Location
Dstl Porton Down, Salisbury, Wiltshire, SP4 0JQ or Dstl Portsdown West, Fareham, Hampshire, PO17 6AD
About the job
Job summary
Dstl is the science and technology arm of the Ministry of Defence. We improve the front-line capability of the UK Armed Forces helping keep our country safe.
The Cyber Security and Safety Group has never been more important. Many military platforms such as fast jets, unmanned air vehicles, helicopters, naval vessels, and land vehicles are becoming increasingly reliant on Software, Artificial Intelligence (AI) and Autonomous functions to control all aspects of their behaviour.
We’re looking for mathematically strong data scientists to help make AI reliant military systems robust and trustworthy in complex operations to help save lives.
An example of our world class inspiring work is designing and trialling a variety of autonomous air and ground vehicles out in Salisbury plain with the US and Australia. AI models were retrained in flight to meet changing mission situations to enhance commanders’ decision-making.
You could be involved in:
Assessing and improving AI content in Defence and Security safety critical systems in the Air, Sea and Land domains, to ensure that they are safe, secure and protected.
Applying the latest thinking in verification and validation of artificial intelligence and autonomous functions for defence and security purposes.
Innovating to support the delivery of the UK Cyber Strategy by researching algorithms for Cyber defence.
Dstl recognises the importance of diversity and inclusion as people from diverse backgrounds bring fresh ideas. We are committed to building an inclusive working environment in which each employee fulfils their potential and maximises their contribution.
We particularly welcome female and ethnic minority applicants and those from the LGBTQI community, as they are under-represented within Dstl at these levels.
Job description
In this role you will:
Have a drive for keeping abreast of the latest developments in cyber security and emerging trends in artificial intelligence. We give our people the opportunity to think and innovate. We offer loads of opportunities for training and scholarships, attending and presenting at conferences, and collaborating with internal research and industry and academia.
Work in a team consisting of highly professional Autonomy and Mathematical experts with enviable national and international reputations to take part in cutting edge research. Use your critical thinking and creative problem solving skills to implement state of art methods and tools.
Develop a knowledge of undertaking verification, validation and vulnerability assessments on Systems of interest.
Appreciate the importance of safety, security requirements to have a positive impact on defence and security of the UK.
Deliver technical reports and recommendations to leadership, senior officials across government and military and other non-technical audiences through clear data storytelling and well-crafted verbal presentations
Person specification
We are looking for someone who has:
A keen interest in algorithms, AI, ML or statistical analysis along with a willingness to develop additional capabilities in cyber security and safety.
Experience contributing to Software or AI / ML intensive projects.
Is looking for a career with a difference, doing a job that provides the latest and most effective tools to defend our nation and uphold the principle of freedom.
Important Information:
Our work in defence, security and intelligence requires our employees to be UK Nationals who are able to gain a high level of security clearance to undertake the projects we are involved in to protect us from security threats. For this reason, only UK Nationals will be able to apply for this role. If you are an international or dual-national candidate, and you think you have the skills we need, please consider applying to any of our government, security or defence partners.
This role will require full UK security clearance and you should have resided in the UK for the past 5 years. For some roles Developed Vetting will also be required, in this case you should have resided in the UK for the past 10 years.
Behaviours
We'll assess you against these behaviours during the selection process:
Changing and Improving
Communicating and Influencing
Seeing the Big Picture
Working Together
Benefits
Benefits
Dstl’s full range of great benefits can be found in the information pack which includes:
Financial : An excellent pension scheme starting from 26% employer contribution ( find out more here ). In Year Rewarding Achievement bonuses and thank you vouchers. Rental deposit scheme and cycle to work scheme.
Flexible working : Options include alternative working patterns such as; compressed hours (e.g. working a 4 day week/ 9 day fortnight), job shares and annualised hours (agreed number of hours per annum paid monthly i.e. working term-time only).
Working hours: Flexibility around your working day (e.g. start time, finish time). Ability to bank hours in a 12 month reference period including the ability to accrue and use 3 days per calendar month.
Where you work: Depending on your role, blended working may be available including remote working to suit you and your team. This can be discussed at interview.
Annual leave: 25 days pro rata (rising to 30 after 5 years) plus 8 public holidays with the ability to buy/sell 5 additional days per annum.
Family: Maternity, adoption or shared parental leave of up to 26 weeks with full pay, an additional 13 weeks statutory pay and a further 13 weeks unpaid
Learning and Development: Dstl encourages and supports charterships, accreditations and provides employees access to fully funded apprenticeships up to level 7 (Masters Degree). Dstl will pay for 2 memberships with relevant bodies/institutions. Employees also have access to Civil Service Learning.
Facilities: Onsite parking, EV Charging points, restaurants, cafés and gyms.
Things you need to know
Selection process details
This vacancy is using Success Profiles (opens in a new window) , and will assess your Behaviours and Experience.
We want you to have your best chance of success in our recruitment process, so If at any stage of the application process you would like help or assistance please contact the Dstl Recruitment Team dstlrecruitment@dstl.gov.uk and we will do all we can to support you.
Sifting will be taking place bi-weekly throughout the campaign, successful applicants will be invited to attend an online interview via MS Teams.
Feedback will only be provided if you attend an interview or assessment.
Security
Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window) . See our vetting charter (opens in a new window) . People working with government assets must complete baseline personnel security standard (opens in new window) checks.
Nationality requirements
Open to UK nationals only. This job is not open to candidates who hold a dual nationality.
Working for the Civil Service
The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants. We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window) . The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.
Apply and further information
This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative. Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.
Contact point for applicants
Job contact :
Name : Dstl Recruitment
Email : dstlrecruitment@dstl.gov.uk
Recruitment team
Email : dstlrecruitment@dstl.gov.uk
Further information
Should you wish to raise a formal complaint about the Dstl recruitment process you should email dstlrecruitment@dstl.gov.uk stating the nature of the issue. We will respond within 5 working days.
Attachments
20230626_CSAS_Data_Scientist_Autonomy_Dependability_L5 Opens in new window (docx, 66kB) Candidate_info_pack_CIS - 20220824 Opens in new window (pdf, 1378kB)
03/07/2023
Full time
Location
Dstl Porton Down, Salisbury, Wiltshire, SP4 0JQ or Dstl Portsdown West, Fareham, Hampshire, PO17 6AD
About the job
Job summary
Dstl is the science and technology arm of the Ministry of Defence. We improve the front-line capability of the UK Armed Forces helping keep our country safe.
The Cyber Security and Safety Group has never been more important. Many military platforms such as fast jets, unmanned air vehicles, helicopters, naval vessels, and land vehicles are becoming increasingly reliant on Software, Artificial Intelligence (AI) and Autonomous functions to control all aspects of their behaviour.
We’re looking for mathematically strong data scientists to help make AI reliant military systems robust and trustworthy in complex operations to help save lives.
An example of our world class inspiring work is designing and trialling a variety of autonomous air and ground vehicles out in Salisbury plain with the US and Australia. AI models were retrained in flight to meet changing mission situations to enhance commanders’ decision-making.
You could be involved in:
Assessing and improving AI content in Defence and Security safety critical systems in the Air, Sea and Land domains, to ensure that they are safe, secure and protected.
Applying the latest thinking in verification and validation of artificial intelligence and autonomous functions for defence and security purposes.
Innovating to support the delivery of the UK Cyber Strategy by researching algorithms for Cyber defence.
Dstl recognises the importance of diversity and inclusion as people from diverse backgrounds bring fresh ideas. We are committed to building an inclusive working environment in which each employee fulfils their potential and maximises their contribution.
We particularly welcome female and ethnic minority applicants and those from the LGBTQI community, as they are under-represented within Dstl at these levels.
Job description
In this role you will:
Have a drive for keeping abreast of the latest developments in cyber security and emerging trends in artificial intelligence. We give our people the opportunity to think and innovate. We offer loads of opportunities for training and scholarships, attending and presenting at conferences, and collaborating with internal research and industry and academia.
Work in a team consisting of highly professional Autonomy and Mathematical experts with enviable national and international reputations to take part in cutting edge research. Use your critical thinking and creative problem solving skills to implement state of art methods and tools.
Develop a knowledge of undertaking verification, validation and vulnerability assessments on Systems of interest.
Appreciate the importance of safety, security requirements to have a positive impact on defence and security of the UK.
Deliver technical reports and recommendations to leadership, senior officials across government and military and other non-technical audiences through clear data storytelling and well-crafted verbal presentations
Person specification
We are looking for someone who has:
A keen interest in algorithms, AI, ML or statistical analysis along with a willingness to develop additional capabilities in cyber security and safety.
Experience contributing to Software or AI / ML intensive projects.
Is looking for a career with a difference, doing a job that provides the latest and most effective tools to defend our nation and uphold the principle of freedom.
Important Information:
Our work in defence, security and intelligence requires our employees to be UK Nationals who are able to gain a high level of security clearance to undertake the projects we are involved in to protect us from security threats. For this reason, only UK Nationals will be able to apply for this role. If you are an international or dual-national candidate, and you think you have the skills we need, please consider applying to any of our government, security or defence partners.
