics & Incident Response (DFIR) Are you a Cyber Security professional with experience in Digital Forensic and Incident response? Are you looking for tremendous exposure to a wide range of different cases and technologies, to be recognised for your accomplishments, while making a real impact? If yes, we would love to hear from you! Aon are recruiting for a Manager - DFIR to join our team. This is a hybrid role, meaning the flexibility to work from home and in our London office. If this sounds like you, but perhaps the commute is too far- please still get in touch! Aon is in the business of better decisions At Aon, we shape decisions for the better to protect and enrich the lives of people around the world. As an organisation, we are united through trust as one inclusive, diverse team, and we are passionate about helping our colleagues and clients succeed. What the day will look like As Manager, you are expected to bring extensive experience in the cybersecurity industry to bear on your casework. You will work at the direction of a Director or Managing Director in the unit to scope, coordinate, and provide peerless service on client cases which might require analysis of any technology used today: mobile devices, laptops and workstations, servers, networking switches, IoT devices, or cloud-based accounts and infrastructure. You will be expected to perform daily tasks associated with cyber breach response and investigations. As Manager, you are responsible for augmenting and strengthening your personal DFIR skill set, as well as helping develop the skills of the entire DFIR team. Support the most complex forensic analyses handled by the firm. Investigate network intrusions and other cybersecurity incidents to determine the cause and extent of the breach. Includes ability to perform host-based and network-based analysis across all major operating systems and network device platforms. Preserve, harvest and analyse data from electronic data sources, including laptop and desktop computers, servers, and mobile devices. Produce high-quality oral and written work product, presenting complex technical matters clearly and concisely. Form and articulate expert opinions based on analysis. Possess the experience, credibility, and integrity to perform as an expert witness. Consult with and take direction from supervisors, engagement managers, and clients regarding case investigation and status. Support the mentorship and technical development of junior Digital Forensics staff. Investigate instances of malicious code and documents to determine attack vectors and payloads. Develop and refine policies and procedures for forensic and malware analyses. Research, develop, and recommend hardware and software needed for incident response and help develop and maintain policies and procedures to analyse digital evidence. Participate in technical meetings and working groups to address issues related to cybersecurity and incident preparedness and ability to create targeted remediation plans for clients who have been compromised. How this opportunity is different We are the only team in the market that has the scope and breadth of services to offer clients in any area of the cyber life cycle. If you want to work on some of the highest profile and complex cases out there, we are that first responder. With teams in our state of the art DFIR labs, as well as virtual, your work will vary from day to day responding to breaches, nation state attacks, ransomware, just to name a few. The team works closely together to ensure learning, growth and career development. And we invest in you, in the form of mentorship and training budgets to attend security training and conferences. Skills and experience that will lead to success Digital forensics / incident response certification(s) such as SANS certifications (GCFA, GCIH etc), CREST certifications (CPIA, CRIA etc.), or equivalent. Deep experience with most common operating systems (Windows, macOS, Linux, iOS, Android) and their file systems (ext3/4, HFS+, APFS, NTFS, exFAT, etc.). Proficiency with industry-standard DFIR toolsets, such as X-Ways, EnCase, Axiom, Cellebrite, FTK and Volatility. Proficiency with database querying and analysis. Experience with cloud infrastructures for the enterprise, such as Amazon Web Services, G Suite, Office 365, and Azure. Experience with conducting log analysis of large datasets. Experience with command line tools (grep, sed, awk, python, and other programming languages. Familiarity with computer system hardware and software installation and troubleshooting. Well-developed analytic, qualitative, and quantitative reasoning skills and demonstrated creative problem-solving abilities. Proficiency with MS Office Applications, and familiarity with Windows, Macintosh and Linux operating systems. Preferred Experience Strong work ethic and motivation, with a demonstrated history of ability to lead a team and develop talent. Even stronger analytic, quantitative, and creative problem-solving abilities.Interest in building intellectual capital for the firm by writing blogs and creating internal tools for analysis.Ability to anticipate and respond to changing priorities and operate effectively in a dynamic, demand-based environment, requiring flexibility and responsiveness to client matters and needs.Strong verbal and written communication skills.Must be able to work collaboratively across departments and physical locations.Participation in technical meetings and working groups to address issues related to malware security, vulnerabilities, and issues of cybersecurity and preparedness.A high level of professionalism in all areas of performance.A constantly developed DFIR skill set, and proficiency with industry standard tools and practices, through outside training and research.Comfort with interm
Infrastructure Security Engineer - 12 Month Contract - 450/day Outside IR35. London based Insurance company are recruiting for security engineers to join the team foe an initial 12 month contract OUTSIDE IR35. Taking responsibility for leading, guiding, supporting and delivering secure architectural design for the group cyber security maturity programme. Identify areas of cyber security improvement to ensure cyber security and data security by design controls are adopted globally as outlines in the Howden Security and Configuration Standards Document (HSCSD) Support Data Loss Prevention (DLP) solutions that protect corporate data seamlessly across platforms, devices and environments globally. Support the integration of new cyber security technologies that meets the next generation threats and can be adopted by the group globally. You will be required to travel to the local sites, data centre or multiple offices location in order to complete your tasks for off the network countries. Support global cyber security team to ensure open Continuous Security Improvement Programme (CSIP's) are managed effectively up to closure. Firewall management Web Proxy management and CASB. Anti-Virus/Malware management Standard, third party and privilege access user management Remediation of external, internal vulnerabilities, web application scanning and patch compliance. Representing IT security at the Change Authority Board, Architecture Review Board and Data Privacy Working Group. Managing the security, RFC, ERFC and DDQ's queue in ServiceNow (dealing with suspicious emails, phishing, proxy and access request etc.) Monitoring and managing responses to the Cyber incidents, Security DL (which is mainly the above suspicious emails). Organise monthly Security Operations Meeting, Application and Information Security Forum All activities and findings must be recorded and stored as this will be used as evidence during COBIT 5, PCI DSS and Security review, internal and external audits. Required Skills Good knowledge of Information Security Management System (Infrastructure Security Operations). Good knowledge of Azure cloud infrastructure and configuration. Good knowledge in System Centre Configuration Manager, Operations Manager and Virtual Machine Manager. Good knowledge of Microsoft Exchange online Good knowledge of Azure and on-premises Active Directory Good knowledge of Cyber Incident Management and or Security Forensic experience. Good knowledge of Windows Server and Linux Good knowledge in network (WAN, Wi-Fi) and Network Access Control (NAC) management Good knowledge in cloud email security gateway services Good knowledge server hardware including and CIS controls. Good knowledge of security monitoring, orchestrator and SEIM tools Good Knowledge of next-gen application firewalls, anti-malware, cloud proxies and CASB Required Experience Experience in Azure cloud and identity management solutions. Specific focus on network equipment. Palo Alto Firewall, Imperva WAF and NAC experience Netskope proxy and CASB experience Microsoft Defender and Crowdstrike experience Azure Entra ID and DUO SSO & MFA gateway Data loss prevention tools experience Azure security centre and Wiz io experience Cymulate and Ping Castel experience SCCM or enterprise patch management tools TenableOne or enterprise vulnerability management tools Sound knowledge of industry best practices such as OWASP, Cyber security framework and NCSC guidance Security legislation and regulatory frameworks exposure and awareness FCA or equivalent GDPR - General Data Protection Regulation PCI DSS - Payment Card Industry Data Security Standard COBIT 5 - Control Objectives for Information and related Technology ISO 27001 - Information Security Management System (ISMS) CIS - Center of Internet Security (Cyber security best Practices) Infrastructure Security Engineer - 12 Month Contract - 450/day Outside IR35.
