Principal Cyber Security Incident Response Analyst 60,000 - 70,000 Full Time / Permanent West Midlands / Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join a large nationally recognised brand head quartered in the West Midlands. As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Responsibilities Provide leadership and mentorship to Analysts and Senior Analysts, fostering a culture of excellence and continuous development. Drive the evolution and enhancement of the Cyber Security Incident Response function, ensuring the team consistently meets and exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network, endpoint, cloud environments, and threat intelligence feeds. Perform in-depth trend analysis to identify patterns and inform improvements in organisational controls and threat detection capabilities. Develop, maintain, and continuously improve documentation and reporting frameworks to support transparency, consistency, and strategic decision-making. Experience required: Previous experience in a similar Cyber Incident Response Analyst role, preferably in a senior or lead capacity. Strong experience in security monitoring across diverse systems and environments, including cloud and on-premises. Proven leadership in incident response within SOC settings. Deep understanding of the cyber threat landscape, attack vectors, and detection techniques. Proficient in cybersecurity tools, regulations, and compliance standards. Excellent communication and stakeholder engagement skills, with the ability to convey technical insights to varied audiences. Please apply via the link or contact (url removed) for more information Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
10/12/2025
Full time
Principal Cyber Security Incident Response Analyst 60,000 - 70,000 Full Time / Permanent West Midlands / Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join a large nationally recognised brand head quartered in the West Midlands. As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Responsibilities Provide leadership and mentorship to Analysts and Senior Analysts, fostering a culture of excellence and continuous development. Drive the evolution and enhancement of the Cyber Security Incident Response function, ensuring the team consistently meets and exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network, endpoint, cloud environments, and threat intelligence feeds. Perform in-depth trend analysis to identify patterns and inform improvements in organisational controls and threat detection capabilities. Develop, maintain, and continuously improve documentation and reporting frameworks to support transparency, consistency, and strategic decision-making. Experience required: Previous experience in a similar Cyber Incident Response Analyst role, preferably in a senior or lead capacity. Strong experience in security monitoring across diverse systems and environments, including cloud and on-premises. Proven leadership in incident response within SOC settings. Deep understanding of the cyber threat landscape, attack vectors, and detection techniques. Proficient in cybersecurity tools, regulations, and compliance standards. Excellent communication and stakeholder engagement skills, with the ability to convey technical insights to varied audiences. Please apply via the link or contact (url removed) for more information Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
Lead Cybersecurity Incident Responder - IR, Cyber, Salary: Competitive, based on experience + benefits Location: London / Hybrid (some travel European travel) About the Organisation This forward-thinking cybersecurity intelligence organisation is recognised as a European leader, partnering with some of the most prominent brands to anticipate, prevent, and respond to emerging threats. You will be joining a highly skilled team made up of some of the sharpest minds in the industry, offering an environment where you can grow, innovate, and make a real impact. Who We're Looking For We are seeking a highly experienced cybersecurity professional with a strong background in incident response and advanced security operations. Essential experience and skills: Extensive hands-on experience in Incident Response (IR), SOC, MSSP, CSIRT, or DFIR, with a proven ability to handle urgent and complex client incidents under pressure. European language is beneficial but not required. Experience working in a 24/7 SOC environment, with a deep understanding of how SOC operations integrate with IR. Expert knowledge of technologies such as Microsoft security stack, DFIR tooling, SIEM, Microsoft Defender/Sentinel, EDR platforms, timeline analysis, and cloud environments (Azure, AWS, or GCP). Exposure to penetration testing, including red team or purple team exercises, is advantageous. Ability to script or automate using Bash, Perl, Python, or PowerShell. Strong analytical mindset and familiarity with hypothesis-driven investigation methods. Confident understanding of compliance, legal requirements, and managing third-party vendor relationships. Solid working knowledge of the MITRE ATT&CK framework. Willingness to take part in on-call rotations. Excellent understanding of the cybersecurity landscape and its impact on modern organisations. Highly desirable certifications: CISSP, CISM, OSCP, GIAC, GCIH, GCFA, GCFE, GPEN, GNFA (holding at least one is preferred). What You'll Be Doing As the Lead Cybersecurity Incident Responder, you will play a critical role in guiding clients through high-impact, time-sensitive security incidents. Your responsibilities will include: Conducting network, host, and forensic investigations, presenting clear and actionable findings to clients. Providing on-call emergency support and leading swift, effective response actions. Handling complex and sensitive IR engagements across a wide range of industries and technical environments. Acting as a trusted advisor, consulting directly with clients and collaborating with senior leadership. Producing detailed technical reports and executive-level summaries. Mentoring and supporting junior members of the team. This is an exciting opportunity to join a dynamic, highly respected organisation and contribute to meaningful cybersecurity work that protects organisations across Europe. About Adecco Adecco is acting as an Employment Agency. We are proud to be an equal opportunities employer. We are on the client's supplier list for this position. Incident Response, Cyber Incident Responder, DFIR, Digital Forensics, SOC Analyst, Lead Incident Responder, Cybersecurity Analyst, SIEM, Microsoft Sentinel, Microsoft Defender, EDR, Azure Security, AWS Security, GCP Security, Threat Hunting, Cyber Threat Intelligence, MITRE ATT&CK, Red Team, Purple Team, Malware Analysis, Cyber Forensics, Security Operations, Security Engineer, On-Call IR, Penetration Testing, Python, PowerShell, Bash, Cyber Defence, CSIRT, MSSP, Network Forensics, Endpoint Forensics, Cloud Security, IR Lead, Security Consultant.
09/12/2025
Full time
Lead Cybersecurity Incident Responder - IR, Cyber, Salary: Competitive, based on experience + benefits Location: London / Hybrid (some travel European travel) About the Organisation This forward-thinking cybersecurity intelligence organisation is recognised as a European leader, partnering with some of the most prominent brands to anticipate, prevent, and respond to emerging threats. You will be joining a highly skilled team made up of some of the sharpest minds in the industry, offering an environment where you can grow, innovate, and make a real impact. Who We're Looking For We are seeking a highly experienced cybersecurity professional with a strong background in incident response and advanced security operations. Essential experience and skills: Extensive hands-on experience in Incident Response (IR), SOC, MSSP, CSIRT, or DFIR, with a proven ability to handle urgent and complex client incidents under pressure. European language is beneficial but not required. Experience working in a 24/7 SOC environment, with a deep understanding of how SOC operations integrate with IR. Expert knowledge of technologies such as Microsoft security stack, DFIR tooling, SIEM, Microsoft Defender/Sentinel, EDR platforms, timeline analysis, and cloud environments (Azure, AWS, or GCP). Exposure to penetration testing, including red team or purple team exercises, is advantageous. Ability to script or automate using Bash, Perl, Python, or PowerShell. Strong analytical mindset and familiarity with hypothesis-driven investigation methods. Confident understanding of compliance, legal requirements, and managing third-party vendor relationships. Solid working knowledge of the MITRE ATT&CK framework. Willingness to take part in on-call rotations. Excellent understanding of the cybersecurity landscape and its impact on modern organisations. Highly desirable certifications: CISSP, CISM, OSCP, GIAC, GCIH, GCFA, GCFE, GPEN, GNFA (holding at least one is preferred). What You'll Be Doing As the Lead Cybersecurity Incident Responder, you will play a critical role in guiding clients through high-impact, time-sensitive security incidents. Your responsibilities will include: Conducting network, host, and forensic investigations, presenting clear and actionable findings to clients. Providing on-call emergency support and leading swift, effective response actions. Handling complex and sensitive IR engagements across a wide range of industries and technical environments. Acting as a trusted advisor, consulting directly with clients and collaborating with senior leadership. Producing detailed technical reports and executive-level summaries. Mentoring and supporting junior members of the team. This is an exciting opportunity to join a dynamic, highly respected organisation and contribute to meaningful cybersecurity work that protects organisations across Europe. About Adecco Adecco is acting as an Employment Agency. We are proud to be an equal opportunities employer. We are on the client's supplier list for this position. Incident Response, Cyber Incident Responder, DFIR, Digital Forensics, SOC Analyst, Lead Incident Responder, Cybersecurity Analyst, SIEM, Microsoft Sentinel, Microsoft Defender, EDR, Azure Security, AWS Security, GCP Security, Threat Hunting, Cyber Threat Intelligence, MITRE ATT&CK, Red Team, Purple Team, Malware Analysis, Cyber Forensics, Security Operations, Security Engineer, On-Call IR, Penetration Testing, Python, PowerShell, Bash, Cyber Defence, CSIRT, MSSP, Network Forensics, Endpoint Forensics, Cloud Security, IR Lead, Security Consultant.
First Choice Recruitment Services
Bromsgrove, Worcestershire
IT Security Analyst Bromsgrove Permanent Salary c£35k This is an exciting opportunity for an IT Security Analyst to join our client s experienced and collaborative IT team. The company is growing and therefore they offer excellent opportunities to progress. The role will focus on supporting and implementing new ways of working to protect the company from a range of cyber and security threats. Candidates will need 2/3 years experience of working as a Security Analyst, including monitoring vulnerability and threats, risk mitigation and implementation of robust security policies. This role is to be based at the Bromsgrove office but regular travel to Tewkesbury as required. Hybrid working an option after initial 6 months. Security Check (SC) will be required therefore the role is only open to British Nationals. Key Responsibilities Monitor and analyse security events and alerts. Perform initial triage, investigation, and classification of potential security incidents alongside the Cyber Security Consultant. Monitor security alerts from various sources and respond promptly, escalating as necessary. Generate reports on key metrics, processes, and the performance of different workflows. Escalate incidents to the appropriate teams based on severity and impact. Maintain, tune, and create alerts, playbooks, graphs, and other documentation following industry and international standards under the guidance of the Cyber Security Consultant. Respond to cybersecurity incidents by adhering to standard operating procedures (SOPs) and playbooks, under the supervision of the Cyber Security Consultant. Conduct root cause analysis and document findings and lessons learned from security incidents with the Cyber Security Consultant. Work with IT and security teams to contain and resolve threats. Keep incident logs, reports, and tickets updated within incident tracking systems. Assist in threat intelligence gathering and analysis to enhance detection capabilities. Participate in vulnerability management activities. Update and oversee the software inventory. Support compliance reporting and audits. Assist in IT service desk activities. Stay updated with emerging cyber threats, attack techniques, and security trends. Perform any additional duties delegated by the IT Manager to ensure efficient management of the Company. Key skills: Candidates will need recent work history of working in a similar role. Degree Educated would be an advantage A strong understanding of firewalls, intrusion detection systems and other security technologies is essential. Familiar with ethical hacking and penetration testing an advantage. The ability to analyse complex data and identify potential security threats is essential Excellent communication skills required to communicate with both technical and nontechnical stakeholders, explaining security issues and policies clearly To apply please forward your up to date CV and or call us for more information. First Choice Recruitment are a privately owned independent Recruitment service provider, we act as an employment agency for permanent recruitment and as an employment business for temporary recruitment. Our service is a free and confidential service to work seekers
04/12/2025
Full time
IT Security Analyst Bromsgrove Permanent Salary c£35k This is an exciting opportunity for an IT Security Analyst to join our client s experienced and collaborative IT team. The company is growing and therefore they offer excellent opportunities to progress. The role will focus on supporting and implementing new ways of working to protect the company from a range of cyber and security threats. Candidates will need 2/3 years experience of working as a Security Analyst, including monitoring vulnerability and threats, risk mitigation and implementation of robust security policies. This role is to be based at the Bromsgrove office but regular travel to Tewkesbury as required. Hybrid working an option after initial 6 months. Security Check (SC) will be required therefore the role is only open to British Nationals. Key Responsibilities Monitor and analyse security events and alerts. Perform initial triage, investigation, and classification of potential security incidents alongside the Cyber Security Consultant. Monitor security alerts from various sources and respond promptly, escalating as necessary. Generate reports on key metrics, processes, and the performance of different workflows. Escalate incidents to the appropriate teams based on severity and impact. Maintain, tune, and create alerts, playbooks, graphs, and other documentation following industry and international standards under the guidance of the Cyber Security Consultant. Respond to cybersecurity incidents by adhering to standard operating procedures (SOPs) and playbooks, under the supervision of the Cyber Security Consultant. Conduct root cause analysis and document findings and lessons learned from security incidents with the Cyber Security Consultant. Work with IT and security teams to contain and resolve threats. Keep incident logs, reports, and tickets updated within incident tracking systems. Assist in threat intelligence gathering and analysis to enhance detection capabilities. Participate in vulnerability management activities. Update and oversee the software inventory. Support compliance reporting and audits. Assist in IT service desk activities. Stay updated with emerging cyber threats, attack techniques, and security trends. Perform any additional duties delegated by the IT Manager to ensure efficient management of the Company. Key skills: Candidates will need recent work history of working in a similar role. Degree Educated would be an advantage A strong understanding of firewalls, intrusion detection systems and other security technologies is essential. Familiar with ethical hacking and penetration testing an advantage. The ability to analyse complex data and identify potential security threats is essential Excellent communication skills required to communicate with both technical and nontechnical stakeholders, explaining security issues and policies clearly To apply please forward your up to date CV and or call us for more information. First Choice Recruitment are a privately owned independent Recruitment service provider, we act as an employment agency for permanent recruitment and as an employment business for temporary recruitment. Our service is a free and confidential service to work seekers