This role will require full UK security clearance and you should have resided in the UK for the past 5 years. For some roles Developed Vetting will also be required, in this case you should have resided in the UK for the past 10 years.
Behaviours
We'll assess you against these behaviours during the selection process:
Changing and Improving
Communicating and Influencing
Seeing the Big Picture
Working Together
Benefits
Benefits
Dstl’s full range of great benefits can be found in the information pack which includes:
Financial : An excellent pension scheme starting from 26% employer contribution ( find out more here ). In Year Rewarding Achievement bonuses and thank you vouchers. Rental deposit scheme and cycle to work scheme.
Flexible working : Options include alternative working patterns such as; compressed hours (e.g. working a 4 day week/ 9 day fortnight), job shares and annualised hours (agreed number of hours per annum paid monthly i.e. working term-time only).
Working hours: Flexibility around your working day (e.g. start time, finish time). Ability to bank hours in a 12 month reference period including the ability to accrue and use 3 days per calendar month.
Where you work: Depending on your role, blended working may be available including remote working to suit you and your team. This can be discussed at interview.
Annual leave: 25 days pro rata (rising to 30 after 5 years) plus 8 public holidays with the ability to buy/sell 5 additional days per annum.
Family: Maternity, adoption or shared parental leave of up to 26 weeks with full pay, an additional 13 weeks statutory pay and a further 13 weeks unpaid
Learning and Development: Dstl encourages and supports charterships, accreditations and provides employees access to fully funded apprenticeships up to level 7 (Masters Degree). Dstl will pay for 2 memberships with relevant bodies/institutions. Employees also have access to Civil Service Learning.
Facilities: Onsite parking, EV Charging points, restaurants, cafés and gyms.
Things you need to know
Selection process details
This vacancy is using Success Profiles (opens in a new window) , and will assess your Behaviours and Experience.
We want you to have your best chance of success in our recruitment process, so If at any stage of the application process you would like help or assistance please contact the Dstl Recruitment Team dstlrecruitment@dstl.gov.uk and we will do all we can to support you.
Sifting will be taking place bi-weekly throughout the campaign, successful applicants will be invited to attend an online interview via MS Teams.
Feedback will only be provided if you attend an interview or assessment.
Security
Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window) . See our vetting charter (opens in a new window) . People working with government assets must complete baseline personnel security standard (opens in new window) checks.
Nationality requirements
Open to UK nationals only. This job is not open to candidates who hold a dual nationality.
Working for the Civil Service
The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants. We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window) . The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.
Apply and further information
This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative. Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.
Contact point for applicants
Job contact :
Name : Dstl Recruitment
Email : dstlrecruitment@dstl.gov.uk
Recruitment team
Email : dstlrecruitment@dstl.gov.uk
Further information
Should you wish to raise a formal complaint about the Dstl recruitment process you should email dstlrecruitment@dstl.gov.uk stating the nature of the issue. We will respond within 5 working days.
Attachments
20230626_CSAS_Data_Scientist_Autonomy_Dependability_L5 Opens in new window (docx, 66kB) Candidate_info_pack_CIS - 20220824 Opens in new window (pdf, 1378kB)
Third Party Risk & Assurance Specialist London 3 month contract Excellent day rate We are seeking a specialist in third party risk and assurance, with experience across various types of technology service providers. This is a multi-faceted role supporting both a Technology Transformation Programme as well as maintaining oversight over current operational technology and applications. This role will suit someone who has managed vendors previously, or someone with equivalent practical experience in providing technology and security assurance for clients, who is looking to grow into a GRC role and potentially beyond third party risk. 1. Third party governance and risk management framework Support the development and implementation of third party policies and governance controls with other functions, e.g. Finance, Legal, Procurement, Security, Architecture, Risk; Develop technology service and operational risk considerations for supplier tier classification definitions; Review existing technology supplier due diligence and work with SME functions to streamline the process; Create and maintain a risk taxonomy and reference library to support third party risk identification and assessment for technology; Ensure all Technology and Application change involving third parties follow policies, standards and governance procedures, and support various stage gate assessments including business case and design reviews, operational readiness and service transition, data management and governance, migration and decommissioning/vendor exits. 2. Procurement due diligence and supplier risk assessments Work with multiple functions to understand business use cases, and work with Procurement to plan for timely third party due diligence and risk assessments to inform decision making; Review and support relevant architecture and integration plans, including internal operational process change; Triage level of inherent risk for prospective third party relationships, managing various teams to agree on final tier classification; Work with Procurement to manage the due diligence process, including time expectations around reviews and responses from both SME teams and third parties, and mapping received third party documentation to requirements for review; Coordinate and ensure that Data Protection rules and requirements are met during due diligence by both and third parties, and support the management of any privacy violations; Evaluate how third parties will meet their compliance obligations and how they will affect compliance posture, including reviews of third parties policies, penetration test and post-incident reports, and independent audit reports; Produce and act as editor for due diligence risk reports, capturing trends and KRIs for management review. 3. Third party onboarding, contracts and renewals Provide SME support in contractual negotiations and renewals managed by Procurement; Support IT Risk and Controls Manager and Operational Resilience Manager to create and document new controls or adapt existing ones as necessary; Support operational readiness and service transition risk assessments for onboarded third party. 4. Ongoing third party risk management and monitoring Understand business and technology service third party dependencies, and work with various teams and our Operational Resilience Manager to conduct business impact and vulnerability assessments of the supply chain, as well developing exit plans for critical third parties; Work with IT Risk and Controls Manager and Operational Resilience Manager to develop and implement asset management and control assurance strategies; this will involve maintaining a third party outsourcing risk register as well as supporting IT disaster recovery and business continuity planning across the technology and application estate involving third party supply chains; Run a programme of regular supplier control assurance, tracking and managing the progress of any agreed action plans to completion; conduct and manage rights-to-audit as necessary; Support the implementation of the internal risk framework which includes Risk Control Self-Assessments, as well as overseeing and tracking third party issues, policy exceptions and non-compliances and associated risks; Oversee risk events and incident management involving third parties with the Operational Resilience Manager, including quality assurance for post-incident reviews; Support the management of any third party exit and any required decommissioning actions. 5. Reporting & documentation Work with multiple teams to prepare and present regular reports on third party governance, management, performance and risk; Maintain accurate documentation for Technology Services Governance processes, project updates and client interactions for audit readiness and knowledge transfer. 6. Management & development Closely work with Technology Service teams to promote learning and understanding throughout the business, including the creation, contribution to and maintenance of relevant compliance and awareness training; Proactively research state-of-the art technology and third party risk and assurance techniques to improve the technology services as well as enhancing your own knowledge; Support the learning and development of your fellow Technology Services Governance team managers and analysts.
19/04/2025
Contractor
Third Party Risk & Assurance Specialist London 3 month contract Excellent day rate We are seeking a specialist in third party risk and assurance, with experience across various types of technology service providers. This is a multi-faceted role supporting both a Technology Transformation Programme as well as maintaining oversight over current operational technology and applications. This role will suit someone who has managed vendors previously, or someone with equivalent practical experience in providing technology and security assurance for clients, who is looking to grow into a GRC role and potentially beyond third party risk. 1. Third party governance and risk management framework Support the development and implementation of third party policies and governance controls with other functions, e.g. Finance, Legal, Procurement, Security, Architecture, Risk; Develop technology service and operational risk considerations for supplier tier classification definitions; Review existing technology supplier due diligence and work with SME functions to streamline the process; Create and maintain a risk taxonomy and reference library to support third party risk identification and assessment for technology; Ensure all Technology and Application change involving third parties follow policies, standards and governance procedures, and support various stage gate assessments including business case and design reviews, operational readiness and service transition, data management and governance, migration and decommissioning/vendor exits. 2. Procurement due diligence and supplier risk assessments Work with multiple functions to understand business use cases, and work with Procurement to plan for timely third party due diligence and risk assessments to inform decision making; Review and support relevant architecture and integration plans, including internal operational process change; Triage level of inherent risk for prospective third party relationships, managing various teams to agree on final tier classification; Work with Procurement to manage the due diligence process, including time expectations around reviews and responses from both SME teams and third parties, and mapping received third party documentation to requirements for review; Coordinate and ensure that Data Protection rules and requirements are met during due diligence by both and third parties, and support the management of any privacy violations; Evaluate how third parties will meet their compliance obligations and how they will affect compliance posture, including reviews of third parties policies, penetration test and post-incident reports, and independent audit reports; Produce and act as editor for due diligence risk reports, capturing trends and KRIs for management review. 3. Third party onboarding, contracts and renewals Provide SME support in contractual negotiations and renewals managed by Procurement; Support IT Risk and Controls Manager and Operational Resilience Manager to create and document new controls or adapt existing ones as necessary; Support operational readiness and service transition risk assessments for onboarded third party. 4. Ongoing third party risk management and monitoring Understand business and technology service third party dependencies, and work with various teams and our Operational Resilience Manager to conduct business impact and vulnerability assessments of the supply chain, as well developing exit plans for critical third parties; Work with IT Risk and Controls Manager and Operational Resilience Manager to develop and implement asset management and control assurance strategies; this will involve maintaining a third party outsourcing risk register as well as supporting IT disaster recovery and business continuity planning across the technology and application estate involving third party supply chains; Run a programme of regular supplier control assurance, tracking and managing the progress of any agreed action plans to completion; conduct and manage rights-to-audit as necessary; Support the implementation of the internal risk framework which includes Risk Control Self-Assessments, as well as overseeing and tracking third party issues, policy exceptions and non-compliances and associated risks; Oversee risk events and incident management involving third parties with the Operational Resilience Manager, including quality assurance for post-incident reviews; Support the management of any third party exit and any required decommissioning actions. 5. Reporting & documentation Work with multiple teams to prepare and present regular reports on third party governance, management, performance and risk; Maintain accurate documentation for Technology Services Governance processes, project updates and client interactions for audit readiness and knowledge transfer. 6. Management & development Closely work with Technology Service teams to promote learning and understanding throughout the business, including the creation, contribution to and maintenance of relevant compliance and awareness training; Proactively research state-of-the art technology and third party risk and assurance techniques to improve the technology services as well as enhancing your own knowledge; Support the learning and development of your fellow Technology Services Governance team managers and analysts.
