Location
Dstl Porton Down, Salisbury, Wiltshire, SP4 0JQ or Dstl Portsdown West, Fareham, Hampshire, PO17 6AD
About the job
Job summary
Dstl is the science and technology arm of the Ministry of Defence. We improve the front-line capability of the UK Armed Forces helping keep our country safe.
The Cyber Security and Safety Group has never been more important. Many military platforms such as fast jets, unmanned air vehicles, helicopters, naval vessels, and land vehicles are becoming increasingly reliant on Software, Artificial Intelligence (AI) and Autonomous functions to control all aspects of their behaviour.
We’re looking for mathematically strong data scientists to help make AI reliant military systems robust and trustworthy in complex operations to help save lives.
An example of our world class inspiring work is designing and trialling a variety of autonomous air and ground vehicles out in Salisbury plain with the US and Australia. AI models were retrained in flight to meet changing mission situations to enhance commanders’ decision-making.
You could be involved in:
Assessing and improving AI content in Defence and Security safety critical systems in the Air, Sea and Land domains, to ensure that they are safe, secure and protected.
Applying the latest thinking in verification and validation of artificial intelligence and autonomous functions for defence and security purposes.
Innovating to support the delivery of the UK Cyber Strategy by researching algorithms for Cyber defence.
Dstl recognises the importance of diversity and inclusion as people from diverse backgrounds bring fresh ideas. We are committed to building an inclusive working environment in which each employee fulfils their potential and maximises their contribution.
We particularly welcome female and ethnic minority applicants and those from the LGBTQI community, as they are under-represented within Dstl at these levels.
Job description
In this role you will:
Have a drive for keeping abreast of the latest developments in cyber security and emerging trends in artificial intelligence. We give our people the opportunity to think and innovate. We offer loads of opportunities for training and scholarships, attending and presenting at conferences, and collaborating with internal research and industry and academia.
Work in a team consisting of highly professional Autonomy and Mathematical experts with enviable national and international reputations to take part in cutting edge research. Use your critical thinking and creative problem solving skills to implement state of art methods and tools.
Develop a knowledge of undertaking verification, validation and vulnerability assessments on Systems of interest.
Appreciate the importance of safety, security requirements to have a positive impact on defence and security of the UK.
Deliver technical reports and recommendations to leadership, senior officials across government and military and other non-technical audiences through clear data storytelling and well-crafted verbal presentations
Person specification
We are looking for someone who has:
A keen interest in algorithms, AI, ML or statistical analysis along with a willingness to develop additional capabilities in cyber security and safety.
Experience contributing to Software or AI / ML intensive projects.
Is looking for a career with a difference, doing a job that provides the latest and most effective tools to defend our nation and uphold the principle of freedom.
Important Information:
Our work in defence, security and intelligence requires our employees to be UK Nationals who are able to gain a high level of security clearance to undertake the projects we are involved in to protect us from security threats. For this reason, only UK Nationals will be able to apply for this role. If you are an international or dual-national candidate, and you think you have the skills we need, please consider applying to any of our government, security or defence partners.
This role will require full UK security clearance and you should have resided in the UK for the past 5 years. For some roles Developed Vetting will also be required, in this case you should have resided in the UK for the past 10 years.
Behaviours
We'll assess you against these behaviours during the selection process:
Changing and Improving
Communicating and Influencing
Seeing the Big Picture
Working Together
Benefits
Benefits
Dstl’s full range of great benefits can be found in the information pack which includes:
Financial : An excellent pension scheme starting from 26% employer contribution ( find out more here ). In Year Rewarding Achievement bonuses and thank you vouchers. Rental deposit scheme and cycle to work scheme.
Flexible working : Options include alternative working patterns such as; compressed hours (e.g. working a 4 day week/ 9 day fortnight), job shares and annualised hours (agreed number of hours per annum paid monthly i.e. working term-time only).
Working hours: Flexibility around your working day (e.g. start time, finish time). Ability to bank hours in a 12 month reference period including the ability to accrue and use 3 days per calendar month.
Where you work: Depending on your role, blended working may be available including remote working to suit you and your team. This can be discussed at interview.
Annual leave: 25 days pro rata (rising to 30 after 5 years) plus 8 public holidays with the ability to buy/sell 5 additional days per annum.
Family: Maternity, adoption or shared parental leave of up to 26 weeks with full pay, an additional 13 weeks statutory pay and a further 13 weeks unpaid
Learning and Development: Dstl encourages and supports charterships, accreditations and provides employees access to fully funded apprenticeships up to level 7 (Masters Degree). Dstl will pay for 2 memberships with relevant bodies/institutions. Employees also have access to Civil Service Learning.
Facilities: Onsite parking, EV Charging points, restaurants, cafés and gyms.
Things you need to know
Selection process details
This vacancy is using Success Profiles (opens in a new window) , and will assess your Behaviours and Experience.
We want you to have your best chance of success in our recruitment process, so If at any stage of the application process you would like help or assistance please contact the Dstl Recruitment Team dstlrecruitment@dstl.gov.uk and we will do all we can to support you.
Sifting will be taking place bi-weekly throughout the campaign, successful applicants will be invited to attend an online interview via MS Teams.
Feedback will only be provided if you attend an interview or assessment.
Security
Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window) . See our vetting charter (opens in a new window) . People working with government assets must complete baseline personnel security standard (opens in new window) checks.
Nationality requirements
Open to UK nationals only. This job is not open to candidates who hold a dual nationality.
Working for the Civil Service
The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants. We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window) . The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.
Apply and further information
This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative. Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.
Contact point for applicants
Job contact :
Name : Dstl Recruitment
Email : dstlrecruitment@dstl.gov.uk
Recruitment team
Email : dstlrecruitment@dstl.gov.uk
Further information
Should you wish to raise a formal complaint about the Dstl recruitment process you should email dstlrecruitment@dstl.gov.uk stating the nature of the issue. We will respond within 5 working days.
Attachments
20230626_CSAS_Data_Scientist_Autonomy_Dependability_L5 Opens in new window (docx, 66kB) Candidate_info_pack_CIS - 20220824 Opens in new window (pdf, 1378kB)
03/07/2023
Full time
Location
Dstl Porton Down, Salisbury, Wiltshire, SP4 0JQ or Dstl Portsdown West, Fareham, Hampshire, PO17 6AD
About the job
Job summary
Dstl is the science and technology arm of the Ministry of Defence. We improve the front-line capability of the UK Armed Forces helping keep our country safe.
The Cyber Security and Safety Group has never been more important. Many military platforms such as fast jets, unmanned air vehicles, helicopters, naval vessels, and land vehicles are becoming increasingly reliant on Software, Artificial Intelligence (AI) and Autonomous functions to control all aspects of their behaviour.
We’re looking for mathematically strong data scientists to help make AI reliant military systems robust and trustworthy in complex operations to help save lives.
An example of our world class inspiring work is designing and trialling a variety of autonomous air and ground vehicles out in Salisbury plain with the US and Australia. AI models were retrained in flight to meet changing mission situations to enhance commanders’ decision-making.
You could be involved in:
Assessing and improving AI content in Defence and Security safety critical systems in the Air, Sea and Land domains, to ensure that they are safe, secure and protected.
Applying the latest thinking in verification and validation of artificial intelligence and autonomous functions for defence and security purposes.
Innovating to support the delivery of the UK Cyber Strategy by researching algorithms for Cyber defence.
Dstl recognises the importance of diversity and inclusion as people from diverse backgrounds bring fresh ideas. We are committed to building an inclusive working environment in which each employee fulfils their potential and maximises their contribution.
We particularly welcome female and ethnic minority applicants and those from the LGBTQI community, as they are under-represented within Dstl at these levels.
Job description
In this role you will:
Have a drive for keeping abreast of the latest developments in cyber security and emerging trends in artificial intelligence. We give our people the opportunity to think and innovate. We offer loads of opportunities for training and scholarships, attending and presenting at conferences, and collaborating with internal research and industry and academia.
Work in a team consisting of highly professional Autonomy and Mathematical experts with enviable national and international reputations to take part in cutting edge research. Use your critical thinking and creative problem solving skills to implement state of art methods and tools.
Develop a knowledge of undertaking verification, validation and vulnerability assessments on Systems of interest.
Appreciate the importance of safety, security requirements to have a positive impact on defence and security of the UK.
Deliver technical reports and recommendations to leadership, senior officials across government and military and other non-technical audiences through clear data storytelling and well-crafted verbal presentations
Person specification
We are looking for someone who has:
A keen interest in algorithms, AI, ML or statistical analysis along with a willingness to develop additional capabilities in cyber security and safety.
Experience contributing to Software or AI / ML intensive projects.
Is looking for a career with a difference, doing a job that provides the latest and most effective tools to defend our nation and uphold the principle of freedom.
Important Information:
Our work in defence, security and intelligence requires our employees to be UK Nationals who are able to gain a high level of security clearance to undertake the projects we are involved in to protect us from security threats. For this reason, only UK Nationals will be able to apply for this role. If you are an international or dual-national candidate, and you think you have the skills we need, please consider applying to any of our government, security or defence partners.
This role will require full UK security clearance and you should have resided in the UK for the past 5 years. For some roles Developed Vetting will also be required, in this case you should have resided in the UK for the past 10 years.
Behaviours
We'll assess you against these behaviours during the selection process:
Changing and Improving
Communicating and Influencing
Seeing the Big Picture
Working Together
Benefits
Benefits
Dstl’s full range of great benefits can be found in the information pack which includes:
Financial : An excellent pension scheme starting from 26% employer contribution ( find out more here ). In Year Rewarding Achievement bonuses and thank you vouchers. Rental deposit scheme and cycle to work scheme.
Flexible working : Options include alternative working patterns such as; compressed hours (e.g. working a 4 day week/ 9 day fortnight), job shares and annualised hours (agreed number of hours per annum paid monthly i.e. working term-time only).
Working hours: Flexibility around your working day (e.g. start time, finish time). Ability to bank hours in a 12 month reference period including the ability to accrue and use 3 days per calendar month.
Where you work: Depending on your role, blended working may be available including remote working to suit you and your team. This can be discussed at interview.
Annual leave: 25 days pro rata (rising to 30 after 5 years) plus 8 public holidays with the ability to buy/sell 5 additional days per annum.
Family: Maternity, adoption or shared parental leave of up to 26 weeks with full pay, an additional 13 weeks statutory pay and a further 13 weeks unpaid
Learning and Development: Dstl encourages and supports charterships, accreditations and provides employees access to fully funded apprenticeships up to level 7 (Masters Degree). Dstl will pay for 2 memberships with relevant bodies/institutions. Employees also have access to Civil Service Learning.
Facilities: Onsite parking, EV Charging points, restaurants, cafés and gyms.
Things you need to know
Selection process details
This vacancy is using Success Profiles (opens in a new window) , and will assess your Behaviours and Experience.
We want you to have your best chance of success in our recruitment process, so If at any stage of the application process you would like help or assistance please contact the Dstl Recruitment Team dstlrecruitment@dstl.gov.uk and we will do all we can to support you.
Sifting will be taking place bi-weekly throughout the campaign, successful applicants will be invited to attend an online interview via MS Teams.
Feedback will only be provided if you attend an interview or assessment.
Security
Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window) . See our vetting charter (opens in a new window) . People working with government assets must complete baseline personnel security standard (opens in new window) checks.
Nationality requirements
Open to UK nationals only. This job is not open to candidates who hold a dual nationality.
Working for the Civil Service
The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants. We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window) . The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.
Apply and further information
This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative. Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.
Contact point for applicants
Job contact :
Name : Dstl Recruitment
Email : dstlrecruitment@dstl.gov.uk
Recruitment team
Email : dstlrecruitment@dstl.gov.uk
Further information
Should you wish to raise a formal complaint about the Dstl recruitment process you should email dstlrecruitment@dstl.gov.uk stating the nature of the issue. We will respond within 5 working days.