Bolton The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary: £50,000 - £60,000 depending on experience Dynamic (hybrid) working: Minimum 2 days per week on-site due to workload classification Security Clearance: British Citizen or a Dual UK national with British citizenship. Restrictions and/or limitations relating to nationality and/or rights to work may apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG Basic Personnel Security Standard checks (BPSS), which are managed by the MBDA Personnel Security Team. What we can offer you: Company bonus: Up to £2,500 (based on company performance and will vary year to year) Pension: maximum total (employer and employee) contribution of up to 14% Overtime: opportunity for paid overtime Flexi Leave: Up to 15 additional days Flexible working: We welcome applicants who are looking for flexible working arrangements Enhanced parental leave: offers up to 26 weeks for maternity, adoption and shared parental leave -enhancements are available for paternity leave, neonatal leave and fertility testing and treatments Facilities: Fantastic site facilities including subsidised meals, free car parking and much more Healthcare Cash Plan: The Healthcare Cash Plan benefit provides the option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion for Incident response and Threat mitigation. Essentials: Lead digital forensics and incident response (DFIR) activities, ensuring lab readiness, artefact management, and delivery of forensic objectives. Maintain and enhance forensic tools and environments (e.g., Magnet Axiom, Autopsy) to ensure operational capability. Conduct detailed forensic analysis, malware reverse engineering, and cyber investigation of complex incidents. Ensure effective chain of custody, artefact preservation, and evidence handling processes. Maintain accurate digital forensics documentation, incident playbooks, and readiness rehearsal materials. Lead and execute tabletop exercises (TTEx) to test and improve incident response and forensic readiness. Perform network and endpoint investigations, including AV scans, incident remediation, and validation of security alerts. Collaborate with IM/DEx and Security Operations to enhance incident reporting, alerting, and notification services. Deputise for CERT responders during major incidents or third-party attacks, coordinating with national and international partners (e.g., NCPC). Develop and maintain enterprise security documentation, including policies, standards, baselines, and playbooks. Desirables: Identify root causes of security incidents and recommend sustainable mitigation strategies. Manage remediation and closure of security cases, ensuring timely implementation of corrective actions. Develop and maintain threat scenarios to validate detection and response across SOC, EDR, SIEM, and XDR platforms. Translate threat intelligence into testable hypotheses and simulation exercises in collaboration with Threat Intelligence teams. Utilise adversarial emulation tools (Caldera, Atomic Red Team, AttackIQ, SCYTHE, Cobalt Strike, etc.) to replicate realistic attacker behaviours. Research and integrate emerging threats and TTPs into adversary emulation and validation methodologies. Produce detailed reporting and metrics on detection coverage, response performance, and control effectiveness. Support the wider IM/DEx team by validating new or updated controls against advanced threat simulations. Support SOC operations with investigation, alert triage, and implementation of lessons learned from adversarial validation and DFIR activities. Research and evaluate emerging security tools, technologies, and methodologies; provide gap analysis and recommendations to influence investment. Deliver metrics, dashboards, and reports demonstrating adversarial resilience and capability maturity. Contribute to small-to-medium cyber projects enhancing threat detection, emulation, and response maturity. What we're looking for from you: Demonstratable experience handling incidents, such as: Ransomware containment + remediation Business email compromise investigations Cloud account takeover Insider threat events Large-scale phishing attacks Leading incident response calls, advising leadership, and writing executive summaries Our company: Peace is not a given, Freedom is not a given, Sovereignty is not a given MBDA is a leading defence organisation. We are proud of the role we play in supporting the Armed Forces who protect our nations. We partner with governments to work together towards a common goal, defending our freedom. We are proud of our employee-led networks, examples include: Gender Equality, Pride, Menopause Matters, Parents and Carers, Armed Forces, Ethnic Diversity, Neurodiversity, Disability and more We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process. Follow us on LinkedIn (MBDA), X Instagram (MBDA_UK) and Glassdoor or visit our MBDA Careers website for more information. JBRP1_UKTJ
02/12/2025
Full time
Bolton The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary: £50,000 - £60,000 depending on experience Dynamic (hybrid) working: Minimum 2 days per week on-site due to workload classification Security Clearance: British Citizen or a Dual UK national with British citizenship. Restrictions and/or limitations relating to nationality and/or rights to work may apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG Basic Personnel Security Standard checks (BPSS), which are managed by the MBDA Personnel Security Team. What we can offer you: Company bonus: Up to £2,500 (based on company performance and will vary year to year) Pension: maximum total (employer and employee) contribution of up to 14% Overtime: opportunity for paid overtime Flexi Leave: Up to 15 additional days Flexible working: We welcome applicants who are looking for flexible working arrangements Enhanced parental leave: offers up to 26 weeks for maternity, adoption and shared parental leave -enhancements are available for paternity leave, neonatal leave and fertility testing and treatments Facilities: Fantastic site facilities including subsidised meals, free car parking and much more Healthcare Cash Plan: The Healthcare Cash Plan benefit provides the option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion for Incident response and Threat mitigation. Essentials: Lead digital forensics and incident response (DFIR) activities, ensuring lab readiness, artefact management, and delivery of forensic objectives. Maintain and enhance forensic tools and environments (e.g., Magnet Axiom, Autopsy) to ensure operational capability. Conduct detailed forensic analysis, malware reverse engineering, and cyber investigation of complex incidents. Ensure effective chain of custody, artefact preservation, and evidence handling processes. Maintain accurate digital forensics documentation, incident playbooks, and readiness rehearsal materials. Lead and execute tabletop exercises (TTEx) to test and improve incident response and forensic readiness. Perform network and endpoint investigations, including AV scans, incident remediation, and validation of security alerts. Collaborate with IM/DEx and Security Operations to enhance incident reporting, alerting, and notification services. Deputise for CERT responders during major incidents or third-party attacks, coordinating with national and international partners (e.g., NCPC). Develop and maintain enterprise security documentation, including policies, standards, baselines, and playbooks. Desirables: Identify root causes of security incidents and recommend sustainable mitigation strategies. Manage remediation and closure of security cases, ensuring timely implementation of corrective actions. Develop and maintain threat scenarios to validate detection and response across SOC, EDR, SIEM, and XDR platforms. Translate threat intelligence into testable hypotheses and simulation exercises in collaboration with Threat Intelligence teams. Utilise adversarial emulation tools (Caldera, Atomic Red Team, AttackIQ, SCYTHE, Cobalt Strike, etc.) to replicate realistic attacker behaviours. Research and integrate emerging threats and TTPs into adversary emulation and validation methodologies. Produce detailed reporting and metrics on detection coverage, response performance, and control effectiveness. Support the wider IM/DEx team by validating new or updated controls against advanced threat simulations. Support SOC operations with investigation, alert triage, and implementation of lessons learned from adversarial validation and DFIR activities. Research and evaluate emerging security tools, technologies, and methodologies; provide gap analysis and recommendations to influence investment. Deliver metrics, dashboards, and reports demonstrating adversarial resilience and capability maturity. Contribute to small-to-medium cyber projects enhancing threat detection, emulation, and response maturity. What we're looking for from you: Demonstratable experience handling incidents, such as: Ransomware containment + remediation Business email compromise investigations Cloud account takeover Insider threat events Large-scale phishing attacks Leading incident response calls, advising leadership, and writing executive summaries Our company: Peace is not a given, Freedom is not a given, Sovereignty is not a given MBDA is a leading defence organisation. We are proud of the role we play in supporting the Armed Forces who protect our nations. We partner with governments to work together towards a common goal, defending our freedom. We are proud of our employee-led networks, examples include: Gender Equality, Pride, Menopause Matters, Parents and Carers, Armed Forces, Ethnic Diversity, Neurodiversity, Disability and more We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process. Follow us on LinkedIn (MBDA), X Instagram (MBDA_UK) and Glassdoor or visit our MBDA Careers website for more information. JBRP1_UKTJ
Main purpose of post: The Cybersecurity Department with our client provide support for all electronic communications systems at the site, as well as taking a leading role in delivering technology change / improvement projects and managing external support agreements. The Cyber Security Analyst is required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve BAU security tasks, supporting cyber security projects and assisting with regulatory compliance. Daily tasks will involve the following: Endpoint monitoring and analysis. Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. Monitor and administer Security Information and Event Management (SIEM). Malware analysis and forensics research. Understanding/ differentiation of intrusion attempts and false positives. Investigation tracking and threat resolution. Vulnerability identification & mitigation / remediation. Compose security alert notifications. Advise incident responders & other teams on threat. Triage security events and incidents apply containment and mitigation/remediation strategies. Generate reports and document security incidents / events. Proactively monitoring the performance of systems, and make regular routine inspections of installed equipment and take corrective avoidance actions to prevent wider problems. Act as the point of escalation for the Service desk for security related tickets. Analysis of weekly vulnerability scans and update relevant records. Essential A well organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines to deliver the desired results. An ambition to constantly learn new skills and develop knowledge, with an understanding that study time outside of working hours may be required for career development. Credible knowledge/experience in Microsoft Windows Operating Systems. Credible knowledge/experience of Active Directory, Group policies, TCP/IP, DNS, DHCP and Exchange Server. Capable of effectively multi-tasking, prioritizing work, and handling competing interests Capable of analysing information technology logs and events sources preferred Working knowledge of data storage systems, data backup and restoration methods. Understanding of security tooling, its purpose and functionality (Anti-Malware, IPS, Web and Email Gateways, security analysis tools, web security tools, next generation firewall/UTMs) Ability to work independently while managing support to a high standard Contribute credibly to IT department's delivery of SLAs and other support targets Self-motivated to advance own knowledge & gain formal qualifications Ability to analyse vulnerabilities, threats, designs, procedures and architectural design, producing reports and sharing intelligence Advanced knowledge of computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing Knowledge of Cloud computing, computer network defence, identity management, incident management and network security. Significant experience within a SOC environment. Incident response experience Qualification / Certification in Cyber Security Desirable IT Qualifications / Certifications such as CompTIA A+, Network+, Security+ IT Helpdesk experience or knowledge Cyber Security Operation Centre experience Qualification / Certification in Cyber Security Person Specification: Communication. Structures and conveys information and ideas effectively. Communicates to ensure they are understood by others, that they understand others and share information with colleagues at all levels. Achieving results. Knows what needs to be achieved by when. Anticipates obstacles. Motivates self and others to overcome barriers and achieve results. Planning & Organising. Identifies a goal and puts in place a sequence of steps to ensure priorities are delivered on time, making effective use of resources Team Focus. Develops effective working relationships inside and outside traditional boundaries to achieve organisational goals. Breaks down barriers between groups and involves others in discussions and decisions You will be required to pass a range of referencing and vetting checks, including a Criminal Record Check and a Counter Terrorism Check (CTC). You must also have lived in the UK for at least 3 years with a 5-year work history, unless in education. Connect2Employment is a trading style of Luton & Kent Commercial Services LLP - A joint venture between Luton Borough Council & Commercial Services Kent Ltd. Connect2Employment is an equal opportunities Employment Agency & Business. It positively encourages applications from all suitably qualified and eligible candidates.
01/12/2025
Full time
Main purpose of post: The Cybersecurity Department with our client provide support for all electronic communications systems at the site, as well as taking a leading role in delivering technology change / improvement projects and managing external support agreements. The Cyber Security Analyst is required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve BAU security tasks, supporting cyber security projects and assisting with regulatory compliance. Daily tasks will involve the following: Endpoint monitoring and analysis. Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. Monitor and administer Security Information and Event Management (SIEM). Malware analysis and forensics research. Understanding/ differentiation of intrusion attempts and false positives. Investigation tracking and threat resolution. Vulnerability identification & mitigation / remediation. Compose security alert notifications. Advise incident responders & other teams on threat. Triage security events and incidents apply containment and mitigation/remediation strategies. Generate reports and document security incidents / events. Proactively monitoring the performance of systems, and make regular routine inspections of installed equipment and take corrective avoidance actions to prevent wider problems. Act as the point of escalation for the Service desk for security related tickets. Analysis of weekly vulnerability scans and update relevant records. Essential A well organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines to deliver the desired results. An ambition to constantly learn new skills and develop knowledge, with an understanding that study time outside of working hours may be required for career development. Credible knowledge/experience in Microsoft Windows Operating Systems. Credible knowledge/experience of Active Directory, Group policies, TCP/IP, DNS, DHCP and Exchange Server. Capable of effectively multi-tasking, prioritizing work, and handling competing interests Capable of analysing information technology logs and events sources preferred Working knowledge of data storage systems, data backup and restoration methods. Understanding of security tooling, its purpose and functionality (Anti-Malware, IPS, Web and Email Gateways, security analysis tools, web security tools, next generation firewall/UTMs) Ability to work independently while managing support to a high standard Contribute credibly to IT department's delivery of SLAs and other support targets Self-motivated to advance own knowledge & gain formal qualifications Ability to analyse vulnerabilities, threats, designs, procedures and architectural design, producing reports and sharing intelligence Advanced knowledge of computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing Knowledge of Cloud computing, computer network defence, identity management, incident management and network security. Significant experience within a SOC environment. Incident response experience Qualification / Certification in Cyber Security Desirable IT Qualifications / Certifications such as CompTIA A+, Network+, Security+ IT Helpdesk experience or knowledge Cyber Security Operation Centre experience Qualification / Certification in Cyber Security Person Specification: Communication. Structures and conveys information and ideas effectively. Communicates to ensure they are understood by others, that they understand others and share information with colleagues at all levels. Achieving results. Knows what needs to be achieved by when. Anticipates obstacles. Motivates self and others to overcome barriers and achieve results. Planning & Organising. Identifies a goal and puts in place a sequence of steps to ensure priorities are delivered on time, making effective use of resources Team Focus. Develops effective working relationships inside and outside traditional boundaries to achieve organisational goals. Breaks down barriers between groups and involves others in discussions and decisions You will be required to pass a range of referencing and vetting checks, including a Criminal Record Check and a Counter Terrorism Check (CTC). You must also have lived in the UK for at least 3 years with a 5-year work history, unless in education. Connect2Employment is a trading style of Luton & Kent Commercial Services LLP - A joint venture between Luton Borough Council & Commercial Services Kent Ltd. Connect2Employment is an equal opportunities Employment Agency & Business. It positively encourages applications from all suitably qualified and eligible candidates.