Cyber Security Vulnerability Management Analyst £265 per day Inside IR35 Remote 12-month contract Our client, a leading financial services organisation, is seeking a Cyber Security Vulnerability Management Analyst to join their dynamic team. This is an exciting opportunity to work with cutting-edge security tools, develop technical expertise, and play a key role in protecting the business from cyber threats. Key Responsibilities: Manage and enhance vulnerability management controls. Risk assess findings and recommend appropriate responses. Automate vulnerability reporting and reduce manual effort. Provide security guidance across technical disciplines. What You ll Need: Strong understanding of vulnerability lifecycles, standards, and risk assessment. Experience with scripting (Python, Power BI) and automation. Knowledge of Windows or RHEL OS platforms and patching processes. Ability to work in a fast-paced, evolving environment. Apply today for immediate consideration.
18/04/2025
Contractor
Cyber Security Vulnerability Management Analyst £265 per day Inside IR35 Remote 12-month contract Our client, a leading financial services organisation, is seeking a Cyber Security Vulnerability Management Analyst to join their dynamic team. This is an exciting opportunity to work with cutting-edge security tools, develop technical expertise, and play a key role in protecting the business from cyber threats. Key Responsibilities: Manage and enhance vulnerability management controls. Risk assess findings and recommend appropriate responses. Automate vulnerability reporting and reduce manual effort. Provide security guidance across technical disciplines. What You ll Need: Strong understanding of vulnerability lifecycles, standards, and risk assessment. Experience with scripting (Python, Power BI) and automation. Knowledge of Windows or RHEL OS platforms and patching processes. Ability to work in a fast-paced, evolving environment. Apply today for immediate consideration.
Cyber and Information Security Analyst Financial Services IT London (Hybrid) 3 days a week in the office per week Permanent 57k pa Our London based client is seeking a Cyber & Security Analyst to assist in protecting their IT infrastructure, networks, and data from cyber threats. This hybrid role will cover both Information Security and Cyber Security. You will assess security risks, implement proactive measures, monitor systems for security breaches and respond to cyber incidents. Essential Experience: Experience of one or more SEIM solutions, including Azure Sentinel Experience of oone or more EDR solutions such as Microsoft Defender or SentinelOne Expeience with ISO2071 Vulnerability Management and Scanning tools; Tenable, Rapid7 or Qualys Good understanding of attacker tactics, techniques and procedures Experience using Mitre ATT&CK framework Strong communication skills Excellent analytical and problem-solving skills Essential Qualifications: Cybersecurity relevant certification from CompTia , SANS, GIAC or ISC2 Microsoft Certified Security Operations Analyst Associate or similar qualifiaction Location: London Hybrid : 3 days a week in the office / 2 days working from home Contract: Initial contract period is 6 months Rate: 500/day Inside IR35 via umbrella Please do send me your CV to start a conversation around this. Adecco acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. The Adecco Group UK & Ireland is an Equal Opportunities Employer. By applying for this role your details will be submitted to Adecco. Our Candidate Privacy Information Statement explains how we will use your information - please copy and paste the following link in to your browser (url removed)
17/04/2025
Full time
Cyber and Information Security Analyst Financial Services IT London (Hybrid) 3 days a week in the office per week Permanent 57k pa Our London based client is seeking a Cyber & Security Analyst to assist in protecting their IT infrastructure, networks, and data from cyber threats. This hybrid role will cover both Information Security and Cyber Security. You will assess security risks, implement proactive measures, monitor systems for security breaches and respond to cyber incidents. Essential Experience: Experience of one or more SEIM solutions, including Azure Sentinel Experience of oone or more EDR solutions such as Microsoft Defender or SentinelOne Expeience with ISO2071 Vulnerability Management and Scanning tools; Tenable, Rapid7 or Qualys Good understanding of attacker tactics, techniques and procedures Experience using Mitre ATT&CK framework Strong communication skills Excellent analytical and problem-solving skills Essential Qualifications: Cybersecurity relevant certification from CompTia , SANS, GIAC or ISC2 Microsoft Certified Security Operations Analyst Associate or similar qualifiaction Location: London Hybrid : 3 days a week in the office / 2 days working from home Contract: Initial contract period is 6 months Rate: 500/day Inside IR35 via umbrella Please do send me your CV to start a conversation around this. Adecco acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. The Adecco Group UK & Ireland is an Equal Opportunities Employer. By applying for this role your details will be submitted to Adecco. Our Candidate Privacy Information Statement explains how we will use your information - please copy and paste the following link in to your browser (url removed)
Broadstone have an exciting opportunity for a Security Analyst to join the team. Location: Sheffield, S9 1XH Salary: Competitive Job Type: Full Time, Permanent Who are we Broadstone is a thriving consultancy offering a wide range of services in pensions, investments, and employee benefits. Established in 1989, the business has grown from a small team to a workforce of nearly 700, brought together by a desire to provide a personal, expert service to all who put their faith in us. We take pride in assisting small and medium-sized pension schemes who lack the time or resources to address increasingly challenging issues themselves. Our values are at the heart of everything we do and drive us forward every day. We strive to attract, develop, and retain top talent to work together to provide the best possible client outcomes. Our team feel empowered to share ideas to continuously improve our business. The impressive results of both client and staff surveys are a source of great pride. Broadstone are committed to building an inclusive working environment, valuing diversity, equity, and inclusion based on age, background, disability, gender, gender identity, gender expression, race, religion, or sexual orientation. We operate out of 10 regional hubs stretching from London to Glasgow. Security Analyst - The Role: Are you ready to take your cybersecurity career to the next level As a Security Analyst at Broadstone, you ll play a crucial role in strengthening our security defences, ensuring compliance with industry standards, and tackling cyber threats head-on. Working within our Group IT team, you ll collaborate with internal experts and external vendors to maintain robust cybersecurity measures. This is a hands-on, fast-paced role where you ll be involved in monitoring security, conducting vulnerability assessments, responding to incidents, and performing security audits. Plus, you ll have the opportunity to shape and improve our cybersecurity strategy, tools, and practices to stay ahead of emerging threats. Security Analyst Key Responsibilities: - Monitor activity using SIEM platforms and working with MDR services to address alerts and investigate potential threats - Contribute to the expansion and enhancement of security infrastructure and improve securer posture - Arranging external pen tests and managing remediations - Conduct employee training on security practices and provide guidance to staff on handling spam, malicious emails and other potential threats - Help develop, maintain and document security policies, processes, and procedures to maintain compliance, including Cyber Incident Response Plans Security Analyst You: - You will have at least 5 years commercial experience gained within a security or infrastructure role - CySA+ or equivalent as a minimum, or CISSP desirable - You will have experience with SIEM and MDR platforms - You will have a strong understanding of network security principles and familiarity with network protocols - You will have technical knowledge in network segmentation, firewalls, Mitre Att&ck, Windows and Linux, with experience in Cyber Security standards, e.g. Cyber Essentials, ISO 27001, NIST 2 Framework, EU/UK NIS Security Analyst - Benefits: - Competitive salary - 25 days holiday plus bank holidays (with option of buying more) - Group Life Assurance - Income Protection - Generous pension scheme - Health cash plan - Additional optional benefits to best suit your lifestyle - Social events - Volunteering opportunities To apply for this Security Analyst opportunity with us, please click apply now! We reserve the right to close our vacancies early and will endeavor to respond to all applicants. However, if for any reason you have not heard back within 28 days of applying, please assume that you have been unsuccessful on this occasion.