May 17, 2024
Full time
Infrastructure Security Engineer - 12 Month Contract - 450/day Outside IR35. London based Insurance company are recruiting for security engineers to join the team foe an initial 12 month contract OUTSIDE IR35. Taking responsibility for leading, guiding, supporting and delivering secure architectural design for the group cyber security maturity programme. Identify areas of cyber security improvement to ensure cyber security and data security by design controls are adopted globally as outlines in the Howden Security and Configuration Standards Document (HSCSD) Support Data Loss Prevention (DLP) solutions that protect corporate data seamlessly across platforms, devices and environments globally. Support the integration of new cyber security technologies that meets the next generation threats and can be adopted by the group globally. You will be required to travel to the local sites, data centre or multiple offices location in order to complete your tasks for off the network countries. Support global cyber security team to ensure open Continuous Security Improvement Programme (CSIP's) are managed effectively up to closure. Firewall management Web Proxy management and CASB. Anti-Virus/Malware management Standard, third party and privilege access user management Remediation of external, internal vulnerabilities, web application scanning and patch compliance. Representing IT security at the Change Authority Board, Architecture Review Board and Data Privacy Working Group. Managing the security, RFC, ERFC and DDQ's queue in ServiceNow (dealing with suspicious emails, phishing, proxy and access request etc.) Monitoring and managing responses to the Cyber incidents, Security DL (which is mainly the above suspicious emails). Organise monthly Security Operations Meeting, Application and Information Security Forum All activities and findings must be recorded and stored as this will be used as evidence during COBIT 5, PCI DSS and Security review, internal and external audits. Required Skills Good knowledge of Information Security Management System (Infrastructure Security Operations). Good knowledge of Azure cloud infrastructure and configuration. Good knowledge in System Centre Configuration Manager, Operations Manager and Virtual Machine Manager. Good knowledge of Microsoft Exchange online Good knowledge of Azure and on-premises Active Directory Good knowledge of Cyber Incident Management and or Security Forensic experience. Good knowledge of Windows Server and Linux Good knowledge in network (WAN, Wi-Fi) and Network Access Control (NAC) management Good knowledge in cloud email security gateway services Good knowledge server hardware including and CIS controls. Good knowledge of security monitoring, orchestrator and SEIM tools Good Knowledge of next-gen application firewalls, anti-malware, cloud proxies and CASB Required Experience Experience in Azure cloud and identity management solutions. Specific focus on network equipment. Palo Alto Firewall, Imperva WAF and NAC experience Netskope proxy and CASB experience Microsoft Defender and Crowdstrike experience Azure Entra ID and DUO SSO & MFA gateway Data loss prevention tools experience Azure security centre and Wiz io experience Cymulate and Ping Castel experience SCCM or enterprise patch management tools TenableOne or enterprise vulnerability management tools Sound knowledge of industry best practices such as OWASP, Cyber security framework and NCSC guidance Security legislation and regulatory frameworks exposure and awareness FCA or equivalent GDPR - General Data Protection Regulation PCI DSS - Payment Card Industry Data Security Standard COBIT 5 - Control Objectives for Information and related Technology ISO 27001 - Information Security Management System (ISMS) CIS - Center of Internet Security (Cyber security best Practices) Infrastructure Security Engineer - 12 Month Contract - 450/day Outside IR35.
Fantastic opportunity to join a world leading and global organisation where you will join an extremely successful consulting practice. This is a hands-on and operational management role with opportunities to grow into service line leadership. The successful candidate is expected to manage a broad range of cyber-security incidents as well as and help advance my clients incident response processes and methodologies. Responsibilities Manage and co-ordinate cyber security incidents for their clients, working closely with the head of cyber response. Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them. In order to be a good match for this position you should have a strong background in cyber-security and incident response. For example: You should be able to guide a client through an unstructured incident response process (such as an advanced network intrusion) managing resources and defining objectives at each stage of the incident response process; scoping and triage, containment, evidence preservation and extraction, eradication, recovery, forensic analysis and investigation. A broad understanding of the cyber security threat landscape. Strong technical background in computers and networks, and programming skills. Significant and proven experience of dealing with cyber security incidents and associated response measures. Experience of managing a rapid deployment incident response team. Excellent interpersonal, written and communication skills. This is an opportunity to join a growing practice and work within a highly reputable and prestigious organsation.
May 17, 2024
Full time
Fantastic opportunity to join a world leading and global organisation where you will join an extremely successful consulting practice. This is a hands-on and operational management role with opportunities to grow into service line leadership. The successful candidate is expected to manage a broad range of cyber-security incidents as well as and help advance my clients incident response processes and methodologies. Responsibilities Manage and co-ordinate cyber security incidents for their clients, working closely with the head of cyber response. Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them. In order to be a good match for this position you should have a strong background in cyber-security and incident response. For example: You should be able to guide a client through an unstructured incident response process (such as an advanced network intrusion) managing resources and defining objectives at each stage of the incident response process; scoping and triage, containment, evidence preservation and extraction, eradication, recovery, forensic analysis and investigation. A broad understanding of the cyber security threat landscape. Strong technical background in computers and networks, and programming skills. Significant and proven experience of dealing with cyber security incidents and associated response measures. Experience of managing a rapid deployment incident response team. Excellent interpersonal, written and communication skills. This is an opportunity to join a growing practice and work within a highly reputable and prestigious organsation.