Attachments
20230626_CSAS_Data_Scientist_Autonomy_Dependability_L5 Opens in new window (docx, 66kB) Candidate_info_pack_CIS - 20220824 Opens in new window (pdf, 1378kB)
CHIEF INFORMATION SECURITY OFFICER - AEROSPACE AND DEFENSE: Bullisher is a data-centric fintech solution provider in the aerospace and defense industry for institutional-level investors, looking to disrupt and revolutionize a $3 trillion dollar industry. We spearhead an industry-leading Blackbox to facilitate and administer trade agreements, driven by our new generation benchmark delivering solutions through innovation with uncompromising agility. JOB DESCRIPTION: The oversight requires a sophisticated operating model that allows for a stronger security posture centralized in a Security Operations Center (SOC). This role will oversee global operations with a unified management of API calls, space exploration & navigation, and integrate various tools into our systems of record to view interactions from a holistic risk management perspective. Areas to cover: Incident response and remediation Orchestrating and automating signals Prioritizing cases and incident response Cyber threat intelligence and dark web monitoring Vulnerability management and exposure management Building a resilient cybersecurity culture Introducing new risk management techniques will undergo formal approval by the Change Approval Board (C.A.B). The role will also involve micromanaging cybersecurity engineers, penetration testing engineers, and other security personnel, ensuring compliance with NIST cybersecurity framework and DoD requirements. PHYSICAL DEMANDS: This position requires the ability to communicate and exchange information, utilizing necessary equipment to perform the job. ENVIRONMENT: This position will operate in the organization's regulatory "ROCKET FUEL MISSION INTELLIGENCE DIVISION" focusing on innovation and space exploration. Employees must be legally authorized to work in the UK. Verification of employment eligibility will be required at the time of hire. Visa sponsorship is not available for this position. QUALIFICATIONS, KEY REQUIREMENTS AND SKILLSET: 20+ years in cybersecurity and digital solutions engineering Proficiency in key generation, key lifecycle management, and risk management GSEC or Offensive Security Certified Professional (OSCP) Certified Information Security Manager (CISM) Certified Authorization Professional (CAP) Certified Network Defender (CND) Information Systems Security Architecture Professional (ISSAP) Health Care Information Security and Privacy Practitioner (HCISPP) GIAC Certified Intrusion Analyst (GCIA) GIAC Security Leadership Certificate (GSLC) Information Systems Security Engineering Professional (ISSEP) Certified Ethical Hacker (CEH) Computer Hacking Forensics Investigator (CHFI) Information Assurance System Architecture and Engineer (IASAE) Certification in one of the listed DoD 8570 Certifications is prerequisite. INTERVIEW PROCESS: STAGE 1: COGNITIVE ABILITY TEST STAGE 2: COGNITIVE ASSESSMENT SCREENING WITH A 30+ YEARS EXPERIENCE PSYCHOLOGIST STAGE 3: PRE-SCREENING (verification checks & DV security clearance) STAGE 4: INTERVIEW WITH CEO & CTO
10/02/2025
Full time
CHIEF INFORMATION SECURITY OFFICER - AEROSPACE AND DEFENSE: Bullisher is a data-centric fintech solution provider in the aerospace and defense industry for institutional-level investors, looking to disrupt and revolutionize a $3 trillion dollar industry. We spearhead an industry-leading Blackbox to facilitate and administer trade agreements, driven by our new generation benchmark delivering solutions through innovation with uncompromising agility. JOB DESCRIPTION: The oversight requires a sophisticated operating model that allows for a stronger security posture centralized in a Security Operations Center (SOC). This role will oversee global operations with a unified management of API calls, space exploration & navigation, and integrate various tools into our systems of record to view interactions from a holistic risk management perspective. Areas to cover: Incident response and remediation Orchestrating and automating signals Prioritizing cases and incident response Cyber threat intelligence and dark web monitoring Vulnerability management and exposure management Building a resilient cybersecurity culture Introducing new risk management techniques will undergo formal approval by the Change Approval Board (C.A.B). The role will also involve micromanaging cybersecurity engineers, penetration testing engineers, and other security personnel, ensuring compliance with NIST cybersecurity framework and DoD requirements. PHYSICAL DEMANDS: This position requires the ability to communicate and exchange information, utilizing necessary equipment to perform the job. ENVIRONMENT: This position will operate in the organization's regulatory "ROCKET FUEL MISSION INTELLIGENCE DIVISION" focusing on innovation and space exploration. Employees must be legally authorized to work in the UK. Verification of employment eligibility will be required at the time of hire. Visa sponsorship is not available for this position. QUALIFICATIONS, KEY REQUIREMENTS AND SKILLSET: 20+ years in cybersecurity and digital solutions engineering Proficiency in key generation, key lifecycle management, and risk management GSEC or Offensive Security Certified Professional (OSCP) Certified Information Security Manager (CISM) Certified Authorization Professional (CAP) Certified Network Defender (CND) Information Systems Security Architecture Professional (ISSAP) Health Care Information Security and Privacy Practitioner (HCISPP) GIAC Certified Intrusion Analyst (GCIA) GIAC Security Leadership Certificate (GSLC) Information Systems Security Engineering Professional (ISSEP) Certified Ethical Hacker (CEH) Computer Hacking Forensics Investigator (CHFI) Information Assurance System Architecture and Engineer (IASAE) Certification in one of the listed DoD 8570 Certifications is prerequisite. INTERVIEW PROCESS: STAGE 1: COGNITIVE ABILITY TEST STAGE 2: COGNITIVE ASSESSMENT SCREENING WITH A 30+ YEARS EXPERIENCE PSYCHOLOGIST STAGE 3: PRE-SCREENING (verification checks & DV security clearance) STAGE 4: INTERVIEW WITH CEO & CTO
Forter is looking for a Senior SOC Engineer to enhance our security operations and ensure robust protection against sophisticated threats. This role is crucial for maintaining our Security Operations as a high-performing and resilient hub that can quickly adapt to emerging security challenges in the fintech industry. You will take the lead in refining our SOC capabilities by monitoring network traffic, analyzing security incidents, managing security tools, automating processes, and providing expertise to SOC analysts, without having direct management responsibilities. The Senior SOC Engineer collaborates with cross-functional teams to build defenses, respond to incidents, and design strategies for robust cybersecurity posture. Why should you join us? At Forter, you'll play a critical role in defending against sophisticated threats in a high-stakes fintech environment. As a Senior SOC Engineer, you will: Shape the Future of Security : Lead initiatives to enhance our SOC capabilities, using cutting-edge technologies and automation tools to protect against advanced threats in real-time. Make an Outsized Impact : Your work will directly influence Forter's ability to safeguard millions of transactions for major clients like Nordstrom, Priceline, and ASOS, enhancing customer trust and revenue growth. Work with a Talented Team : Collaborate with industry-leading experts in cloud security, fraud prevention, and data analytics. Forter is driven by a culture of excellence, continuous learning, and innovation. Access to Leading-Edge Tools : You will have the freedom to experiment with the latest SIEM, SOAR, EDR, and cloud-native security technologies, empowering you to stay at the forefront of cybersecurity practices. This is more than just a job; it's an opportunity to grow your expertise in a dynamic, supportive environment while making a tangible impact on the digital commerce industry. What you will be doing: Security Engineering & Automation : Oversee the deployment, configuration, and tuning of SOC related security tools to enhance detection accuracy, reduce false positives, and manage end-to-end EDR operations. Drive improvements in SOC workflows, automating enrichment processes, and developing playbooks for more efficient alert handling. Security Monitoring & Threat Detection : Continuously monitor security alerts, events, and IoCs across all platforms. You'll build and deploy queries and scripts, and create dashboards and workflows to enhance visibility and reporting. Proactive Threat Hunting : Develop and implement threat hunting procedures to proactively identify potential risks and vulnerabilities before they escalate. Cloud Security Monitoring : Analyze and manage AWS security logs through the SIEM, while also engaging directly with AWS security services and CSPM responsible team for proactive defense and monitoring in the cloud environment. Incident Response : Enhance the IRP and coordinate with the SOC team and cross-functional teams during the incident response lifecycle, focusing on containment, eradication, recovery, and post-incident analysis. Vendor Coordination : Collaborate with third-party vendors as needed for managed security services and specialized tools. Mentorship : Mentor junior security team members, providing guidance on incident handling and security best practices. What you'll need? Experience : Minimum of 5+ years in SOC or incident response roles, with hands-on experience in threat detection and mitigation. Technical Skills : Strong capability in threat detection, incident response, and analysis of complex attack patterns, with a focus on the AWS environment. Skilled in writing SIEM queries, alerts, and dashboards. End-to-End Investigations & Network Protocols : Extensive experience with end-to-end investigations, handling security incidents, and deep knowledge of security network protocols, along with familiarity with the OWASP Top 10 vulnerabilities. EDR Expertise : Hands-on experience managing EDR tools, including end-to-end operations from deployment and configuration to analysis and response. Scripting & Automation : Knowledge of scripting languages such as Python, SQL, or Bash to automate SOC workflows. Core Skills : Strong problem-solving, organizational, and analytical skills, with attention to detail and a security-first approach to translating complex issues into solutions. Excellent communication skills for effective collaboration and reporting. Continuous learning mindset with an eagerness to stay updated on cybersecurity trends. It'd be cool if you also: NOT A MUST Familiar with industry frameworks (ISO 27001, PCI-DSS, SOC2, NIST, etc.) and regulatory requirements. Have one or more certifications: GCIH, GIAC, CSA, CompTIA CySA+, or other relevant certifications. About us: Digital commerce is built on trust. At every point along the eCommerce journey, businesses must make a critical decision: Can I trust this customer? Answering this simple question accurately and instantly is powerful-it can accelerate revenue growth and strengthen a company's connection with its customers. How do we do it? Forter was founded on the insight that it's not about what is being purchased, nor where-but who is behind the interaction. The Forter Decision Engine finds patterns across more than one billion identities in our dataset. We isolate fraudsters and protect customers-ensuring everyone gets the experience they deserve. Given that trust is central to how we operate, Forter is very much driven by a defined set of values. We attract remarkable talent and have retention and engagement levels that are well above benchmarks. We're meticulous about strengthening our culture as we grow and ensuring this is an environment where people can have outsized impact. Trust is backed by data - Forter is a recipient of over 10 workplace and innovation awards, including: Great Place to Work Certification (2021, 2022, 2023) Fintech Breakthrough Awards - Best Fraud Prevention Platform (2023) Life as a Forterian: We are a team of over 500 Forterians spread across 3 different continents. Since 2013, we've raised $525 million from investors such as Tiger Global, Bessemer, Sequoia Capital, March Capital and Salesforce Ventures. We're on a mission to bring trust to global digital commerce so that companies like Nordstrom, Priceline, Instacart and ASOS can block fraud, drive revenue and improve customer experience. At Forter, we believe unique people create unique ideas, and valuable experience comes in many forms. So, even if your background doesn't match everything we have listed in the job description, we still encourage you to apply and tell us why your skills and values could be an asset to us. By welcoming different perspectives, we grow together as humans and as a company. Forter is an Equal Employment Opportunity employer that will consider all qualified applicants, regardless of race, color, religion, gender, sexual orientation, marital status, gender identity or expression, national origin, genetics, age, disability status, protected veteran status, or any other characteristic protected by applicable law. If you need assistance or an accommodation due to a disability, please email us at . This information will be treated as confidential and used only for the purpose of determining an appropriate accommodation for the interview process.
10/02/2025
Full time
Forter is looking for a Senior SOC Engineer to enhance our security operations and ensure robust protection against sophisticated threats. This role is crucial for maintaining our Security Operations as a high-performing and resilient hub that can quickly adapt to emerging security challenges in the fintech industry. You will take the lead in refining our SOC capabilities by monitoring network traffic, analyzing security incidents, managing security tools, automating processes, and providing expertise to SOC analysts, without having direct management responsibilities. The Senior SOC Engineer collaborates with cross-functional teams to build defenses, respond to incidents, and design strategies for robust cybersecurity posture. Why should you join us? At Forter, you'll play a critical role in defending against sophisticated threats in a high-stakes fintech environment. As a Senior SOC Engineer, you will: Shape the Future of Security : Lead initiatives to enhance our SOC capabilities, using cutting-edge technologies and automation tools to protect against advanced threats in real-time. Make an Outsized Impact : Your work will directly influence Forter's ability to safeguard millions of transactions for major clients like Nordstrom, Priceline, and ASOS, enhancing customer trust and revenue growth. Work with a Talented Team : Collaborate with industry-leading experts in cloud security, fraud prevention, and data analytics. Forter is driven by a culture of excellence, continuous learning, and innovation. Access to Leading-Edge Tools : You will have the freedom to experiment with the latest SIEM, SOAR, EDR, and cloud-native security technologies, empowering you to stay at the forefront of cybersecurity practices. This is more than just a job; it's an opportunity to grow your expertise in a dynamic, supportive environment while making a tangible impact on the digital commerce industry. What you will be doing: Security Engineering & Automation : Oversee the deployment, configuration, and tuning of SOC related security tools to enhance detection accuracy, reduce false positives, and manage end-to-end EDR operations. Drive improvements in SOC workflows, automating enrichment processes, and developing playbooks for more efficient alert handling. Security Monitoring & Threat Detection : Continuously monitor security alerts, events, and IoCs across all platforms. You'll build and deploy queries and scripts, and create dashboards and workflows to enhance visibility and reporting. Proactive Threat Hunting : Develop and implement threat hunting procedures to proactively identify potential risks and vulnerabilities before they escalate. Cloud Security Monitoring : Analyze and manage AWS security logs through the SIEM, while also engaging directly with AWS security services and CSPM responsible team for proactive defense and monitoring in the cloud environment. Incident Response : Enhance the IRP and coordinate with the SOC team and cross-functional teams during the incident response lifecycle, focusing on containment, eradication, recovery, and post-incident analysis. Vendor Coordination : Collaborate with third-party vendors as needed for managed security services and specialized tools. Mentorship : Mentor junior security team members, providing guidance on incident handling and security best practices. What you'll need? Experience : Minimum of 5+ years in SOC or incident response roles, with hands-on experience in threat detection and mitigation. Technical Skills : Strong capability in threat detection, incident response, and analysis of complex attack patterns, with a focus on the AWS environment. Skilled in writing SIEM queries, alerts, and dashboards. End-to-End Investigations & Network Protocols : Extensive experience with end-to-end investigations, handling security incidents, and deep knowledge of security network protocols, along with familiarity with the OWASP Top 10 vulnerabilities. EDR Expertise : Hands-on experience managing EDR tools, including end-to-end operations from deployment and configuration to analysis and response. Scripting & Automation : Knowledge of scripting languages such as Python, SQL, or Bash to automate SOC workflows. Core Skills : Strong problem-solving, organizational, and analytical skills, with attention to detail and a security-first approach to translating complex issues into solutions. Excellent communication skills for effective collaboration and reporting. Continuous learning mindset with an eagerness to stay updated on cybersecurity trends. It'd be cool if you also: NOT A MUST Familiar with industry frameworks (ISO 27001, PCI-DSS, SOC2, NIST, etc.) and regulatory requirements. Have one or more certifications: GCIH, GIAC, CSA, CompTIA CySA+, or other relevant certifications. About us: Digital commerce is built on trust. At every point along the eCommerce journey, businesses must make a critical decision: Can I trust this customer? Answering this simple question accurately and instantly is powerful-it can accelerate revenue growth and strengthen a company's connection with its customers. How do we do it? Forter was founded on the insight that it's not about what is being purchased, nor where-but who is behind the interaction. The Forter Decision Engine finds patterns across more than one billion identities in our dataset. We isolate fraudsters and protect customers-ensuring everyone gets the experience they deserve. Given that trust is central to how we operate, Forter is very much driven by a defined set of values. We attract remarkable talent and have retention and engagement levels that are well above benchmarks. We're meticulous about strengthening our culture as we grow and ensuring this is an environment where people can have outsized impact. Trust is backed by data - Forter is a recipient of over 10 workplace and innovation awards, including: Great Place to Work Certification (2021, 2022, 2023) Fintech Breakthrough Awards - Best Fraud Prevention Platform (2023) Life as a Forterian: We are a team of over 500 Forterians spread across 3 different continents. Since 2013, we've raised $525 million from investors such as Tiger Global, Bessemer, Sequoia Capital, March Capital and Salesforce Ventures. We're on a mission to bring trust to global digital commerce so that companies like Nordstrom, Priceline, Instacart and ASOS can block fraud, drive revenue and improve customer experience. At Forter, we believe unique people create unique ideas, and valuable experience comes in many forms. So, even if your background doesn't match everything we have listed in the job description, we still encourage you to apply and tell us why your skills and values could be an asset to us. By welcoming different perspectives, we grow together as humans and as a company. Forter is an Equal Employment Opportunity employer that will consider all qualified applicants, regardless of race, color, religion, gender, sexual orientation, marital status, gender identity or expression, national origin, genetics, age, disability status, protected veteran status, or any other characteristic protected by applicable law. If you need assistance or an accommodation due to a disability, please email us at . This information will be treated as confidential and used only for the purpose of determining an appropriate accommodation for the interview process.