16/04/2025
Full time
Broadstone have an exciting opportunity for a Security Analyst to join the team. Location: Sheffield, S9 1XH Salary: Competitive Job Type: Full Time, Permanent Who are we Broadstone is a thriving consultancy offering a wide range of services in pensions, investments, and employee benefits. Established in 1989, the business has grown from a small team to a workforce of nearly 700, brought together by a desire to provide a personal, expert service to all who put their faith in us. We take pride in assisting small and medium-sized pension schemes who lack the time or resources to address increasingly challenging issues themselves. Our values are at the heart of everything we do and drive us forward every day. We strive to attract, develop, and retain top talent to work together to provide the best possible client outcomes. Our team feel empowered to share ideas to continuously improve our business. The impressive results of both client and staff surveys are a source of great pride. Broadstone are committed to building an inclusive working environment, valuing diversity, equity, and inclusion based on age, background, disability, gender, gender identity, gender expression, race, religion, or sexual orientation. We operate out of 10 regional hubs stretching from London to Glasgow. Security Analyst - The Role: Are you ready to take your cybersecurity career to the next level As a Security Analyst at Broadstone, you ll play a crucial role in strengthening our security defences, ensuring compliance with industry standards, and tackling cyber threats head-on. Working within our Group IT team, you ll collaborate with internal experts and external vendors to maintain robust cybersecurity measures. This is a hands-on, fast-paced role where you ll be involved in monitoring security, conducting vulnerability assessments, responding to incidents, and performing security audits. Plus, you ll have the opportunity to shape and improve our cybersecurity strategy, tools, and practices to stay ahead of emerging threats. Security Analyst Key Responsibilities: - Monitor activity using SIEM platforms and working with MDR services to address alerts and investigate potential threats - Contribute to the expansion and enhancement of security infrastructure and improve securer posture - Arranging external pen tests and managing remediations - Conduct employee training on security practices and provide guidance to staff on handling spam, malicious emails and other potential threats - Help develop, maintain and document security policies, processes, and procedures to maintain compliance, including Cyber Incident Response Plans Security Analyst You: - You will have at least 5 years commercial experience gained within a security or infrastructure role - CySA+ or equivalent as a minimum, or CISSP desirable - You will have experience with SIEM and MDR platforms - You will have a strong understanding of network security principles and familiarity with network protocols - You will have technical knowledge in network segmentation, firewalls, Mitre Att&ck, Windows and Linux, with experience in Cyber Security standards, e.g. Cyber Essentials, ISO 27001, NIST 2 Framework, EU/UK NIS Security Analyst - Benefits: - Competitive salary - 25 days holiday plus bank holidays (with option of buying more) - Group Life Assurance - Income Protection - Generous pension scheme - Health cash plan - Additional optional benefits to best suit your lifestyle - Social events - Volunteering opportunities To apply for this Security Analyst opportunity with us, please click apply now! We reserve the right to close our vacancies early and will endeavor to respond to all applicants. However, if for any reason you have not heard back within 28 days of applying, please assume that you have been unsuccessful on this occasion.
Are you passionate about protecting data, staying one step ahead of cyber threats, and making a real impact in a growing, forward-thinking business? We re looking for an Information Security Analyst who s ready to roll up their sleeves and help us stay secure, compliant, and resilient. This is a hybrid, 12 month, fixed term contract role requiring you to work 1 day per week in either London, Horsham or Mansfield . Expect some travel between offices, occasional client meetings, and the opportunity to collaborate across our wider group. Must be eligible to work in the UK - No sponsorship available What you'll be doing: From running vulnerability assessments to delivering engaging security training sessions, this role is hands-on and high-impact. You ll be: Proactively identifying and tackling system vulnerabilities Leading the charge on third-party risk assessments Educating teams with security awareness programs (yes, including phishing simulations!) Supporting incident response and continuous security improvements Helping shape and implement our information security policies What you'll bring: You're not just good at spotting risks - you re a great communicator, a natural problem-solver, and someone who thrives in a fast-paced, collaborative environment. Ideally, you ll also have: Experience with Microsoft Sentinel, Defender, Cloud App Security, or Purview A solid grasp of ISO27001, NIST, UK GDPR, and security frameworks Knowledge of vendor management and vulnerability assessments Bonus points for certifications like ISO27001 Lead Implementer, CISSP, or CISM What s in it for you? Private healthcare & life insurance Generous pension scheme (up to 10% employer contribution) days holiday + celebration day + volunteering day Travel insurance for your adventures Enhanced family leave, wellness fund, holiday buy/sell scheme & more Hybrid working with 1 day in the office in either Horsham, London or Mansfield Mon - Fri, 9am 5pm
16/04/2025
Contractor
Are you passionate about protecting data, staying one step ahead of cyber threats, and making a real impact in a growing, forward-thinking business? We re looking for an Information Security Analyst who s ready to roll up their sleeves and help us stay secure, compliant, and resilient. This is a hybrid, 12 month, fixed term contract role requiring you to work 1 day per week in either London, Horsham or Mansfield . Expect some travel between offices, occasional client meetings, and the opportunity to collaborate across our wider group. Must be eligible to work in the UK - No sponsorship available What you'll be doing: From running vulnerability assessments to delivering engaging security training sessions, this role is hands-on and high-impact. You ll be: Proactively identifying and tackling system vulnerabilities Leading the charge on third-party risk assessments Educating teams with security awareness programs (yes, including phishing simulations!) Supporting incident response and continuous security improvements Helping shape and implement our information security policies What you'll bring: You're not just good at spotting risks - you re a great communicator, a natural problem-solver, and someone who thrives in a fast-paced, collaborative environment. Ideally, you ll also have: Experience with Microsoft Sentinel, Defender, Cloud App Security, or Purview A solid grasp of ISO27001, NIST, UK GDPR, and security frameworks Knowledge of vendor management and vulnerability assessments Bonus points for certifications like ISO27001 Lead Implementer, CISSP, or CISM What s in it for you? Private healthcare & life insurance Generous pension scheme (up to 10% employer contribution) days holiday + celebration day + volunteering day Travel insurance for your adventures Enhanced family leave, wellness fund, holiday buy/sell scheme & more Hybrid working with 1 day in the office in either Horsham, London or Mansfield Mon - Fri, 9am 5pm
Cyber Security Analyst (SOC) Location : Portsmouth (5 days on-site, Mon-Friday) Employment Type : Permanent Salary: £45,000 to £49,000 (based on candidate experience) About the Company: Join a industry leading UK-based IT Solutions organisation in a newly formed team, where you'll be delivering cutting-edge IT and cybersecurity solutions to a global client base. Their dynamic Security Operations Centre (SOC) is dedicated to identifying, analysing, and neutralising cyber threats, safeguarding critical digital assets across various sectors. The organisation champions innovation, collaboration, and continuous growth to remain ahead of evolving cybersecurity challenges. Role Overview: As a SOC Analyst, you'll be a vital part of a highly skilled Security Operations Centre team, responding to security alerts, investigating incidents, and helping to protect enterprise environments. This role offers exposure to leading technologies and industry-standard frameworks, providing a strong foundation for developing advanced cybersecurity expertise in a fast-paced MSP environment. Key Responsibilities: Monitor SIEM, IDS/IPS, EDR, and related tools for threat indicators. Analyse and investigate incidents, escalating when necessary. Conduct threat hunting and forensic analysis. Support rule development and tuning of detection systems. Assist with Real Time detection, response, and containment. Maintain and improve SOC documentation and playbooks. Collaborate with team members and other departments to improve overall security posture. Support vulnerability management and threat intelligence processes. Stay informed on emerging threats and security best practices. Required Skills & Qualifications: Degree in Cybersecurity, IT, or related field (or equivalent experience). 2+ years' experience in a SOC or similar role (preferably in MSP/MSSP). Hands-on experience with SIEM, EDR, IDS/IPS, Firewalls, and incident response. Familiarity with frameworks like MITRE ATT&CK, NIST, CIS, or ISO 27001. Basic Scripting skills (Python, PowerShell, or Bash) are a plus. Industry certifications (Security+, CEH, CySA+, GCIH) desirable. Excellent problem-solving, communication, and teamwork skills Why Join Us? Work with industry-leading tech and top-tier cybersecurity professionals Influence SOC strategy and innovation Hybrid flexibility and a collaborative, growth-focused culture Be part of a trusted UK MSP delivering mission-critical security services across industries To be considered, please ensure you complete your application on the Computappoint website. Services offered by Computappoint Limited are those of an Employment Business and/or Employment Agency in relation to this vacancy
15/04/2025
Full time
Cyber Security Analyst (SOC) Location : Portsmouth (5 days on-site, Mon-Friday) Employment Type : Permanent Salary: £45,000 to £49,000 (based on candidate experience) About the Company: Join a industry leading UK-based IT Solutions organisation in a newly formed team, where you'll be delivering cutting-edge IT and cybersecurity solutions to a global client base. Their dynamic Security Operations Centre (SOC) is dedicated to identifying, analysing, and neutralising cyber threats, safeguarding critical digital assets across various sectors. The organisation champions innovation, collaboration, and continuous growth to remain ahead of evolving cybersecurity challenges. Role Overview: As a SOC Analyst, you'll be a vital part of a highly skilled Security Operations Centre team, responding to security alerts, investigating incidents, and helping to protect enterprise environments. This role offers exposure to leading technologies and industry-standard frameworks, providing a strong foundation for developing advanced cybersecurity expertise in a fast-paced MSP environment. Key Responsibilities: Monitor SIEM, IDS/IPS, EDR, and related tools for threat indicators. Analyse and investigate incidents, escalating when necessary. Conduct threat hunting and forensic analysis. Support rule development and tuning of detection systems. Assist with Real Time detection, response, and containment. Maintain and improve SOC documentation and playbooks. Collaborate with team members and other departments to improve overall security posture. Support vulnerability management and threat intelligence processes. Stay informed on emerging threats and security best practices. Required Skills & Qualifications: Degree in Cybersecurity, IT, or related field (or equivalent experience). 2+ years' experience in a SOC or similar role (preferably in MSP/MSSP). Hands-on experience with SIEM, EDR, IDS/IPS, Firewalls, and incident response. Familiarity with frameworks like MITRE ATT&CK, NIST, CIS, or ISO 27001. Basic Scripting skills (Python, PowerShell, or Bash) are a plus. Industry certifications (Security+, CEH, CySA+, GCIH) desirable. Excellent problem-solving, communication, and teamwork skills Why Join Us? Work with industry-leading tech and top-tier cybersecurity professionals Influence SOC strategy and innovation Hybrid flexibility and a collaborative, growth-focused culture Be part of a trusted UK MSP delivering mission-critical security services across industries To be considered, please ensure you complete your application on the Computappoint website. Services offered by Computappoint Limited are those of an Employment Business and/or Employment Agency in relation to this vacancy