Title: Cyber Security Team Lead Location: Leeds - Hybrid Salary: Up to 80,000 Reports: 3 direct experienced reports and a graduate Requirements: Azure Security experience - Designing and implemting solutions Our client is currently seeking a Cyber Security Team Lead to join their security function in a newly created role. As a Cyber Security Team Leader, you will play a vital role in maintaining the integrity and availability of our clients' data, while providing leadership and support to the Cyber Security Team. Purpose of the Role The primary responsibility of the Cyber Security Team Lead is to provide leadership in maintaining the integrity and availability of our client's data and serve as the interface for cyber security throughout the IT Department. You will be responsible for ensuring a secure infrastructure for the company's data and customers by utilising your leadership skills, analytical capabilities, and advanced knowledge in cyber security. Key Responsibilities Responsible for the day-to-day management of the Cyber Security Team, including defining and managing rotas, proactive quality review of team activities, and adherence to processes and procedures. Confidently deputise for the Cyber Security Manager when required. Create and manage the Security cloud migration process, identifying and resolving gaps through experience. Actively manage complaints and escalations, proactively identifying and resolving issues before they become complaints/escalations. Develop, manage, and maintain the security of the firm's IT services, including patching, resolving vulnerabilities, and system hardening. Create and update security support documentation, including processes and procedures. Collaborate with the IT Department in implementing and maintaining security measures across the infrastructure. Act as the escalation point for security incidents, ensuring prompt incident management and response. Manage forensic investigations and reporting, engaging third-party specialists when required.s. Key Requirements Proven track record in leading a technical security team. Demonstrated experience in planning, developing, and implementing Azure security technologies. Familiarity with security technologies such as SIEM, firewalls, intrusion detection/prevention systems, antivirus software, authentication systems, and log management. Strong knowledge of security approaches, including risk analysis, attack vectors, cryptography, and cyber security incident response best practices. If the above role sounds like the right step in your career then please get in touch for some more information.
May 17, 2024
Full time
Title: Cyber Security Team Lead Location: Leeds - Hybrid Salary: Up to 80,000 Reports: 3 direct experienced reports and a graduate Requirements: Azure Security experience - Designing and implemting solutions Our client is currently seeking a Cyber Security Team Lead to join their security function in a newly created role. As a Cyber Security Team Leader, you will play a vital role in maintaining the integrity and availability of our clients' data, while providing leadership and support to the Cyber Security Team. Purpose of the Role The primary responsibility of the Cyber Security Team Lead is to provide leadership in maintaining the integrity and availability of our client's data and serve as the interface for cyber security throughout the IT Department. You will be responsible for ensuring a secure infrastructure for the company's data and customers by utilising your leadership skills, analytical capabilities, and advanced knowledge in cyber security. Key Responsibilities Responsible for the day-to-day management of the Cyber Security Team, including defining and managing rotas, proactive quality review of team activities, and adherence to processes and procedures. Confidently deputise for the Cyber Security Manager when required. Create and manage the Security cloud migration process, identifying and resolving gaps through experience. Actively manage complaints and escalations, proactively identifying and resolving issues before they become complaints/escalations. Develop, manage, and maintain the security of the firm's IT services, including patching, resolving vulnerabilities, and system hardening. Create and update security support documentation, including processes and procedures. Collaborate with the IT Department in implementing and maintaining security measures across the infrastructure. Act as the escalation point for security incidents, ensuring prompt incident management and response. Manage forensic investigations and reporting, engaging third-party specialists when required.s. Key Requirements Proven track record in leading a technical security team. Demonstrated experience in planning, developing, and implementing Azure security technologies. Familiarity with security technologies such as SIEM, firewalls, intrusion detection/prevention systems, antivirus software, authentication systems, and log management. Strong knowledge of security approaches, including risk analysis, attack vectors, cryptography, and cyber security incident response best practices. If the above role sounds like the right step in your career then please get in touch for some more information.
Technical Solutions Architect - SaaS, Software, Agile, C# A new opportunity to join a global software and systems company and work on multi-product systems design and product architecture. This award winning company operate in the UK and US markets, providing state of the art solutions across digital forensics. This is a very exciting time for the business as they progress on their transformation to cloud services and integration with AI and future technologies. A NASDAQ listed company with a very exciting future. This is a company with employee well-being at front and centre of business operations. Flexible working, supportive management and ample opportunity for career development is a staple of life at this company. If you are an experienced Solutions Architect, Technical Architect, Software Architect or similar, we would love to hear from you. Skills / Experience Proven track record of breaking down complex market requirements into secure, scalable and resilient system designs. Experience working with Product Managers and Product Owners to define achievable product features. Experience of work in an Agile Development Environment. Experienced with producing high level systems designs across multiple products with multi-functional assets. Experience in writing Technical Systems / Solutions Documentation Experience interacting with global teams and managing team resources. Experience providing solutions hosted in Microsoft Azure and/or multi tenanted cloud services. Experience of managing large data stores. Ability to prototype in a modern programming language C#, JavaScript, PowerShell or similar. Understanding of the principles of network security, authentication and authorization. Working practices of the role: The position is located between Southampton and Fareham in Hampshire. The position offers hybrid working, onsite 2 days a week as a minimum. They offer flexible working hours, competitive salary and a generous bonus, pension and benefits. To apply, please send your CV and any covering information to (url removed) Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy.
May 15, 2024
Full time
Technical Solutions Architect - SaaS, Software, Agile, C# A new opportunity to join a global software and systems company and work on multi-product systems design and product architecture. This award winning company operate in the UK and US markets, providing state of the art solutions across digital forensics. This is a very exciting time for the business as they progress on their transformation to cloud services and integration with AI and future technologies. A NASDAQ listed company with a very exciting future. This is a company with employee well-being at front and centre of business operations. Flexible working, supportive management and ample opportunity for career development is a staple of life at this company. If you are an experienced Solutions Architect, Technical Architect, Software Architect or similar, we would love to hear from you. Skills / Experience Proven track record of breaking down complex market requirements into secure, scalable and resilient system designs. Experience working with Product Managers and Product Owners to define achievable product features. Experience of work in an Agile Development Environment. Experienced with producing high level systems designs across multiple products with multi-functional assets. Experience in writing Technical Systems / Solutions Documentation Experience interacting with global teams and managing team resources. Experience providing solutions hosted in Microsoft Azure and/or multi tenanted cloud services. Experience of managing large data stores. Ability to prototype in a modern programming language C#, JavaScript, PowerShell or similar. Understanding of the principles of network security, authentication and authorization. Working practices of the role: The position is located between Southampton and Fareham in Hampshire. The position offers hybrid working, onsite 2 days a week as a minimum. They offer flexible working hours, competitive salary and a generous bonus, pension and benefits. To apply, please send your CV and any covering information to (url removed) Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy.