Our leading Douglas-based Finance Sector Client is seeking a leading technology professional in the role of IT Infrastructure Analyst. As IT Infrastructure Analyst you will provide, support, maintain and optimise an on-premises and cloud-based IT infrastructure, with a focus on ensuring the stability, availability and security of the network servers and systems that support business operations. The role blends technical expertise with problem-solving to maintain and improve the efficiency of the IT environment. Responsibilities - Ensure that critical infrastructure components (servers, networks, storage) are available and operational downtime Monitor systems to prevent outages and ensure business continuity Provide timely support for infrastructure related issues, trouble shooting and resolving incidents efficiently Act as an escalation point for more complex issues and work closely with support teams and peers Perform routine maintenance, updates and patching to keep systems secure and up to date Optimise infrastructure performance, identifying areas for improvement to enhance efficiency and capacity Implement and manage security protocols, firewalls and threat detection systems to safeguard the infrastructure Ensure compliance with industry standards, regulations and internal policies related to data protection and cybersecurity Maintain and implement disaster recovery plans to minimise downtime and date loss in case of failures Ensure backup systems are properly configured and tested regularly for data protection and recovery Maintain detailed documentation of network configurations, system setups, infrastructure changes and technical procedures Ensure documentation is accessible and up to date for troubleshooting and auditing purposes Work closely with other IT teams (IT Services, Architecture, Engineering/Developers. To align infrastructure with broader IT strategy Through vendor management liaise with vendors and service providers to help manage infrastructure related services and support Anticipate and plan for future infrastructure needs based on business growth, user demand and new technology adoption Ensure the infrastructure can scale seamlessly to meet organisational requirements The ideal candidate for the role of IT Infrastructure Analyst will hold: - Appropriate technical qualifications e.g. Microsoft certification, including MS Certified Azure Administration, Cisco Certified Network Association (CCNA), VMware Certified Professional (VCP), Microsoft Certified Windows Server - Knowledge and experience of Network protocols - DNS, VPN, Network devices - routers, switches, network segmentation, and VPN configurations for remote access - Skills in network troubleshooting and monitoring tools - e.g. SolarWinds - Proficiency in managing and configuring Windows Servers and Linux-based systems - Experience with Active Directory, DNS, DHCP, and domain administration - Knowledge of server virtualization platforms, such as VMware, Hyper-V for managing virtual machines - Ability to handle server backups, storage management (SAN/NAS), and recovery tasks - Deep understanding of Windows and Linux operating systems for configuration - Knowledge of OS patching, upgrades, and security hardening techniques - Experience with at least one major cloud provider (AWS, Azure, Google Cloud) - Knowledge of cloud servers like compute, storage, networking, security and managed services - Skills in cloud infrastructure deployment, including virtual networks, VM instances, storage and monitoring - Understanding of cloud security practices (IAM, VPCs, firewalls), and cost management - Familiarity with IaC tools like Terraform, Ansible, or ClourFormation and automating infrastructure provisioning and configuration - Basic scripting skills in languages like PowerShell, Bask, or Python for task automation - Experience with vulnerability management tools like Nessus, Qualys, or OpenVAS - Knowledge of endpoint security solutions (antivirus, anti-malware) and incident response procedures - Familiarity with Security Information and Event Management (SIEM) tools, like Splunk or QRadar - Ability to interpret metrics from network, server and application performance monitoring tools - Knowledge of log management tools and techniques for monitoring infrastructure health - Strong problem-solving skills for diagnosing hardware, network and software issues - Knowledge of common troubleshooting frameworks and methodologies, such as ITIL - Knowledge of virtual infrastructure management with VMware, Hyper-V, or similar platforms - Experience with configuring and managing virtualised environments for optimised resource - Understanding of containerisation concepts and tools, primarily Docker - Familiarity with orchestration platforms, especially Kubernetes, to support containerisation applications - Experience with backup and recovery software like Rubrik, Cloudian etc. - Knowledge of backup strategies (e.g. incremental, differential, full backups) and data retention policies - Skills in developing and testing disaster recovery plans to minimise downtime and ensure business continuity - Experience with offsite backup solutions, replication and high-availability configurations - Basic understanding of database management and administration for common databases like SQL server, MySQL and Oracle - Skills in database performance tuning, backup and recovery - Knowledge of Storage Area Networks (SAN), Network Attached Storage (NAS) and RAID configurations - Experience managing cloud storage options and ensuring data redundancy and scalability - Proficiency in documenting infrastructure configurations, standard operating procedures (SOPs), and troubleshooting guides - Experience using documentation tools like confluence, Microsoft SharePoint, or similar collaboration platforms - Skills in creating reports on system performance, resource utilisation, and incident trends for management - Experience with data visualisation and reporting tools like Power BI or Tableau is a plus
10/02/2025
Full time
Our leading Douglas-based Finance Sector Client is seeking a leading technology professional in the role of IT Infrastructure Analyst. As IT Infrastructure Analyst you will provide, support, maintain and optimise an on-premises and cloud-based IT infrastructure, with a focus on ensuring the stability, availability and security of the network servers and systems that support business operations. The role blends technical expertise with problem-solving to maintain and improve the efficiency of the IT environment. Responsibilities - Ensure that critical infrastructure components (servers, networks, storage) are available and operational downtime Monitor systems to prevent outages and ensure business continuity Provide timely support for infrastructure related issues, trouble shooting and resolving incidents efficiently Act as an escalation point for more complex issues and work closely with support teams and peers Perform routine maintenance, updates and patching to keep systems secure and up to date Optimise infrastructure performance, identifying areas for improvement to enhance efficiency and capacity Implement and manage security protocols, firewalls and threat detection systems to safeguard the infrastructure Ensure compliance with industry standards, regulations and internal policies related to data protection and cybersecurity Maintain and implement disaster recovery plans to minimise downtime and date loss in case of failures Ensure backup systems are properly configured and tested regularly for data protection and recovery Maintain detailed documentation of network configurations, system setups, infrastructure changes and technical procedures Ensure documentation is accessible and up to date for troubleshooting and auditing purposes Work closely with other IT teams (IT Services, Architecture, Engineering/Developers. To align infrastructure with broader IT strategy Through vendor management liaise with vendors and service providers to help manage infrastructure related services and support Anticipate and plan for future infrastructure needs based on business growth, user demand and new technology adoption Ensure the infrastructure can scale seamlessly to meet organisational requirements The ideal candidate for the role of IT Infrastructure Analyst will hold: - Appropriate technical qualifications e.g. Microsoft certification, including MS Certified Azure Administration, Cisco Certified Network Association (CCNA), VMware Certified Professional (VCP), Microsoft Certified Windows Server - Knowledge and experience of Network protocols - DNS, VPN, Network devices - routers, switches, network segmentation, and VPN configurations for remote access - Skills in network troubleshooting and monitoring tools - e.g. SolarWinds - Proficiency in managing and configuring Windows Servers and Linux-based systems - Experience with Active Directory, DNS, DHCP, and domain administration - Knowledge of server virtualization platforms, such as VMware, Hyper-V for managing virtual machines - Ability to handle server backups, storage management (SAN/NAS), and recovery tasks - Deep understanding of Windows and Linux operating systems for configuration - Knowledge of OS patching, upgrades, and security hardening techniques - Experience with at least one major cloud provider (AWS, Azure, Google Cloud) - Knowledge of cloud servers like compute, storage, networking, security and managed services - Skills in cloud infrastructure deployment, including virtual networks, VM instances, storage and monitoring - Understanding of cloud security practices (IAM, VPCs, firewalls), and cost management - Familiarity with IaC tools like Terraform, Ansible, or ClourFormation and automating infrastructure provisioning and configuration - Basic scripting skills in languages like PowerShell, Bask, or Python for task automation - Experience with vulnerability management tools like Nessus, Qualys, or OpenVAS - Knowledge of endpoint security solutions (antivirus, anti-malware) and incident response procedures - Familiarity with Security Information and Event Management (SIEM) tools, like Splunk or QRadar - Ability to interpret metrics from network, server and application performance monitoring tools - Knowledge of log management tools and techniques for monitoring infrastructure health - Strong problem-solving skills for diagnosing hardware, network and software issues - Knowledge of common troubleshooting frameworks and methodologies, such as ITIL - Knowledge of virtual infrastructure management with VMware, Hyper-V, or similar platforms - Experience with configuring and managing virtualised environments for optimised resource - Understanding of containerisation concepts and tools, primarily Docker - Familiarity with orchestration platforms, especially Kubernetes, to support containerisation applications - Experience with backup and recovery software like Rubrik, Cloudian etc. - Knowledge of backup strategies (e.g. incremental, differential, full backups) and data retention policies - Skills in developing and testing disaster recovery plans to minimise downtime and ensure business continuity - Experience with offsite backup solutions, replication and high-availability configurations - Basic understanding of database management and administration for common databases like SQL server, MySQL and Oracle - Skills in database performance tuning, backup and recovery - Knowledge of Storage Area Networks (SAN), Network Attached Storage (NAS) and RAID configurations - Experience managing cloud storage options and ensuring data redundancy and scalability - Proficiency in documenting infrastructure configurations, standard operating procedures (SOPs), and troubleshooting guides - Experience using documentation tools like confluence, Microsoft SharePoint, or similar collaboration platforms - Skills in creating reports on system performance, resource utilisation, and incident trends for management - Experience with data visualisation and reporting tools like Power BI or Tableau is a plus
Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams leading them. We'll broaden your horizons The Quality and Risk Management Team (QRM) provides leadership, guidance, and tools to help partners and staff manage quality and risk matters. The team is comprised of an Advisory and Compliance Team, a Chief Information Security Office Team, an Economic Crime Team, a Legal Team including a Commercial & Contracts Team, the Independence and Ethics Team and the Regulatory Supervisory Team, plus the Quality Monitoring Team. The team works closely with the firm's Technical Standards Group and the firm's leadership. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. Role Purpose The Business Information Risk Officer's (BIRO) (Manager grade) role is responsible for leading the Chief Information Security Office (CISO) service to BDO's business streams to effectively manage information security risk. This role will play a key part in ensuring the effectiveness of BDO's information security risk management framework, procedures, and information security control framework. The BIRO role is the focal point for effective engagement between business streams and the CISO team. This role will be a trusted adviser to business stakeholders and provide broad knowledge of the firm's security strategies, policies, standards, processes, and road maps to enable streams to understand and meet information security requirements. Leading a team of Business Information Risk Analysts and working with nominated information security risk leads in the business, the BIRO will take responsibility for assessing information security risk with the business and ensure that those risks are being managed by the risk owners. Where decisions are made to accept, reduce, share or avoid, the BIRO will ensure appropriate visibility and governance committees are informed. The BIRO will also oversee the prioritisation of activities to support business requests and the delivery of other resources supporting risk assessments always ensuring a consistent and high-quality service is being delivered to each business area. This role reports to the Cyber Security Manager. Principal Accountabilities Lead CISO's risk management service to the relevant streams, including responsibility for the performance management of the service and a team of Business Information Risk Analysts Utilising BDO's information security risk management tools, procedures and control framework ensure an accurate risk posture is understood and defined for each business stream Support the CISO team in maintaining 'information security risk communities' in the business to drive risk awareness and effective risk management Support the business streams to identify, and maintain registers of information assets including infrastructure, systems, software, devices and data Build and maintain effective relationships with the risk partners, risk owners, risk managers and other stream stakeholders. Be the voice of information security in the stream and the voice of the business within CISO and committees Develop collateral and appropriate materials to support engagement with business stakeholders, to explain CISO's role, key information security concepts and build awareness of information security risk and BDO's control framework Identify information security responsibilities and controls ownership of third parties, streams, CISO and IT security teams Proactively identify and support risk owners and managers to manage and regularly review IS risks and issues for streams Support the business to assess criticality of assets and services Lead information security aspects of business change and maturity improvements Third party due diligence assessments Gap analysis with BDO standards and policies Identifying security capability, maturity and responsibilities within streams Risk identification leading to clear business ownership and treatment actions Vulnerability and technical security assessments Technical point of contact for business and 3rd parties service providers to ensure clarity on meeting expectations or alternate approaches for managing risks Preparation of papers and supporting business attendees for committee attendance Reporting maturity, risk posture and trends to stream quality and risk partners Client due diligence and bid support Targeted security awareness, education, and risk briefings Contribution to development and implementation of security policies and standards, and the design of security services and processes Ensure that BDO policy and contractual obligations, and in turn compliance, is understood for each business stream Identify and communicate metrics and reporting requirements to stakeholders that demonstrate security controls are effective and support creation of corrective action plans to manage improvement or change where necessary Creation and maintenance of a "security toolkit" with templates of key processes and controls, communicated in language that is relevant and understandable to all audiences In support of security initiatives be able to demonstrate and track progress to all stakeholders Support on security incidents by bringing together business and technical knowledge to aid impact analysis and response People and performance management of Business Information Risk Analysts Technical Competencies Knowledge and experience of information security risk management frameworks and procedures Experience of formal risk identification, assessment, and quantification methods Knowledge of stakeholder engagement and management to achieve defined outcomes Experience of service, performance, and people management to achieve defined outcomes Highly self-motivated with keen attention to detail. The ability to build good relationships at all levels and influence stakeholders Excellent verbal, written and interpersonal communication skills. Listens and communicates technical subjects to both technical and nontechnical audiences, flexes style to suit the needs of the audience. Ability to work with others effectively, with 3rd parties, internal teams, promoting knowledge sharing within and across teams. Experience of managing and directing teams setting clear and achievable objectives aligned to the expected outcomes for the role A good understanding of security frameworks including ISO27001/2, Cyber Essentials Plus, CIS Top 20, Data Protection Act 2018, OWASP Top 10. Have a relevant industry certification such as CISSP, CISM, CRISC, BRMP or similar. NB: The above list of job duties is not exclusive or exhaustive and the post holder will be required to undertake such tasks as may reasonably be expected within the scope and grading of the post. Job descriptions should be regularly reviewed to ensure they are an accurate representation of the post. You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy . click apply for full job details
10/02/2025
Full time
Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams leading them. We'll broaden your horizons The Quality and Risk Management Team (QRM) provides leadership, guidance, and tools to help partners and staff manage quality and risk matters. The team is comprised of an Advisory and Compliance Team, a Chief Information Security Office Team, an Economic Crime Team, a Legal Team including a Commercial & Contracts Team, the Independence and Ethics Team and the Regulatory Supervisory Team, plus the Quality Monitoring Team. The team works closely with the firm's Technical Standards Group and the firm's leadership. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. Role Purpose The Business Information Risk Officer's (BIRO) (Manager grade) role is responsible for leading the Chief Information Security Office (CISO) service to BDO's business streams to effectively manage information security risk. This role will play a key part in ensuring the effectiveness of BDO's information security risk management framework, procedures, and information security control framework. The BIRO role is the focal point for effective engagement between business streams and the CISO team. This role will be a trusted adviser to business stakeholders and provide broad knowledge of the firm's security strategies, policies, standards, processes, and road maps to enable streams to understand and meet information security requirements. Leading a team of Business Information Risk Analysts and working with nominated information security risk leads in the business, the BIRO will take responsibility for assessing information security risk with the business and ensure that those risks are being managed by the risk owners. Where decisions are made to accept, reduce, share or avoid, the BIRO will ensure appropriate visibility and governance committees are informed. The BIRO will also oversee the prioritisation of activities to support business requests and the delivery of other resources supporting risk assessments always ensuring a consistent and high-quality service is being delivered to each business area. This role reports to the Cyber Security Manager. Principal Accountabilities Lead CISO's risk management service to the relevant streams, including responsibility for the performance management of the service and a team of Business Information Risk Analysts Utilising BDO's information security risk management tools, procedures and control framework ensure an accurate risk posture is understood and defined for each business stream Support the CISO team in maintaining 'information security risk communities' in the business to drive risk awareness and effective risk management Support the business streams to identify, and maintain registers of information assets including infrastructure, systems, software, devices and data Build and maintain effective relationships with the risk partners, risk owners, risk managers and other stream stakeholders. Be the voice of information security in the stream and the voice of the business within CISO and committees Develop collateral and appropriate materials to support engagement with business stakeholders, to explain CISO's role, key information security concepts and build awareness of information security risk and BDO's control framework Identify information security responsibilities and controls ownership of third parties, streams, CISO and IT security teams Proactively identify and support risk owners and managers to manage and regularly review IS risks and issues for streams Support the business to assess criticality of assets and services Lead information security aspects of business change and maturity improvements Third party due diligence assessments Gap analysis with BDO standards and policies Identifying security capability, maturity and responsibilities within streams Risk identification leading to clear business ownership and treatment actions Vulnerability and technical security assessments Technical point of contact for business and 3rd parties service providers to ensure clarity on meeting expectations or alternate approaches for managing risks Preparation of papers and supporting business attendees for committee attendance Reporting maturity, risk posture and trends to stream quality and risk partners Client due diligence and bid support Targeted security awareness, education, and risk briefings Contribution to development and implementation of security policies and standards, and the design of security services and processes Ensure that BDO policy and contractual obligations, and in turn compliance, is understood for each business stream Identify and communicate metrics and reporting requirements to stakeholders that demonstrate security controls are effective and support creation of corrective action plans to manage improvement or change where necessary Creation and maintenance of a "security toolkit" with templates of key processes and controls, communicated in language that is relevant and understandable to all audiences In support of security initiatives be able to demonstrate and track progress to all stakeholders Support on security incidents by bringing together business and technical knowledge to aid impact analysis and response People and performance management of Business Information Risk Analysts Technical Competencies Knowledge and experience of information security risk management frameworks and procedures Experience of formal risk identification, assessment, and quantification methods Knowledge of stakeholder engagement and management to achieve defined outcomes Experience of service, performance, and people management to achieve defined outcomes Highly self-motivated with keen attention to detail. The ability to build good relationships at all levels and influence stakeholders Excellent verbal, written and interpersonal communication skills. Listens and communicates technical subjects to both technical and nontechnical audiences, flexes style to suit the needs of the audience. Ability to work with others effectively, with 3rd parties, internal teams, promoting knowledge sharing within and across teams. Experience of managing and directing teams setting clear and achievable objectives aligned to the expected outcomes for the role A good understanding of security frameworks including ISO27001/2, Cyber Essentials Plus, CIS Top 20, Data Protection Act 2018, OWASP Top 10. Have a relevant industry certification such as CISSP, CISM, CRISC, BRMP or similar. NB: The above list of job duties is not exclusive or exhaustive and the post holder will be required to undertake such tasks as may reasonably be expected within the scope and grading of the post. Job descriptions should be regularly reviewed to ensure they are an accurate representation of the post. You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy . click apply for full job details
About the role Are you ready to step into a CISO position? Tesco Mobile is seeking a dedicated Security professional to join as their Chief Information Security Officer (CISO) who will have a significant role in crafting the future of our cyber security landscape. This is an outstanding opportunity to lead a world-class cyber security strategy within a dynamic and evolving business environment. By joining Tesco Mobile, you will be at the forefront of ensuring flawless security measures that protect our customers and business operations. You will report to Tesco Mobile's General Counsel and be part of our Cyber Security Chapter. You will collaborate with experts from Legal, Regulatory, Compliance, and Risk Management within our Business Integrity Centre of Excellence. You will be responsible for Key responsibilities: Be the face of security. Cultivate positive relationships, promote security, and discover opportunities for security to make valuable contributions within the business. Understand the security posture of the business and its processes in order to effectively engage them in the security improvement recommendations and cyber risk management. Be responsible for leading the cyber security strategy within the business and present risk-based security position and recommendations to management and executive teams. Drive the information security improvement plans which includes incorporating Tesco Group security requirements. Ensure adequate registration, analysis, resolution and reporting of privacy and information security incidents. Craft and coordinate information security assessments, pen testing, reviews and audits. Provide technical oversight of all security tooling and infrastructure services in use; Make recommendations on configuration and implementation improvements. Own third party vendor management for security services. Monitor and respond to emerging threat patterns, vulnerabilities and anomalies. Responsible for collaborating with the Tesco Group Security Operations team to help ensure the entire Tesco Group are protected against emerging threats. Ensure sufficient security assurance between collaborators (i.e. Tesco, Tesco Mobile, and Virgin Media O2) regarding cyber security for Virgin Media O2. You will need Extensive knowledge and experience in Cyber/Information Security to effectively collaborate with and support various collaborators. Strong working knowledge of security management principles and practices, including vulnerability management, event management, application security, Identity management, incident response. Excellent collaborator and ability to inspire change. Demonstrated ability to engage with a diverse set of collaborators and foster a security culture. Detail-oriented individual with a strong analytical background. Ideally previously hands on role in one of these domains, networks, sysadmin, software developer, security analyst. Security qualifications such as CISM, CISSP, CISA or equivalent. What's in it for you We're all about the little helps. That's why we make sure our Tesco colleague benefits package takes care of you - both in and out of work. Click Here to find out more! Annual bonus scheme of up to 45% of base salary. Car Cash Allowance. Holiday starting at 25 days plus a personal day (plus Bank holidays). Private medical insurance. Retirement savings plan - save between 6% - 10% and Tesco will contribute 1.5 times this amount. 26 weeks maternity and adoption leave (after 1 years' service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 6 weeks fully paid paternity leave. About us Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is 'Serving our customers, communities and planet a little better every day'. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet. Diversity, equity and inclusion (DE&I) at Tesco means that whoever you are and whatever your background, we always want you to feel represented and that you can be yourself at work. In short, we're a place where Everyone's Welcome . We're proud to have been accredited Disability Confident Leader and we're committed to providing a fully inclusive and accessible recruitment process. For further information on the accessibility support we can offer, please click here . We're a big business and we can offer a range of diverse full-time & part-time working patterns across our many business areas, which means that we can find something that works for you. We work in a more blended pattern - combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate.