Principal Cyber Security Incident Response Analyst 60,000 - 70,000 Full Time / Permanent West Midlands / Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join a large nationally recognised brand head quartered in the West Midlands. As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Responsibilities: Provide leadership and mentorship to Analysts and Senior Analysts, fostering a culture of excellence and continuous development. Drive the evolution and enhancement of the Cyber Security Incident Response function, ensuring the team consistently meets and exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network, endpoint, cloud environments, and threat intelligence feeds. Perform in-depth trend analysis to identify patterns and inform improvements in organisational controls and threat detection capabilities. Develop, maintain, and continuously improve documentation and reporting frameworks to support transparency, consistency, and strategic decision-making. Experience required: Previous experience in a similar Cyber Incident Response Analyst role, preferably in a senior or lead capacity. Strong experience in security monitoring across diverse systems and environments, including cloud and on-premises. Proven leadership in incident response within SOC settings. Deep understanding of the cyber threat landscape, attack vectors, and detection techniques. Proficient in cybersecurity tools, regulations, and compliance standards. Excellent communication and stakeholder engagement skills, with the ability to convey technical insights to varied audiences. Please apply via the link or contact (url removed) for more information Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
04/10/2025
Full time
Principal Cyber Security Incident Response Analyst 60,000 - 70,000 Full Time / Permanent West Midlands / Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join a large nationally recognised brand head quartered in the West Midlands. As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Responsibilities: Provide leadership and mentorship to Analysts and Senior Analysts, fostering a culture of excellence and continuous development. Drive the evolution and enhancement of the Cyber Security Incident Response function, ensuring the team consistently meets and exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network, endpoint, cloud environments, and threat intelligence feeds. Perform in-depth trend analysis to identify patterns and inform improvements in organisational controls and threat detection capabilities. Develop, maintain, and continuously improve documentation and reporting frameworks to support transparency, consistency, and strategic decision-making. Experience required: Previous experience in a similar Cyber Incident Response Analyst role, preferably in a senior or lead capacity. Strong experience in security monitoring across diverse systems and environments, including cloud and on-premises. Proven leadership in incident response within SOC settings. Deep understanding of the cyber threat landscape, attack vectors, and detection techniques. Proficient in cybersecurity tools, regulations, and compliance standards. Excellent communication and stakeholder engagement skills, with the ability to convey technical insights to varied audiences. Please apply via the link or contact (url removed) for more information Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
Cybersecurity Vulnerability Lead - £700 per day - Inside IR35 - Remote - 6 Months initial contract. Our client, the UKs leading producer of Zero Carbon energy, is looking for a Cybersecurity Vulnerability Lead to join them on a contract basis. This is a senior role with responsibility for the organisation s vulnerability management programme across multiple business units, technologies, and regulatory environments. The organisation has made significant investment in Tenable as its core vulnerability management platform. You ll be expected to lead its strategic and day-to-day usage, ensuring vulnerabilities are accurately identified, prioritised, and remediated while driving continuous improvement in how the platform is integrated and utilised. Candidates with strong Tenable expertise, particularly those who have embedded it at scale in large or regulated environments such as financial services, will be especially attractive for this role. Security Clearance - Due to the sensitive nature of the work, candidates must be eligible for SC clearance. Candidates with active or recently lapsed SC clearance will be prioritised. Applicants without clearance must be willing and eligible to undergo vetting. The Role - As Cybersecurity Vulnerability Lead, you will: Own the end-to-end vulnerability management programme, with Tenable One at the core. Define and deliver the strategy, policies, SLAs, and operating rhythm. Lead on risk-based prioritisation using exploit intelligence, asset criticality, and business impact. Translate scan data into clear, actionable remediation plans for technical teams. Build dashboards and executive reports (ServiceNow, Power BI). Provide rapid risk assessments and emergency patch governance during incidents. Support audits and regulatory compliance (ISO27001, CE+, GDPR, NIS2, ONR). Drive automation, integrating tools and workflows to improve efficiency. Act as subject matter expert for Tenable and related tooling, ensuring platforms are fully leveraged. Mentor analysts and security champions, building maturity across the team. About You - You will bring experience leading vulnerability management at enterprise scale, ideally in financial services or similarly regulated industries. You should also have hands-on knowledge of the following: Core Vulnerability Management - Tenable One (Exposure Management, Attack Surface Management, Attack Paths, Identity) AWS Inspector Agent-based and network-based scanning Cloud integrations (AWS, Azure, GCP) Dashboards and risk-based prioritisation Patch & Endpoint Management - Microsoft Intune / SCCM / WSUS Jamf Workflow & ITSM Integration - ServiceNow (dashboards, SOAR) Jira Cloud & Application Security - AWS Security Hub Azure Defender for Cloud Veracode Threat Intelligence & Exploit Context - Tenable Threat Intelligence Exploit DB Metasploit SIEM, SOAR & Monitoring - Microsoft Sentinel SOAR platforms (ServiceNow SOAR) Automation & Scripting - Python, PowerShell, Bash, Ansible Reporting & Metrics - Power BI ServiceNow dashboards Excel (advanced analysis) Frameworks & Standards - NIST CSF, ISO 27001, OWASP, CE / CE+, GDPR, NIS2, ONR Security Domains / Capabilities - Identity and Access Management (IAM) Network Security Data Protection Cloud Security Controls Application Security Security Monitoring Processes & Practices - Vulnerability Management Programmes Incident Response and Threat Assessment Emergency Patch Governance Risk-based Prioritisation (CVEs, exploit intelligence, asset criticality, business impact) Audit Support (internal assurance, penetration test follow-ups, external audits) Exception and exemption management Automation of manual tasks Dashboarding for risk and SLA metrics What's on Offer - A leadership role with significant influence across a major UK organisation. Opportunity to work with a forward-thinking Cyber Services function pushing boundaries in vulnerability management.
04/10/2025
Contractor
Cybersecurity Vulnerability Lead - £700 per day - Inside IR35 - Remote - 6 Months initial contract. Our client, the UKs leading producer of Zero Carbon energy, is looking for a Cybersecurity Vulnerability Lead to join them on a contract basis. This is a senior role with responsibility for the organisation s vulnerability management programme across multiple business units, technologies, and regulatory environments. The organisation has made significant investment in Tenable as its core vulnerability management platform. You ll be expected to lead its strategic and day-to-day usage, ensuring vulnerabilities are accurately identified, prioritised, and remediated while driving continuous improvement in how the platform is integrated and utilised. Candidates with strong Tenable expertise, particularly those who have embedded it at scale in large or regulated environments such as financial services, will be especially attractive for this role. Security Clearance - Due to the sensitive nature of the work, candidates must be eligible for SC clearance. Candidates with active or recently lapsed SC clearance will be prioritised. Applicants without clearance must be willing and eligible to undergo vetting. The Role - As Cybersecurity Vulnerability Lead, you will: Own the end-to-end vulnerability management programme, with Tenable One at the core. Define and deliver the strategy, policies, SLAs, and operating rhythm. Lead on risk-based prioritisation using exploit intelligence, asset criticality, and business impact. Translate scan data into clear, actionable remediation plans for technical teams. Build dashboards and executive reports (ServiceNow, Power BI). Provide rapid risk assessments and emergency patch governance during incidents. Support audits and regulatory compliance (ISO27001, CE+, GDPR, NIS2, ONR). Drive automation, integrating tools and workflows to improve efficiency. Act as subject matter expert for Tenable and related tooling, ensuring platforms are fully leveraged. Mentor analysts and security champions, building maturity across the team. About You - You will bring experience leading vulnerability management at enterprise scale, ideally in financial services or similarly regulated industries. You should also have hands-on knowledge of the following: Core Vulnerability Management - Tenable One (Exposure Management, Attack Surface Management, Attack Paths, Identity) AWS Inspector Agent-based and network-based scanning Cloud integrations (AWS, Azure, GCP) Dashboards and risk-based prioritisation Patch & Endpoint Management - Microsoft Intune / SCCM / WSUS Jamf Workflow & ITSM Integration - ServiceNow (dashboards, SOAR) Jira Cloud & Application Security - AWS Security Hub Azure Defender for Cloud Veracode Threat Intelligence & Exploit Context - Tenable Threat Intelligence Exploit DB Metasploit SIEM, SOAR & Monitoring - Microsoft Sentinel SOAR platforms (ServiceNow SOAR) Automation & Scripting - Python, PowerShell, Bash, Ansible Reporting & Metrics - Power BI ServiceNow dashboards Excel (advanced analysis) Frameworks & Standards - NIST CSF, ISO 27001, OWASP, CE / CE+, GDPR, NIS2, ONR Security Domains / Capabilities - Identity and Access Management (IAM) Network Security Data Protection Cloud Security Controls Application Security Security Monitoring Processes & Practices - Vulnerability Management Programmes Incident Response and Threat Assessment Emergency Patch Governance Risk-based Prioritisation (CVEs, exploit intelligence, asset criticality, business impact) Audit Support (internal assurance, penetration test follow-ups, external audits) Exception and exemption management Automation of manual tasks Dashboarding for risk and SLA metrics What's on Offer - A leadership role with significant influence across a major UK organisation. Opportunity to work with a forward-thinking Cyber Services function pushing boundaries in vulnerability management.
Deerfoot Recruitment Solutions Limited
City, London
Threat Intelligence Analyst Fully Onsite in London Inside IR35 Contract Deerfoot Recruitment has been engaged to identify an experienced Threat Intelligence Analyst for a leading global banking organisation with an advanced cyber defence function in London. This is a fantastic opportunity to shape threat intelligence, work alongside Red/Blue Teams, and operationalise intelligence using the latest cybersecurity, penetration testing, and Breach & Attack Simulation (BAS) platforms. Key Responsibilities: Monitor and analyse global cyber threat landscapes, identifying threats, adversary tactics, and emerging risks Collaborate with Red Team, Blue Team, and Penetration Testing specialists to integrate intelligence into Breach & Attack Simulation (BAS) scenarios Act as a point of contact between threat intelligence, Red/Blue, and SOC teams to align threat modelling and adversary simulation Support threat hunting activities and provide tactical, contextual intelligence to stakeholders Model and assess threat actors, including motivations, capabilities, attack vectors, and impacts Leverage the MITRE ATT&CK framework for mapping adversary behaviours and detection Develop and update threat profiles, attack surface assessments, and adversary emulation plans Present high-quality threat briefings, risk assessments, and operational recommendations Participate in incident response, providing context, attributions, and support as required Required Skills & Experience: Extensive experience in threat intelligence, cybersecurity operations, or penetration testing Proven ability to work collaboratively with Red/Blue teams and Security Operations Centres (SOC) Hands-on experience with TIPs (Threat Intelligence Platforms), SIEM tools, and threat data enrichment solutions Practical exposure to Breach & Attack Simulation (BAS) tools for threat scenario development Strong knowledge of adversary TTPs, MITRE ATT&CK, and modern threat modelling techniques Technical proficiency with pentesting tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera Experience producing actionable threat intelligence reports and clear technical briefings If you are ready to drive the next wave of cyber defense, apply via Deerfoot Recruitment today to learn more about this exciting contract opportunity. Deerfoot Recruitment Solutions Ltd is a leading independent tech recruitment consultancy in the UK. For every CV sent to clients, we donate £1 to The Born Free Foundation. We are a Climate Action Workforce in partnership with Ecologi. If this role isn't right for you, explore our referral reward program with payouts at interview and placement milestones. Visit our website for details. Deerfoot Recruitment Solutions Ltd acts as an Employment Business in relation to this vacancy.
03/10/2025
Contractor
Threat Intelligence Analyst Fully Onsite in London Inside IR35 Contract Deerfoot Recruitment has been engaged to identify an experienced Threat Intelligence Analyst for a leading global banking organisation with an advanced cyber defence function in London. This is a fantastic opportunity to shape threat intelligence, work alongside Red/Blue Teams, and operationalise intelligence using the latest cybersecurity, penetration testing, and Breach & Attack Simulation (BAS) platforms. Key Responsibilities: Monitor and analyse global cyber threat landscapes, identifying threats, adversary tactics, and emerging risks Collaborate with Red Team, Blue Team, and Penetration Testing specialists to integrate intelligence into Breach & Attack Simulation (BAS) scenarios Act as a point of contact between threat intelligence, Red/Blue, and SOC teams to align threat modelling and adversary simulation Support threat hunting activities and provide tactical, contextual intelligence to stakeholders Model and assess threat actors, including motivations, capabilities, attack vectors, and impacts Leverage the MITRE ATT&CK framework for mapping adversary behaviours and detection Develop and update threat profiles, attack surface assessments, and adversary emulation plans Present high-quality threat briefings, risk assessments, and operational recommendations Participate in incident response, providing context, attributions, and support as required Required Skills & Experience: Extensive experience in threat intelligence, cybersecurity operations, or penetration testing Proven ability to work collaboratively with Red/Blue teams and Security Operations Centres (SOC) Hands-on experience with TIPs (Threat Intelligence Platforms), SIEM tools, and threat data enrichment solutions Practical exposure to Breach & Attack Simulation (BAS) tools for threat scenario development Strong knowledge of adversary TTPs, MITRE ATT&CK, and modern threat modelling techniques Technical proficiency with pentesting tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera Experience producing actionable threat intelligence reports and clear technical briefings If you are ready to drive the next wave of cyber defense, apply via Deerfoot Recruitment today to learn more about this exciting contract opportunity. Deerfoot Recruitment Solutions Ltd is a leading independent tech recruitment consultancy in the UK. For every CV sent to clients, we donate £1 to The Born Free Foundation. We are a Climate Action Workforce in partnership with Ecologi. If this role isn't right for you, explore our referral reward program with payouts at interview and placement milestones. Visit our website for details. Deerfoot Recruitment Solutions Ltd acts as an Employment Business in relation to this vacancy.
Job Title: Senior Cyber Security Analyst - SC Location : Hybrid/London - 3 days a week on site Contract Duration : 3 months initially Daily Rate: £800/day (Umbrella - Maximum) IR35 Status: Inside IR35 Minimum requirement: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience with SPLUNK EDR (Endpoint Detection and Response) Analytical, problem solving Security Clearance: SC Senior Cyber Security Analyst The Cyber Defence team delivers cyber threat intelligence, threat detection, incident response and Vulnerability management capabilities for the organisation, and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior security analyst, you'll take a leading role in building and delivering these core capabilities, focusing on incident response. As a senior security analyst with responsibility for incident response, you will l: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environments Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Excellent analytical and problem solving skills Excellent verbal and written communication skills Experience with Splunk Experience working in an Agile environment Experience with cloud environments such as AWS Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know. To apply for this role please submit your latest CV or contact Aspect Resources
03/10/2025
Contractor
Job Title: Senior Cyber Security Analyst - SC Location : Hybrid/London - 3 days a week on site Contract Duration : 3 months initially Daily Rate: £800/day (Umbrella - Maximum) IR35 Status: Inside IR35 Minimum requirement: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience with SPLUNK EDR (Endpoint Detection and Response) Analytical, problem solving Security Clearance: SC Senior Cyber Security Analyst The Cyber Defence team delivers cyber threat intelligence, threat detection, incident response and Vulnerability management capabilities for the organisation, and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior security analyst, you'll take a leading role in building and delivering these core capabilities, focusing on incident response. As a senior security analyst with responsibility for incident response, you will l: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environments Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Excellent analytical and problem solving skills Excellent verbal and written communication skills Experience with Splunk Experience working in an Agile environment Experience with cloud environments such as AWS Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know. To apply for this role please submit your latest CV or contact Aspect Resources
Job Title: Security Orchestration, Automation & Response (SOAR) Engineer Duration: 6-month contract Location: Welwyn garden city - Hybrid (1 to 2 days per week on site) Daily Rate: 850 inside umbrella About the role: As a SOAR Engineer, you will be at the forefront of enhancing security capabilities. Your contributions will play a pivotal role in detecting and preventing security threats while ensuring faster and more effective responses. You'll collaborate across various teams, empowering your colleagues to focus on what they do best. Key Responsibilities: Design and develop security automations across SOAR platforms and various security tools. Collaborate with analysts and engineers to improve workflows and enhance operational efficiency. Maintain and improve existing playbooks and automations for optimal platform performance. Stay updated on the latest security trends and techniques to continually refine our strategies. What We're Looking For: To thrive in this role, you should possess the following technical skills and experience: Cyber Security Tools : Hands-on experience with SOAR platforms and Threat Intelligence Platforms. Programming Expertise : Proficiency in Python script with a solid experience of REST APIs to develop and interact with them effectively. Framework Knowledge : Familiarity with the MITRE ATT&CK framework or equivalent, including knowledge of emerging threat actor tactics, techniques, and procedures. Operating Systems : Experience and working knowledge of both Linux and Windows platforms. Public Cloud Experience: Familiarity with working in public cloud environments is a plus! Adecco is a disability-confident employer. It is important to us that we run an inclusive and accessible recruitment process to support candidates of all backgrounds and all abilities to apply. Adecco is committed to building a supportive environment for you to explore the next steps in your career. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you.