eDiscovery Manager London (we have roles in other UK locations and Germany, and also a fixed-term contract in Zurich, Switzerland) Our clients are actively looking to increase their eDiscovery teams at AM and Manager levels in particular. This role is with a leading diverse Consultant in one of their practice areas. We have other roles in law firms and boutiques. Role duties Preparing data for processing, including staging, logging and quality control checks Processing data using specialist software tools, and review exceptions Respond to client requests and queries, escalate as required Proactively carry out project support and administrative Produce document disclosures as per required specifications Quality Control work of colleagues, such as complex searches in Relativity, document disclosure etc. Communicate with clients and senior team members on a regular basis Research new software tools, techniques and workflow to improve the processing and review function Take an active role in building client relationships both internally and externally Requirements Significant experience of working in eDiscovery and with Relativity Follow directions and understand often complex policies and procedures Ability to work under pressure and maintain quality of detailed work, meet often competing and hard deadlines Ability to perform repetitive tasks in an accurately and consistent manner Desire to learn as well as share knowledge (training will be provided as required) Able to work independently with minimal supervision and as part of a wider team environment Ability to articulate technical information clearly, to non-technical stakeholders Efficient and effective time management and organisation skills Essential MS Office skills (Word, Excel, PowerPoint, etc.) Beneficial Additional Experience An understanding of the EDRM, forensic procedures and best practices Understanding of transactional and relational databases (e.g. SQL, mySQL) Experience of any other hosted document review technologies (e.g. Nuix, Recommind, Clearwell etc.) About Brimstone Consulting : We specialise in finding highly qualified staff in the following areas:Legal and LegalTech (E-Discovery, Digital Forensics, EDRM); Big Data and Data Analytics - (MI/BI/CI); InfoSec and Cyber Crime; Audit; Accountancy and Finance; FinTech (Payments etc.); Fraud - (AML/CTF, Investigation, CFE's etc.); Risk - (Credit, Regulatory, Liquidity, Market, Analysts-SAS, SPSS etc.); Compliance/Corporate Governance; IT - (full SDLC- BA's PM's , Architects, Developers etc.); • Brimstone Consulting acts as an employment agency (permanent) and as an employment business (temporary) - a free and confidential service to candidates. Brimstone Consulting is an equal opportunities employer. Due to time constraints we can only reply to applicants that match our clients' specifications. Unless requested otherwise on application CV's are retained for future possible opportunities that match requirements and may be held in the cloud (including US cloud providers).
May 15, 2024
Full time
eDiscovery Manager London (we have roles in other UK locations and Germany, and also a fixed-term contract in Zurich, Switzerland) Our clients are actively looking to increase their eDiscovery teams at AM and Manager levels in particular. This role is with a leading diverse Consultant in one of their practice areas. We have other roles in law firms and boutiques. Role duties Preparing data for processing, including staging, logging and quality control checks Processing data using specialist software tools, and review exceptions Respond to client requests and queries, escalate as required Proactively carry out project support and administrative Produce document disclosures as per required specifications Quality Control work of colleagues, such as complex searches in Relativity, document disclosure etc. Communicate with clients and senior team members on a regular basis Research new software tools, techniques and workflow to improve the processing and review function Take an active role in building client relationships both internally and externally Requirements Significant experience of working in eDiscovery and with Relativity Follow directions and understand often complex policies and procedures Ability to work under pressure and maintain quality of detailed work, meet often competing and hard deadlines Ability to perform repetitive tasks in an accurately and consistent manner Desire to learn as well as share knowledge (training will be provided as required) Able to work independently with minimal supervision and as part of a wider team environment Ability to articulate technical information clearly, to non-technical stakeholders Efficient and effective time management and organisation skills Essential MS Office skills (Word, Excel, PowerPoint, etc.) Beneficial Additional Experience An understanding of the EDRM, forensic procedures and best practices Understanding of transactional and relational databases (e.g. SQL, mySQL) Experience of any other hosted document review technologies (e.g. Nuix, Recommind, Clearwell etc.) About Brimstone Consulting : We specialise in finding highly qualified staff in the following areas:Legal and LegalTech (E-Discovery, Digital Forensics, EDRM); Big Data and Data Analytics - (MI/BI/CI); InfoSec and Cyber Crime; Audit; Accountancy and Finance; FinTech (Payments etc.); Fraud - (AML/CTF, Investigation, CFE's etc.); Risk - (Credit, Regulatory, Liquidity, Market, Analysts-SAS, SPSS etc.); Compliance/Corporate Governance; IT - (full SDLC- BA's PM's , Architects, Developers etc.); • Brimstone Consulting acts as an employment agency (permanent) and as an employment business (temporary) - a free and confidential service to candidates. Brimstone Consulting is an equal opportunities employer. Due to time constraints we can only reply to applicants that match our clients' specifications. Unless requested otherwise on application CV's are retained for future possible opportunities that match requirements and may be held in the cloud (including US cloud providers).
Malware Reverse Engineer Location: Remote working - Office based in Reading Salary: Competitive Salary and Benefits Career Level : Specialist, Associate Manager or Manager About Accenture Cyber Threat Intelligence (ACTI) ACTI is a global team that spans 13 countries and 4 continents and speaks more than 30 languages. We are passionate about delivering intelligence analysis, and providing industry-leading analytic insights, cyber context, and critical services our clients need to achieve their business-line and strategic-growth initiatives. We know success is only possible by developing and supporting our most-critical resources: our talented analysts, developers, and supporting team members. We value creativity and entrepreneurship in our team; where possible, we back staff initiatives with opportunities and investments. We enjoy the hunt. We strive to automate and innovate while working with powerful resources and differentiated data. Above all else, we value an egoless approach to guiding our clients as they navigate their businesses through all aspects of the cyber domain. Who You Are You are passionate about cybersecurity and intelligence analysis. You stay abreast of the latest threats, recognize the value of intelligence, and believe it should drive operations. You are a devoted team member who is always willing to lend a hand, mentor a colleague, or increase our global team's awareness by sharing your knowledge and approaches with others. You are productive, easy to work with, and understand that adherence to a good process is key to excellence. Role Description As a Malware Reverse Engineer at ACTI, you will reverse engineer and analyze malware to evaluate sophisticated malicious code to settle malware capabilities and purposes. Analysis includes the use of specialized systems and tools, including dissemblers, debuggers, hex editors, unpackers, virtual machines, and those for network traffic analysis. Key Responsibilities Analyze malicious events and campaigns to determine attack vectors and retrieve malware payloads. Reverse engineer files suspected or known to belong to identified malware families to determine their command-and-control (C2) infrastructure and targeting. Incorporate analysis results into detailed reporting to include purpose, behavior, C2 server infrastructure, and mitigation techniques related to analyzed malware families, malicious campaigns, and events. Track prevailing malware families, including downloaders, banking Trojans, information stealers, ransomware, and remote access Trojans. Reverse engineer recently discovered malware variants to check potential feature augmentation or configuration structure changes. Improve existing tools that extract known malware family configurations based on reverse engineering results. Research the latest malware detection evasion techniques, such as use of customized packers, customized crypters, fully undetectable (FUD) techniques, host intrusion prevention system (HIPS) bypassing, and anti-virus (AV) software bypassing. Based on research, design and develop generic unpacking methods and tools for use as standalone tools or within automated analysis systems and sandboxes. Provide customer support by responding to requests related to suspicious file analysis that sometimes require malware reverse engineering and determination of contextual information surrounding indicators of compromise; do so by providing detailed analysis reports and mitigation recommendations. Provide customer support by responding to cybersecurity requests, including those for: open-source intelligence (OSINT) research; domain, IP address, or URL analysis; malicious campaign information; and/or event attribution. Provide answers to specific questions, the answers of which clients use for operational mentorship to aid their strategies. Design, develop, and implement Windows kernel modules to support automated malware analysis; such modules include kernel system service filtering modules able to intercept operating system services on 32-bit and 64-bit Windows operating systems without triggering those systems' self-protection mechanisms, and kernel-mode modules able to force designated processes to load specific modules that load decoders designed for extracting malware configurations. Design, develop, and implement generic unpackers that combat widely used malware packing methods to retrieve malicious payloads from packed malware samples automatically. Create detection rules and signatures for detecting malware families, and provide detection or blocking recommendations. Develop decoders to extract malware configurations-including basic C2 settings or secondary dynamic configurations, such as those outlining targeted institutions and web