09/02/2025
Full time
About the role Are you ready to step into a CISO position? Tesco Mobile is seeking a dedicated Security professional to join as their Chief Information Security Officer (CISO) who will have a significant role in crafting the future of our cyber security landscape. This is an outstanding opportunity to lead a world-class cyber security strategy within a dynamic and evolving business environment. By joining Tesco Mobile, you will be at the forefront of ensuring flawless security measures that protect our customers and business operations. You will report to Tesco Mobile's General Counsel and be part of our Cyber Security Chapter. You will collaborate with experts from Legal, Regulatory, Compliance, and Risk Management within our Business Integrity Centre of Excellence. You will be responsible for Key responsibilities: Be the face of security. Cultivate positive relationships, promote security, and discover opportunities for security to make valuable contributions within the business. Understand the security posture of the business and its processes in order to effectively engage them in the security improvement recommendations and cyber risk management. Be responsible for leading the cyber security strategy within the business and present risk-based security position and recommendations to management and executive teams. Drive the information security improvement plans which includes incorporating Tesco Group security requirements. Ensure adequate registration, analysis, resolution and reporting of privacy and information security incidents. Craft and coordinate information security assessments, pen testing, reviews and audits. Provide technical oversight of all security tooling and infrastructure services in use; Make recommendations on configuration and implementation improvements. Own third party vendor management for security services. Monitor and respond to emerging threat patterns, vulnerabilities and anomalies. Responsible for collaborating with the Tesco Group Security Operations team to help ensure the entire Tesco Group are protected against emerging threats. Ensure sufficient security assurance between collaborators (i.e. Tesco, Tesco Mobile, and Virgin Media O2) regarding cyber security for Virgin Media O2. You will need Extensive knowledge and experience in Cyber/Information Security to effectively collaborate with and support various collaborators. Strong working knowledge of security management principles and practices, including vulnerability management, event management, application security, Identity management, incident response. Excellent collaborator and ability to inspire change. Demonstrated ability to engage with a diverse set of collaborators and foster a security culture. Detail-oriented individual with a strong analytical background. Ideally previously hands on role in one of these domains, networks, sysadmin, software developer, security analyst. Security qualifications such as CISM, CISSP, CISA or equivalent. What's in it for you We're all about the little helps. That's why we make sure our Tesco colleague benefits package takes care of you - both in and out of work. Click Here to find out more! Annual bonus scheme of up to 45% of base salary. Car Cash Allowance. Holiday starting at 25 days plus a personal day (plus Bank holidays). Private medical insurance. Retirement savings plan - save between 6% - 10% and Tesco will contribute 1.5 times this amount. 26 weeks maternity and adoption leave (after 1 years' service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 6 weeks fully paid paternity leave. About us Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is 'Serving our customers, communities and planet a little better every day'. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet. Diversity, equity and inclusion (DE&I) at Tesco means that whoever you are and whatever your background, we always want you to feel represented and that you can be yourself at work. In short, we're a place where Everyone's Welcome . We're proud to have been accredited Disability Confident Leader and we're committed to providing a fully inclusive and accessible recruitment process. For further information on the accessibility support we can offer, please click here . We're a big business and we can offer a range of diverse full-time & part-time working patterns across our many business areas, which means that we can find something that works for you. We work in a more blended pattern - combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate.
Chief Information Security Officer (CISO) Tesco Mobile About the role Are you ready to step into a CISO position? Tesco Mobile is seeking a dedicated Security professional to join as their Chief Information Security Officer (CISO) who will have a significant role in crafting the future of our cyber security landscape. This is an outstanding opportunity to lead a world-class cyber security strategy within a dynamic and evolving business environment. By joining Tesco Mobile, you will be at the forefront of ensuring flawless security measures that protect our customers and business operations. You will report to Tesco Mobile's General Counsel and be part of our Cyber Security Chapter. You will collaborate with experts from Legal, Regulatory, Compliance, and Risk Management within our Business Integrity Centre of Excellence. You will be responsible for Key responsibilities: Be the face of security. Cultivate positive relationships, promote security, and discover opportunities for security to make valuable contributions within the business. Understand the security posture of the business and its processes in order to effectively engage them in the security improvement recommendations and cyber risk management. Be responsible for leading the cyber security strategy within the business and present risk-based security position and recommendations to management and executive teams. Drive the information security improvement plans which includes incorporating Tesco Group security requirements. Ensure adequate registration, analysis, resolution and reporting of privacy and information security incidents. Craft and coordinate information security assessments, pen testing, reviews and audits. Provide technical oversight of all security tooling and infrastructure services in use; Make recommendations on configuration and implementation improvements. Own third party vendor management for security services. Monitor and respond to emerging threat patterns, vulnerabilities and anomalies. Responsible for collaborating with the Tesco Group Security Operations team to help ensure the entire Tesco Group are protected against emerging threats. Ensure sufficient security assurance between collaborators (i.e. Tesco, Tesco Mobile, and Virgin Media O2) regarding cyber security for Virgin Media O2. You will need Extensive knowledge and experience in Cyber/Information Security to effectively collaborate with and support various collaborators. Strong working knowledge of security management principles and practices, including vulnerability management, event management, application security, Identity management, incident response. Excellent collaborator and ability to inspire change. Demonstrated ability to engage with a diverse set of collaborators and foster a security culture. Detail-oriented individual with a strong analytical background. Ideally previously hands on role in one of these domains, networks, sysadmin, software developer, security analyst. Security qualifications such as CISM, CISSP, CISA or equivalent. What's in it for you We're all about the little helps. That's why we make sure our Tesco colleague benefits package takes care of you - both in and out of work. Annual bonus scheme of up to 45% of base salary. Car Cash Allowance. Holiday starting at 25 days plus a personal day (plus Bank holidays). Private medical insurance. Retirement savings plan - save between 6% - 10% and Tesco will contribute 1.5 times this amount. 26 weeks maternity and adoption leave (after 1 years' service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 6 weeks fully paid paternity leave. About us Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is 'Serving our customers, communities and planet a little better every day'. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet. Diversity, equity and inclusion (DE&I) at Tesco means that whoever you are and whatever your background, we always want you to feel represented and that you can be yourself at work. In short, we're a place where Everyone's Welcome . We're proud to have been accredited Disability Confident Leader and we're committed to providing a fully inclusive and accessible recruitment process. For further information on the accessibility support we can offer, please click here. We're a big business and we can offer a range of diverse full-time & part-time working patterns across our many business areas, which means that we can find something that works for you. We work in a more blended pattern -combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate.
09/02/2025
Full time
Chief Information Security Officer (CISO) Tesco Mobile About the role Are you ready to step into a CISO position? Tesco Mobile is seeking a dedicated Security professional to join as their Chief Information Security Officer (CISO) who will have a significant role in crafting the future of our cyber security landscape. This is an outstanding opportunity to lead a world-class cyber security strategy within a dynamic and evolving business environment. By joining Tesco Mobile, you will be at the forefront of ensuring flawless security measures that protect our customers and business operations. You will report to Tesco Mobile's General Counsel and be part of our Cyber Security Chapter. You will collaborate with experts from Legal, Regulatory, Compliance, and Risk Management within our Business Integrity Centre of Excellence. You will be responsible for Key responsibilities: Be the face of security. Cultivate positive relationships, promote security, and discover opportunities for security to make valuable contributions within the business. Understand the security posture of the business and its processes in order to effectively engage them in the security improvement recommendations and cyber risk management. Be responsible for leading the cyber security strategy within the business and present risk-based security position and recommendations to management and executive teams. Drive the information security improvement plans which includes incorporating Tesco Group security requirements. Ensure adequate registration, analysis, resolution and reporting of privacy and information security incidents. Craft and coordinate information security assessments, pen testing, reviews and audits. Provide technical oversight of all security tooling and infrastructure services in use; Make recommendations on configuration and implementation improvements. Own third party vendor management for security services. Monitor and respond to emerging threat patterns, vulnerabilities and anomalies. Responsible for collaborating with the Tesco Group Security Operations team to help ensure the entire Tesco Group are protected against emerging threats. Ensure sufficient security assurance between collaborators (i.e. Tesco, Tesco Mobile, and Virgin Media O2) regarding cyber security for Virgin Media O2. You will need Extensive knowledge and experience in Cyber/Information Security to effectively collaborate with and support various collaborators. Strong working knowledge of security management principles and practices, including vulnerability management, event management, application security, Identity management, incident response. Excellent collaborator and ability to inspire change. Demonstrated ability to engage with a diverse set of collaborators and foster a security culture. Detail-oriented individual with a strong analytical background. Ideally previously hands on role in one of these domains, networks, sysadmin, software developer, security analyst. Security qualifications such as CISM, CISSP, CISA or equivalent. What's in it for you We're all about the little helps. That's why we make sure our Tesco colleague benefits package takes care of you - both in and out of work. Annual bonus scheme of up to 45% of base salary. Car Cash Allowance. Holiday starting at 25 days plus a personal day (plus Bank holidays). Private medical insurance. Retirement savings plan - save between 6% - 10% and Tesco will contribute 1.5 times this amount. 26 weeks maternity and adoption leave (after 1 years' service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 6 weeks fully paid paternity leave. About us Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is 'Serving our customers, communities and planet a little better every day'. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet. Diversity, equity and inclusion (DE&I) at Tesco means that whoever you are and whatever your background, we always want you to feel represented and that you can be yourself at work. In short, we're a place where Everyone's Welcome . We're proud to have been accredited Disability Confident Leader and we're committed to providing a fully inclusive and accessible recruitment process. For further information on the accessibility support we can offer, please click here. We're a big business and we can offer a range of diverse full-time & part-time working patterns across our many business areas, which means that we can find something that works for you. We work in a more blended pattern -combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate.
Daintta are a rapidly growing, values-driven team of specialists who work with government clients across Cyber, Telecommunications and Data. We are seeking a talented and motivated Data Architect to join our team and contribute to our mission of protecting the UK through data-driven insights and solutions. As a Data Architect, you will work closely with our public sector clients and project teams to collect, analyse and interpret complex data sets, providing valuable insights that support evidence-based decision-making. Key Responsibilities Leading client projects and providing subject matter expertise Assessing your clients' technical needs and understanding how their needs are different from wants and managing clients' stakeholders relationship appropriately Identifying data sources, data extraction, transformation, and loading (ETL/ELT) concepts and methods Developing suitable data governance and provenance strategies and how they will be implemented in data architecture Designing and evaluating on-premise, cloud-based and hybrid data solutions (including providing review and guidance on testing aspects, identification of risks and proposing and implementing their mitigations) Modelling, structuring and storing data along with their data flows for uses including - but not limited to - analytics, machine learning, data mining, compliance, business intelligence, sharing with applications and organisations Understanding industry-recognised data modelling patterns and standards, and when to apply them. Compare and align different data models. Designing appropriate metadata repositories and presenting changes to existing metadata repositories Understanding a range of tools for storing and working with metadata Designing data architecture that deals with problems spanning different business areas, producing appropriate design patterns (often supporting data science, business intelligence and business reporting purposes) Applying ethical principles in handling data Ensuring appropriate storage of data in line with relevant legislation Building in security, compliance, scalability, efficiency, reliability, fidelity, flexibility and portability Accurately delivering high quality work to agreed timelines and taking the initiative Supporting client engagements, including pitches and presentations Helping to support & grow Daintta by actively inputting into the company strategy and helping to shape our future Representing us and our core values: Transparent, Fair and Daring Skills/Knowledge You have 5+ years of degree level industry experience in data related industries (e.g. as a data engineer, data analyst, data scientist) and more recently as a data architect, preferably in a consultancy or industry setting You have proven experience in listening to the needs of technical and business stakeholders, interpreting them into data problems and/or engineering problems and suitably designing data architectures You have led client delivery across a range of projects for delivering data platforms, e.g. data analysis, ETL/ELT, machine learning pipelines/deployments, business intelligence reporting, data security. You have proven experience in their technologies You have developed data governance plans that are in line with ethical considerations, (cyber)security & relevant legislation, and designed their implementation You have experience working on cloud-based infrastructure (e.g. AWS, Azure, GCP) You have demonstrable continuous personal development with relevant data certifications and accreditations You have experience with CI/CD tooling to analyse, build, test and deploy code and proven experience in their technologies You understand deployment and DevOps strategies (on-prem and cloud) to support the design of data architectures that will be deployed You have experience in database technologies including writing complex queries against their (relational and non-relational) data stores (e.g. Postgres, Apache Hadoop, Elasticsearch, Graph databases), and designing the database schemas to support those queries You have a good understanding of coding best practices & design patterns and experience with code & data versioning, dependency management, error handling, logging, data monitoring, data validation and alerting You have strong interpersonal skills You have UK security clearance at SC or above or are eligible and willing to go through clearance Location? Hybrid, with 2-3 days working from Daintta office (London or Cheltenham) or on client site as required. What's in it for you? You will be joining the company at Daintta "Manager" grade. In addition to being rewarded fairly for your contribution to the business, you get to work in a dynamic organisation that is agile and responsive. A business that is growing fast and where you get to drive and shape the future. A place where you are respected by everyone and your voice is important. Somewhere where you can be innovative and creative. A place where you have the opportunity to learn about all aspects of business from marketing to sales, to delivery and business operations. Security Information Due to the nature of this position, you must be willing and eligible to achieve a minimum of SC clearance. To qualify, you must be a British Citizen and have resided in the UK for the last 5 years. For more information about clearance eligibility, please see .