Role: Senior Security Analyst (Level 3) Salary: up to 70,000 per annum + benefits Location: Peterborough (2 days per week on-site) We are currently working with a large-scale IT Solutions organisation, who require an experienced Security Analyst to join the organisation during a period of growth. The purpose of the is to elevate technical excellence and innovation in network and cyber security and to take it to new heights. This role is fundamental in not only maintaining but also advancing the high standards of service that are expected and relied upon. You will be entrusted with leading complex security analyses, overseeing critical security incidents, and providing strategic insights to discover and analyse potential threats, all while aligning with stringent SLAs. Skills and experience required Network Security - Understanding of network architecture, firewalls, VPNs, IDS/IPS, and other network security measures. Incident Response - Proficiency in detecting, analysing, and responding to security incidents. Threat Analysis - Ability to identify and assess cyber threats and vulnerabilities. Vulnerability Management - Experience with vulnerability management and reporting solutions, assessing customer vulnerabilities, creating regular reporting packs, devising mitigation strategies and working with customers to support their implementation of these plans. Security Information and Event Management (SIEM) - In-depth experience with SIEM tools for monitoring and analysing security events. Malware Analysis - Skills in identifying, dissecting and mitigating malware threats. Forensic Analysis - Knowledge of digital forensics to investigate and remediate security breaches. The role will be 2 days per week on-site in Peterborough, please consider this when applying for the role. If you are interested in the role and would like to apply, please click on the link for immediate consideration
15/04/2025
Full time
Role: Senior Security Analyst (Level 3) Salary: up to 70,000 per annum + benefits Location: Peterborough (2 days per week on-site) We are currently working with a large-scale IT Solutions organisation, who require an experienced Security Analyst to join the organisation during a period of growth. The purpose of the is to elevate technical excellence and innovation in network and cyber security and to take it to new heights. This role is fundamental in not only maintaining but also advancing the high standards of service that are expected and relied upon. You will be entrusted with leading complex security analyses, overseeing critical security incidents, and providing strategic insights to discover and analyse potential threats, all while aligning with stringent SLAs. Skills and experience required Network Security - Understanding of network architecture, firewalls, VPNs, IDS/IPS, and other network security measures. Incident Response - Proficiency in detecting, analysing, and responding to security incidents. Threat Analysis - Ability to identify and assess cyber threats and vulnerabilities. Vulnerability Management - Experience with vulnerability management and reporting solutions, assessing customer vulnerabilities, creating regular reporting packs, devising mitigation strategies and working with customers to support their implementation of these plans. Security Information and Event Management (SIEM) - In-depth experience with SIEM tools for monitoring and analysing security events. Malware Analysis - Skills in identifying, dissecting and mitigating malware threats. Forensic Analysis - Knowledge of digital forensics to investigate and remediate security breaches. The role will be 2 days per week on-site in Peterborough, please consider this when applying for the role. If you are interested in the role and would like to apply, please click on the link for immediate consideration
Cyber and Information Security Analyst Financial Services IT London (Hybrid) 2 days a week in the office per week Permanent 58,500 pa Our London based client is seeking a Cyber & Security Analyst to assist in protecting their IT infrastructure, networks, and data from cyber threats. This hybrid role will cover both Information Security and Cyber Security. You will assess security risks, implement proactive measures, monitor systems for security breaches and respond to cyber incidents. Essential Experience: Experience of one or more SEIM solutions, including Azure Sentinel Experience of oone or more EDR solutions such as Microsoft Defender or SentinelOne Experience with ISO2071 Vulnerability Management and Scanning tools; Tenable, Rapid7 or Qualys Good understanding of attacker tactics, techniques and procedures Experience using Mitre ATT&CK framework Strong communication skills Excellent analytical and problem-solving skills Essential Qualifications: Cybersecurity relevant certification from CompTia , SANS, GIAC or ISC2 Microsoft Certified Security Operations Analyst Associate or similar qualification Location: London Hybrid : 2 days a week in the office / 3 days working from home Salary: 58,500 pa Please do send me your CV to start a conversation around this. Adecco acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. The Adecco Group UK & Ireland is an Equal Opportunities Employer. By applying for this role your details will be submitted to Adecco. Our Candidate Privacy Information Statement explains how we will use your information - please copy and paste the following link in to your browser (url removed)
14/04/2025
Full time
Cyber and Information Security Analyst Financial Services IT London (Hybrid) 2 days a week in the office per week Permanent 58,500 pa Our London based client is seeking a Cyber & Security Analyst to assist in protecting their IT infrastructure, networks, and data from cyber threats. This hybrid role will cover both Information Security and Cyber Security. You will assess security risks, implement proactive measures, monitor systems for security breaches and respond to cyber incidents. Essential Experience: Experience of one or more SEIM solutions, including Azure Sentinel Experience of oone or more EDR solutions such as Microsoft Defender or SentinelOne Experience with ISO2071 Vulnerability Management and Scanning tools; Tenable, Rapid7 or Qualys Good understanding of attacker tactics, techniques and procedures Experience using Mitre ATT&CK framework Strong communication skills Excellent analytical and problem-solving skills Essential Qualifications: Cybersecurity relevant certification from CompTia , SANS, GIAC or ISC2 Microsoft Certified Security Operations Analyst Associate or similar qualification Location: London Hybrid : 2 days a week in the office / 3 days working from home Salary: 58,500 pa Please do send me your CV to start a conversation around this. Adecco acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. The Adecco Group UK & Ireland is an Equal Opportunities Employer. By applying for this role your details will be submitted to Adecco. Our Candidate Privacy Information Statement explains how we will use your information - please copy and paste the following link in to your browser (url removed)
COMPANY DESCRIPTION On May 31, 2023, Viasat completed its acquisition of Inmarsat, combining the teams, technologies and resources of the two companies to create a new global communications partner. About Viasat Viasat is a global communications company that believes everyone and everything in the world can be connected. With offices in 24 countries around the world, our mission shapes how consumers, businesses, governments and militaries around the world communicate and connect. Viasat is developing the ultimate global communications network to power high-quality, reliable, secure, affordable, fast connections to positively impact people's lives anywhere they are-on the ground, in the air or at sea, while building a sustainable future in space. Chief Operations Office The Chief Operations Office (COO) plays a vital role managing the services that keep our business running and delivering to our customers. COO consists of 9 functions including: Satellite Operations, Network Operations, Service Assurance, Service Delivery Aviation and Customer Assurance, Service Delivery and Supply Chain, Project Management Office, Global Cyber Security and Group IT JOB DESCRIPTION Key responsibilities of the position: Act as a first line security event analyst monitoring the Security Information and Event Management (SIEM) System. Monitor the alarm console; provide initial analysis of logs and network traffic; and make security event determinations on alarm severity, escalation, and response routing. Provide first line telephone, e-mail and ticket routing services for security event notifications and incident response processes. Deliver first level investigation and remediation activities as a member of the Security Incident Response Team. Participate in Security Incident Response Team (SIRT) events: Conduct research and assessments of security events; provide analysis of firewall, IDS, anti-virus and other network sensor produced events; present findings as input to SIRT. Participate in a Compliance/Vulnerability Assessment (VA) Scanning Capability. Follow a documented process for routine scanning of Inmarsat infrastructure and network elements. Develop mitigation and remediation plans as a result of the vulnerability assessment findings. Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs). Create and update security event investigation notes, conduct shift change reports on open cases, and maintain case data in the Incident Response Management platform. Document information security operations policies, process and procedures. The post may require working daytime, night time, and weekend work (adequate notification will be provided) QUALIFICATIONS Essential Knowledge and Skills: A University degree level education or equivalent in Information Security, Forensics, or Computer Science; related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis. Understanding of performing 1st level analysis and interpretation of information from SOC systems; incident identification/analysis, escalation procedures, and reduction of false-positives. A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be advantageous. Intermediate knowledge of Information Security fundamentals, technologies, and design principals. Understanding or proven experience in securing Windows, Linux, Oracle and VM platforms. Understanding or proven experience of QRadar or similar Security Information and Event Management (SIEM) tools for analysing network and security incidents. Experience in Tenable Network Security Nessus, BeyondTrust Retina or similar Vulnerability Assessment (VA) scanner operations for identifying network and platform risks and mis-configurations. Willingness to learn new skills and be self-motivated. Ability to work in a team environment, to work under pressure and show flexibility. Excellent verbal and written communication skills in English. ADDITIONAL INFORMATION You must be eligible to work in this location advertised. Our culture and ways of working Our values define our culture and represent what we believe in. Viasat employees aspire to behaviours that support our values, which create a stronger working environment and lie at the heart of our continued success as an organisation. Customer - we provide a unique value to our customers Accountability - we take ownership, we deliver results, and we keep our promises Respect - we collaborate, we embrace and celebrate diversity and we value difference Excellence - we create bold solutions for our customers and put quality at the heart of everything we do We also value and encourage a healthy work-life balance, so we offer flexible working wherever possible. Depending on the operational requirements of your job and your team, we can offer compressed hours (nine-day fortnight), hybrid office-remote working, and flexibility during your working day to take care of personal commitments. Diversity We want the best people for the job, and we warmly welcome applications from you if you're suitably qualified and eligible, regardless of your sex, gender, age, race, ethnicity, disability, sexuality, gender identity, neurodiverse qualities, religion or belief, marital status, pregnancy, or maternity status. We are signed up to the Halo Hair Code, which aims to protect employees who come to work with natural hair and protective hairstyles associated with their racial, ethnic, and cultural identities. To give you the best experience possible during your application process and interview, we can make adjustments. For example, if you're visually impaired we'll happily meet you locally and help you find your way to our office, or if you have neurodiverse qualities, we can provide you with additional support to help you prepare for your interview. Please let our Resourcing Team know if there are any ways in which we can support you.