02/10/2025
Contractor
Job Title: Security Orchestration, Automation & Response (SOAR) Engineer Duration: 6-month contract Location: Welwyn garden city - Hybrid (1 to 2 days per week on site) Daily Rate: 850 inside umbrella About the role: As a SOAR Engineer, you will be at the forefront of enhancing security capabilities. Your contributions will play a pivotal role in detecting and preventing security threats while ensuring faster and more effective responses. You'll collaborate across various teams, empowering your colleagues to focus on what they do best. Key Responsibilities: Design and develop security automations across SOAR platforms and various security tools. Collaborate with analysts and engineers to improve workflows and enhance operational efficiency. Maintain and improve existing playbooks and automations for optimal platform performance. Stay updated on the latest security trends and techniques to continually refine our strategies. What We're Looking For: To thrive in this role, you should possess the following technical skills and experience: Cyber Security Tools : Hands-on experience with SOAR platforms and Threat Intelligence Platforms. Programming Expertise : Proficiency in Python script with a solid experience of REST APIs to develop and interact with them effectively. Framework Knowledge : Familiarity with the MITRE ATT&CK framework or equivalent, including knowledge of emerging threat actor tactics, techniques, and procedures. Operating Systems : Experience and working knowledge of both Linux and Windows platforms. Public Cloud Experience: Familiarity with working in public cloud environments is a plus! Adecco is a disability-confident employer. It is important to us that we run an inclusive and accessible recruitment process to support candidates of all backgrounds and all abilities to apply. Adecco is committed to building a supportive environment for you to explore the next steps in your career. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you.
Cyber Threat Intelligence Analyst: Cyber, Threat, SOC, Security Clearance Our Global Enterprise client is looking for a skilled Cyber Security Analyst with 5-6 years of experience within Threat Intelligence to join their team. Start Date: ASAP Duration: 55 days Pay Rate: £487 per hour (PLEASE NOTE: Employer NI is paid for by the client) Total Daily Earnings: £553 (includes rolled up holiday) IR35 Status: Inside Location: Hybrid/Hatfield (some travel to Blackfriars if required but this will be on a rare occasion) NOTE: Active SC Clearance is highly desirable. Responsibilities: Threat Intelligence Platform (TIP) Maintenance (20%): Take ownership of the threat intelligence platform and related tooling, ensuring its effective utilisation for monitoring and analysing both cyber and geopolitical threats. Optimise the platform to enhance the team's capabilities in threat detection and response. Continue to develop access to internal data and leverage threat intelligence tooling to maximise intelligence opportunities. Cyber Threat Analysis & Dissemination (50%): Identify intelligence of concern for Computacenter across various sources and tooling and conduct analysis and assessment of such threats and their potential impact to the business. Monitor and analyse geopolitical events to identify potential impacts on the organisation's cyber security landscape. Using a variety of sources to increase knowledge, corroborate and parallel information. This involves engaging in communities and intelligence sharing initiatives. Have confidence in your ability to draw conclusions and provide intelligence led recommendations. Own and run regular briefings of Threat Intelligence to the wider security team. Respond to intelligence requests from internal teams, using all available sources of intelligence to produce assessments on the threat to support decision-making. Ensure clear and concise communication of assessments and complex bits of information for various stakeholders. Collaborate with cross-functional teams to address immediate intelligence needs and contribute to the overall security posture. Work closely alongside other Security Operations teams such as SOC Develop hypotheses based on threat intelligence to direct joint operations with Cyber Threat technical resources to direct threat hunting? Continue to develop access to internal data and leverage threat intelligence tooling to maximise intelligence opportunities. Dark Web Monitoring Ensuring Threat Intelligence Programme Meets Organisational Aims (15%): Collection of Priority Intelligence Requirements from key stakeholders Effective tracking of intelligence activities against these PIRs Reporting of service quality against KPIs Incident Response Support (15%): Required to work out of hours, when situation dictates, to support Incident Response activities Technical Skills & Experience: 5-6 years of experience within Threat Intelligence. Demonstrable experience in analysing and assessing cyber threats, including the ability to identify patterns and trends. Proficient in gathering, correlating, and interpreting data from various sources to produce actionable intelligence. Experience of giving detailed verbal threat briefings to key stakeholders. Experience working with a Threat Intelligence Platform (TIP). Excellent communication skills, including the ability to influence and persuade stakeholders to enact a more security focused approach. Understanding of the intelligence life cycle, from collection through to feedback. Experience in producing high-quality intelligence products and documentation for a variety of audiences. Familiarity with common cyber threats, threat actors, attack vectors, and vulnerabilities. Experience in leveraging open-source intelligence tools and techniques to gather information about threats. Knowledge of information assurance standards and frameworks including CIS, NIST, ISO 27001, Cyber Essentials/Essentials Plus, GDPR. Strong familiarity of threat cyber security frameworks such as MITRE ATT&CK, Killchain and NIST CSF 2.0 Desirable: Recognised information security and/or information technology industry certification. Good organisational and time management skills Experience of delivering and shaping Threat Modelling programmes Soft Skills: Excellent written and verbal English. Good presentation and moderation skills; professional and convincing manner of appearance and expression; clear, targeted communication (verbal and written). A strong desire to help others by sharing knowledge, peer reviewing, and contributing to technical and process standards. Work well within a team, report issues and risks, take part in team meetings, share ideas and work towards improving our service. Excellent communication and Customer facing customer service skills previous experience is essential. Ability to work independently and as part of a team is essential. To apply for this Cyber Threat Intelligence Analyst contract job, please click the button below and submit your latest CV. Curo Services endeavours to respond to all applications, however this may not always be possible during periods of high volume. Thank you for your patience. Curo Services is a trading name of Curo Resourcing Ltd and acts as an Employment Business for contract and temporary recruitment as well as an Employment Agency in relation to permanent vacancies.
02/10/2025
Contractor
Cyber Threat Intelligence Analyst: Cyber, Threat, SOC, Security Clearance Our Global Enterprise client is looking for a skilled Cyber Security Analyst with 5-6 years of experience within Threat Intelligence to join their team. Start Date: ASAP Duration: 55 days Pay Rate: £487 per hour (PLEASE NOTE: Employer NI is paid for by the client) Total Daily Earnings: £553 (includes rolled up holiday) IR35 Status: Inside Location: Hybrid/Hatfield (some travel to Blackfriars if required but this will be on a rare occasion) NOTE: Active SC Clearance is highly desirable. Responsibilities: Threat Intelligence Platform (TIP) Maintenance (20%): Take ownership of the threat intelligence platform and related tooling, ensuring its effective utilisation for monitoring and analysing both cyber and geopolitical threats. Optimise the platform to enhance the team's capabilities in threat detection and response. Continue to develop access to internal data and leverage threat intelligence tooling to maximise intelligence opportunities. Cyber Threat Analysis & Dissemination (50%): Identify intelligence of concern for Computacenter across various sources and tooling and conduct analysis and assessment of such threats and their potential impact to the business. Monitor and analyse geopolitical events to identify potential impacts on the organisation's cyber security landscape. Using a variety of sources to increase knowledge, corroborate and parallel information. This involves engaging in communities and intelligence sharing initiatives. Have confidence in your ability to draw conclusions and provide intelligence led recommendations. Own and run regular briefings of Threat Intelligence to the wider security team. Respond to intelligence requests from internal teams, using all available sources of intelligence to produce assessments on the threat to support decision-making. Ensure clear and concise communication of assessments and complex bits of information for various stakeholders. Collaborate with cross-functional teams to address immediate intelligence needs and contribute to the overall security posture. Work closely alongside other Security Operations teams such as SOC Develop hypotheses based on threat intelligence to direct joint operations with Cyber Threat technical resources to direct threat hunting? Continue to develop access to internal data and leverage threat intelligence tooling to maximise intelligence opportunities. Dark Web Monitoring Ensuring Threat Intelligence Programme Meets Organisational Aims (15%): Collection of Priority Intelligence Requirements from key stakeholders Effective tracking of intelligence activities against these PIRs Reporting of service quality against KPIs Incident Response Support (15%): Required to work out of hours, when situation dictates, to support Incident Response activities Technical Skills & Experience: 5-6 years of experience within Threat Intelligence. Demonstrable experience in analysing and assessing cyber threats, including the ability to identify patterns and trends. Proficient in gathering, correlating, and interpreting data from various sources to produce actionable intelligence. Experience of giving detailed verbal threat briefings to key stakeholders. Experience working with a Threat Intelligence Platform (TIP). Excellent communication skills, including the ability to influence and persuade stakeholders to enact a more security focused approach. Understanding of the intelligence life cycle, from collection through to feedback. Experience in producing high-quality intelligence products and documentation for a variety of audiences. Familiarity with common cyber threats, threat actors, attack vectors, and vulnerabilities. Experience in leveraging open-source intelligence tools and techniques to gather information about threats. Knowledge of information assurance standards and frameworks including CIS, NIST, ISO 27001, Cyber Essentials/Essentials Plus, GDPR. Strong familiarity of threat cyber security frameworks such as MITRE ATT&CK, Killchain and NIST CSF 2.0 Desirable: Recognised information security and/or information technology industry certification. Good organisational and time management skills Experience of delivering and shaping Threat Modelling programmes Soft Skills: Excellent written and verbal English. Good presentation and moderation skills; professional and convincing manner of appearance and expression; clear, targeted communication (verbal and written). A strong desire to help others by sharing knowledge, peer reviewing, and contributing to technical and process standards. Work well within a team, report issues and risks, take part in team meetings, share ideas and work towards improving our service. Excellent communication and Customer facing customer service skills previous experience is essential. Ability to work independently and as part of a team is essential. To apply for this Cyber Threat Intelligence Analyst contract job, please click the button below and submit your latest CV. Curo Services endeavours to respond to all applications, however this may not always be possible during periods of high volume. Thank you for your patience. Curo Services is a trading name of Curo Resourcing Ltd and acts as an Employment Business for contract and temporary recruitment as well as an Employment Agency in relation to permanent vacancies.
Incident Response Analyst Permanent - 52k - 57k + strong benefits Location: Hybrid - South Wales Your new company I am looking to recruit an Incident Response Analyst to join a leader in the utilities space. The business have been investing in their cyber security and IT estate and are continuing to grow and enhance their security posture. The company has a strong reputation, and we have placed numerous people into careers there, with strong feedback. Your new role This is an interesting opportunity to help deliver strategy which will enhance the organisation's security resilience, proactively contributing to mitigating threats, at a good time when the company is expanding and investing in its IT and cyber security estate. Working alongside the SOC, the primary responsibility of an incident responder is to rapidly investigate and document cybersecurity incidents within the organisation. Key parts of the role: Monitor and analyse network traffic, system logs, and other data sources to identify potential security incidents. Investigate alerts and suspicious activity to determine if an incident has occurred. Contain affected systems and networks to prevent the incident from spreading. Implement temporary measures to mitigate the impact of the incident. Work with other teams, such as IT and security operations, to develop and implement a containment strategy. Analyse incident data to determine the root cause of the incident and identify recommendations for improvement. Document and report incidents to the incident response team and other relevant stakeholders. Stay informed about emerging cyber threats and vulnerabilities. What you'll need to succeed Experience in a similar role, ideally around CNI and OT, with exposure to cyber plans. Proven experience operating in a SOC or a related cyber security role. In-depth knowledge of cyber threats, threat intelligence frameworks and cyber security best practice. Strong analytical and problem-solving skills. Ability to work independently and as part of a team. Excellent communication and interpersonal skills. Ability to obtain UK Security Clearance What you'll get in return Salary of between 52k- 57k Hybrid working 2/3 days in South Wales per week Possible bonus 5% pension contribution from you, the company pays 10% Enhanced pay for parental leave And more! What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
02/10/2025
Full time
Incident Response Analyst Permanent - 52k - 57k + strong benefits Location: Hybrid - South Wales Your new company I am looking to recruit an Incident Response Analyst to join a leader in the utilities space. The business have been investing in their cyber security and IT estate and are continuing to grow and enhance their security posture. The company has a strong reputation, and we have placed numerous people into careers there, with strong feedback. Your new role This is an interesting opportunity to help deliver strategy which will enhance the organisation's security resilience, proactively contributing to mitigating threats, at a good time when the company is expanding and investing in its IT and cyber security estate. Working alongside the SOC, the primary responsibility of an incident responder is to rapidly investigate and document cybersecurity incidents within the organisation. Key parts of the role: Monitor and analyse network traffic, system logs, and other data sources to identify potential security incidents. Investigate alerts and suspicious activity to determine if an incident has occurred. Contain affected systems and networks to prevent the incident from spreading. Implement temporary measures to mitigate the impact of the incident. Work with other teams, such as IT and security operations, to develop and implement a containment strategy. Analyse incident data to determine the root cause of the incident and identify recommendations for improvement. Document and report incidents to the incident response team and other relevant stakeholders. Stay informed about emerging cyber threats and vulnerabilities. What you'll need to succeed Experience in a similar role, ideally around CNI and OT, with exposure to cyber plans. Proven experience operating in a SOC or a related cyber security role. In-depth knowledge of cyber threats, threat intelligence frameworks and cyber security best practice. Strong analytical and problem-solving skills. Ability to work independently and as part of a team. Excellent communication and interpersonal skills. Ability to obtain UK Security Clearance What you'll get in return Salary of between 52k- 57k Hybrid working 2/3 days in South Wales per week Possible bonus 5% pension contribution from you, the company pays 10% Enhanced pay for parental leave And more! What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
ROLE SUMMARY The Global Information Security (GIS) organization delivers proactive cyber defense for the global Pfizer enterprise. Our mission is to secure all of Pfizer's information assets ranging from the manufacturing floor to the core data centers and out to the patient facing solutions. We achieve this mission through a team of world-class talent, utilizing top-tier technologies, advanced analytics, and the promotion of a cybersecurity ownership culture across the company. The Cyber Threat Intelligence team works with internal and external partners to reduce risk to Pfizer. The team provides timely situational awareness, conducts in depth analysis of threats, and translates indicators of threat into actionable information to reduce impact to Pfizer. Stakeholders include cybersecurity response teams, internal lines of business, senior leadership, external organizations such as law enforcement, and industry peers and intelligence sharing partners. The Senior Cyber Intelligence Analyst is responsible for conducting in-depth research, documentation, and intelligence analysis of key cyber threats, including threat actor tactics, techniques, and procedures (TTPs), to develop a comprehensive picture of the cyber threat landscape, improve Pfizer's security posture, and reduce risk. This individual will provide domain expertise to aid in the effective prioritization and analysis of threats in line with the needs of our stakeholders. The individual will have experience successfully executing all phases of the intelligence lifecycle in support of driving an intelligence led security organization. An ideal candidate for this role will have technical, communication, and interpersonal skills with previous experience mentoring peer CTI analysts and leading CTI initiatives. The position is an individual contributor role that will engage with cross functional internal colleagues and external partners and reports to the Director, Global Threat Research within the Pfizer Digital Global Information Security organization. ROLE RESPONSIBILITIES Perform intelligence analysis of cyber threat activity through execution of the threat intelligence lifecycle. Conduct in-depth intrusion analysis of cyber threats utilizing frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model and MITRE ATT&CK. Develop strategic, tactical, and operational intelligence products for stakeholder dissemination in support of priority intelligence requirements. Curate threat intelligence related to the cyber threat landscape such as threat actors, malware, vulnerabilities and tactics, techniques, and procedures. Present cyber threat intelligence to stakeholders that helps drive both tactical and strategic priorities. Participate in and lead team projects centered around the cyber threat intelligence mission. Mentor peer CTI analysts through on the job training opportunities. Interface with external sharing communities through the sharing of timely and relevant cyber threats. QUALIFICATIONS BS in Information Security, Computer Sciences, Information Systems, Engineering, or equivalent with demonstrable professional experience in a corporate environment. Experience in understanding the techniques of Computer Network Exploitation and Defense (CNE / CND). Experience using frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model and MITRE ATT&CK. Experience in information analysis and execution of the intelligence lifecycle. Experience developing and curating intelligence related to the cyber threat landscape such as threat actors, malware, vulnerabilities and tactics, techniques, and procedures. Experience with translating threat intelligence from OSINT and private intelligence reports into custom detections and mitigations across multiple security technologies. Experience performing technical indicator and TTP analysis using both open and closed source intelligence sources Ability to provide concise and accurate communications (both verbal and written) in disseminated intelligence products. Ability to communicate and establish rapport with a global team of incident responders and intelligence analysts. Experience mentoring peer analysts in all stages of the intelligence lifecycle. Work Location Assignment: Flexible