09/02/2025
Full time
Daintta are a rapidly growing, values-driven team of specialists who work with government clients across Cyber, Telecommunications and Data. We are seeking a talented and motivated Data Architect to join our team and contribute to our mission of protecting the UK through data-driven insights and solutions. As a Data Architect, you will work closely with our public sector clients and project teams to collect, analyse and interpret complex data sets, providing valuable insights that support evidence-based decision-making. Key Responsibilities Leading client projects and providing subject matter expertise Assessing your clients' technical needs and understanding how their needs are different from wants and managing clients' stakeholders relationship appropriately Identifying data sources, data extraction, transformation, and loading (ETL/ELT) concepts and methods Developing suitable data governance and provenance strategies and how they will be implemented in data architecture Designing and evaluating on-premise, cloud-based and hybrid data solutions (including providing review and guidance on testing aspects, identification of risks and proposing and implementing their mitigations) Modelling, structuring and storing data along with their data flows for uses including - but not limited to - analytics, machine learning, data mining, compliance, business intelligence, sharing with applications and organisations Understanding industry-recognised data modelling patterns and standards, and when to apply them. Compare and align different data models. Designing appropriate metadata repositories and presenting changes to existing metadata repositories Understanding a range of tools for storing and working with metadata Designing data architecture that deals with problems spanning different business areas, producing appropriate design patterns (often supporting data science, business intelligence and business reporting purposes) Applying ethical principles in handling data Ensuring appropriate storage of data in line with relevant legislation Building in security, compliance, scalability, efficiency, reliability, fidelity, flexibility and portability Accurately delivering high quality work to agreed timelines and taking the initiative Supporting client engagements, including pitches and presentations Helping to support & grow Daintta by actively inputting into the company strategy and helping to shape our future Representing us and our core values: Transparent, Fair and Daring Skills/Knowledge You have 5+ years of degree level industry experience in data related industries (e.g. as a data engineer, data analyst, data scientist) and more recently as a data architect, preferably in a consultancy or industry setting You have proven experience in listening to the needs of technical and business stakeholders, interpreting them into data problems and/or engineering problems and suitably designing data architectures You have led client delivery across a range of projects for delivering data platforms, e.g. data analysis, ETL/ELT, machine learning pipelines/deployments, business intelligence reporting, data security. You have proven experience in their technologies You have developed data governance plans that are in line with ethical considerations, (cyber)security & relevant legislation, and designed their implementation You have experience working on cloud-based infrastructure (e.g. AWS, Azure, GCP) You have demonstrable continuous personal development with relevant data certifications and accreditations You have experience with CI/CD tooling to analyse, build, test and deploy code and proven experience in their technologies You understand deployment and DevOps strategies (on-prem and cloud) to support the design of data architectures that will be deployed You have experience in database technologies including writing complex queries against their (relational and non-relational) data stores (e.g. Postgres, Apache Hadoop, Elasticsearch, Graph databases), and designing the database schemas to support those queries You have a good understanding of coding best practices & design patterns and experience with code & data versioning, dependency management, error handling, logging, data monitoring, data validation and alerting You have strong interpersonal skills You have UK security clearance at SC or above or are eligible and willing to go through clearance Location? Hybrid, with 2-3 days working from Daintta office (London or Cheltenham) or on client site as required. What's in it for you? You will be joining the company at Daintta "Manager" grade. In addition to being rewarded fairly for your contribution to the business, you get to work in a dynamic organisation that is agile and responsive. A business that is growing fast and where you get to drive and shape the future. A place where you are respected by everyone and your voice is important. Somewhere where you can be innovative and creative. A place where you have the opportunity to learn about all aspects of business from marketing to sales, to delivery and business operations. Security Information Due to the nature of this position, you must be willing and eligible to achieve a minimum of SC clearance. To qualify, you must be a British Citizen and have resided in the UK for the last 5 years. For more information about clearance eligibility, please see .
Senior Data Resilience Tooling Manager Lloyds Banking Group London - hybrid working two days per week in the office & rest from home Salary & Benefits: £100,657 - £118,420 per annum (experience dependent), plus annual personal bonus, 15% employer pension contribution, flexible benefits package, private medical insurance, 30 days holiday plus bank holidays. Flexibility Works: We're extremely flexible employers, offering a range of options to suit your lifestyle including flexible hours, flex-summer holidays, flex-bank holidays, great parental support and a real focus on finding work-life balance! About us We're the Chief Data & Analytics Office (CDAO) within Lloyds Banking Group! The mission of Group Chief Data and Analytics Office is to promote, embed and commercialise Data and Analytics practice and culture across Lloyds Banking Group. The Data Resilience team is a new chapter within the Chief Data and Analytics Office. It has the responsibility to define and embed new Strategies, Operating Models and Control Frameworks to protect the Banks critical data services that our customers, colleagues and the market rely upon. Background The aim of the team is to protect our customers, colleagues & markets by ensuring we comply with the spirit of the regulatory requirements for operational resilience established by the Bank of England, FCA and PRA. The Data Resilience team have 3 main objectives: Setting up a Data Pillar: identify & define critical data assets supporting critical business processes. Finding innovative and pioneering solutions to deliver Data Pillar in ServiceNow - perhaps first in the industry. Assess level of resilience around those assets. Key part of the assignment is to define/design/test and implement tooling requirements around this. Currently we use ServiceNow and InsPi Designer but are also looking into AI automation in 2025 to reduce manual overhead. The Data Resilience team are managing the E2E delivery of Data Resilience & Data Pillar Set-up, from requirements gathering, definition, user stories, ServiceNow platform, agree solutions, do the build, testing, implementation etc About the Role As part of the Programme, we are improving and developing the Bank's Operational resilience capability around our Important Business Services in line with published FCA and PRA regulation. In the Data workstream we are developing our ServiceNow and Tooling capability to stand-up a new Data Pillar alongside our existing Technology, People, Property and Supply Chain Pillars. This will enable the Bank to understand, map its critical data assets and assess data resilience across our businesses. You'll focus on what is required to make data resilient, how the data flows, where it is stored, and how do we make the processes surrounding it resilient. This role is looking at business services, applications, assets. You'll need to understand asset classes and have a technical mindset. The role looks at how the data flow and how resilient it is, which includes understanding the elements around it, like messaging queues, batches, databases, external connections and the controls dimensions for integrity, availability and protection. This is not a Data Governance or data quality management role. Key Responsibilities: You'll lead on the implementation of ServiceNow Data Resilience, from inception of requirements to testing of solutions. You'll lead a small team to ensure the business is set up for success in using the tool and that requirements are understood and implemented in an agile way. You'll lead on the end-to-end testing cycles, refining delivered solutions and ensuring alignment with Data Resilience strategy. You'll look at how data flows from source to destination across the technology landscape and what can be done to ensure there is no data loss, data corruption, ransomware/malware attacks and the data can be recovered within the impact tolerance of Important Business Services. You'll understand upcoming regulatory requirements that will impact Data Resilience and the tooling solution (DORA, CTP, Outsourcing and Operational Resilience Regulations etc.). You'll support the establishment of controls and assessment frameworks that identify data vulnerabilities across a complex data and technical landscape (e.g., on premise, 3rd party, middleware, databases, 3rd party applications, messaging queues, data feeds, data connections, APIs, batches, and cloud environments). You'll support the embedding of data assessments engaging a large and diverse stakeholder group including target operating model design, data resilience MI design, data resilience RCSA design, changes to operational resilience, data security, technology, and data policies to embed the standards governing data resilience. You'll analyse outcomes of data resilience annual assessments and identify vulnerabilities from a data perspective across availability, integrity, and security of data. You'll support the creation of data lineage using Ins-Pi and ServiceNow outlining the applications required for each step of the journey, upstream and downstream applications, how data moves in transit or is held at rest across the technology landscape. You'll present findings at senior Governance forums and help drive/shape the execution plan to remediate vulnerabilities next year. What we're looking for We'd welcome applicants from diverse cultural and technological backgrounds, however financial services exposure will be important for this position. We will need to see evidence of the following in your CV: Expert level of understanding of ServiceNow GRC, with experience of implementing bespoke modules. Experience of managing SME's including Solution Architects, Business Analysts & QA Testers. Experience in identifying data resiliency issues on middleware components e.g. batches, messaging queues, third party data connections, encryption, data recovery & backup, data vaulting, data integrity, and cloud technologies. Financial Services experience and exposure to understanding some but not all; payments, cards, pensions, insurance, markets, trade & settlement, logon customer journeys. Technical knowledge of FCA, PRA, EBA guidelines on operational resilience. Strong experience in managing risks and controls. Ability to present to C-Suite level executives and explain complex detail in a consumable format. Desirable (but please apply if you don't have them!) Exposure to Ins-pi Designer for drawing data lineage. Strong experience in batches, messaging queues, third party data connections, encryption, data recovery & backup, data vaulting, data integrity and cloud technologies is essential. Strong experience in Disaster Recovery, back-up and restore, cyber threats and monitoring, data encryption domains. About working for us We want our people to feel that they belong and can be their best, regardless of background, identity or culture. We were one of the first major organisations to set goals on diversity in senior roles, create a menopause health package, and a dedicated Working with Cancer initiative. We're disability confident. So, if you'd like reasonable adjustments to be made to our recruitment processes, just let us know. Ready for a career where you can have a positive impact as you learn, grow and thrive? Apply today and find out more!
08/02/2025
Full time
Senior Data Resilience Tooling Manager Lloyds Banking Group London - hybrid working two days per week in the office & rest from home Salary & Benefits: £100,657 - £118,420 per annum (experience dependent), plus annual personal bonus, 15% employer pension contribution, flexible benefits package, private medical insurance, 30 days holiday plus bank holidays. Flexibility Works: We're extremely flexible employers, offering a range of options to suit your lifestyle including flexible hours, flex-summer holidays, flex-bank holidays, great parental support and a real focus on finding work-life balance! About us We're the Chief Data & Analytics Office (CDAO) within Lloyds Banking Group! The mission of Group Chief Data and Analytics Office is to promote, embed and commercialise Data and Analytics practice and culture across Lloyds Banking Group. The Data Resilience team is a new chapter within the Chief Data and Analytics Office. It has the responsibility to define and embed new Strategies, Operating Models and Control Frameworks to protect the Banks critical data services that our customers, colleagues and the market rely upon. Background The aim of the team is to protect our customers, colleagues & markets by ensuring we comply with the spirit of the regulatory requirements for operational resilience established by the Bank of England, FCA and PRA. The Data Resilience team have 3 main objectives: Setting up a Data Pillar: identify & define critical data assets supporting critical business processes. Finding innovative and pioneering solutions to deliver Data Pillar in ServiceNow - perhaps first in the industry. Assess level of resilience around those assets. Key part of the assignment is to define/design/test and implement tooling requirements around this. Currently we use ServiceNow and InsPi Designer but are also looking into AI automation in 2025 to reduce manual overhead. The Data Resilience team are managing the E2E delivery of Data Resilience & Data Pillar Set-up, from requirements gathering, definition, user stories, ServiceNow platform, agree solutions, do the build, testing, implementation etc About the Role As part of the Programme, we are improving and developing the Bank's Operational resilience capability around our Important Business Services in line with published FCA and PRA regulation. In the Data workstream we are developing our ServiceNow and Tooling capability to stand-up a new Data Pillar alongside our existing Technology, People, Property and Supply Chain Pillars. This will enable the Bank to understand, map its critical data assets and assess data resilience across our businesses. You'll focus on what is required to make data resilient, how the data flows, where it is stored, and how do we make the processes surrounding it resilient. This role is looking at business services, applications, assets. You'll need to understand asset classes and have a technical mindset. The role looks at how the data flow and how resilient it is, which includes understanding the elements around it, like messaging queues, batches, databases, external connections and the controls dimensions for integrity, availability and protection. This is not a Data Governance or data quality management role. Key Responsibilities: You'll lead on the implementation of ServiceNow Data Resilience, from inception of requirements to testing of solutions. You'll lead a small team to ensure the business is set up for success in using the tool and that requirements are understood and implemented in an agile way. You'll lead on the end-to-end testing cycles, refining delivered solutions and ensuring alignment with Data Resilience strategy. You'll look at how data flows from source to destination across the technology landscape and what can be done to ensure there is no data loss, data corruption, ransomware/malware attacks and the data can be recovered within the impact tolerance of Important Business Services. You'll understand upcoming regulatory requirements that will impact Data Resilience and the tooling solution (DORA, CTP, Outsourcing and Operational Resilience Regulations etc.). You'll support the establishment of controls and assessment frameworks that identify data vulnerabilities across a complex data and technical landscape (e.g., on premise, 3rd party, middleware, databases, 3rd party applications, messaging queues, data feeds, data connections, APIs, batches, and cloud environments). You'll support the embedding of data assessments engaging a large and diverse stakeholder group including target operating model design, data resilience MI design, data resilience RCSA design, changes to operational resilience, data security, technology, and data policies to embed the standards governing data resilience. You'll analyse outcomes of data resilience annual assessments and identify vulnerabilities from a data perspective across availability, integrity, and security of data. You'll support the creation of data lineage using Ins-Pi and ServiceNow outlining the applications required for each step of the journey, upstream and downstream applications, how data moves in transit or is held at rest across the technology landscape. You'll present findings at senior Governance forums and help drive/shape the execution plan to remediate vulnerabilities next year. What we're looking for We'd welcome applicants from diverse cultural and technological backgrounds, however financial services exposure will be important for this position. We will need to see evidence of the following in your CV: Expert level of understanding of ServiceNow GRC, with experience of implementing bespoke modules. Experience of managing SME's including Solution Architects, Business Analysts & QA Testers. Experience in identifying data resiliency issues on middleware components e.g. batches, messaging queues, third party data connections, encryption, data recovery & backup, data vaulting, data integrity, and cloud technologies. Financial Services experience and exposure to understanding some but not all; payments, cards, pensions, insurance, markets, trade & settlement, logon customer journeys. Technical knowledge of FCA, PRA, EBA guidelines on operational resilience. Strong experience in managing risks and controls. Ability to present to C-Suite level executives and explain complex detail in a consumable format. Desirable (but please apply if you don't have them!) Exposure to Ins-pi Designer for drawing data lineage. Strong experience in batches, messaging queues, third party data connections, encryption, data recovery & backup, data vaulting, data integrity and cloud technologies is essential. Strong experience in Disaster Recovery, back-up and restore, cyber threats and monitoring, data encryption domains. About working for us We want our people to feel that they belong and can be their best, regardless of background, identity or culture. We were one of the first major organisations to set goals on diversity in senior roles, create a menopause health package, and a dedicated Working with Cancer initiative. We're disability confident. So, if you'd like reasonable adjustments to be made to our recruitment processes, just let us know. Ready for a career where you can have a positive impact as you learn, grow and thrive? Apply today and find out more!
Role: Splunk Engineer Salary: 60,000 Location: London Are you a skilled Splunk Engineer looking for an exciting opportunity to make an impact in the world of cybersecurity? We are working with a leading Managed Security Service Provider (MSSP) based in London, and we're looking for a talented Splunk Engineer to join our growing team and help deliver exceptional security solutions to our clients. Key Responsibilities: Deploy, configure, and manage Splunk environments to enhance security monitoring for our clients. Develop and maintain security dashboards, alerts, and reports in Splunk to monitor threats and incidents. Collaborate with security analysts to identify, troubleshoot, and resolve security events and incidents. Optimize Splunk infrastructure to improve performance and ensure reliability in a fast-paced security environment. Customize Splunk apps and create tailored solutions to meet specific client security needs. Provide ongoing support, troubleshooting, and tuning of Splunk to ensure optimal operation. Work with a cross-functional team to design and implement SIEM solutions that enhance client security posture. What We're Looking For: Proven experience in deploying and managing Splunk in a security-focused environment. Strong understanding of security principles, IT infrastructure, and event log management. Expertise in Splunk's Search Processing Language (SPL) and the creation of custom dashboards, queries, and reports. Experience with Splunk Enterprise Security (ES) and ITSI (IT Service Intelligence) is highly desirable. Excellent troubleshooting and problem-solving skills in a live security environment. Strong communication skills with the ability to liaise effectively with clients and internal teams. A passion for cybersecurity and a drive to stay up-to-date with the latest trends and technologies. Why Join Us? Competitive salary and benefits package. Work in a collaborative, cutting-edge security environment with opportunities for growth. Be part of an exciting and fast-growing MSSP, offering you the chance to work on high-profile security projects. Access to ongoing training, certifications, and career development opportunities. Flexible work options and a supportive team environment. If you're ready to take your career to the next level and play a key role in securing our clients' infrastructures with Splunk, apply today! In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy.
07/02/2025
Full time
Role: Splunk Engineer Salary: 60,000 Location: London Are you a skilled Splunk Engineer looking for an exciting opportunity to make an impact in the world of cybersecurity? We are working with a leading Managed Security Service Provider (MSSP) based in London, and we're looking for a talented Splunk Engineer to join our growing team and help deliver exceptional security solutions to our clients. Key Responsibilities: Deploy, configure, and manage Splunk environments to enhance security monitoring for our clients. Develop and maintain security dashboards, alerts, and reports in Splunk to monitor threats and incidents. Collaborate with security analysts to identify, troubleshoot, and resolve security events and incidents. Optimize Splunk infrastructure to improve performance and ensure reliability in a fast-paced security environment. Customize Splunk apps and create tailored solutions to meet specific client security needs. Provide ongoing support, troubleshooting, and tuning of Splunk to ensure optimal operation. Work with a cross-functional team to design and implement SIEM solutions that enhance client security posture. What We're Looking For: Proven experience in deploying and managing Splunk in a security-focused environment. Strong understanding of security principles, IT infrastructure, and event log management. Expertise in Splunk's Search Processing Language (SPL) and the creation of custom dashboards, queries, and reports. Experience with Splunk Enterprise Security (ES) and ITSI (IT Service Intelligence) is highly desirable. Excellent troubleshooting and problem-solving skills in a live security environment. Strong communication skills with the ability to liaise effectively with clients and internal teams. A passion for cybersecurity and a drive to stay up-to-date with the latest trends and technologies. Why Join Us? Competitive salary and benefits package. Work in a collaborative, cutting-edge security environment with opportunities for growth. Be part of an exciting and fast-growing MSSP, offering you the chance to work on high-profile security projects. Access to ongoing training, certifications, and career development opportunities. Flexible work options and a supportive team environment. If you're ready to take your career to the next level and play a key role in securing our clients' infrastructures with Splunk, apply today! In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy.