15/08/2023
Full time
COMPANY DESCRIPTION On May 31, 2023, Viasat completed its acquisition of Inmarsat, combining the teams, technologies and resources of the two companies to create a new global communications partner. About Viasat Viasat is a global communications company that believes everyone and everything in the world can be connected. With offices in 24 countries around the world, our mission shapes how consumers, businesses, governments and militaries around the world communicate and connect. Viasat is developing the ultimate global communications network to power high-quality, reliable, secure, affordable, fast connections to positively impact people's lives anywhere they are-on the ground, in the air or at sea, while building a sustainable future in space. Chief Operations Office The Chief Operations Office (COO) plays a vital role managing the services that keep our business running and delivering to our customers. COO consists of 9 functions including: Satellite Operations, Network Operations, Service Assurance, Service Delivery Aviation and Customer Assurance, Service Delivery and Supply Chain, Project Management Office, Global Cyber Security and Group IT JOB DESCRIPTION Key responsibilities of the position: Act as a first line security event analyst monitoring the Security Information and Event Management (SIEM) System. Monitor the alarm console; provide initial analysis of logs and network traffic; and make security event determinations on alarm severity, escalation, and response routing. Provide first line telephone, e-mail and ticket routing services for security event notifications and incident response processes. Deliver first level investigation and remediation activities as a member of the Security Incident Response Team. Participate in Security Incident Response Team (SIRT) events: Conduct research and assessments of security events; provide analysis of firewall, IDS, anti-virus and other network sensor produced events; present findings as input to SIRT. Participate in a Compliance/Vulnerability Assessment (VA) Scanning Capability. Follow a documented process for routine scanning of Inmarsat infrastructure and network elements. Develop mitigation and remediation plans as a result of the vulnerability assessment findings. Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs). Create and update security event investigation notes, conduct shift change reports on open cases, and maintain case data in the Incident Response Management platform. Document information security operations policies, process and procedures. The post may require working daytime, night time, and weekend work (adequate notification will be provided) QUALIFICATIONS Essential Knowledge and Skills: A University degree level education or equivalent in Information Security, Forensics, or Computer Science; related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis. Understanding of performing 1st level analysis and interpretation of information from SOC systems; incident identification/analysis, escalation procedures, and reduction of false-positives. A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be advantageous. Intermediate knowledge of Information Security fundamentals, technologies, and design principals. Understanding or proven experience in securing Windows, Linux, Oracle and VM platforms. Understanding or proven experience of QRadar or similar Security Information and Event Management (SIEM) tools for analysing network and security incidents. Experience in Tenable Network Security Nessus, BeyondTrust Retina or similar Vulnerability Assessment (VA) scanner operations for identifying network and platform risks and mis-configurations. Willingness to learn new skills and be self-motivated. Ability to work in a team environment, to work under pressure and show flexibility. Excellent verbal and written communication skills in English. ADDITIONAL INFORMATION You must be eligible to work in this location advertised. Our culture and ways of working Our values define our culture and represent what we believe in. Viasat employees aspire to behaviours that support our values, which create a stronger working environment and lie at the heart of our continued success as an organisation. Customer - we provide a unique value to our customers Accountability - we take ownership, we deliver results, and we keep our promises Respect - we collaborate, we embrace and celebrate diversity and we value difference Excellence - we create bold solutions for our customers and put quality at the heart of everything we do We also value and encourage a healthy work-life balance, so we offer flexible working wherever possible. Depending on the operational requirements of your job and your team, we can offer compressed hours (nine-day fortnight), hybrid office-remote working, and flexibility during your working day to take care of personal commitments. Diversity We want the best people for the job, and we warmly welcome applications from you if you're suitably qualified and eligible, regardless of your sex, gender, age, race, ethnicity, disability, sexuality, gender identity, neurodiverse qualities, religion or belief, marital status, pregnancy, or maternity status. We are signed up to the Halo Hair Code, which aims to protect employees who come to work with natural hair and protective hairstyles associated with their racial, ethnic, and cultural identities. To give you the best experience possible during your application process and interview, we can make adjustments. For example, if you're visually impaired we'll happily meet you locally and help you find your way to our office, or if you have neurodiverse qualities, we can provide you with additional support to help you prepare for your interview. Please let our Resourcing Team know if there are any ways in which we can support you.
COMPANY DESCRIPTION On May 31, 2023, Viasat completed its acquisition of Inmarsat, combining the teams, technologies and resources of the two companies to create a new global communications partner. About Viasat Viasat is a global communications company that believes everyone and everything in the world can be connected. With offices in 24 countries around the world, our mission shapes how consumers, businesses, governments and militaries around the world communicate and connect. Viasat is developing the ultimate global communications network to power high-quality, reliable, secure, affordable, fast connections to positively impact people's lives anywhere they are-on the ground, in the air or at sea, while building a sustainable future in space. Chief Operations Office The Chief Operations Office (COO) plays a vital role managing the services that keep our business running and delivering to our customers. COO consists of 9 functions including: Satellite Operations, Network Operations, Service Assurance, Service Delivery Aviation and Customer Assurance, Service Delivery and Supply Chain, Project Management Office, Global Cyber Security and Group IT JOB DESCRIPTION Key responsibilities of the position: Act as a first line security event analyst monitoring the Security Information and Event Management (SIEM) System. Monitor the alarm console; provide initial analysis of logs and network traffic; and make security event determinations on alarm severity, escalation, and response routing. Provide first line telephone, e-mail and ticket routing services for security event notifications and incident response processes. Deliver first level investigation and remediation activities as a member of the Security Incident Response Team. Participate in Security Incident Response Team (SIRT) events: Conduct research and assessments of security events; provide analysis of firewall, IDS, anti-virus and other network sensor produced events; present findings as input to SIRT. Participate in a Compliance/Vulnerability Assessment (VA) Scanning Capability. Follow a documented process for routine scanning of Inmarsat infrastructure and network elements. Develop mitigation and remediation plans as a result of the vulnerability assessment findings. Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs). Create and update security event investigation notes, conduct shift change reports on open cases, and maintain case data in the Incident Response Management platform. Document information security operations policies, process and procedures. The post may require working daytime, night time, and weekend work (adequate notification will be provided) QUALIFICATIONS Essential Knowledge and Skills: A University degree level education or equivalent in Information Security, Forensics, or Computer Science; related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis. Understanding of performing 1st level analysis and interpretation of information from SOC systems; incident identification/analysis, escalation procedures, and reduction of false-positives. A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be advantageous. Intermediate knowledge of Information Security fundamentals, technologies, and design principals. Understanding or proven experience in securing Windows, Linux, Oracle and VM platforms. Understanding or proven experience of QRadar or similar Security Information and Event Management (SIEM) tools for analysing network and security incidents. Experience in Tenable Network Security Nessus, BeyondTrust Retina or similar Vulnerability Assessment (VA) scanner operations for identifying network and platform risks and mis-configurations. Willingness to learn new skills and be self-motivated. Ability to work in a team environment, to work under pressure and show flexibility. Excellent verbal and written communication skills in English. ADDITIONAL INFORMATION You must be eligible to work in this location advertised. Our culture and ways of working Our values define our culture and represent what we believe in. Viasat employees aspire to behaviours that support our values, which create a stronger working environment and lie at the heart of our continued success as an organisation. Customer - we provide a unique value to our customers Accountability - we take ownership, we deliver results, and we keep our promises Respect - we collaborate, we embrace and celebrate diversity and we value difference Excellence - we create bold solutions for our customers and put quality at the heart of everything we do We also value and encourage a healthy work-life balance, so we offer flexible working wherever possible. Depending on the operational requirements of your job and your team, we can offer compressed hours (nine-day fortnight), hybrid office-remote working, and flexibility during your working day to take care of personal commitments. Diversity We want the best people for the job, and we warmly welcome applications from you if you're suitably qualified and eligible, regardless of your sex, gender, age, race, ethnicity, disability, sexuality, gender identity, neurodiverse qualities, religion or belief, marital status, pregnancy, or maternity status. We are signed up to the Halo Hair Code, which aims to protect employees who come to work with natural hair and protective hairstyles associated with their racial, ethnic, and cultural identities. To give you the best experience possible during your application process and interview, we can make adjustments. For example, if you're visually impaired we'll happily meet you locally and help you find your way to our office, or if you have neurodiverse qualities, we can provide you with additional support to help you prepare for your interview. Please let our Resourcing Team know if there are any ways in which we can support you.