19/08/2023
Full time
ROLE SUMMARY The Global Information Security (GIS) organization delivers proactive cyber defense for the global Pfizer enterprise. Our mission is to secure all of Pfizer's information assets ranging from the manufacturing floor to the core data centers and out to the patient facing solutions. We achieve this mission through a team of world-class talent, utilizing top-tier technologies, advanced analytics, and the promotion of a cybersecurity ownership culture across the company. The Cyber Threat Intelligence team works with internal and external partners to reduce risk to Pfizer. The team provides timely situational awareness, conducts in depth analysis of threats, and translates indicators of threat into actionable information to reduce impact to Pfizer. Stakeholders include cybersecurity response teams, internal lines of business, senior leadership, external organizations such as law enforcement, and industry peers and intelligence sharing partners. The Senior Cyber Intelligence Analyst is responsible for conducting in-depth research, documentation, and intelligence analysis of key cyber threats, including threat actor tactics, techniques, and procedures (TTPs), to develop a comprehensive picture of the cyber threat landscape, improve Pfizer's security posture, and reduce risk. This individual will provide domain expertise to aid in the effective prioritization and analysis of threats in line with the needs of our stakeholders. The individual will have experience successfully executing all phases of the intelligence lifecycle in support of driving an intelligence led security organization. An ideal candidate for this role will have technical, communication, and interpersonal skills with previous experience mentoring peer CTI analysts and leading CTI initiatives. The position is an individual contributor role that will engage with cross functional internal colleagues and external partners and reports to the Director, Global Threat Research within the Pfizer Digital Global Information Security organization. ROLE RESPONSIBILITIES Perform intelligence analysis of cyber threat activity through execution of the threat intelligence lifecycle. Conduct in-depth intrusion analysis of cyber threats utilizing frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model and MITRE ATT&CK. Develop strategic, tactical, and operational intelligence products for stakeholder dissemination in support of priority intelligence requirements. Curate threat intelligence related to the cyber threat landscape such as threat actors, malware, vulnerabilities and tactics, techniques, and procedures. Present cyber threat intelligence to stakeholders that helps drive both tactical and strategic priorities. Participate in and lead team projects centered around the cyber threat intelligence mission. Mentor peer CTI analysts through on the job training opportunities. Interface with external sharing communities through the sharing of timely and relevant cyber threats. QUALIFICATIONS BS in Information Security, Computer Sciences, Information Systems, Engineering, or equivalent with demonstrable professional experience in a corporate environment. Experience in understanding the techniques of Computer Network Exploitation and Defense (CNE / CND). Experience using frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model and MITRE ATT&CK. Experience in information analysis and execution of the intelligence lifecycle. Experience developing and curating intelligence related to the cyber threat landscape such as threat actors, malware, vulnerabilities and tactics, techniques, and procedures. Experience with translating threat intelligence from OSINT and private intelligence reports into custom detections and mitigations across multiple security technologies. Experience performing technical indicator and TTP analysis using both open and closed source intelligence sources Ability to provide concise and accurate communications (both verbal and written) in disseminated intelligence products. Ability to communicate and establish rapport with a global team of incident responders and intelligence analysts. Experience mentoring peer analysts in all stages of the intelligence lifecycle. Work Location Assignment: Flexible
Location
Dstl Porton Down, Salisbury, Wiltshire, SP4 0JQ or Dstl Portsdown West, Fareham, Hampshire, PO17 6AD
About the job
Job summary
Dstl is the science and technology arm of the Ministry of Defence. We improve the front-line capability of the UK Armed Forces helping keep our country safe.
The Cyber Security and Safety Group has never been more important. Many military platforms such as fast jets, unmanned air vehicles, helicopters, naval vessels, and land vehicles are becoming increasingly reliant on Software, Artificial Intelligence (AI) and Autonomous functions to control all aspects of their behaviour.
We’re looking for mathematically strong data scientists to help make AI reliant military systems robust and trustworthy in complex operations to help save lives.
An example of our world class inspiring work is designing and trialling a variety of autonomous air and ground vehicles out in Salisbury plain with the US and Australia. AI models were retrained in flight to meet changing mission situations to enhance commanders’ decision-making.
You could be involved in:
Assessing and improving AI content in Defence and Security safety critical systems in the Air, Sea and Land domains, to ensure that they are safe, secure and protected.
Applying the latest thinking in verification and validation of artificial intelligence and autonomous functions for defence and security purposes.
Innovating to support the delivery of the UK Cyber Strategy by researching algorithms for Cyber defence.
Dstl recognises the importance of diversity and inclusion as people from diverse backgrounds bring fresh ideas. We are committed to building an inclusive working environment in which each employee fulfils their potential and maximises their contribution.
We particularly welcome female and ethnic minority applicants and those from the LGBTQI community, as they are under-represented within Dstl at these levels.
Job description
In this role you will:
Have a drive for keeping abreast of the latest developments in cyber security and emerging trends in artificial intelligence. We give our people the opportunity to think and innovate. We offer loads of opportunities for training and scholarships, attending and presenting at conferences, and collaborating with internal research and industry and academia.
Work in a team consisting of highly professional Autonomy and Mathematical experts with enviable national and international reputations to take part in cutting edge research. Use your critical thinking and creative problem solving skills to implement state of art methods and tools.
Develop a knowledge of undertaking verification, validation and vulnerability assessments on Systems of interest.
Appreciate the importance of safety, security requirements to have a positive impact on defence and security of the UK.
Deliver technical reports and recommendations to leadership, senior officials across government and military and other non-technical audiences through clear data storytelling and well-crafted verbal presentations
Person specification
We are looking for someone who has:
A keen interest in algorithms, AI, ML or statistical analysis along with a willingness to develop additional capabilities in cyber security and safety.
Experience contributing to Software or AI / ML intensive projects.
Is looking for a career with a difference, doing a job that provides the latest and most effective tools to defend our nation and uphold the principle of freedom.
Important Information:
Our work in defence, security and intelligence requires our employees to be UK Nationals who are able to gain a high level of security clearance to undertake the projects we are involved in to protect us from security threats. For this reason, only UK Nationals will be able to apply for this role. If you are an international or dual-national candidate, and you think you have the skills we need, please consider applying to any of our government, security or defence partners.
This role will require full UK security clearance and you should have resided in the UK for the past 5 years. For some roles Developed Vetting will also be required, in this case you should have resided in the UK for the past 10 years.
Behaviours
We'll assess you against these behaviours during the selection process:
Changing and Improving
Communicating and Influencing
Seeing the Big Picture
Working Together
Benefits
Benefits
Dstl’s full range of great benefits can be found in the information pack which includes:
Financial : An excellent pension scheme starting from 26% employer contribution ( find out more here ). In Year Rewarding Achievement bonuses and thank you vouchers. Rental deposit scheme and cycle to work scheme.
Flexible working : Options include alternative working patterns such as; compressed hours (e.g. working a 4 day week/ 9 day fortnight), job shares and annualised hours (agreed number of hours per annum paid monthly i.e. working term-time only).
Working hours: Flexibility around your working day (e.g. start time, finish time). Ability to bank hours in a 12 month reference period including the ability to accrue and use 3 days per calendar month.
Where you work: Depending on your role, blended working may be available including remote working to suit you and your team. This can be discussed at interview.
Annual leave: 25 days pro rata (rising to 30 after 5 years) plus 8 public holidays with the ability to buy/sell 5 additional days per annum.
Family: Maternity, adoption or shared parental leave of up to 26 weeks with full pay, an additional 13 weeks statutory pay and a further 13 weeks unpaid
Learning and Development: Dstl encourages and supports charterships, accreditations and provides employees access to fully funded apprenticeships up to level 7 (Masters Degree). Dstl will pay for 2 memberships with relevant bodies/institutions. Employees also have access to Civil Service Learning.
Facilities: Onsite parking, EV Charging points, restaurants, cafés and gyms.
Things you need to know
Selection process details
This vacancy is using Success Profiles (opens in a new window) , and will assess your Behaviours and Experience.
We want you to have your best chance of success in our recruitment process, so If at any stage of the application process you would like help or assistance please contact the Dstl Recruitment Team dstlrecruitment@dstl.gov.uk and we will do all we can to support you.
Sifting will be taking place bi-weekly throughout the campaign, successful applicants will be invited to attend an online interview via MS Teams.
Feedback will only be provided if you attend an interview or assessment.
Security
Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window) . See our vetting charter (opens in a new window) . People working with government assets must complete baseline personnel security standard (opens in new window) checks.
Nationality requirements
Open to UK nationals only. This job is not open to candidates who hold a dual nationality.
Working for the Civil Service
The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants. We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window) . The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.
Apply and further information
This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative. Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.
Contact point for applicants
Job contact :
Name : Dstl Recruitment
Email : dstlrecruitment@dstl.gov.uk
Recruitment team
Email : dstlrecruitment@dstl.gov.uk
Further information
Should you wish to raise a formal complaint about the Dstl recruitment process you should email dstlrecruitment@dstl.gov.uk stating the nature of the issue. We will respond within 5 working days.
Attachments
20230626_CSAS_Data_Scientist_Autonomy_Dependability_L5 Opens in new window (docx, 66kB) Candidate_info_pack_CIS - 20220824 Opens in new window (pdf, 1378kB)
03/07/2023
Full time
Location
Dstl Porton Down, Salisbury, Wiltshire, SP4 0JQ or Dstl Portsdown West, Fareham, Hampshire, PO17 6AD
About the job
Job summary
Dstl is the science and technology arm of the Ministry of Defence. We improve the front-line capability of the UK Armed Forces helping keep our country safe.
The Cyber Security and Safety Group has never been more important. Many military platforms such as fast jets, unmanned air vehicles, helicopters, naval vessels, and land vehicles are becoming increasingly reliant on Software, Artificial Intelligence (AI) and Autonomous functions to control all aspects of their behaviour.
We’re looking for mathematically strong data scientists to help make AI reliant military systems robust and trustworthy in complex operations to help save lives.
An example of our world class inspiring work is designing and trialling a variety of autonomous air and ground vehicles out in Salisbury plain with the US and Australia. AI models were retrained in flight to meet changing mission situations to enhance commanders’ decision-making.
You could be involved in:
Assessing and improving AI content in Defence and Security safety critical systems in the Air, Sea and Land domains, to ensure that they are safe, secure and protected.
Applying the latest thinking in verification and validation of artificial intelligence and autonomous functions for defence and security purposes.
Innovating to support the delivery of the UK Cyber Strategy by researching algorithms for Cyber defence.
Dstl recognises the importance of diversity and inclusion as people from diverse backgrounds bring fresh ideas. We are committed to building an inclusive working environment in which each employee fulfils their potential and maximises their contribution.
We particularly welcome female and ethnic minority applicants and those from the LGBTQI community, as they are under-represented within Dstl at these levels.
Job description
In this role you will:
Have a drive for keeping abreast of the latest developments in cyber security and emerging trends in artificial intelligence. We give our people the opportunity to think and innovate. We offer loads of opportunities for training and scholarships, attending and presenting at conferences, and collaborating with internal research and industry and academia.
Work in a team consisting of highly professional Autonomy and Mathematical experts with enviable national and international reputations to take part in cutting edge research. Use your critical thinking and creative problem solving skills to implement state of art methods and tools.
Develop a knowledge of undertaking verification, validation and vulnerability assessments on Systems of interest.
Appreciate the importance of safety, security requirements to have a positive impact on defence and security of the UK.
Deliver technical reports and recommendations to leadership, senior officials across government and military and other non-technical audiences through clear data storytelling and well-crafted verbal presentations
Person specification
We are looking for someone who has:
A keen interest in algorithms, AI, ML or statistical analysis along with a willingness to develop additional capabilities in cyber security and safety.
Experience contributing to Software or AI / ML intensive projects.
Is looking for a career with a difference, doing a job that provides the latest and most effective tools to defend our nation and uphold the principle of freedom.
Important Information:
Our work in defence, security and intelligence requires our employees to be UK Nationals who are able to gain a high level of security clearance to undertake the projects we are involved in to protect us from security threats. For this reason, only UK Nationals will be able to apply for this role. If you are an international or dual-national candidate, and you think you have the skills we need, please consider applying to any of our government, security or defence partners.
This role will require full UK security clearance and you should have resided in the UK for the past 5 years. For some roles Developed Vetting will also be required, in this case you should have resided in the UK for the past 10 years.
Behaviours
We'll assess you against these behaviours during the selection process:
Changing and Improving
Communicating and Influencing
Seeing the Big Picture
Working Together
Benefits
Benefits
Dstl’s full range of great benefits can be found in the information pack which includes:
Financial : An excellent pension scheme starting from 26% employer contribution ( find out more here ). In Year Rewarding Achievement bonuses and thank you vouchers. Rental deposit scheme and cycle to work scheme.
Flexible working : Options include alternative working patterns such as; compressed hours (e.g. working a 4 day week/ 9 day fortnight), job shares and annualised hours (agreed number of hours per annum paid monthly i.e. working term-time only).
Working hours: Flexibility around your working day (e.g. start time, finish time). Ability to bank hours in a 12 month reference period including the ability to accrue and use 3 days per calendar month.
Where you work: Depending on your role, blended working may be available including remote working to suit you and your team. This can be discussed at interview.
Annual leave: 25 days pro rata (rising to 30 after 5 years) plus 8 public holidays with the ability to buy/sell 5 additional days per annum.
Family: Maternity, adoption or shared parental leave of up to 26 weeks with full pay, an additional 13 weeks statutory pay and a further 13 weeks unpaid
Learning and Development: Dstl encourages and supports charterships, accreditations and provides employees access to fully funded apprenticeships up to level 7 (Masters Degree). Dstl will pay for 2 memberships with relevant bodies/institutions. Employees also have access to Civil Service Learning.
Facilities: Onsite parking, EV Charging points, restaurants, cafés and gyms.