injects-based on reverse engineering results. Provide junior engineers with technical training, including: training on malware analysis; reverse engineering; Windows internals; and development, identification, unpacking, and de-obfuscation of malicious code. Travel occasionally as this position may require doing so to address client needs, improve results, or otherwise support projects. Basic Qualifications Bachelor's Degree in Computer Forensics, Science, Engineering, Information Systems, or another related security field, or comparable experience. Experience with malware analysis, reverse engineering, and development. Ability to write, understand, and/or analyze code in programming and scripting languages, including Assembly x86/x64, C, C++, Python, JavaScript, Java, PHP, and HTML. Basic knowledge of and experience with malware packers, crypters, and obfuscation techniques. Understanding of operating system internals and the Windows API. Experience with debuggers, decompilers, and network traffic analysis tools. Development experience in Assembly, Python, C, or C++. Strong understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.). Practical understanding of malware analysis and/or reverse engineering, and the ability to develop malware detection signatures (e.g. YARA). Required Skills Ability to analyze and unpack obfuscated code. Strong written and verbal skills; can communicate complex concepts at a high level while retaining accuracy and highlighting features in a way that improves audience engagement. Strong problem solving and critical thinking capabilities. Desired Skills Two or more years of experience in malware analysis, reverse engineering, and development fields. Deep understanding of operating system internals and the Windows API. Ability to work with a high degree of independence. Ability to collaborate in a team environment to focus on a common goal. Show more Show less Qualifications What's in it for you At Accenture in addition to a competitive basic salary, you will alsohave an extensive benefits package which includes 25days' vacation per year, gym subsidy, private medical insurance and 3 extra days leave per year for charitable work of your choice! About Accenture Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience and specialized capabilities across more than 40 industries - powered by the world's largest network of Advanced Technology and Intelligent Operations centers. With 509,000 people serving clients in more than 120 countries, Accenture brings continuous innovation to help clients improve their performance and create lasting value across their enterprises. Visit us at Accenture is an equal opportunities employer and encourages applications from all sections of society and does not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, or gender identity, or any other basis as protected by applicable law. Closing Date for Applications: 30/10/2022 Accenture reserves the right to close the role prior to this date should a suitable applicant be found.
Sep 24, 2022
Full time
Malware Reverse Engineer Location: Remote working - Office based in Reading Salary: Competitive Salary and Benefits Career Level : Specialist, Associate Manager or Manager About Accenture Cyber Threat Intelligence (ACTI) ACTI is a global team that spans 13 countries and 4 continents and speaks more than 30 languages. We are passionate about delivering intelligence analysis, and providing industry-leading analytic insights, cyber context, and critical services our clients need to achieve their business-line and strategic-growth initiatives. We know success is only possible by developing and supporting our most-critical resources: our talented analysts, developers, and supporting team members. We value creativity and entrepreneurship in our team; where possible, we back staff initiatives with opportunities and investments. We enjoy the hunt. We strive to automate and innovate while working with powerful resources and differentiated data. Above all else, we value an egoless approach to guiding our clients as they navigate their businesses through all aspects of the cyber domain. Who You Are You are passionate about cybersecurity and intelligence analysis. You stay abreast of the latest threats, recognize the value of intelligence, and believe it should drive operations. You are a devoted team member who is always willing to lend a hand, mentor a colleague, or increase our global team's awareness by sharing your knowledge and approaches with others. You are productive, easy to work with, and understand that adherence to a good process is key to excellence. Role Description As a Malware Reverse Engineer at ACTI, you will reverse engineer and analyze malware to evaluate sophisticated malicious code to settle malware capabilities and purposes. Analysis includes the use of specialized systems and tools, including dissemblers, debuggers, hex editors, unpackers, virtual machines, and those for network traffic analysis. Key Responsibilities Analyze malicious events and campaigns to determine attack vectors and retrieve malware payloads. Reverse engineer files suspected or known to belong to identified malware families to determine their command-and-control (C2) infrastructure and targeting. Incorporate analysis results into detailed reporting to include purpose, behavior, C2 server infrastructure, and mitigation techniques related to analyzed malware families, malicious campaigns, and events. Track prevailing malware families, including downloaders, banking Trojans, information stealers, ransomware, and remote access Trojans. Reverse engineer recently discovered malware variants to check potential feature augmentation or configuration structure changes. Improve existing tools that extract known malware family configurations based on reverse engineering results. Research the latest malware detection evasion techniques, such as use of customized packers, customized crypters, fully undetectable (FUD) techniques, host intrusion prevention system (HIPS) bypassing, and anti-virus (AV) software bypassing. Based on research, design and develop generic unpacking methods and tools for use as standalone tools or within automated analysis systems and sandboxes. Provide customer support by responding to requests related to suspicious file analysis that sometimes require malware reverse engineering and determination of contextual information surrounding indicators of compromise; do so by providing detailed analysis reports and mitigation recommendations. Provide customer support by responding to cybersecurity requests, including those for: open-source intelligence (OSINT) research; domain, IP address, or URL analysis; malicious campaign information; and/or event attribution. Provide answers to specific questions, the answers of which clients use for operational mentorship to aid their strategies. Design, develop, and implement Windows kernel modules to support automated malware analysis; such modules include kernel system service filtering modules able to intercept operating system services on 32-bit and 64-bit Windows operating systems without triggering those systems' self-protection mechanisms, and kernel-mode modules able to force designated processes to load specific modules that load decoders designed for extracting malware configurations. Design, develop, and implement generic unpackers that combat widely used malware packing methods to retrieve malicious payloads from packed malware samples automatically. Create detection rules and signatures for detecting malware families, and provide detection or blocking recommendations. Develop decoders to extract malware configurations-including basic C2 settings or secondary dynamic configurations, such as those outlining targeted institutions and web injects-based on reverse engineering results. Provide junior engineers with technical training, including: training on malware analysis; reverse engineering; Windows internals; and development, identification, unpacking, and de-obfuscation of malicious code. Travel occasionally as this position may require doing so to address client needs, improve results, or otherwise support projects. Basic Qualifications Bachelor's Degree in Computer Forensics, Science, Engineering, Information Systems, or another related security field, or comparable experience. Experience with malware analysis, reverse engineering, and development. Ability to write, understand, and/or analyze code in programming and scripting languages, including Assembly x86/x64, C, C++, Python, JavaScript, Java, PHP, and HTML. Basic knowledge of and experience with malware packers, crypters, and obfuscation techniques. Understanding of operating system internals and the Windows API. Experience with debuggers, decompilers, and network traffic analysis tools. Development experience in Assembly, Python, C, or C++. Strong understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.). Practical understanding of malware analysis and/or reverse engineering, and the ability to develop malware detection signatures (e.g. YARA). Required Skills Ability to analyze and unpack obfuscated code. Strong written and verbal skills; can communicate complex concepts at a high level while retaining accuracy and highlighting features in a way that improves audience engagement. Strong problem solving and critical thinking capabilities. Desired Skills Two or more years of experience in malware analysis, reverse engineering, and development fields. Deep understanding of operating system internals and the Windows API. Ability to work with a high degree of independence. Ability to collaborate in a team environment to focus on a common goal. Show more Show less Qualifications What's in it for you At Accenture in addition to a competitive basic salary, you will alsohave an extensive benefits package which includes 25days' vacation per year, gym subsidy, private medical insurance and 3 extra days leave per year for charitable work of your choice! About Accenture Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience and specialized capabilities across more than 40 industries - powered by the world's largest network of Advanced Technology and Intelligent Operations centers. With 509,000 people serving clients in more than 120 countries, Accenture brings continuous innovation to help clients improve their performance and create lasting value across their enterprises. Visit us at Accenture is an equal opportunities employer and encourages applications from all sections of society and does not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, or gender identity, or any other basis as protected by applicable law. Closing Date for Applications: 30/10/2022 Accenture reserves the right to close the role prior to this date should a suitable applicant be found.