14/08/2023
Full time
COMPANY DESCRIPTION On May 31, 2023, Viasat completed its acquisition of Inmarsat, combining the teams, technologies and resources of the two companies to create a new global communications partner. About Viasat Viasat is a global communications company that believes everyone and everything in the world can be connected. With offices in 24 countries around the world, our mission shapes how consumers, businesses, governments and militaries around the world communicate and connect. Viasat is developing the ultimate global communications network to power high-quality, reliable, secure, affordable, fast connections to positively impact people's lives anywhere they are-on the ground, in the air or at sea, while building a sustainable future in space. Chief Operations Office The Chief Operations Office (COO) plays a vital role managing the services that keep our business running and delivering to our customers. COO consists of 9 functions including: Satellite Operations, Network Operations, Service Assurance, Service Delivery Aviation and Customer Assurance, Service Delivery and Supply Chain, Project Management Office, Global Cyber Security and Group IT JOB DESCRIPTION Key responsibilities of the position: Act as a first line security event analyst monitoring the Security Information and Event Management (SIEM) System. Monitor the alarm console; provide initial analysis of logs and network traffic; and make security event determinations on alarm severity, escalation, and response routing. Provide first line telephone, e-mail and ticket routing services for security event notifications and incident response processes. Deliver first level investigation and remediation activities as a member of the Security Incident Response Team. Participate in Security Incident Response Team (SIRT) events: Conduct research and assessments of security events; provide analysis of firewall, IDS, anti-virus and other network sensor produced events; present findings as input to SIRT. Participate in a Compliance/Vulnerability Assessment (VA) Scanning Capability. Follow a documented process for routine scanning of Inmarsat infrastructure and network elements. Develop mitigation and remediation plans as a result of the vulnerability assessment findings. Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs). Create and update security event investigation notes, conduct shift change reports on open cases, and maintain case data in the Incident Response Management platform. Document information security operations policies, process and procedures. The post may require working daytime, night time, and weekend work (adequate notification will be provided) QUALIFICATIONS Essential Knowledge and Skills: A University degree level education or equivalent in Information Security, Forensics, or Computer Science; related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis. Understanding of performing 1st level analysis and interpretation of information from SOC systems; incident identification/analysis, escalation procedures, and reduction of false-positives. A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be advantageous. Intermediate knowledge of Information Security fundamentals, technologies, and design principals. Understanding or proven experience in securing Windows, Linux, Oracle and VM platforms. Understanding or proven experience of QRadar or similar Security Information and Event Management (SIEM) tools for analysing network and security incidents. Experience in Tenable Network Security Nessus, BeyondTrust Retina or similar Vulnerability Assessment (VA) scanner operations for identifying network and platform risks and mis-configurations. Willingness to learn new skills and be self-motivated. Ability to work in a team environment, to work under pressure and show flexibility. Excellent verbal and written communication skills in English. ADDITIONAL INFORMATION You must be eligible to work in this location advertised. Our culture and ways of working Our values define our culture and represent what we believe in. Viasat employees aspire to behaviours that support our values, which create a stronger working environment and lie at the heart of our continued success as an organisation. Customer - we provide a unique value to our customers Accountability - we take ownership, we deliver results, and we keep our promises Respect - we collaborate, we embrace and celebrate diversity and we value difference Excellence - we create bold solutions for our customers and put quality at the heart of everything we do We also value and encourage a healthy work-life balance, so we offer flexible working wherever possible. Depending on the operational requirements of your job and your team, we can offer compressed hours (nine-day fortnight), hybrid office-remote working, and flexibility during your working day to take care of personal commitments. Diversity We want the best people for the job, and we warmly welcome applications from you if you're suitably qualified and eligible, regardless of your sex, gender, age, race, ethnicity, disability, sexuality, gender identity, neurodiverse qualities, religion or belief, marital status, pregnancy, or maternity status. We are signed up to the Halo Hair Code, which aims to protect employees who come to work with natural hair and protective hairstyles associated with their racial, ethnic, and cultural identities. To give you the best experience possible during your application process and interview, we can make adjustments. For example, if you're visually impaired we'll happily meet you locally and help you find your way to our office, or if you have neurodiverse qualities, we can provide you with additional support to help you prepare for your interview. Please let our Resourcing Team know if there are any ways in which we can support you.
Location Client Site in Barrow-in-Furness The job on offer Are you passionate about cybersecurity? Are you an excellent communicator with demonstrable experience of security analysts activities within organisations? Would you relish putting these skills into practice by taking on a role within Capgemini to protect our clients from cyber threats? As the Senior Security Analyst, you will be the lead Security Analyst within the a client account IT Security Operations Team. You will be joining a fantastic team of more than 400 UK based security professionals that deliver world-class security services day in and day out. Your role • Manage escalated Security Incidents from a people and process perspective • Identify and prioritise Security Incidents, Security Tickets and Security Service Requests • Bring incidents to successful conclusions with thorough remediation plans • Prioritising and differentiating between potential intrusion activity and false alarms • Conduct vulnerability analysis and create impact assessments • Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement • Work closely together with technical architects to produce design specifications according to information security policies, while fulfilling business needs Your profile • A good knowledge of Cyber Security and Information Assurance - an ability to demonstrate understanding of governance, compliance and risk from different perspectives i.e. across people, processes and technology • Someone who is an advocate for security good practice, with the ability to influence others • Hold, or be working towards, ISO27001 Lead Auditor • A working knowledge of ISO27001 required, and desirable to have knowledge of ISO33052, ISO33072 and METSec • Current NPPV3/SC clearance or the ability to be cleared to that level • Have been resident in the United Kingdom for at least five (5) years • Experience in the public sector preferred but not required • Due to the security classification of the work you will be involved in, you must be a UK national and must hold or be eligible to hold a SC security clearance. Why Capgemini is unique We aim to build an environment where employees can enjoy a positive work-life balance. Through our New Normal campaign, we are looking to embed hybrid working in all that we do and make flexible working arrangements the day-to-day reality for our people. All UK employees are eligible to request flexible working arrangements. We work with a range of clients all with a unique set of business, technological and societal ambitions. Working for Capgemini you get to be at the forefront of designing future experiences, which truly impact our clients and wider society for the better. We realise a Total Reward package should be move than just compensation. At Capgemini we offer range of core and flexible benefits and have a Peer Recognition Portal called Applaud Get the future you want Growing clients' businesses while building a more sustainable, more inclusive future is a tough ask. But when you join Capgemini, you join a thriving company and become part of a diverse collective of free-thinkers, entrepreneurs and industry experts. A powerful source of energy that drives us all to find new ways technology can help us reimagine what's possible. It's why, together, we seek out opportunities that will transform the world's leading businesses. And it's how you'll gain the experiences and connections you need to shape your future. By learning from each other every day, sharing knowledge and always pushing yourself to do better, you'll build the skills you want. And you'll use them to help our clients leverage technology to grow their business and give innovation that human touch the world needs. So, it might not always be easy, but making the world a better place rarely is. Capgemini. Get The Future You Want. About Capgemini Capgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. The Group is guided everyday by its purpose of unleashing human energy through technology for an inclusive and sustainable future. It is a responsible and diverse organization of over 340,000 team members in more than 50 countries. With its strong 55-year heritage and deep industry expertise, Capgemini is trusted by its clients to address the entire breadth of their business needs, from strategy and design to operations, fueled by the fast evolving and innovative world of cloud, data, AI, connectivity, software, digital engineering and platforms. The Group reported in 2021 global revenues of €18 billion. Get the Future You Want
24/09/2022
Full time