Things you need to know
Selection process details
This vacancy is using Success Profiles (opens in a new window) , and will assess your Behaviours and Experience.
We want you to have your best chance of success in our recruitment process, so If at any stage of the application process you would like help or assistance please contact the Dstl Recruitment Team dstlrecruitment@dstl.gov.uk and we will do all we can to support you.
Sifting will be taking place bi-weekly throughout the campaign, successful applicants will be invited to attend an online interview via MS Teams.
Feedback will only be provided if you attend an interview or assessment.
Security
Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window) . See our vetting charter (opens in a new window) . People working with government assets must complete baseline personnel security standard (opens in new window) checks.
Nationality requirements
Open to UK nationals only. This job is not open to candidates who hold a dual nationality.
Working for the Civil Service
The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants. We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window) . The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.
Apply and further information
This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative. Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.
Contact point for applicants
Job contact :
Name : Dstl Recruitment
Email : dstlrecruitment@dstl.gov.uk
Recruitment team
Email : dstlrecruitment@dstl.gov.uk
Further information
Should you wish to raise a formal complaint about the Dstl recruitment process you should email dstlrecruitment@dstl.gov.uk stating the nature of the issue. We will respond within 5 working days.
Attachments
20230626_CSAS_Data_Scientist_Autonomy_Dependability_L5 Opens in new window (docx, 66kB) Candidate_info_pack_CIS - 20220824 Opens in new window (pdf, 1378kB)
Job Description: Job Title: Application Security Analyst Corporate Title: Vice President Location: Chester Role Description: Resource will function as a member of an enterprise network application layer intrusion, detection, prevention, and response team. Will develop and implement custom alerts and dashboards monitoring controls based on OSI layer 7 attack and threat indicators. Provides leadership in assessing new threat vectors and designing and implementing effective controls. Leverages advanced investigative skills using best in class data correlation and network/packet analysis tools. Will partner with senior leaders from lines of business organizations to triage security events and report on impacting security initiatives. Responsible for mentoring and developing the skill sets of less experienced team members. Develops and implements processes or controls in support of audit and risk requirements. The Team: The Network and Endpoint Cybersecurity Operations team provides the first line of defense for Bank of America's global network. It defends against various threats including DDoS, Malware, Web Based Attacks, Remote Attacks, and provides network access assurance across our network and endpoint boundaries. Provides network and endpoint anomaly monitoring for indicators of compromise, and a 24x7 rapid response capability for network and endpoint security related events and incidents. Core Skills: Required Skills: Strong Splunk skill set. The security analyst will leverage Splunk to analyze logs and other security events to find targeted attacks against network-based bank assets. Strong Intrusion Analysis background. Resource must be able to identify and interpret weblogs from various webservers. Knowledgeable of current exploits. Resource must be able to identify common exploits from the appropriate web and event logs. Working knowledge of Linux, Windows, and OS X operating systems. Comfortable with scripting languages and regular expressions Strong knowledge common network protocols Working knowledge of enterprise Client / Server architecture Working knowledge of OSI model 3 through 7 We are a front-line team that handles active security events and highly current threats. On call and after-hours work can be expected although we rotate to approximately one week every 2 months. The analyst will use new intelligence to update existing controls to detect new threats against the bank. Will be expected to have solid technical skills to operate independently and to support others within the security team. Preferred Skills: Experience doing packet captures and interpreting them (wireshark for example). Understanding of stateful firewalls and able to interpret firewall rules. Able to interpret SQL, Apache web logs, IIS, Active Directory and other security logs. Full understanding of modern web site deployments and technology. Familiarity with web application attacks including SQL injection, cross-site scripting, and remote file inclusion. Use tools to detect anomalous/malicious data transmissions on the network. Use advanced analytics / security tools to detect malware on the network. Bank of America: Every day, across the globe, our employees bring a commitment to our purpose and to driving responsible growth by living our values: deliver together, act responsibly, realize the power of our people and trust the team. A key aspect of driving responsible growth is doing so in a sustainable manner, a critical pillar of which is being a great place to work for our teammates. In line with these values, in EMEA we have 9 Employee Networks, a wide range of Sports & Social clubs, and other development and networking opportunities so that you can enjoy a range of experiences and connect with colleagues across the bank. We also offer exclusive discounts to some of the most iconic cultural experiences for you to enjoy in your spare time outside of work. Learn more about our benefits here. Good conduct and sound judgment is crucial to our long term success. It's important that all employees in the organisation understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mind-set are the cornerstones of our Code of Conduct and are at the heart of managing risk well. We are an equal opportunities employer, and ensure that no applicant is subject to less favourable treatment on the grounds of gender, gender identity, marital status, race, colour, nationality, ethnic or national origins, age, sexual orientation, socio-economic background, responsibilities for dependants, physical or mental disability. The Bank selects candidates for interview based on their skills, qualifications and experience. We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements. As part of our standard hiring process to manage risk, please note background screening checks will be conducted on all hires before commencing employment. Job Band: H5 Shift: Hours Per Week: 35 Weekly Schedule: Referral Bonus Amount: 0
24/09/2022
Full time
Job Description: Job Title: Application Security Analyst Corporate Title: Vice President Location: Chester Role Description: Resource will function as a member of an enterprise network application layer intrusion, detection, prevention, and response team. Will develop and implement custom alerts and dashboards monitoring controls based on OSI layer 7 attack and threat indicators. Provides leadership in assessing new threat vectors and designing and implementing effective controls. Leverages advanced investigative skills using best in class data correlation and network/packet analysis tools. Will partner with senior leaders from lines of business organizations to triage security events and report on impacting security initiatives. Responsible for mentoring and developing the skill sets of less experienced team members. Develops and implements processes or controls in support of audit and risk requirements. The Team: The Network and Endpoint Cybersecurity Operations team provides the first line of defense for Bank of America's global network. It defends against various threats including DDoS, Malware, Web Based Attacks, Remote Attacks, and provides network access assurance across our network and endpoint boundaries. Provides network and endpoint anomaly monitoring for indicators of compromise, and a 24x7 rapid response capability for network and endpoint security related events and incidents. Core Skills: Required Skills: Strong Splunk skill set. The security analyst will leverage Splunk to analyze logs and other security events to find targeted attacks against network-based bank assets. Strong Intrusion Analysis background. Resource must be able to identify and interpret weblogs from various webservers. Knowledgeable of current exploits. Resource must be able to identify common exploits from the appropriate web and event logs. Working knowledge of Linux, Windows, and OS X operating systems. Comfortable with scripting languages and regular expressions Strong knowledge common network protocols Working knowledge of enterprise Client / Server architecture Working knowledge of OSI model 3 through 7 We are a front-line team that handles active security events and highly current threats. On call and after-hours work can be expected although we rotate to approximately one week every 2 months. The analyst will use new intelligence to update existing controls to detect new threats against the bank. Will be expected to have solid technical skills to operate independently and to support others within the security team. Preferred Skills: Experience doing packet captures and interpreting them (wireshark for example). Understanding of stateful firewalls and able to interpret firewall rules. Able to interpret SQL, Apache web logs, IIS, Active Directory and other security logs. Full understanding of modern web site deployments and technology. Familiarity with web application attacks including SQL injection, cross-site scripting, and remote file inclusion. Use tools to detect anomalous/malicious data transmissions on the network. Use advanced analytics / security tools to detect malware on the network. Bank of America: Every day, across the globe, our employees bring a commitment to our purpose and to driving responsible growth by living our values: deliver together, act responsibly, realize the power of our people and trust the team. A key aspect of driving responsible growth is doing so in a sustainable manner, a critical pillar of which is being a great place to work for our teammates. In line with these values, in EMEA we have 9 Employee Networks, a wide range of Sports & Social clubs, and other development and networking opportunities so that you can enjoy a range of experiences and connect with colleagues across the bank. We also offer exclusive discounts to some of the most iconic cultural experiences for you to enjoy in your spare time outside of work. Learn more about our benefits here. Good conduct and sound judgment is crucial to our long term success. It's important that all employees in the organisation understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mind-set are the cornerstones of our Code of Conduct and are at the heart of managing risk well. We are an equal opportunities employer, and ensure that no applicant is subject to less favourable treatment on the grounds of gender, gender identity, marital status, race, colour, nationality, ethnic or national origins, age, sexual orientation, socio-economic background, responsibilities for dependants, physical or mental disability. The Bank selects candidates for interview based on their skills, qualifications and experience. We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements. As part of our standard hiring process to manage risk, please note background screening checks will be conducted on all hires before commencing employment. Job Band: H5 Shift: Hours Per Week: 35 Weekly Schedule: Referral Bonus Amount: 0
Malware Reverse Engineer Location: Remote working - Office based in Reading Salary: Competitive Salary and Benefits Career Level : Specialist, Associate Manager or Manager About Accenture Cyber Threat Intelligence (ACTI) ACTI is a global team that spans 13 countries and 4 continents and speaks more than 30 languages. We are passionate about delivering intelligence analysis, and providing industry-leading analytic insights, cyber context, and critical services our clients need to achieve their business-line and strategic-growth initiatives. We know success is only possible by developing and supporting our most-critical resources: our talented analysts, developers, and supporting team members. We value creativity and entrepreneurship in our team; where possible, we back staff initiatives with opportunities and investments. We enjoy the hunt. We strive to automate and innovate while working with powerful resources and differentiated data. Above all else, we value an egoless approach to guiding our clients as they navigate their businesses through all aspects of the cyber domain. Who You Are You are passionate about cybersecurity and intelligence analysis. You stay abreast of the latest threats, recognize the value of intelligence, and believe it should drive operations. You are a devoted team member who is always willing to lend a hand, mentor a colleague, or increase our global team's awareness by sharing your knowledge and approaches with others. You are productive, easy to work with, and understand that adherence to a good process is key to excellence. Role Description As a Malware Reverse Engineer at ACTI, you will reverse engineer and analyze malware to evaluate sophisticated malicious code to settle malware capabilities and purposes. Analysis includes the use of specialized systems and tools, including dissemblers, debuggers, hex editors, unpackers, virtual machines, and those for network traffic analysis. Key Responsibilities Analyze malicious events and campaigns to determine attack vectors and retrieve malware payloads. Reverse engineer files suspected or known to belong to identified malware families to determine their command-and-control (C2) infrastructure and targeting. Incorporate analysis results into detailed reporting to include purpose, behavior, C2 server infrastructure, and mitigation techniques related to analyzed malware families, malicious campaigns, and events. Track prevailing malware families, including downloaders, banking Trojans, information stealers, ransomware, and remote access Trojans. Reverse engineer recently discovered malware variants to check potential feature augmentation or configuration structure changes. Improve existing tools that extract known malware family configurations based on reverse engineering results. Research the latest malware detection evasion techniques, such as use of customized packers, customized crypters, fully undetectable (FUD) techniques, host intrusion prevention system (HIPS) bypassing, and anti-virus (AV) software bypassing. Based on research, design and develop generic unpacking methods and tools for use as standalone tools or within automated analysis systems and sandboxes. Provide customer support by responding to requests related to suspicious file analysis that sometimes require malware reverse engineering and determination of contextual information surrounding indicators of compromise; do so by providing detailed analysis reports and mitigation recommendations. Provide customer support by responding to cybersecurity requests, including those for: open-source intelligence (OSINT) research; domain, IP address, or URL analysis; malicious campaign information; and/or event attribution. Provide answers to specific questions, the answers of which clients use for operational mentorship to aid their strategies. Design, develop, and implement Windows kernel modules to support automated malware analysis; such modules include kernel system service filtering modules able to intercept operating system services on 32-bit and 64-bit Windows operating systems without triggering those systems' self-protection mechanisms, and kernel-mode modules able to force designated processes to load specific modules that load decoders designed for extracting malware configurations. Design, develop, and implement generic unpackers that combat widely used malware packing methods to retrieve malicious payloads from packed malware samples automatically. Create detection rules and signatures for detecting malware families, and provide detection or blocking recommendations. Develop decoders to extract malware configurations-including basic C2 settings or secondary dynamic configurations, such as those outlining targeted institutions and web injects-based on reverse engineering results. Provide junior engineers with technical training, including: training on malware analysis; reverse engineering; Windows internals; and development, identification, unpacking, and de-obfuscation of malicious code. Travel occasionally as this position may require doing so to address client needs, improve results, or otherwise support projects. Basic Qualifications Bachelor's Degree in Computer Forensics, Science, Engineering, Information Systems, or another related security field, or comparable experience. Experience with malware analysis, reverse engineering, and development. Ability to write, understand, and/or analyze code in programming and scripting languages, including Assembly x86/x64, C, C++, Python, JavaScript, Java, PHP, and HTML. Basic knowledge of and experience with malware packers, crypters, and obfuscation techniques. Understanding of operating system internals and the Windows API. Experience with debuggers, decompilers, and network traffic analysis tools. Development experience in Assembly, Python, C, or C++. Strong understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.). Practical understanding of malware analysis and/or reverse engineering, and the ability to develop malware detection signatures (e.g. YARA). Required Skills Ability to analyze and unpack obfuscated code. Strong written and verbal skills; can communicate complex concepts at a high level while retaining accuracy and highlighting features in a way that improves audience engagement. Strong problem solving and critical thinking capabilities. Desired Skills Two or more years of experience in malware analysis, reverse engineering, and development fields. Deep understanding of operating system internals and the Windows API. Ability to work with a high degree of independence. Ability to collaborate in a team environment to focus on a common goal. Show more Show less Qualifications What's in it for you At Accenture in addition to a competitive basic salary, you will alsohave an extensive benefits package which includes 25days' vacation per year, gym subsidy, private medical insurance and 3 extra days leave per year for charitable work of your choice! About Accenture Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience and specialized capabilities across more than 40 industries - powered by the world's largest network of Advanced Technology and Intelligent Operations centers. With 509,000 people serving clients in more than 120 countries, Accenture brings continuous innovation to help clients improve their performance and create lasting value across their enterprises. Visit us at Accenture is an equal opportunities employer and encourages applications from all sections of society and does not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, or gender identity, or any other basis as protected by applicable law. Closing Date for Applications: 30/10/2022 Accenture reserves the right to close the role prior to this date should a suitable applicant be found.