At Jacobs, we'll inspire and empower you to deliver your best work so you can evolve, grow and succeed - today and into tomorrow. With more than 55,000 people in 40 countries, working at Jacobs offers an exciting range of opportunities to develop your career within a supportive and diverse team who always strive to do the right thing for our people, clients and communities. People are Jacobs' greatest asset, and we offer a competitive package to retain and attract the best talent. In addition to the benefits you'd expect, UK employees also receive free single medical cover and digital GP service, family friendly benefits such as enhanced parental leave pay, free membership of employee assistance and parental programmes, plus reimbursement towards relevant professional development and memberships. We also give back to our communities through our Collectively program which incorporates matched-funding, paid volunteering time and charitable donations. Job Purpose / Overview The SZC Chief Information Security Officer (CISO) is responsible for establishing the right security and governance practices and enabling a framework for risk-free and scalable business operations in the Nuclear New Build (NNB) SZC construction and nuclear security business landscape. This is a leadership position and is focused on understanding the security challenges in the current and future state of business operations, mapping learning from NNB Hinkley Point C (HPC) Project and the Technical Services Organisation (TSO) and preparing the SZC Project organisation with the right tools, skills, resources, relationships and capabilities against growing cyber and information security risks. Contextual Information Operating Environment SZC project will be the largest infrastructure project in Europe following HPC. It relies on both Information Technology (IT) and Operational Technology (OT) systems and the information processed by them for safety, security and business continuity. Loss or compromise of Sensitive Nuclear Information (SNI), information subject to Export Control, sensitive commercial information (SCI) or personal information through Computer Network Exploitation (CNE), or compromise of either IT or OT systems through Computer Network Attack present serious and enduring risks to the Project, Delivery partners and Supply Chain. Understanding and mitigating Cyber Security and Information Assurance (CS&IA) risks in the context of a constantly evolving threat landscape is thus fundamental to the success of Construction, design, manufacture and commissioning in addition to business operations, which collectively support the delivery of NNB (SZC) Project. SZC is an 'nth' of a kind replication of HPC Project and the role must support intelligent replication of the security case from HPC, achieved by utilising suitably qualified and experienced personnel (SQEP) resource within the TSO. Framework & Boundaries Maintains key relationships and works closely with the Technical Services Organisation to drive SZC Project Information Security Assurance and provide direction to cyber and information security Delivery Maintains key relationships with SZC IT delivery - IT & IM Digital Services and SZC Digital Systems and Solutions (Civils Works Programme) SZC nuclear baseline role holder Travel to TSO (Barnwood, Gloucester), SZC Project Site Offices (Suffolk) and SZC Project Offices (London) is expected as part of the role. Principal Accountabilities End to End Security Operations - Develop and design a comprehensive Cyber Security and Information Assurance Strategy and Information Security Management System (ISMS) Engage with overall organisational data strategy and advise on the best data management approach, aligning data privacy with business objectives ensuring information security safeguards are effective. Evaluate the Information Technology Threat landscape, devise policies and controls to reduce risk and lead auditing and compliance initiatives. Act as the Intelligent Customer (IC) for End 2 End cyber and information security requirements within all Project contracts Work with the SZC Security Manager to ensure SZC Project overall security arrangements meet the required legislation, standards etc. Manage interface with TSO to develop the Operational Technology (OT) Security Plan, establish policy and define IT requirements including Instrumentation and Control (I&C) as part of the wider CS&IA strategy Manage interface with TSO to procure services of Contract Security Officers to conduct supply chain assurance. Compliance - ensure that security arrangements meet legal obligations; including GDPR, Export Control and Nuclear Industries Security Regulations (NISR) 2003. Human Resources - ensure the appropriate verification checks, security education and training programs and policies for identity and access management are in place. Disaster Recovery and Business Continuity - Ensure compliance with ISO 27001 and develop a robust crisis communication channel, disaster recovery and risk management system in line with ONR (CNSS) Security Functional Security Principles (FSyP) 1, 2, 3, 5 and 7. Documentation - Contribute to a variety of security policy domains associated with compliance, Governance, risk management, incident management and HR management IT and Cyber Security Requirements - Evaluate business opportunities, regulatory requirements and business risks associated with SZC cloud network and all Information Security Projects, defining the optimal trade-off, reporting directly to the board and specifying cyber security, information security and data management requirements internally and through supply chain. Responsible for ensuring that Supply Chain Cyber Security puts in place appropriate Cyber Security and Information Security risk management and assurance that meet the required standards. Manage and hold the interfaces with ONR Civil Nuclear Safeguard and Security (CNSS) for Information Security. Establish priority for the Construction site based Cyber Security and Information Assurance Lead (CS&IA) in risk assessment and assurance of SZC/Delivery Partner and Contractor Information and Operational Technology systems (ICS/SCADA/IoT) on the NNB Gen Co (SZC) Construction site. Support both CS&IA and (CIO) IT & IM Digital Services Cyber Security Leads with specialist Forensic investigation as a result of incident response. Dimensions Reports to Director Safety, Security and Assurance (later this reporting line will switch to the SZC Head of Security) Dotted line reporting to TSO CISO Needs to form a strong relationship with TSO CISO lead spending time at Barnwood (Gloucester) and 90 Whitfield Street (London) to understand Project needs. Leads dotted line report; to the Cyber Security and Information Assurance Lead (Construction Site) and the IT & IM Digital Services Cyber Security Lead (SZC Common Data Environment) - works within .Knowledge, Skills, Qualifications & Experience Essential Knowledge of Civil Nuclear Cyber Security Strategy. Established cyber security credentials. Good working knowledge of applicable international standards and information security frameworks (ISO27001, ISO27017, GDPR, Cyber Essentials Plus). Aware of risk assessment methodologies including ISO27005 and NIST. Educated to degree level (or equivalent) or have a comparable level of practical experience Knowledge and experience of NIS Regulations and Cyber Assessment Framework (CAF). Knowledge of CPNI and NCSC material including assurance of supply chain activities. Knowledge of HMG Security Policy Framework. Confident in own abilities and be able to deliver in a dynamic environment. Proven people and team leadership skills Proven stakeholder management Excellent presentation and communication skills - both written and verbal. The post holder must currently hold or be able to achieve NSV SC. Desirable Experience working in the UK nuclear or regulated industry is highly desirable. Experience in a complex project environment including change control processes. A recognised security certification is desirable e.g. CISMP, Security , CEH. Experienced in specifying, designing and producing technical documentation to exacting standards. Excellent written English, including the preparation of suites of technical documents. Track record of providing innovative solutions within a technically complex environment - ideally within the nuclear sector Technical knowledge of physical, personnel and cyber security management systems and solutions. Experience of National Cyber Security Centre (NCSC) and Centre for the Protection of National Infrastructure (CPNI) methodologies, highly desirable. Experience working in a Project Organisation and/or with a Design Authority Our values stand on a foundation of safety, integrity, inclusion and diversity. We put people at the heart of our business and we truly believe that by supporting one another through our culture of caring, we all succeed. We value positive mental health and a sense of belonging for all employees. Find out more about life at Jacobs. We aim to embed inclusion and diversity in everything we do. We know that if we are inclusive, we're more connected, and if we are diverse, we're more creative. We accept people for who they are, regardless of age, disability, gender identity, gender expression, marital status, mental health, race, faith or belief, sexual orientation, socioeconomic background, and whether you're pregnant or on family leave. This is reflected in our wide range of Global Employee Networks centred on inclusion and diversity - ACE, Careers, Enlace..... click apply for full job details