Synapri are currently working with a leading Public Sector Organisation to recruit an experienced Cyber Security/SOC Engineer for an initial 12-month contract, this role is remote first (very occasional travel may be required for specific workshops etc). The key responsibilities for this role are: Support the implementation of the threat monitoring and improvement roadmap Implementing changes within multiple Cloud Environments Updating and maintaining existing tools and infrastructure Assisting with active investigations and provide expert knowledge to assist analysts. Creating playbooks and documentation for maintaining new capabilities The key skills for this role are: Experience configuring security-related tools and implementing security policies. Demonstrable experience working with an SIEM tool (Sentinel, Splunk etc) Experience with AWS and Azure cloud policies and infrastructure Knowledge of Python scripting. This role cannot provide sponsorship.
07/02/2025
Contractor
Synapri are currently working with a leading Public Sector Organisation to recruit an experienced Cyber Security/SOC Engineer for an initial 12-month contract, this role is remote first (very occasional travel may be required for specific workshops etc). The key responsibilities for this role are: Support the implementation of the threat monitoring and improvement roadmap Implementing changes within multiple Cloud Environments Updating and maintaining existing tools and infrastructure Assisting with active investigations and provide expert knowledge to assist analysts. Creating playbooks and documentation for maintaining new capabilities The key skills for this role are: Experience configuring security-related tools and implementing security policies. Demonstrable experience working with an SIEM tool (Sentinel, Splunk etc) Experience with AWS and Azure cloud policies and infrastructure Knowledge of Python scripting. This role cannot provide sponsorship.
We are AMS. We are a global total workforce solutions firm; we enable organisations to thrive in an age of constant change by building, re-shaping, and optimising workforces. Our Contingent Workforce Solutions (CWS) is one of our service offerings; we act as an extension of our clients' recruitment team and provide professional interim and temporary resources. We are currently working with our client, Royal London. Royal London is a financial services company with a difference. As the UK's largest mutual life, pensions and investment company, we're owned by our members and work for their benefit, not for shareholder profits. We've grown rapidly and have been recognised as one of the UK's top rated places to work. Today, Royal London has over £114 billion of funds under management, and around 3,500 employees working in six offices across the UK and Ireland. We've worked hard to become experts in our specialist markets, building a trusted brand - and our teams have plenty of awards to show for it. Whatever team you're interested in joining and whatever role you play, we'll help you to make a difference. Purpose of the Role: We are looking for SOC Analyst for a 6 months contract based Remotely (UK). As SOC Analyst you will enable the detection of potential security issues which may result in cyber security incidents. The role will perform triage of newly discovered cyber events and co-ordinate confirmed cyber events with the Defence team to investigate. Responsibilities of the role: As the SOC Analyst, you will be responsible for: Proactive threat hunting & analysis of security events to identify and prevent security threats from materialising. Recommend security enhancements and service improvement to help drive effective detection, containment and eradication of security risks. Undertake monitoring of RLG security controls, working with the Defence team to test they are operating within the expected detection guidelines. Security event alerting or dashboard improvements identified to deliver service efficiencies. Work closely with the Defence & Threat Intelligence teams for SOC monitoring & threat hunting activities. What we require from the candidate: Knowledge and hands-on experience of security information and event management (SIEM) tools from industry leaders. Solid Splunk experience. Experience in Cyber Security. Experience in the Financial or Insurance industry. Experience with Technical security qualifications preferred eg CISSP, SSCP, GIAC - GCIH, GSEC or equivalent. SOC (Security Operations Centre) experience. Our Alderley Park office is situated in 400 acres of natural parkland, based 2.2 miles south of Alderley Edge and 6.5 miles from Macclesfield in our newly refurbished site. We offer a free shuttle service to and from the office from Wilmslow train station and offer free on-site parking with free electric car charging points. Next Steps: This client will only accept workers operating via an Umbrella/PAYE engagement model. If you are interested in applying for this position and meet the criteria outlined above, please click the link to apply and speak to one of our sourcing specialists now. AMS, a Recruitment Process Outsourcing Company, may in the delivery of some of its services be deemed to operate as an Employment Agency or an Employment Business
07/02/2025
Contractor
We are AMS. We are a global total workforce solutions firm; we enable organisations to thrive in an age of constant change by building, re-shaping, and optimising workforces. Our Contingent Workforce Solutions (CWS) is one of our service offerings; we act as an extension of our clients' recruitment team and provide professional interim and temporary resources. We are currently working with our client, Royal London. Royal London is a financial services company with a difference. As the UK's largest mutual life, pensions and investment company, we're owned by our members and work for their benefit, not for shareholder profits. We've grown rapidly and have been recognised as one of the UK's top rated places to work. Today, Royal London has over £114 billion of funds under management, and around 3,500 employees working in six offices across the UK and Ireland. We've worked hard to become experts in our specialist markets, building a trusted brand - and our teams have plenty of awards to show for it. Whatever team you're interested in joining and whatever role you play, we'll help you to make a difference. Purpose of the Role: We are looking for SOC Analyst for a 6 months contract based Remotely (UK). As SOC Analyst you will enable the detection of potential security issues which may result in cyber security incidents. The role will perform triage of newly discovered cyber events and co-ordinate confirmed cyber events with the Defence team to investigate. Responsibilities of the role: As the SOC Analyst, you will be responsible for: Proactive threat hunting & analysis of security events to identify and prevent security threats from materialising. Recommend security enhancements and service improvement to help drive effective detection, containment and eradication of security risks. Undertake monitoring of RLG security controls, working with the Defence team to test they are operating within the expected detection guidelines. Security event alerting or dashboard improvements identified to deliver service efficiencies. Work closely with the Defence & Threat Intelligence teams for SOC monitoring & threat hunting activities. What we require from the candidate: Knowledge and hands-on experience of security information and event management (SIEM) tools from industry leaders. Solid Splunk experience. Experience in Cyber Security. Experience in the Financial or Insurance industry. Experience with Technical security qualifications preferred eg CISSP, SSCP, GIAC - GCIH, GSEC or equivalent. SOC (Security Operations Centre) experience. Our Alderley Park office is situated in 400 acres of natural parkland, based 2.2 miles south of Alderley Edge and 6.5 miles from Macclesfield in our newly refurbished site. We offer a free shuttle service to and from the office from Wilmslow train station and offer free on-site parking with free electric car charging points. Next Steps: This client will only accept workers operating via an Umbrella/PAYE engagement model. If you are interested in applying for this position and meet the criteria outlined above, please click the link to apply and speak to one of our sourcing specialists now. AMS, a Recruitment Process Outsourcing Company, may in the delivery of some of its services be deemed to operate as an Employment Agency or an Employment Business
Principal Security Architect Apply for locations: London, United Kingdom; Nottingham, United Kingdom. Time type: Full time Posted on: Posted Yesterday Job requisition id: R Do you want to play a key role in the LSEG Microsoft Partnership and Azure adoption? Do you have a curiosity about Cybersecurity and cloud? If yes, then a role in LSEG's Cloud Security Architecture team may be a perfect fit for you! We are seeking a Principal Cloud Security Architect specializing in Microsoft Azure who will work with solution architects and engineering teams to design, implement, and maintain a secure public cloud environment. The role works closely with other architects, engineers, and site reliability teams to deliver outcomes that align with our ambition for LSEG to be one of the world's great companies! Role responsibilities include: Definition and improvement of LSEG's public cloud security architecture design patterns. Detailed review of each public cloud web service that LSEG wishes to use and documentation of associated minimum security control requirements. Creation and maintenance of cloud security configuration monitoring and auto-remediation signature rules. Assist with security reviews and approvals of Azure policy exemption requests. Assist with Azure configuration compliance reviews with associated risk assessment and documentation of the residual risk position. Act as domain expert for Azure cloud security and respond to questions raised by LSEG teams. Effective collaboration with senior business and security leadership. Delivering cloud security training and education to LSEG teams. Technical experience requirements: 7+ years of growing responsibility in information security analyst, consultancy, or architecture roles. Deep technical knowledge of Microsoft Azure. Hands-on experience with Azure Portal and Azure CLI. Diversity & Inclusion: People are at the heart of what we do and drive the success of our business. Our colleagues thrive personally and professionally through our shared values of Integrity, Partnership, Innovation, and Excellence, which are at the core of our culture. We embrace diversity and actively seek to attract people with unique backgrounds and perspectives. We believe that an inclusive collaborative workplace is pivotal to our success and supports the potential and growth of all colleagues at LSEG. LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies, and enabling customers to create sustainable growth. Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership, Excellence, and Change underpin our purpose and set the standard for everything we do, every day. Working with us means that you will be part of a dynamic organization of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days, and wellbeing initiatives. We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone's race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) may hold about you, what it's used for, and how it's obtained, your rights and how to contact us as a data subject. HOW TO APPLY? About Us LSEG (London Stock Exchange Group) is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies, and enabling customers to create sustainable growth. Our organisation Our Data & Analytics, Capital Markets, and Post Trade divisions have a combined power that provides a comprehensive, integrated suite of trusted financial market infrastructure services to help our customers pursue their ambitions. Where we work LSEG is headquartered in the United Kingdom, with significant operations in 70 countries across Europe, the Middle East, Africa, North America, Latin America, and Asia Pacific.
05/02/2025
Full time
Principal Security Architect Apply for locations: London, United Kingdom; Nottingham, United Kingdom. Time type: Full time Posted on: Posted Yesterday Job requisition id: R Do you want to play a key role in the LSEG Microsoft Partnership and Azure adoption? Do you have a curiosity about Cybersecurity and cloud? If yes, then a role in LSEG's Cloud Security Architecture team may be a perfect fit for you! We are seeking a Principal Cloud Security Architect specializing in Microsoft Azure who will work with solution architects and engineering teams to design, implement, and maintain a secure public cloud environment. The role works closely with other architects, engineers, and site reliability teams to deliver outcomes that align with our ambition for LSEG to be one of the world's great companies! Role responsibilities include: Definition and improvement of LSEG's public cloud security architecture design patterns. Detailed review of each public cloud web service that LSEG wishes to use and documentation of associated minimum security control requirements. Creation and maintenance of cloud security configuration monitoring and auto-remediation signature rules. Assist with security reviews and approvals of Azure policy exemption requests. Assist with Azure configuration compliance reviews with associated risk assessment and documentation of the residual risk position. Act as domain expert for Azure cloud security and respond to questions raised by LSEG teams. Effective collaboration with senior business and security leadership. Delivering cloud security training and education to LSEG teams. Technical experience requirements: 7+ years of growing responsibility in information security analyst, consultancy, or architecture roles. Deep technical knowledge of Microsoft Azure. Hands-on experience with Azure Portal and Azure CLI. Diversity & Inclusion: People are at the heart of what we do and drive the success of our business. Our colleagues thrive personally and professionally through our shared values of Integrity, Partnership, Innovation, and Excellence, which are at the core of our culture. We embrace diversity and actively seek to attract people with unique backgrounds and perspectives. We believe that an inclusive collaborative workplace is pivotal to our success and supports the potential and growth of all colleagues at LSEG. LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies, and enabling customers to create sustainable growth. Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership, Excellence, and Change underpin our purpose and set the standard for everything we do, every day. Working with us means that you will be part of a dynamic organization of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days, and wellbeing initiatives. We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone's race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) may hold about you, what it's used for, and how it's obtained, your rights and how to contact us as a data subject. HOW TO APPLY? About Us LSEG (London Stock Exchange Group) is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies, and enabling customers to create sustainable growth. Our organisation Our Data & Analytics, Capital Markets, and Post Trade divisions have a combined power that provides a comprehensive, integrated suite of trusted financial market infrastructure services to help our customers pursue their ambitions. Where we work LSEG is headquartered in the United Kingdom, with significant operations in 70 countries across Europe, the Middle East, Africa, North America, Latin America, and Asia Pacific.
London Stock Exchange Group
Nottingham, Nottinghamshire
Principal Security Architect Apply for locations: London, United Kingdom; Nottingham, United Kingdom. Time type: Full time Posted on: Posted Yesterday Job requisition id: R Do you want to play a key role in the LSEG Microsoft Partnership and Azure adoption? Do you have a curiosity about Cybersecurity and cloud? If yes, then a role in LSEG's Cloud Security Architecture team may be a perfect fit for you! We are seeking a Principal Cloud Security Architect specializing in Microsoft Azure who will work with solution architects and engineering teams to design, implement, and maintain a secure public cloud environment. The role works closely with other architects, engineers, and site reliability teams to deliver outcomes that align with our ambition for LSEG to be one of the world's great companies! Role responsibilities include: Definition and improvement of LSEG's public cloud security architecture design patterns. Detailed review of each public cloud web service that LSEG wishes to use and documentation of associated minimum security control requirements. Creation and maintenance of cloud security configuration monitoring and auto-remediation signature rules. Assist with security reviews and approvals of Azure policy exemption requests. Assist with Azure configuration compliance reviews with associated risk assessment and documentation of the residual risk position. Act as domain expert for Azure cloud security and respond to questions raised by LSEG teams. Effective collaboration with senior business and security leadership. Delivering cloud security training and education to LSEG teams. Technical experience requirements: 7+ years of growing responsibility in information security analyst, consultancy, or architecture roles. Deep technical knowledge of Microsoft Azure. Hands-on experience with Azure Portal and Azure CLI. Diversity & Inclusion: People are at the heart of what we do and drive the success of our business. Our colleagues thrive personally and professionally through our shared values of Integrity, Partnership, Innovation, and Excellence, which are at the core of our culture. We embrace diversity and actively seek to attract people with unique backgrounds and perspectives. We believe that an inclusive collaborative workplace is pivotal to our success and supports the potential and growth of all colleagues at LSEG. LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies, and enabling customers to create sustainable growth. Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership, Excellence, and Change underpin our purpose and set the standard for everything we do, every day. Working with us means that you will be part of a dynamic organization of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days, and wellbeing initiatives. We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone's race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) may hold about you, what it's used for, and how it's obtained, your rights and how to contact us as a data subject. HOW TO APPLY? About Us LSEG (London Stock Exchange Group) is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies, and enabling customers to create sustainable growth. Our organisation Our Data & Analytics, Capital Markets, and Post Trade divisions have a combined power that provides a comprehensive, integrated suite of trusted financial market infrastructure services to help our customers pursue their ambitions. Where we work LSEG is headquartered in the United Kingdom, with significant operations in 70 countries across Europe, the Middle East, Africa, North America, Latin America, and Asia Pacific.