24/09/2022
Full time
Malware Reverse Engineer Location: Remote working - Office based in Reading Salary: Competitive Salary and Benefits Career Level : Specialist, Associate Manager or Manager About Accenture Cyber Threat Intelligence (ACTI) ACTI is a global team that spans 13 countries and 4 continents and speaks more than 30 languages. We are passionate about delivering intelligence analysis, and providing industry-leading analytic insights, cyber context, and critical services our clients need to achieve their business-line and strategic-growth initiatives. We know success is only possible by developing and supporting our most-critical resources: our talented analysts, developers, and supporting team members. We value creativity and entrepreneurship in our team; where possible, we back staff initiatives with opportunities and investments. We enjoy the hunt. We strive to automate and innovate while working with powerful resources and differentiated data. Above all else, we value an egoless approach to guiding our clients as they navigate their businesses through all aspects of the cyber domain. Who You Are You are passionate about cybersecurity and intelligence analysis. You stay abreast of the latest threats, recognize the value of intelligence, and believe it should drive operations. You are a devoted team member who is always willing to lend a hand, mentor a colleague, or increase our global team's awareness by sharing your knowledge and approaches with others. You are productive, easy to work with, and understand that adherence to a good process is key to excellence. Role Description As a Malware Reverse Engineer at ACTI, you will reverse engineer and analyze malware to evaluate sophisticated malicious code to settle malware capabilities and purposes. Analysis includes the use of specialized systems and tools, including dissemblers, debuggers, hex editors, unpackers, virtual machines, and those for network traffic analysis. Key Responsibilities Analyze malicious events and campaigns to determine attack vectors and retrieve malware payloads. Reverse engineer files suspected or known to belong to identified malware families to determine their command-and-control (C2) infrastructure and targeting. Incorporate analysis results into detailed reporting to include purpose, behavior, C2 server infrastructure, and mitigation techniques related to analyzed malware families, malicious campaigns, and events. Track prevailing malware families, including downloaders, banking Trojans, information stealers, ransomware, and remote access Trojans. Reverse engineer recently discovered malware variants to check potential feature augmentation or configuration structure changes. Improve existing tools that extract known malware family configurations based on reverse engineering results. Research the latest malware detection evasion techniques, such as use of customized packers, customized crypters, fully undetectable (FUD) techniques, host intrusion prevention system (HIPS) bypassing, and anti-virus (AV) software bypassing. Based on research, design and develop generic unpacking methods and tools for use as standalone tools or within automated analysis systems and sandboxes. Provide customer support by responding to requests related to suspicious file analysis that sometimes require malware reverse engineering and determination of contextual information surrounding indicators of compromise; do so by providing detailed analysis reports and mitigation recommendations. Provide customer support by responding to cybersecurity requests, including those for: open-source intelligence (OSINT) research; domain, IP address, or URL analysis; malicious campaign information; and/or event attribution. Provide answers to specific questions, the answers of which clients use for operational mentorship to aid their strategies. Design, develop, and implement Windows kernel modules to support automated malware analysis; such modules include kernel system service filtering modules able to intercept operating system services on 32-bit and 64-bit Windows operating systems without triggering those systems' self-protection mechanisms, and kernel-mode modules able to force designated processes to load specific modules that load decoders designed for extracting malware configurations. Design, develop, and implement generic unpackers that combat widely used malware packing methods to retrieve malicious payloads from packed malware samples automatically. Create detection rules and signatures for detecting malware families, and provide detection or blocking recommendations. Develop decoders to extract malware configurations-including basic C2 settings or secondary dynamic configurations, such as those outlining targeted institutions and web injects-based on reverse engineering results. Provide junior engineers with technical training, including: training on malware analysis; reverse engineering; Windows internals; and development, identification, unpacking, and de-obfuscation of malicious code. Travel occasionally as this position may require doing so to address client needs, improve results, or otherwise support projects. Basic Qualifications Bachelor's Degree in Computer Forensics, Science, Engineering, Information Systems, or another related security field, or comparable experience. Experience with malware analysis, reverse engineering, and development. Ability to write, understand, and/or analyze code in programming and scripting languages, including Assembly x86/x64, C, C++, Python, JavaScript, Java, PHP, and HTML. Basic knowledge of and experience with malware packers, crypters, and obfuscation techniques. Understanding of operating system internals and the Windows API. Experience with debuggers, decompilers, and network traffic analysis tools. Development experience in Assembly, Python, C, or C++. Strong understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.). Practical understanding of malware analysis and/or reverse engineering, and the ability to develop malware detection signatures (e.g. YARA). Required Skills Ability to analyze and unpack obfuscated code. Strong written and verbal skills; can communicate complex concepts at a high level while retaining accuracy and highlighting features in a way that improves audience engagement. Strong problem solving and critical thinking capabilities. Desired Skills Two or more years of experience in malware analysis, reverse engineering, and development fields. Deep understanding of operating system internals and the Windows API. Ability to work with a high degree of independence. Ability to collaborate in a team environment to focus on a common goal. Show more Show less Qualifications What's in it for you At Accenture in addition to a competitive basic salary, you will alsohave an extensive benefits package which includes 25days' vacation per year, gym subsidy, private medical insurance and 3 extra days leave per year for charitable work of your choice! About Accenture Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience and specialized capabilities across more than 40 industries - powered by the world's largest network of Advanced Technology and Intelligent Operations centers. With 509,000 people serving clients in more than 120 countries, Accenture brings continuous innovation to help clients improve their performance and create lasting value across their enterprises. Visit us at Accenture is an equal opportunities employer and encourages applications from all sections of society and does not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, or gender identity, or any other basis as protected by applicable law. Closing Date for Applications: 30/10/2022 Accenture reserves the right to close the role prior to this date should a suitable applicant be found.
BAE Systems Digital Intelligence
Guildford, Surrey
JOB ROLE BIO BAE Systems Digital Intelligence works with governments and businesses around the world to help them defend against cyber threats, reduce their risk in the connected world, comply with regulation and transform their operations. The Wireless Products group works with customers to develop innovative mission critical technology. Applications include software radios, space technology and underwater systems. We are looking for bright, enthusiastic and committed individuals to work as electronics engineers in one of our customer-facing product teams. Relevant industry experience is preferable but most of all we are looking for bright, enthusiastic and committed individuals with a strong academic background and the ability to learn quickly. We have a range of roles available, from graduate entry through to experienced engineers. We are interested in hearing from anyone who can make a strong contribution to our work. What you could be doing for us We'd like to hear from people keen to develop their career in engineering who have a baseline of experience in some or all of the following areas that we cover: RF PCB development. We design a variety of RF circuit boards ranging from low power embedded sensors, designed for use in harsh environments, through to high performance analogue designs for radio equipment covering bands from VLF through to millimetre wave systems. This development may involve modelling (eg using Matlab, Agilent ADS, CST, Spice etc) as well as schematic capture and RF circuit board layout. Digital, mixed signal and power PCB development. We develop a wide range of boards such as state-of-the art digital signal processing platforms incorporating the latest FPGAs, SoCs and processors. Mechanical design and system integration. We design chassis and enclosures for our PCBs to ensure the optimum solution for its intended environment. The designs have to be easily assembled and repaired through life but also provide for cooling and protection in challenging environments. This work often involves compliance testing for CE, airborne, military and space applications. System engineering. Most of our solutions comprise of a blend of hardware, firmware and software. Early in the development lifecycle you will be involved in the design activity responsible for partitioning the functionality in to these domains taking into account the requirements and constraints. Development work, depending on the level of seniority, will include: Client interaction to understand and influence requirements, deliver solutions and be involved in bidding for new work. Development team lead, including mentoring junior engineering staff. Research and monitoring of developments in relevant technology to maintain and enhance our leading-edge capability. The main emphasis of this role is the implementation and delivery of hardware solutions; advice and support from senior technical specialists is expected to be provided, particularly in the early stages of design What background are we looking for? We are looking for ambitious, high-calibre people with the following characteristics: Highly motivated with a strong academic background typically in Engineering or Physics a 2:1 or 1st class degree. Understanding of the principles of PCB circuit design and layout. Understanding of the principles of mechanical design. Experience with 3D CAD would be an advantage, but is not essential. Proven record of set-to-work and verification of complex hardware, sometimes under demanding project timescales. Competent in the use of laboratory measurement equipment (eg oscilloscopes, spectrum analysers, vector network analysers etc). An appreciation of the technologies involved in software radio. Experience in the use of software and firmware development tools and environments, e.g. C/C++, Java, Linux, particularly as needed to support hardware test and debug. Comfortable working on multiple projects at the same time and in a dynamic environment where deadlines and priorities are changeable. Experience of working within multi-disciplinary development teams in a project-based environment. Client-facing experience and influencing skills, as well as strong inter-personal skills. Experience of designing products for production. Experience of designing products for compliance against industry standards (eg CE, FCC, DEF STAN). How we will support you: Work-life balance is important; you'll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Don't know a particular technology? Your learning and development is key to your future career You'll be part of our bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. About BAE Systems Digital Intelligence: We help nations, governments and businesses around the world defend themselves against cyber-crime, reduce their risk in the connected world, comply with regulation, and transform their operations. We do this using our unique set of solutions, systems, experience and processes. Our success is down to our people. The changing nature of our business means that we're constantly looking for the brightest talent to help us fulfil our ambitions. As an experienced professional, we'll entrust you with responsibility; this means that you'll have client contact, variety and support from day one. We'll encourage and support you to develop your skills and reward you as you grow. Whatever your area of expertise, you'll be much more than just a job title; you'll be an integral part of the business where your individual contribution makes a difference every day. Great minds deserve great rewards, so we also offer a very competitive salary and benefits package. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. Staying competitive in today's global marketplace requires an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. We also welcome discussions about flexible working. Security Clearance Only those with the permanent and unrestricted right to live and work in the UK will be considered for a position within BAE Systems Digital Intelligence. Due to the nature of our work, successful candidates for this role will be required to go through Government SC clearance prior to starting with us. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Capabilities At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Capabilities is the engine that keeps the business moving forward. It is the largest area of Digital Intelligence, containing our Engineering, Consulting and Project Management teams that design and implement the defence solutions and digital transformation projects that make us a globally recognised brand in both the public and private sector. As a member of the Capabilities team, you will be creating and managing the solutions that earn us our place in an ever changing digital world. We all have a role to play in defending our clients, and this is yours.
24/09/2022
Full time
JOB ROLE BIO BAE Systems Digital Intelligence works with governments and businesses around the world to help them defend against cyber threats, reduce their risk in the connected world, comply with regulation and transform their operations. The Wireless Products group works with customers to develop innovative mission critical technology. Applications include software radios, space technology and underwater systems. We are looking for bright, enthusiastic and committed individuals to work as electronics engineers in one of our customer-facing product teams. Relevant industry experience is preferable but most of all we are looking for bright, enthusiastic and committed individuals with a strong academic background and the ability to learn quickly. We have a range of roles available, from graduate entry through to experienced engineers. We are interested in hearing from anyone who can make a strong contribution to our work. What you could be doing for us We'd like to hear from people keen to develop their career in engineering who have a baseline of experience in some or all of the following areas that we cover: RF PCB development. We design a variety of RF circuit boards ranging from low power embedded sensors, designed for use in harsh environments, through to high performance analogue designs for radio equipment covering bands from VLF through to millimetre wave systems. This development may involve modelling (eg using Matlab, Agilent ADS, CST, Spice etc) as well as schematic capture and RF circuit board layout. Digital, mixed signal and power PCB development. We develop a wide range of boards such as state-of-the art digital signal processing platforms incorporating the latest FPGAs, SoCs and processors. Mechanical design and system integration. We design chassis and enclosures for our PCBs to ensure the optimum solution for its intended environment. The designs have to be easily assembled and repaired through life but also provide for cooling and protection in challenging environments. This work often involves compliance testing for CE, airborne, military and space applications. System engineering. Most of our solutions comprise of a blend of hardware, firmware and software. Early in the development lifecycle you will be involved in the design activity responsible for partitioning the functionality in to these domains taking into account the requirements and constraints. Development work, depending on the level of seniority, will include: Client interaction to understand and influence requirements, deliver solutions and be involved in bidding for new work. Development team lead, including mentoring junior engineering staff. Research and monitoring of developments in relevant technology to maintain and enhance our leading-edge capability. The main emphasis of this role is the implementation and delivery of hardware solutions; advice and support from senior technical specialists is expected to be provided, particularly in the early stages of design What background are we looking for? We are looking for ambitious, high-calibre people with the following characteristics: Highly motivated with a strong academic background typically in Engineering or Physics a 2:1 or 1st class degree. Understanding of the principles of PCB circuit design and layout. Understanding of the principles of mechanical design. Experience with 3D CAD would be an advantage, but is not essential. Proven record of set-to-work and verification of complex hardware, sometimes under demanding project timescales. Competent in the use of laboratory measurement equipment (eg oscilloscopes, spectrum analysers, vector network analysers etc). An appreciation of the technologies involved in software radio. Experience in the use of software and firmware development tools and environments, e.g. C/C++, Java, Linux, particularly as needed to support hardware test and debug. Comfortable working on multiple projects at the same time and in a dynamic environment where deadlines and priorities are changeable. Experience of working within multi-disciplinary development teams in a project-based environment. Client-facing experience and influencing skills, as well as strong inter-personal skills. Experience of designing products for production. Experience of designing products for compliance against industry standards (eg CE, FCC, DEF STAN). How we will support you: Work-life balance is important; you'll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Don't know a particular technology? Your learning and development is key to your future career You'll be part of our bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. About BAE Systems Digital Intelligence: We help nations, governments and businesses around the world defend themselves against cyber-crime, reduce their risk in the connected world, comply with regulation, and transform their operations. We do this using our unique set of solutions, systems, experience and processes. Our success is down to our people. The changing nature of our business means that we're constantly looking for the brightest talent to help us fulfil our ambitions. As an experienced professional, we'll entrust you with responsibility; this means that you'll have client contact, variety and support from day one. We'll encourage and support you to develop your skills and reward you as you grow. Whatever your area of expertise, you'll be much more than just a job title; you'll be an integral part of the business where your individual contribution makes a difference every day. Great minds deserve great rewards, so we also offer a very competitive salary and benefits package. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. Staying competitive in today's global marketplace requires an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. We also welcome discussions about flexible working. Security Clearance Only those with the permanent and unrestricted right to live and work in the UK will be considered for a position within BAE Systems Digital Intelligence. Due to the nature of our work, successful candidates for this role will be required to go through Government SC clearance prior to starting with us. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Capabilities At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Capabilities is the engine that keeps the business moving forward. It is the largest area of Digital Intelligence, containing our Engineering, Consulting and Project Management teams that design and implement the defence solutions and digital transformation projects that make us a globally recognised brand in both the public and private sector. As a member of the Capabilities team, you will be creating and managing the solutions that earn us our place in an ever changing digital world. We all have a role to play in defending our clients, and this is yours.