Feb 01, 2022
Full time
At Jacobs, we'll inspire and empower you to deliver your best work so you can evolve, grow and succeed - today and into tomorrow. With more than 55,000 people in 40 countries, working at Jacobs offers an exciting range of opportunities to develop your career within a supportive and diverse team who always strive to do the right thing for our people, clients and communities. People are Jacobs' greatest asset, and we offer a competitive package to retain and attract the best talent. In addition to the benefits you'd expect, UK employees also receive free single medical cover and digital GP service, family friendly benefits such as enhanced parental leave pay, free membership of employee assistance and parental programmes, plus reimbursement towards relevant professional development and memberships. We also give back to our communities through our Collectively program which incorporates matched-funding, paid volunteering time and charitable donations. Job Purpose / Overview The SZC Chief Information Security Officer (CISO) is responsible for establishing the right security and governance practices and enabling a framework for risk-free and scalable business operations in the Nuclear New Build (NNB) SZC construction and nuclear security business landscape. This is a leadership position and is focused on understanding the security challenges in the current and future state of business operations, mapping learning from NNB Hinkley Point C (HPC) Project and the Technical Services Organisation (TSO) and preparing the SZC Project organisation with the right tools, skills, resources, relationships and capabilities against growing cyber and information security risks. Contextual Information Operating Environment SZC project will be the largest infrastructure project in Europe following HPC. It relies on both Information Technology (IT) and Operational Technology (OT) systems and the information processed by them for safety, security and business continuity. Loss or compromise of Sensitive Nuclear Information (SNI), information subject to Export Control, sensitive commercial information (SCI) or personal information through Computer Network Exploitation (CNE), or compromise of either IT or OT systems through Computer Network Attack present serious and enduring risks to the Project, Delivery partners and Supply Chain. Understanding and mitigating Cyber Security and Information Assurance (CS&IA) risks in the context of a constantly evolving threat landscape is thus fundamental to the success of Construction, design, manufacture and commissioning in addition to business operations, which collectively support the delivery of NNB (SZC) Project. SZC is an 'nth' of a kind replication of HPC Project and the role must support intelligent replication of the security case from HPC, achieved by utilising suitably qualified and experienced personnel (SQEP) resource within the TSO. Framework & Boundaries Maintains key relationships and works closely with the Technical Services Organisation to drive SZC Project Information Security Assurance and provide direction to cyber and information security Delivery Maintains key relationships with SZC IT delivery - IT & IM Digital Services and SZC Digital Systems and Solutions (Civils Works Programme) SZC nuclear baseline role holder Travel to TSO (Barnwood, Gloucester), SZC Project Site Offices (Suffolk) and SZC Project Offices (London) is expected as part of the role. Principal Accountabilities End to End Security Operations - Develop and design a comprehensive Cyber Security and Information Assurance Strategy and Information Security Management System (ISMS) Engage with overall organisational data strategy and advise on the best data management approach, aligning data privacy with business objectives ensuring information security safeguards are effective. Evaluate the Information Technology Threat landscape, devise policies and controls to reduce risk and lead auditing and compliance initiatives. Act as the Intelligent Customer (IC) for End 2 End cyber and information security requirements within all Project contracts Work with the SZC Security Manager to ensure SZC Project overall security arrangements meet the required legislation, standards etc. Manage interface with TSO to develop the Operational Technology (OT) Security Plan, establish policy and define IT requirements including Instrumentation and Control (I&C) as part of the wider CS&IA strategy Manage interface with TSO to procure services of Contract Security Officers to conduct supply chain assurance. Compliance - ensure that security arrangements meet legal obligations; including GDPR, Export Control and Nuclear Industries Security Regulations (NISR) 2003. Human Resources - ensure the appropriate verification checks, security education and training programs and policies for identity and access management are in place. Disaster Recovery and Business Continuity - Ensure compliance with ISO 27001 and develop a robust crisis communication channel, disaster recovery and risk management system in line with ONR (CNSS) Security Functional Security Principles (FSyP) 1, 2, 3, 5 and 7. Documentation - Contribute to a variety of security policy domains associated with compliance, Governance, risk management, incident management and HR management IT and Cyber Security Requirements - Evaluate business opportunities, regulatory requirements and business risks associated with SZC cloud network and all Information Security Projects, defining the optimal trade-off, reporting directly to the board and specifying cyber security, information security and data management requirements internally and through supply chain. Responsible for ensuring that Supply Chain Cyber Security puts in place appropriate Cyber Security and Information Security risk management and assurance that meet the required standards. Manage and hold the interfaces with ONR Civil Nuclear Safeguard and Security (CNSS) for Information Security. Establish priority for the Construction site based Cyber Security and Information Assurance Lead (CS&IA) in risk assessment and assurance of SZC/Delivery Partner and Contractor Information and Operational Technology systems (ICS/SCADA/IoT) on the NNB Gen Co (SZC) Construction site. Support both CS&IA and (CIO) IT & IM Digital Services Cyber Security Leads with specialist Forensic investigation as a result of incident response. Dimensions Reports to Director Safety, Security and Assurance (later this reporting line will switch to the SZC Head of Security) Dotted line reporting to TSO CISO Needs to form a strong relationship with TSO CISO lead spending time at Barnwood (Gloucester) and 90 Whitfield Street (London) to understand Project needs. Leads dotted line report; to the Cyber Security and Information Assurance Lead (Construction Site) and the IT & IM Digital Services Cyber Security Lead (SZC Common Data Environment) - works within .Knowledge, Skills, Qualifications & Experience Essential Knowledge of Civil Nuclear Cyber Security Strategy. Established cyber security credentials. Good working knowledge of applicable international standards and information security frameworks (ISO27001, ISO27017, GDPR, Cyber Essentials Plus). Aware of risk assessment methodologies including ISO27005 and NIST. Educated to degree level (or equivalent) or have a comparable level of practical experience Knowledge and