05/02/2025
Full time
Principal Security Architect Apply for locations: London, United Kingdom; Nottingham, United Kingdom. Time type: Full time Posted on: Posted Yesterday Job requisition id: R Do you want to play a key role in the LSEG Microsoft Partnership and Azure adoption? Do you have a curiosity about Cybersecurity and cloud? If yes, then a role in LSEG's Cloud Security Architecture team may be a perfect fit for you! We are seeking a Principal Cloud Security Architect specializing in Microsoft Azure who will work with solution architects and engineering teams to design, implement, and maintain a secure public cloud environment. The role works closely with other architects, engineers, and site reliability teams to deliver outcomes that align with our ambition for LSEG to be one of the world's great companies! Role responsibilities include: Definition and improvement of LSEG's public cloud security architecture design patterns. Detailed review of each public cloud web service that LSEG wishes to use and documentation of associated minimum security control requirements. Creation and maintenance of cloud security configuration monitoring and auto-remediation signature rules. Assist with security reviews and approvals of Azure policy exemption requests. Assist with Azure configuration compliance reviews with associated risk assessment and documentation of the residual risk position. Act as domain expert for Azure cloud security and respond to questions raised by LSEG teams. Effective collaboration with senior business and security leadership. Delivering cloud security training and education to LSEG teams. Technical experience requirements: 7+ years of growing responsibility in information security analyst, consultancy, or architecture roles. Deep technical knowledge of Microsoft Azure. Hands-on experience with Azure Portal and Azure CLI. Diversity & Inclusion: People are at the heart of what we do and drive the success of our business. Our colleagues thrive personally and professionally through our shared values of Integrity, Partnership, Innovation, and Excellence, which are at the core of our culture. We embrace diversity and actively seek to attract people with unique backgrounds and perspectives. We believe that an inclusive collaborative workplace is pivotal to our success and supports the potential and growth of all colleagues at LSEG. LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies, and enabling customers to create sustainable growth. Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership, Excellence, and Change underpin our purpose and set the standard for everything we do, every day. Working with us means that you will be part of a dynamic organization of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days, and wellbeing initiatives. We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone's race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) may hold about you, what it's used for, and how it's obtained, your rights and how to contact us as a data subject. HOW TO APPLY? About Us LSEG (London Stock Exchange Group) is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies, and enabling customers to create sustainable growth. Our organisation Our Data & Analytics, Capital Markets, and Post Trade divisions have a combined power that provides a comprehensive, integrated suite of trusted financial market infrastructure services to help our customers pursue their ambitions. Where we work LSEG is headquartered in the United Kingdom, with significant operations in 70 countries across Europe, the Middle East, Africa, North America, Latin America, and Asia Pacific.
Are you ready to be a Cyber Security Manager? Role overview: Are you a highly skilled Cyber Security engineer or analyst with a passion for defending organizations against cyber threats? Are you looking to take the next step in your career? We're looking for a Cyber Security Manager to lead our Cyber Security Operations Centre (CSOC) and fortify our systems, data, and networks against evolving risks. Key Responsibilities: CSOC Oversight: Manage the daily operations of the CSOC, ensuring effective monitoring, detection, and response to security incidents. Policy Development: Create and enforce security policies, procedures, and best practices aligned with industry standards. Team Leadership: Lead and mentor a team of security analysts, promoting professional growth and technical excellence. Collaboration: Work with internal stakeholders to identify vulnerabilities and recommend risk mitigation strategies. Threat Assessments: Conduct regular threat assessments and incident response drills. Tool Management: Oversee security tools and technologies, ensuring optimal performance and timely updates. Continuous Learning: Stay informed about the latest cyber threats, trends, and compliance requirements. Qualifications and Skills: Experience: Proven experience in a cyber security role (Senior Engineer/Senior Analyst). Mentorship: Experience in coaching and mentoring junior team members. Framework Knowledge: Strong knowledge of cyber security frameworks like NIST, ISO 27001, or CIS Controls. Technical Skills: Hands-on experience with SIEM tools, threat intelligence platforms, and incident response processes. Certifications: Certifications such as CISSP, CISM, CEH, or equivalent are highly desirable. Soft Skills: Excellent communication and problem-solving skills. Adaptability: Ability to work under pressure and manage multiple priorities effectively. What We Offer: Location: West Midlands Job Type: Full-time, permanent Salary: 65,000 to 85,000 per annum, commensurate with experience DCS Recruitment and all associated companies are committed to creating a working environment where diversity is celebrated and everyone is treated fairly, regardless of gender, gender identity, disability, ethnic origin, religion or belief, sexual orientation, marital or transgender status, age, or nationality
04/02/2025
Full time
Are you ready to be a Cyber Security Manager? Role overview: Are you a highly skilled Cyber Security engineer or analyst with a passion for defending organizations against cyber threats? Are you looking to take the next step in your career? We're looking for a Cyber Security Manager to lead our Cyber Security Operations Centre (CSOC) and fortify our systems, data, and networks against evolving risks. Key Responsibilities: CSOC Oversight: Manage the daily operations of the CSOC, ensuring effective monitoring, detection, and response to security incidents. Policy Development: Create and enforce security policies, procedures, and best practices aligned with industry standards. Team Leadership: Lead and mentor a team of security analysts, promoting professional growth and technical excellence. Collaboration: Work with internal stakeholders to identify vulnerabilities and recommend risk mitigation strategies. Threat Assessments: Conduct regular threat assessments and incident response drills. Tool Management: Oversee security tools and technologies, ensuring optimal performance and timely updates. Continuous Learning: Stay informed about the latest cyber threats, trends, and compliance requirements. Qualifications and Skills: Experience: Proven experience in a cyber security role (Senior Engineer/Senior Analyst). Mentorship: Experience in coaching and mentoring junior team members. Framework Knowledge: Strong knowledge of cyber security frameworks like NIST, ISO 27001, or CIS Controls. Technical Skills: Hands-on experience with SIEM tools, threat intelligence platforms, and incident response processes. Certifications: Certifications such as CISSP, CISM, CEH, or equivalent are highly desirable. Soft Skills: Excellent communication and problem-solving skills. Adaptability: Ability to work under pressure and manage multiple priorities effectively. What We Offer: Location: West Midlands Job Type: Full-time, permanent Salary: 65,000 to 85,000 per annum, commensurate with experience DCS Recruitment and all associated companies are committed to creating a working environment where diversity is celebrated and everyone is treated fairly, regardless of gender, gender identity, disability, ethnic origin, religion or belief, sexual orientation, marital or transgender status, age, or nationality
Vulnerability Lead Manchester/Hybrid (On site once per month) 60K - 65K A Vulnerability Lead is required for our client who are based in Manchester. The successful candidate will support in defending the organisation's systems by detecting weaknesses in digital assets and will take action to correct and strengthen security. You will work within the Defence and Availability Centre (DAC) - the combined Security Operations Centre (SOC) and Network Operations Centre (NOC). The Vulnerability Lead will be responsible for providing operational leadership of all aspects of vulnerability management. Responsibilities: Complete day-to-day technical activities to identify, assess, categorise, prioritise, remediate, and manage vulnerabilities across digital assets and environments. Validate vulnerability alerting by working across the teams to understand business impacts. Produce threat informed vulnerability reports and assessments that identify technical and procedural findings and provide recommended remediation strategies/solutions. Prioritise, lead and co-ordinate vulnerability activities, such as monitoring and configuring scans. Co-ordinate and prioritise the delivery of vulnerability management programme, including specifically identification, remediation and the monitoring of our performance and progress. Use automated approaches and methodologies to enable more efficient and effective team processes. Co-ordinate and lead the vulnerability meetings, workshops and forums. Conduct regular reviews and fine-tuning of vulnerability management processes. Analyse organisation's cyber defence policies and configurations and evaluate compliance with regulations. Work with technical colleagues, suppliers, and external companies. Identify where vulnerability capabilities can be continuously improved. Essential Skills: Significant practical experience as vulnerability analyst/lead working within the Cyber Operations domain; this is not an entry level role. Strong knowledge of, vulnerability management practices, and relevant regulations (e.g., GDPR, NIST, ISO 27001, etc.). Practical 'hands on' knowledge and experience, working with vulnerability management platforms. Extensive experience of writing vulnerability reports and assessments. Proven experience of providing excellent customer service ensuring the needs of internal and external customers are me. Understanding of the Cyber Kill Chain and MITRE ATT&CK techniques, supported by familiarity with common and the latest forms of malware. Experience working within hybrid infrastructure environments, consisting of on premises and cloud; PaaS, SaaS, IaaS services, with a focus on Microsoft Azure. Desirable criteria: Relevant industry qualifications and certifications (GSEC, GEVA). Good technical security knowledge based on practical experience, across at least 3 years, including: Microsoft Windows, 365 and Azure technologies, Rapid7, Microsoft Defender for Endpoint.
03/02/2025
Full time
Vulnerability Lead Manchester/Hybrid (On site once per month) 60K - 65K A Vulnerability Lead is required for our client who are based in Manchester. The successful candidate will support in defending the organisation's systems by detecting weaknesses in digital assets and will take action to correct and strengthen security. You will work within the Defence and Availability Centre (DAC) - the combined Security Operations Centre (SOC) and Network Operations Centre (NOC). The Vulnerability Lead will be responsible for providing operational leadership of all aspects of vulnerability management. Responsibilities: Complete day-to-day technical activities to identify, assess, categorise, prioritise, remediate, and manage vulnerabilities across digital assets and environments. Validate vulnerability alerting by working across the teams to understand business impacts. Produce threat informed vulnerability reports and assessments that identify technical and procedural findings and provide recommended remediation strategies/solutions. Prioritise, lead and co-ordinate vulnerability activities, such as monitoring and configuring scans. Co-ordinate and prioritise the delivery of vulnerability management programme, including specifically identification, remediation and the monitoring of our performance and progress. Use automated approaches and methodologies to enable more efficient and effective team processes. Co-ordinate and lead the vulnerability meetings, workshops and forums. Conduct regular reviews and fine-tuning of vulnerability management processes. Analyse organisation's cyber defence policies and configurations and evaluate compliance with regulations. Work with technical colleagues, suppliers, and external companies. Identify where vulnerability capabilities can be continuously improved. Essential Skills: Significant practical experience as vulnerability analyst/lead working within the Cyber Operations domain; this is not an entry level role. Strong knowledge of, vulnerability management practices, and relevant regulations (e.g., GDPR, NIST, ISO 27001, etc.). Practical 'hands on' knowledge and experience, working with vulnerability management platforms. Extensive experience of writing vulnerability reports and assessments. Proven experience of providing excellent customer service ensuring the needs of internal and external customers are me. Understanding of the Cyber Kill Chain and MITRE ATT&CK techniques, supported by familiarity with common and the latest forms of malware. Experience working within hybrid infrastructure environments, consisting of on premises and cloud; PaaS, SaaS, IaaS services, with a focus on Microsoft Azure. Desirable criteria: Relevant industry qualifications and certifications (GSEC, GEVA). Good technical security knowledge based on practical experience, across at least 3 years, including: Microsoft Windows, 365 and Azure technologies, Rapid7, Microsoft Defender for Endpoint.
Cyber Security Analyst Leatherhead, Surrey (Hybrid model) Why work for us? Competitive salary of up to £59,000 per annum depending on experience A workplace pension scheme Hybrid working: 12 days per week in our Leatherhead with occasional travel to Ireland office as well as to key partners offices Private Medical and Dental cover 25 days annual leave (plus bank holidays), with options to purchase and sell up to 5 days holiday per year (pro rata) Support and investment in your personal development 24/7 access to Employee Assistance Programme and Mental Health First Aiders What we do Premium Credit is the leading provider of insurance premium finance and a range of annually charged services, including tax, regulatory and accountancy fees, sports season tickets, memberships and school fees in the UK and Ireland. We are a multi award winning business lending more than £4.5 billion to over 2.5 million customers through a network of almost three thousand partners- and growing. We are a successful business with a Trustpilot rating of 4.5, a Net Promoter Score of , a Glassdoor rating of 4.4 and a Silver Sustainability medal. The Role This is an exciting time of growth for us, and we need a Cyber Security Analyst to help us continue this success. This is a great opportunity to develop a varied and rewarding career with a company that invests in, recognises and rewards its people. The Cyber Security Analyst monitors, analyses and responds to infrastructure threats and vulnerability, ensuring risks are assessed and mitigated. You ll assist in the development of security policies, standards and procedures as well as carry out testing, security reporting and promoting employee awareness. The role will cover all aspects of Cyber Security, providing support and guidance across the business. This includes, but is not limited to: - Monitor networks for security issues, investigating breaches and other cyber security incidents, providing incident response. - Perform tests to uncover vulnerabilities, mitigating these to maintain high-security standards - Develop company-wide IT best practice - Support colleagues to install security software, providing guidance to ensure an understanding of information security management - Participate in or conduct internal and external audits Who we are looking for If you re an individual who thrives in a fast-paced environment, able to work collaboratively with others and are looking to make a difference, this is a brilliant opportunity to advance your career to the next level with our sector-leading company. At Premium Credit, you will be supported to develop and expand your skills, knowledge and experience. To be considered as our Cyber Security Analyst you will need: - Proven experience as a Cyber Security Analyst or SOC Analyst - A good understanding of Cloud Infrastructure (Iaas, Saas, Paas) as well as network security - The ability to review security designs and identify potential weaknesses and risks - Experience and knowledge of Data Protection legislation including ensuring compliance - Previous experience of SIEM tools and working with a SOC - Verbal and written communication skills; able to provide technical information in an understandable format as well as the ability to write technical reports A degree in Computer Science, Information Security or similar would be advantageous as would the relevant professional Security Qualifications and experience with Azure Sentinel. We are committed to providing reasonable adjustments or accommodations for applicants, so if you need assistance or support during the recruitment process, please let us know on the application form or by sending an email to (url removed) If you are made an offer of employment you will be required to prove your eligibility to work in the UK before you start work. You must reside in the UK from the start date of this role; unfortunately we are unable to provide visa sponsorship at this time. To ensure you can work from home efficiently you will be asked to provide your internet speed at the application stage. Premium Credit are an equal opportunities employer with a strong and passionate commitment to Diversity, Equality and Inclusion in the workplace. We welcome applications from all sections of the community and encourage people from all backgrounds to apply. Equal opportunities are the only acceptable way to conduct business and we believe that the more inclusive our environments are, the better our work will be. We are open to part-time working and job share. By submitting your application, you agree that Premium Credit may collect your personal data for recruiting and related purposes. To view our Privacy Notice please go to: (url removed)> All postholders will be subject to appropriate pre-employment vetting procedures and a satisfactory Disclosure & Barring Service (DBS) check prior to appointment. So, if role appeals to you and you re looking to join an industry-leading organisation, please apply. Excited but not sure you tick every box? Research tells us that women, particularly, feel this way. So, regardless of gender, why not apply? And if you re in a job share just apply as a pair. We look forward to hearing from you. Please note, we reserve the right to close this vacancy early if we identify a number of suitable candidates. All applicants will be advised if the vacancy closes early.
30/01/2025
Full time
Cyber Security Analyst Leatherhead, Surrey (Hybrid model) Why work for us? Competitive salary of up to £59,000 per annum depending on experience A workplace pension scheme Hybrid working: 12 days per week in our Leatherhead with occasional travel to Ireland office as well as to key partners offices Private Medical and Dental cover 25 days annual leave (plus bank holidays), with options to purchase and sell up to 5 days holiday per year (pro rata) Support and investment in your personal development 24/7 access to Employee Assistance Programme and Mental Health First Aiders What we do Premium Credit is the leading provider of insurance premium finance and a range of annually charged services, including tax, regulatory and accountancy fees, sports season tickets, memberships and school fees in the UK and Ireland. We are a multi award winning business lending more than £4.5 billion to over 2.5 million customers through a network of almost three thousand partners- and growing. We are a successful business with a Trustpilot rating of 4.5, a Net Promoter Score of , a Glassdoor rating of 4.4 and a Silver Sustainability medal. The Role This is an exciting time of growth for us, and we need a Cyber Security Analyst to help us continue this success. This is a great opportunity to develop a varied and rewarding career with a company that invests in, recognises and rewards its people. The Cyber Security Analyst monitors, analyses and responds to infrastructure threats and vulnerability, ensuring risks are assessed and mitigated. You ll assist in the development of security policies, standards and procedures as well as carry out testing, security reporting and promoting employee awareness. The role will cover all aspects of Cyber Security, providing support and guidance across the business. This includes, but is not limited to: - Monitor networks for security issues, investigating breaches and other cyber security incidents, providing incident response. - Perform tests to uncover vulnerabilities, mitigating these to maintain high-security standards - Develop company-wide IT best practice - Support colleagues to install security software, providing guidance to ensure an understanding of information security management - Participate in or conduct internal and external audits Who we are looking for If you re an individual who thrives in a fast-paced environment, able to work collaboratively with others and are looking to make a difference, this is a brilliant opportunity to advance your career to the next level with our sector-leading company. At Premium Credit, you will be supported to develop and expand your skills, knowledge and experience. To be considered as our Cyber Security Analyst you will need: - Proven experience as a Cyber Security Analyst or SOC Analyst - A good understanding of Cloud Infrastructure (Iaas, Saas, Paas) as well as network security - The ability to review security designs and identify potential weaknesses and risks - Experience and knowledge of Data Protection legislation including ensuring compliance - Previous experience of SIEM tools and working with a SOC - Verbal and written communication skills; able to provide technical information in an understandable format as well as the ability to write technical reports A degree in Computer Science, Information Security or similar would be advantageous as would the relevant professional Security Qualifications and experience with Azure Sentinel. We are committed to providing reasonable adjustments or accommodations for applicants, so if you need assistance or support during the recruitment process, please let us know on the application form or by sending an email to (url removed) If you are made an offer of employment you will be required to prove your eligibility to work in the UK before you start work. You must reside in the UK from the start date of this role; unfortunately we are unable to provide visa sponsorship at this time. To ensure you can work from home efficiently you will be asked to provide your internet speed at the application stage. Premium Credit are an equal opportunities employer with a strong and passionate commitment to Diversity, Equality and Inclusion in the workplace. We welcome applications from all sections of the community and encourage people from all backgrounds to apply. Equal opportunities are the only acceptable way to conduct business and we believe that the more inclusive our environments are, the better our work will be. We are open to part-time working and job share. By submitting your application, you agree that Premium Credit may collect your personal data for recruiting and related purposes. To view our Privacy Notice please go to: (url removed)> All postholders will be subject to appropriate pre-employment vetting procedures and a satisfactory Disclosure & Barring Service (DBS) check prior to appointment. So, if role appeals to you and you re looking to join an industry-leading organisation, please apply. Excited but not sure you tick every box? Research tells us that women, particularly, feel this way. So, regardless of gender, why not apply? And if you re in a job share just apply as a pair. We look forward to hearing from you. Please note, we reserve the right to close this vacancy early if we identify a number of suitable candidates. All applicants will be advised if the vacancy closes early.