BAE Systems Digital Intelligence
Gloucester, Gloucestershire
Defensive Cyber Senior FPGA Firmware Engineer The Cross-Domain (XD) team deliver high performance appliances for the Defensive Cyber market. We develop from a blank sheet with security as a primary consideration, designing the whole appliance from high performance C++, embedded software, FPGA firmware (VHDL), custom PCBs, power distribution, and thermal management. All of which has to deliver a reliable, supportable, and maintainable capability for our customers. JOB ROLE A Senior Firmware Engineer within the XD team can expect to be involved in the full lifecycle of product development, from concept, design, through delivery, and into support. We predominately use Intel (previously Altera) FPGAs, with code developed using VHDL. As this is predominately an active hands-on role, solid experience with VHDL is a must, as is a familiarity with at least 1 modern FPGA tool chain (ideally Intel but could be Xilinx, Achronix, or similar). As with most current FPGA designs, we make significant use of the provided embedded blocks within those FPGAs, so any experience in integrating with these would be highly valuable. As with most senior engineers, you would be expected to lead small teams of 1-3 junior engineers, and provide support and mentoring through their activities. The BAE Systems Digital Intelligence Cross-Domain product team consists of circa 50 people predominately based in our Gloucester office, and sits within the wider products group of approximately 200 engineers. As an integral part of 3500 strong BAE Systems Applied Intelligence capability in the UK, we look to recruit good engineers to help meet our customer's needs. In return we offer engaging technical challenges to solve, a collaborative and trusted work environment and the opportunity to develop a career that can encompass the full range of the company's activities, form product development, research, technical consultancy, business consultancy, and customer engagement. Due to the nature of our work in Cross-Domain, candidates must hold, or be eligible to gain UK security clearance and meet nationality requirements. Additionally, we cannot offer regular remote working, but do provide a flexible working environment that respects the needs of our people's personal lives. How we will support you: Work-life balance is important; you'll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Don't know a particular technology? Your learning and development is key to your future career You'll be part of our bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. About BAE Systems Digital Intelligence: We help nations, governments and businesses around the world defend themselves against cyber-crime, reduce their risk in the connected world, comply with regulation, and transform their operations. We do this using our unique set of solutions, systems, experience and processes. Our success is down to our people. The changing nature of our business means that we're constantly looking for the brightest talent to help us fulfil our ambitions. As an experienced professional, we'll entrust you with responsibility; this means that you'll have client contact, variety and support from day one. We'll encourage and support you to develop your skills and reward you as you grow. Whatever your area of expertise, you'll be much more than just a job title; you'll be an integral part of the business where your individual contribution makes a difference every day. Great minds deserve great rewards, so we also offer a very competitive salary and benefits package. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. Staying competitive in today's global marketplace requires an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. We also welcome discussions about flexible working. Security Clearance Only those with the permanent and unrestricted right to live and work in the UK will be considered for a position within BAE Systems Applied Intelligence. Due to the nature of our work, successful candidates for this role will be required to go through Government SC clearance prior to starting with us. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Capabilities At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Capabilities is the engine that keeps the business moving forward. It is the largest area of Applied Intelligence, containing our Engineering, Consulting and Project Management teams that design and implement the defence solutions and digital transformation projects that make us a globally recognised brand in both the public and private sector. As a member of the Capabilities team, you will be creating and managing the solutions that earn us our place in an ever changing digital world. We all have a role to play in defending our clients, and this is yours.
24/09/2022
Full time
Defensive Cyber Senior FPGA Firmware Engineer The Cross-Domain (XD) team deliver high performance appliances for the Defensive Cyber market. We develop from a blank sheet with security as a primary consideration, designing the whole appliance from high performance C++, embedded software, FPGA firmware (VHDL), custom PCBs, power distribution, and thermal management. All of which has to deliver a reliable, supportable, and maintainable capability for our customers. JOB ROLE A Senior Firmware Engineer within the XD team can expect to be involved in the full lifecycle of product development, from concept, design, through delivery, and into support. We predominately use Intel (previously Altera) FPGAs, with code developed using VHDL. As this is predominately an active hands-on role, solid experience with VHDL is a must, as is a familiarity with at least 1 modern FPGA tool chain (ideally Intel but could be Xilinx, Achronix, or similar). As with most current FPGA designs, we make significant use of the provided embedded blocks within those FPGAs, so any experience in integrating with these would be highly valuable. As with most senior engineers, you would be expected to lead small teams of 1-3 junior engineers, and provide support and mentoring through their activities. The BAE Systems Digital Intelligence Cross-Domain product team consists of circa 50 people predominately based in our Gloucester office, and sits within the wider products group of approximately 200 engineers. As an integral part of 3500 strong BAE Systems Applied Intelligence capability in the UK, we look to recruit good engineers to help meet our customer's needs. In return we offer engaging technical challenges to solve, a collaborative and trusted work environment and the opportunity to develop a career that can encompass the full range of the company's activities, form product development, research, technical consultancy, business consultancy, and customer engagement. Due to the nature of our work in Cross-Domain, candidates must hold, or be eligible to gain UK security clearance and meet nationality requirements. Additionally, we cannot offer regular remote working, but do provide a flexible working environment that respects the needs of our people's personal lives. How we will support you: Work-life balance is important; you'll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Don't know a particular technology? Your learning and development is key to your future career You'll be part of our bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. About BAE Systems Digital Intelligence: We help nations, governments and businesses around the world defend themselves against cyber-crime, reduce their risk in the connected world, comply with regulation, and transform their operations. We do this using our unique set of solutions, systems, experience and processes. Our success is down to our people. The changing nature of our business means that we're constantly looking for the brightest talent to help us fulfil our ambitions. As an experienced professional, we'll entrust you with responsibility; this means that you'll have client contact, variety and support from day one. We'll encourage and support you to develop your skills and reward you as you grow. Whatever your area of expertise, you'll be much more than just a job title; you'll be an integral part of the business where your individual contribution makes a difference every day. Great minds deserve great rewards, so we also offer a very competitive salary and benefits package. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. Staying competitive in today's global marketplace requires an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. We also welcome discussions about flexible working. Security Clearance Only those with the permanent and unrestricted right to live and work in the UK will be considered for a position within BAE Systems Applied Intelligence. Due to the nature of our work, successful candidates for this role will be required to go through Government SC clearance prior to starting with us. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Capabilities At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Capabilities is the engine that keeps the business moving forward. It is the largest area of Applied Intelligence, containing our Engineering, Consulting and Project Management teams that design and implement the defence solutions and digital transformation projects that make us a globally recognised brand in both the public and private sector. As a member of the Capabilities team, you will be creating and managing the solutions that earn us our place in an ever changing digital world. We all have a role to play in defending our clients, and this is yours.
Our world class team of Vulnerability Researchers and Reverse Engineers tackle some of the most interesting problems with a meaningful and tangible impact on the national security of the UK. We are growing our VR team significantly and are looking for a diverse range of talent from experienced Vulnerability Researchers with a proven track record to those with a keen interest and aptitude looking to develop their skills in this exciting space! We have a community of technical specialists with a friendly and inclusive culture with great opportunities to learn from experts and make use of a carefully curated training plan with some of the best trainers and conferences available. Our focus is on a wide variety devices, platforms and technologies. VR, RE or development experience with mobile (Android, IOS), firmware, Linux, IoT and Windows is useful but most important is a willingness to learn as all of our projects bring new and interesting challenges. What you will be doing for us: Performing Vulnerability Research and Reverse Engineering to handle complex and unique challenges across a myriad of platforms. Learning to use tools like Ghidra, IDA Pro, Unicorn and Frida plus developing bespoke tooling when needed. Working in a vibrant and inclusive team of specialists where success often comes from teamwork and a diverse approach to solving problems. Developing junior members of staff with a keen interest in RE and VR to realise their potential. Ideal candidate background: An interest and aptitude for Vulnerability Research, Reverse Engineering, and Exploit Development (either from a professional background or by demonstrating an aptitude e.g. by playing capture the flag challenges). Low-level knowledge in how languages function across the application stack from assembly through to interpreted languages and everything in between. Understanding of the exploit development lifecycle from identifying bugs up to fully developed proof of concepts. Proficient in at least one programming language (e.g. Python, Java, C#, C++) How you will be supported: Work-life balance is important; you'll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before You can work around core hours with flexible and part-time working Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Systems Applied Intelligence Don't know a particular technology? Your learning and development is key to your future career You'll be part of our bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals.
24/09/2022
Full time
Our world class team of Vulnerability Researchers and Reverse Engineers tackle some of the most interesting problems with a meaningful and tangible impact on the national security of the UK. We are growing our VR team significantly and are looking for a diverse range of talent from experienced Vulnerability Researchers with a proven track record to those with a keen interest and aptitude looking to develop their skills in this exciting space! We have a community of technical specialists with a friendly and inclusive culture with great opportunities to learn from experts and make use of a carefully curated training plan with some of the best trainers and conferences available. Our focus is on a wide variety devices, platforms and technologies. VR, RE or development experience with mobile (Android, IOS), firmware, Linux, IoT and Windows is useful but most important is a willingness to learn as all of our projects bring new and interesting challenges. What you will be doing for us: Performing Vulnerability Research and Reverse Engineering to handle complex and unique challenges across a myriad of platforms. Learning to use tools like Ghidra, IDA Pro, Unicorn and Frida plus developing bespoke tooling when needed. Working in a vibrant and inclusive team of specialists where success often comes from teamwork and a diverse approach to solving problems. Developing junior members of staff with a keen interest in RE and VR to realise their potential. Ideal candidate background: An interest and aptitude for Vulnerability Research, Reverse Engineering, and Exploit Development (either from a professional background or by demonstrating an aptitude e.g. by playing capture the flag challenges). Low-level knowledge in how languages function across the application stack from assembly through to interpreted languages and everything in between. Understanding of the exploit development lifecycle from identifying bugs up to fully developed proof of concepts. Proficient in at least one programming language (e.g. Python, Java, C#, C++) How you will be supported: Work-life balance is important; you'll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before You can work around core hours with flexible and part-time working Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Systems Applied Intelligence Don't know a particular technology? Your learning and development is key to your future career You'll be part of our bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals.
At BAE Systems Digital Intelligence we develop world-class radio and data systems. We are launching a major new space programme, marrying our existing capabilities with new space technology. We need skilled, enthusiastic and motivated people at all experience levels from graduate to CTO to deliver these exciting new capabilities. There are opportunities in all relevant engineering and non-engineering disciplines, both for those with space industry experience and those without. Many roles come with opportunities for remote / hybrid working, working in our offices in Guildford and Great Baddow only when required. We will provide you with personal development, CPD including support towards professional recognition, industry-leading benefits, and the opportunity to apply cutting-edge technology to interesting problems with the support of our highly-skilled engineering community. Come and join us for this exciting opportunity to shape and deliver world-class space technologies. What you will be doing (role duties and responsibilities) You will lead the development of cutting-edge radio and communication technologies for our new space-based systems. Making use of your extensive experience in communications, waveforms and/or SDR, you will design this critical part of our new system, selecting the right techniques and principles to deliver highly-performant systems that delight our customers. You will lead teams of highly-skilled scientists and engineers, designing radio systems for both space and ground environments on our world-class SDR platforms. We design and deliver high-performance radio and data processing systems, generating the most interesting and complex electronics design challenges. Whether its the most sensitive radio receivers, designing for very low SWaP environments or designing highly complex DSP algorithms, we pride ourselves on our ability to deliver. Recognised as the expert and point of contact for radio and communications systems, you will maintain deep understanding of relevant technologies, producing innovative solutions to complex engineering problems. You will be responsible for developing and implementing the technology strategy within your area of expertise, providing technical support to business development activities and providing expert review within your area of expertise across the enterprise. What we are looking for (skills and experience) We are looking for ambitious, high-calibre people with the following characteristics: Essential: Highly motivated with a strong academic background typically in Engineering, Physics or Mathematics Solid grounding in engineering with typically >10 years' experience in an engineering or technology based environment, working on complex, multi-disciplinary projects Comprehensive understanding of radio communication systems and concepts Proven track record of successfully delivering high quality radio solutions Experience in digital signal processing techniques and the ability to design processing architecture relating to communications and signal processing systems Experience in the use of software and FPGA development tools and environments Working knowledge of one or more programming languages, preferably C, Unix programming and fluent in MATLAB Comfortable working on multiple projects at the same time and in a dynamic environment where deadlines and priorities are changeable. Desirable: Have a good knowledge of communications protocols e.g. ECSS and CCSDS standards relating to space data links and navigation A keen interest in the space sector and awareness of latest industry developments Experience of developing for space applications Experience of working within multi-disciplinary development teams in a project-based environment Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Capabilities At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Capabilities is the engine that keeps the business moving forward. It is the largest area of Digital Intelligence, containing our Engineering, Consulting and Project Management teams that design and implement the defence solutions and digital transformation projects that make us a globally recognised brand in both the public and private sector. As a member of the Capabilities team, you will be creating and managing the solutions that earn us our place in an ever changing digital world. We all have a role to play in defending our clients, and this is yours.
24/09/2022
Full time
At BAE Systems Digital Intelligence we develop world-class radio and data systems. We are launching a major new space programme, marrying our existing capabilities with new space technology. We need skilled, enthusiastic and motivated people at all experience levels from graduate to CTO to deliver these exciting new capabilities. There are opportunities in all relevant engineering and non-engineering disciplines, both for those with space industry experience and those without. Many roles come with opportunities for remote / hybrid working, working in our offices in Guildford and Great Baddow only when required. We will provide you with personal development, CPD including support towards professional recognition, industry-leading benefits, and the opportunity to apply cutting-edge technology to interesting problems with the support of our highly-skilled engineering community. Come and join us for this exciting opportunity to shape and deliver world-class space technologies. What you will be doing (role duties and responsibilities) You will lead the development of cutting-edge radio and communication technologies for our new space-based systems. Making use of your extensive experience in communications, waveforms and/or SDR, you will design this critical part of our new system, selecting the right techniques and principles to deliver highly-performant systems that delight our customers. You will lead teams of highly-skilled scientists and engineers, designing radio systems for both space and ground environments on our world-class SDR platforms. We design and deliver high-performance radio and data processing systems, generating the most interesting and complex electronics design challenges. Whether its the most sensitive radio receivers, designing for very low SWaP environments or designing highly complex DSP algorithms, we pride ourselves on our ability to deliver. Recognised as the expert and point of contact for radio and communications systems, you will maintain deep understanding of relevant technologies, producing innovative solutions to complex engineering problems. You will be responsible for developing and implementing the technology strategy within your area of expertise, providing technical support to business development activities and providing expert review within your area of expertise across the enterprise. What we are looking for (skills and experience) We are looking for ambitious, high-calibre people with the following characteristics: Essential: Highly motivated with a strong academic background typically in Engineering, Physics or Mathematics Solid grounding in engineering with typically >10 years' experience in an engineering or technology based environment, working on complex, multi-disciplinary projects Comprehensive understanding of radio communication systems and concepts Proven track record of successfully delivering high quality radio solutions Experience in digital signal processing techniques and the ability to design processing architecture relating to communications and signal processing systems Experience in the use of software and FPGA development tools and environments Working knowledge of one or more programming languages, preferably C, Unix programming and fluent in MATLAB Comfortable working on multiple projects at the same time and in a dynamic environment where deadlines and priorities are changeable. Desirable: Have a good knowledge of communications protocols e.g. ECSS and CCSDS standards relating to space data links and navigation A keen interest in the space sector and awareness of latest industry developments Experience of developing for space applications Experience of working within multi-disciplinary development teams in a project-based environment Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Capabilities At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Capabilities is the engine that keeps the business moving forward. It is the largest area of Digital Intelligence, containing our Engineering, Consulting and Project Management teams that design and implement the defence solutions and digital transformation projects that make us a globally recognised brand in both the public and private sector. As a member of the Capabilities team, you will be creating and managing the solutions that earn us our place in an ever changing digital world. We all have a role to play in defending our clients, and this is yours.