experience of NIS Regulations and Cyber Assessment Framework (CAF). Knowledge of CPNI and NCSC material including assurance of supply chain activities. Knowledge of HMG Security Policy Framework. Confident in own abilities and be able to deliver in a dynamic environment. Proven people and team leadership skills Proven stakeholder management Excellent presentation and communication skills - both written and verbal. The post holder must currently hold or be able to achieve NSV SC. Desirable Experience working in the UK nuclear or regulated industry is highly desirable. Experience in a complex project environment including change control processes. A recognised security certification is desirable e.g. CISMP, Security , CEH. Experienced in specifying, designing and producing technical documentation to exacting standards. Excellent written English, including the preparation of suites of technical documents. Track record of providing innovative solutions within a technically complex environment - ideally within the nuclear sector Technical knowledge of physical, personnel and cyber security management systems and solutions. Experience of National Cyber Security Centre (NCSC) and Centre for the Protection of National Infrastructure (CPNI) methodologies, highly desirable. Experience working in a Project Organisation and/or with a Design Authority Our values stand on a foundation of safety, integrity, inclusion and diversity. We put people at the heart of our business and we truly believe that by supporting one another through our culture of caring, we all succeed. We value positive mental health and a sense of belonging for all employees. Find out more about life at Jacobs. We aim to embed inclusion and diversity in everything we do. We know that if we are inclusive, we're more connected, and if we are diverse, we're more creative. We accept people for who they are, regardless of age, disability, gender identity, gender expression, marital status, mental health, race, faith or belief, sexual orientation, socioeconomic background, and whether you're pregnant or on family leave. This is reflected in our wide range of Global Employee Networks centred on inclusion and diversity - ACE, Careers, Enlace..... click apply for full job details
IT Security Manager required for a Glasgow based business to manage a small team while retaining a hands on involvement in the group's IT security setup. Client Details A Global Maritime Service Provider with offices across the world that is headquartered in Glasgow is looking to add an IT Security Manager to their expanding IT function. The IT Security Manager is a hands-on management position looking after a small team. Description Manage all aspects of the day to day operations of the IT Security team Ensure deadlines are managed and met for all IT Security projects Responsible for providing IT Security input into IT strategy and subsequent projects to implement strategy Manage IT security strategy Responsible for IT security incident response, investigation, reporting and forensics Assess system security and recommend improvements Ensure data is handled, transferred or processed according to legal and company guidelines Control costs and budgets regarding IT security Work with IT Quality and Contracts manager to manage contracts with vendors and software licenses Develop IT security policies and practices with the IT Quality and Contracts Manager Ensure training and personal development plans of IT Security team are created and followed Evaluate team performance against targets and KPI's and report monthly to Group Head of Business Systems Understand, implement and monitor security systems Regular reporting against risks identified infosec tools and mitigation actions/projects. Stay up-to-date on information technology trends and security standards, making necessary recommendations Help colleagues and the wider business understand information security management Participate in IT Security audits both representing the group as the audited party and performing IT Security Audits of other business units and 3rd parties Profile The IT Security Manager is a hands-on management position with excellent knowledge of the technologies in use by the IT Security team required in order to coach, mentor and train other team members as well as to define process, policy and working practices. With a global foot print we are looking for someone with experience of managing IT security within an organisation with a global user base. With that in mind we are looking for experience in the following; System installation, configuration and analysis Thorough knowledge of networks and cloud computing Knowledge of data protection operations and legislation (eg GDPR) Be able to identify gaps in the teams knowledge and implement plans to close them Conversant with project management methodology's and frameworks Excellent team leadership, coaching and people management skills Knowledge of ISO 27001 and auditing Job Offer The opportunity to join a dynamic and forward thinking IT function operating as part a global brand owning the IT security for a group of companies. There is a long term career opportunity to build out an IT security function driving technological advancement while progressing your own career. A competitive salary and benefits package is also on offer along with flexible working.
Nov 05, 2021
Full time
IT Security Manager required for a Glasgow based business to manage a small team while retaining a hands on involvement in the group's IT security setup. Client Details A Global Maritime Service Provider with offices across the world that is headquartered in Glasgow is looking to add an IT Security Manager to their expanding IT function. The IT Security Manager is a hands-on management position looking after a small team. Description Manage all aspects of the day to day operations of the IT Security team Ensure deadlines are managed and met for all IT Security projects Responsible for providing IT Security input into IT strategy and subsequent projects to implement strategy Manage IT security strategy Responsible for IT security incident response, investigation, reporting and forensics Assess system security and recommend improvements Ensure data is handled, transferred or processed according to legal and company guidelines Control costs and budgets regarding IT security Work with IT Quality and Contracts manager to manage contracts with vendors and software licenses Develop IT security policies and practices with the IT Quality and Contracts Manager Ensure training and personal development plans of IT Security team are created and followed Evaluate team performance against targets and KPI's and report monthly to Group Head of Business Systems Understand, implement and monitor security systems Regular reporting against risks identified infosec tools and mitigation actions/projects. Stay up-to-date on information technology trends and security standards, making necessary recommendations Help colleagues and the wider business understand information security management Participate in IT Security audits both representing the group as the audited party and performing IT Security Audits of other business units and 3rd parties Profile The IT Security Manager is a hands-on management position with excellent knowledge of the technologies in use by the IT Security team required in order to coach, mentor and train other team members as well as to define process, policy and working practices. With a global foot print we are looking for someone with experience of managing IT security within an organisation with a global user base. With that in mind we are looking for experience in the following; System installation, configuration and analysis Thorough knowledge of networks and cloud computing Knowledge of data protection operations and legislation (eg GDPR) Be able to identify gaps in the teams knowledge and implement plans to close them Conversant with project management methodology's and frameworks Excellent team leadership, coaching and people management skills Knowledge of ISO 27001 and auditing Job Offer The opportunity to join a dynamic and forward thinking IT function operating as part a global brand owning the IT security for a group of companies. There is a long term career opportunity to build out an IT security function driving technological advancement while progressing your own career. A competitive salary and benefits package is also on offer along with flexible working.