AJ Bell Business Solutions Limited
Salford, Manchester
We are now looking for a Senior Cyber Security Analyst to support the Security Operations Manager in responding, managing and reporting the Information Security Risks faced by Technology Services (TS) in delivering AJ Bell s systems and services. Key to this is maintaining the confidentiality, integrity and availability of the data that resides upon those systems. This role will be key to understanding the threats targeting AJ Bell and ensuring our defences provide and effective response. Key responsibilities: Reviewing and assessing Security Operations Centre alerts to ensure an appropriate response taken. Overseeing vulnerability scanning to confirm the effectiveness of patching Monitoring systems for compliance with policy and supporting remediation where required. Track and manage penetration testing programs. Investigate and respond to security breaches and incidents. Supporting the administration of email and web gateways Develop our threat intelligence and provide monitoring of external information sources to make recommendations on latest security threats and vulnerabilities that affect our technical estate Collaborate with IT and other departments to ensure security best practices are followed. Stay up-to-date with the latest security trends, threats, and technology solutions. Essential experience, knowledge and skills: Strong understanding and knowledge of Information Security risk management tools and techniques A passion for cyber security and active interest in technology Experience of Information Security standards and frameworks Awareness and understanding of the Information Security threat landscape Understanding of Information Security solutions e.g. email / web gateways, SIEM, Endpoint protection etc. Knowledge/experience working with next gen security solutions Awareness of Cloud security solutions and standards is highly advantageous Experience working within recognised Information Security frameworks and best practices such as ISO27001, NIST etc. Experience in an Information Security role gained in a financial services or e-commerce environment is preferred Ability to challenge approach, strategy and implementation to ensure Information Security is consistently considered and improved Structured, self-starting, flexible and enjoy working in fast-paced environments Ability to plan, organise and follow through on assigned tasks and complete with little or no prompting from management About us: AJ Bell is one of the fastest-growing investment platform businesses in the UK offering an award-winning range of solutions that caters for everyone, from professional financial advisers, to DIY investors with little to no experience. We have over 561,000 customers using our award-winning platform propositions to manage assets totalling more than £89.5 billion. Our customers trust us with their investments, and by continuously striving to make investing easier, we aim to help even more people take control of their financial futures. Having listed on the Main Market of the London Stock Exchange in December 2018, AJ Bell is now a FTSE 250 company. Headquartered in Manchester with offices in central London and Bristol, we now have over 1,450 employees and have been named one of the UK's 'Best 100 Companies to Work For for six consecutive years and in 2024 named a Great Place to Work . At AJ Bell you can expect a friendly working environment with a strong sense of teamwork, we have a great sense of pride in what we do, and this is reflected in our guiding principles. What we offer: Starting holiday entitlement of 25, increasing up to 31 days with length of service and a holiday buy and sell scheme A choice of pension schemes with matched contributions up to 6% Discretionary bonus scheme Annual free share awards scheme Buy As You Earn (BAYE) Scheme Health Cash Plan provided by SimplyHealth Discounted private healthcare scheme and dental plan Free onsite gym Employee Assistance Programme Bike loan scheme Sick pay+ pledge Enhanced maternity, paternity, and shared parental leave Loans for travel season tickets Death in service scheme Paid time off for volunteer work Charitable giving opportunities through salary sacrifice Calendar of social events, including monthly payday drinks, annual Christmas party, summer party and much more Personal development programmes built around you and your career goals, including access to personal skills workshops Ongoing technical training Professional qualification support Talent development programmes Peer recognition scheme, with rewards including restaurant and shopping vouchers or time off Monthly leadership breakfasts and lunches Casual dress code Access to a range of benefits from our sponsorship deals Hybrid working: At AJ Bell, our people are the heart of our culture. We believe in building strong connections by working together. That's why we offer a hybrid working model, where you ll spend a minimum of 50% of your working time per month in the office. For new team members, an initial period will be full-time in the office to help you immerse yourself in our business and build valuable relationships with your colleagues. AJ Bell is committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and all employees are empowered to bring their whole self to work. We do not discriminate on the basis of race, sex, gender identity, sexual orientation, age, pregnancy, religion, physical and mental disability, marital status and any other characteristics protected by the Equality Act 2010. All decisions to hire are based on qualifications, merit and business need. If you like the sound of the above, or just want to know more about the company and the role, we'd love to speak to you.
29/01/2025
Full time
We are now looking for a Senior Cyber Security Analyst to support the Security Operations Manager in responding, managing and reporting the Information Security Risks faced by Technology Services (TS) in delivering AJ Bell s systems and services. Key to this is maintaining the confidentiality, integrity and availability of the data that resides upon those systems. This role will be key to understanding the threats targeting AJ Bell and ensuring our defences provide and effective response. Key responsibilities: Reviewing and assessing Security Operations Centre alerts to ensure an appropriate response taken. Overseeing vulnerability scanning to confirm the effectiveness of patching Monitoring systems for compliance with policy and supporting remediation where required. Track and manage penetration testing programs. Investigate and respond to security breaches and incidents. Supporting the administration of email and web gateways Develop our threat intelligence and provide monitoring of external information sources to make recommendations on latest security threats and vulnerabilities that affect our technical estate Collaborate with IT and other departments to ensure security best practices are followed. Stay up-to-date with the latest security trends, threats, and technology solutions. Essential experience, knowledge and skills: Strong understanding and knowledge of Information Security risk management tools and techniques A passion for cyber security and active interest in technology Experience of Information Security standards and frameworks Awareness and understanding of the Information Security threat landscape Understanding of Information Security solutions e.g. email / web gateways, SIEM, Endpoint protection etc. Knowledge/experience working with next gen security solutions Awareness of Cloud security solutions and standards is highly advantageous Experience working within recognised Information Security frameworks and best practices such as ISO27001, NIST etc. Experience in an Information Security role gained in a financial services or e-commerce environment is preferred Ability to challenge approach, strategy and implementation to ensure Information Security is consistently considered and improved Structured, self-starting, flexible and enjoy working in fast-paced environments Ability to plan, organise and follow through on assigned tasks and complete with little or no prompting from management About us: AJ Bell is one of the fastest-growing investment platform businesses in the UK offering an award-winning range of solutions that caters for everyone, from professional financial advisers, to DIY investors with little to no experience. We have over 561,000 customers using our award-winning platform propositions to manage assets totalling more than £89.5 billion. Our customers trust us with their investments, and by continuously striving to make investing easier, we aim to help even more people take control of their financial futures. Having listed on the Main Market of the London Stock Exchange in December 2018, AJ Bell is now a FTSE 250 company. Headquartered in Manchester with offices in central London and Bristol, we now have over 1,450 employees and have been named one of the UK's 'Best 100 Companies to Work For for six consecutive years and in 2024 named a Great Place to Work . At AJ Bell you can expect a friendly working environment with a strong sense of teamwork, we have a great sense of pride in what we do, and this is reflected in our guiding principles. What we offer: Starting holiday entitlement of 25, increasing up to 31 days with length of service and a holiday buy and sell scheme A choice of pension schemes with matched contributions up to 6% Discretionary bonus scheme Annual free share awards scheme Buy As You Earn (BAYE) Scheme Health Cash Plan provided by SimplyHealth Discounted private healthcare scheme and dental plan Free onsite gym Employee Assistance Programme Bike loan scheme Sick pay+ pledge Enhanced maternity, paternity, and shared parental leave Loans for travel season tickets Death in service scheme Paid time off for volunteer work Charitable giving opportunities through salary sacrifice Calendar of social events, including monthly payday drinks, annual Christmas party, summer party and much more Personal development programmes built around you and your career goals, including access to personal skills workshops Ongoing technical training Professional qualification support Talent development programmes Peer recognition scheme, with rewards including restaurant and shopping vouchers or time off Monthly leadership breakfasts and lunches Casual dress code Access to a range of benefits from our sponsorship deals Hybrid working: At AJ Bell, our people are the heart of our culture. We believe in building strong connections by working together. That's why we offer a hybrid working model, where you ll spend a minimum of 50% of your working time per month in the office. For new team members, an initial period will be full-time in the office to help you immerse yourself in our business and build valuable relationships with your colleagues. AJ Bell is committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and all employees are empowered to bring their whole self to work. We do not discriminate on the basis of race, sex, gender identity, sexual orientation, age, pregnancy, religion, physical and mental disability, marital status and any other characteristics protected by the Equality Act 2010. All decisions to hire are based on qualifications, merit and business need. If you like the sound of the above, or just want to know more about the company and the role, we'd love to speak to you.
Nicholas Associates Graduate Placements
Nuneaton, Warwickshire
Digital Forensic Analyst Nuneaton Salary: upto 30K per annum An exciting position has become available for a full-time Digital Forensic Analyst based in Nuneaton Warwickshire. The ideal candidate will be a keen and ambitious Digital Forensic Analyst with a solid understanding of technology. Company Provides independent national expert witness, computer forensics, mobile phone forensics to the legal sector, police forces, local authorities, and commercial organisations. The organisation also provides Cyber Security consultancy and Incident Response services to a wide variety of customers and maintains specialist teams to deliver a range of cyber security services. Role Responsibilities Case management and forensic analysis of computer and mobile devices. Securing and preservation of digital evidence. Procedure and documentation development. Contribute to achieving and maintaining quality standards whilst ensuring that the company's quality procedures ISO 17025 and 9001 are robustly adhered to. Ensuring that the company's IT security procedures ISO 27001 are robustly adhered to. Role Requirements Excellent understanding of IT Technology. A relevant Degree in digital forensics or cyber security. An excellent command of the English language both written and oral. Fully conversant with the digital forensic process and current ACPO Guidelines. Adhere to and be fully conversant with the FSR's Codes of Practice and Conduct. Accurate and precise. A full and clean UK driving license. Unimpeachable integrity. Why should you apply? Full training in the evidential analysis of electronic media. Opportunity to enter the digital forensics community with a professional market leader. Flexible working hours. 25 Days Holiday + Bank Holidays. Grade 2 corporate benefits package upon successful completion of probationary period (usually 6 months) including Pension Scheme, Group Medical Insurance (excluding dental). Critical Illness Cover, Life Insurance and Optical Benefit. About Us We are dedicated to fostering a diverse and inclusive community. In line with our Diversity and Inclusion policy, we welcome applications from all qualified individuals, regardless of age, gender, ethnicity, sexual orientation, or disability. As a Disability Confident Employer, and part of the Nicholas Associates Group, we are committed to supporting candidates with disabilities, and we're happy to discuss flexible working options. We are committed to protecting the privacy of all our candidates and clients. If you choose to apply, your information will be processed in accordance with the Nicholas Associates Group Privacy Notice.
29/01/2025
Full time
Digital Forensic Analyst Nuneaton Salary: upto 30K per annum An exciting position has become available for a full-time Digital Forensic Analyst based in Nuneaton Warwickshire. The ideal candidate will be a keen and ambitious Digital Forensic Analyst with a solid understanding of technology. Company Provides independent national expert witness, computer forensics, mobile phone forensics to the legal sector, police forces, local authorities, and commercial organisations. The organisation also provides Cyber Security consultancy and Incident Response services to a wide variety of customers and maintains specialist teams to deliver a range of cyber security services. Role Responsibilities Case management and forensic analysis of computer and mobile devices. Securing and preservation of digital evidence. Procedure and documentation development. Contribute to achieving and maintaining quality standards whilst ensuring that the company's quality procedures ISO 17025 and 9001 are robustly adhered to. Ensuring that the company's IT security procedures ISO 27001 are robustly adhered to. Role Requirements Excellent understanding of IT Technology. A relevant Degree in digital forensics or cyber security. An excellent command of the English language both written and oral. Fully conversant with the digital forensic process and current ACPO Guidelines. Adhere to and be fully conversant with the FSR's Codes of Practice and Conduct. Accurate and precise. A full and clean UK driving license. Unimpeachable integrity. Why should you apply? Full training in the evidential analysis of electronic media. Opportunity to enter the digital forensics community with a professional market leader. Flexible working hours. 25 Days Holiday + Bank Holidays. Grade 2 corporate benefits package upon successful completion of probationary period (usually 6 months) including Pension Scheme, Group Medical Insurance (excluding dental). Critical Illness Cover, Life Insurance and Optical Benefit. About Us We are dedicated to fostering a diverse and inclusive community. In line with our Diversity and Inclusion policy, we welcome applications from all qualified individuals, regardless of age, gender, ethnicity, sexual orientation, or disability. As a Disability Confident Employer, and part of the Nicholas Associates Group, we are committed to supporting candidates with disabilities, and we're happy to discuss flexible working options. We are committed to protecting the privacy of all our candidates and clients. If you choose to apply, your information will be processed in accordance with the Nicholas Associates Group Privacy Notice.
Lead Cyber Security Analyst Hybrid (infrequent travel) Reports to: Head of Cyber Security My client, an industry leader in their field, is seeking an experienced Lead Cyber Security Analyst to take on the day to day team leadership of a small but growing cyber security team whilst getting involved with strategy and operations within their fast-paced organisation. Key Responsibilities Lead cybersecurity operations, including incident response and threat management. Develop and implement strategic security initiatives. Ensure compliance with frameworks (e.g., ISO 27001, NIST, GDPR). Mentor and train junior team members. Manage risk assessments and reporting for senior leadership. Key Skills & Experience Advanced knowledge of Microsoft tools, EDR solutions, and cloud security (Azure). Expertise in cybersecurity frameworks and compliance standards. Strong leadership and incident management skills. Relevant certifications (e.g., CISSP, CISM, OSCP) and 5+ years of experience, including senior level roles or above. Key Behaviours You are ambitious and tenacious You are self motivated and driven to do your best You are passionate about cyber security You are calm and collected under pressure You are a reliable people leader whilst able to handle 2nd and 3rd line incidents when requried. If you're a skilled cybersecurity professional looking for a dynamic and rewarding opportunity, contact us to learn more.
29/01/2025
Full time
Lead Cyber Security Analyst Hybrid (infrequent travel) Reports to: Head of Cyber Security My client, an industry leader in their field, is seeking an experienced Lead Cyber Security Analyst to take on the day to day team leadership of a small but growing cyber security team whilst getting involved with strategy and operations within their fast-paced organisation. Key Responsibilities Lead cybersecurity operations, including incident response and threat management. Develop and implement strategic security initiatives. Ensure compliance with frameworks (e.g., ISO 27001, NIST, GDPR). Mentor and train junior team members. Manage risk assessments and reporting for senior leadership. Key Skills & Experience Advanced knowledge of Microsoft tools, EDR solutions, and cloud security (Azure). Expertise in cybersecurity frameworks and compliance standards. Strong leadership and incident management skills. Relevant certifications (e.g., CISSP, CISM, OSCP) and 5+ years of experience, including senior level roles or above. Key Behaviours You are ambitious and tenacious You are self motivated and driven to do your best You are passionate about cyber security You are calm and collected under pressure You are a reliable people leader whilst able to handle 2nd and 3rd line incidents when requried. If you're a skilled cybersecurity professional looking for a dynamic and rewarding opportunity, contact us to learn more.