Location Client Site in Barrow-in-Furness The job on offer Are you passionate about cybersecurity? Are you an excellent communicator with demonstrable experience of security analysts activities within organisations? Would you relish putting these skills into practice by taking on a role within Capgemini to protect our clients from cyber threats? As the Senior Security Analyst, you will be the lead Security Analyst within the a client account IT Security Operations Team. You will be joining a fantastic team of more than 400 UK based security professionals that deliver world-class security services day in and day out. Your role • Manage escalated Security Incidents from a people and process perspective • Identify and prioritise Security Incidents, Security Tickets and Security Service Requests • Bring incidents to successful conclusions with thorough remediation plans • Prioritising and differentiating between potential intrusion activity and false alarms • Conduct vulnerability analysis and create impact assessments • Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement • Work closely together with technical architects to produce design specifications according to information security policies, while fulfilling business needs Your profile • A good knowledge of Cyber Security and Information Assurance - an ability to demonstrate understanding of governance, compliance and risk from different perspectives i.e. across people, processes and technology • Someone who is an advocate for security good practice, with the ability to influence others • Hold, or be working towards, ISO27001 Lead Auditor • A working knowledge of ISO27001 required, and desirable to have knowledge of ISO33052, ISO33072 and METSec • Current NPPV3/SC clearance or the ability to be cleared to that level • Have been resident in the United Kingdom for at least five (5) years • Experience in the public sector preferred but not required • Due to the security classification of the work you will be involved in, you must be a UK national and must hold or be eligible to hold a SC security clearance. Why Capgemini is unique We aim to build an environment where employees can enjoy a positive work-life balance. Through our New Normal campaign, we are looking to embed hybrid working in all that we do and make flexible working arrangements the day-to-day reality for our people. All UK employees are eligible to request flexible working arrangements. We work with a range of clients all with a unique set of business, technological and societal ambitions. Working for Capgemini you get to be at the forefront of designing future experiences, which truly impact our clients and wider society for the better. We realise a Total Reward package should be move than just compensation. At Capgemini we offer range of core and flexible benefits and have a Peer Recognition Portal called Applaud Get the future you want Growing clients' businesses while building a more sustainable, more inclusive future is a tough ask. But when you join Capgemini, you join a thriving company and become part of a diverse collective of free-thinkers, entrepreneurs and industry experts. A powerful source of energy that drives us all to find new ways technology can help us reimagine what's possible. It's why, together, we seek out opportunities that will transform the world's leading businesses. And it's how you'll gain the experiences and connections you need to shape your future. By learning from each other every day, sharing knowledge and always pushing yourself to do better, you'll build the skills you want. And you'll use them to help our clients leverage technology to grow their business and give innovation that human touch the world needs. So, it might not always be easy, but making the world a better place rarely is. Capgemini. Get The Future You Want. About Capgemini Capgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. The Group is guided everyday by its purpose of unleashing human energy through technology for an inclusive and sustainable future. It is a responsible and diverse organization of over 340,000 team members in more than 50 countries. With its strong 55-year heritage and deep industry expertise, Capgemini is trusted by its clients to address the entire breadth of their business needs, from strategy and design to operations, fueled by the fast evolving and innovative world of cloud, data, AI, connectivity, software, digital engineering and platforms. The Group reported in 2021 global revenues of €18 billion. Get the Future You Want
Our world class team of Vulnerability Researchers and Reverse Engineers tackle some of the most interesting problems with a meaningful and tangible impact on the national security of the UK. We are growing our VR team significantly and are looking for a diverse range of talent from experienced Vulnerability Researchers with a proven track record to those with a keen interest and aptitude looking to develop their skills in this exciting space! We have a community of technical specialists with a friendly and inclusive culture with great opportunities to learn from experts and make use of a carefully curated training plan with some of the best trainers and conferences available. Our focus is on a wide variety devices, platforms and technologies. VR, RE or development experience with mobile (Android, IOS), firmware, Linux, IoT and Windows is useful but most important is a willingness to learn as all of our projects bring new and interesting challenges. What you will be doing for us: Performing Vulnerability Research and Reverse Engineering to handle complex and unique challenges across a myriad of platforms. Learning to use tools like Ghidra, IDA Pro, Unicorn and Frida plus developing bespoke tooling when needed. Working in a vibrant and inclusive team of specialists where success often comes from teamwork and a diverse approach to solving problems. Developing junior members of staff with a keen interest in RE and VR to realise their potential. Ideal candidate background: An interest and aptitude for Vulnerability Research, Reverse Engineering, and Exploit Development (either from a professional background or by demonstrating an aptitude e.g. by playing capture the flag challenges). Low-level knowledge in how languages function across the application stack from assembly through to interpreted languages and everything in between. Understanding of the exploit development lifecycle from identifying bugs up to fully developed proof of concepts. Proficient in at least one programming language (e.g. Python, Java, C#, C++) How you will be supported: Work-life balance is important; you'll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before You can work around core hours with flexible and part-time working Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Systems Applied Intelligence Don't know a particular technology? Your learning and development is key to your future career You'll be part of our bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals.
24/09/2022
Full time
Our world class team of Vulnerability Researchers and Reverse Engineers tackle some of the most interesting problems with a meaningful and tangible impact on the national security of the UK. We are growing our VR team significantly and are looking for a diverse range of talent from experienced Vulnerability Researchers with a proven track record to those with a keen interest and aptitude looking to develop their skills in this exciting space! We have a community of technical specialists with a friendly and inclusive culture with great opportunities to learn from experts and make use of a carefully curated training plan with some of the best trainers and conferences available. Our focus is on a wide variety devices, platforms and technologies. VR, RE or development experience with mobile (Android, IOS), firmware, Linux, IoT and Windows is useful but most important is a willingness to learn as all of our projects bring new and interesting challenges. What you will be doing for us: Performing Vulnerability Research and Reverse Engineering to handle complex and unique challenges across a myriad of platforms. Learning to use tools like Ghidra, IDA Pro, Unicorn and Frida plus developing bespoke tooling when needed. Working in a vibrant and inclusive team of specialists where success often comes from teamwork and a diverse approach to solving problems. Developing junior members of staff with a keen interest in RE and VR to realise their potential. Ideal candidate background: An interest and aptitude for Vulnerability Research, Reverse Engineering, and Exploit Development (either from a professional background or by demonstrating an aptitude e.g. by playing capture the flag challenges). Low-level knowledge in how languages function across the application stack from assembly through to interpreted languages and everything in between. Understanding of the exploit development lifecycle from identifying bugs up to fully developed proof of concepts. Proficient in at least one programming language (e.g. Python, Java, C#, C++) How you will be supported: Work-life balance is important; you'll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before You can work around core hours with flexible and part-time working Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Systems Applied Intelligence Don't know a particular technology? Your learning and development is key to your future career You'll be part of our bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals.
MBDA Missile Systems - Together. For the future of defence. Salary: Up to £62,000 dependent on experience + bonus + benefits Hybrid working pattern: Where possible, we will seek to accommodate a blended approach to on-site and remote working. The opportunity: An opportunity has arisen for a role in the MBDA Security Operations and CERT. Reporting to the UK SOC manager, you will support the Cyber Security Operations team to defend against cyber threats and vulnerabilities by ensuring the Information Management (IM) environment is following the correct processes and remains compliant by proactively managing identified vulnerabilities that could be exploited. You will provide remediation action through compliance to relevant security standards and confirm that remediation is completed in accordance with the identified risk categorisation. You will be joining a diverse and hard-working team of cyber security specialists responsible for the protection, security and safety of MBDA UK networks and IM/IS environments. This is a traversal function that covers all areas of IM and will require Group collaboration. The team are working towards growing our current capabilities and supporting the business as it securely evolves to a "new way of working" in response to the pandemic and establishing international CERTs. The Role Report and track remediation activities affecting all Infrastructure and applications within the IM estate. First line management of vulnerability analysts. Support compliance and due diligence led activities and audits, including regulatory updates. Collaborate with teams and business partners to create both tactical and strategic plans as it relates to vulnerability management. Also providing security advice at a technical level. Champion security best practice within technology and be regarded as the 'go-to' individual for security vulnerability management. Advise technical and non-technical audiences on appropriate prioritisation of patch deployment. Manage vulnerability remediation by suppliers and teams through re-test & closure. Help drive security maturity in vulnerability management and security in general across the business, through positive engagement and teaching. Maintain and further improve the scanning scope and capability of the vulnerability scanning service, through automation and tooling. Manage the remediation plan of vulnerabilities discovered during penetration tests and health checks. Provide vulnerability assessment scan guidance and process oversight. What we're looking for from you: Familiarity with Infrastructure and web application scanning tools (e.g. Qualys, Nessus) and relevant remediation management/risk tools supported in the Security Operations Centre (SOC) Managing vulnerabilities 2+ years (planning and remediation) 2+ years of first line management A demonstrable knowledge of Vulnerability lifecycle management (MITRE) and IT/ OT/ IoT vulnerability remediation plans Experience or knowledge of risk management frameworks (e.g CIS, NIST) Sound understanding of network/infrastructure and web/mobile application weakness and anti-patterns (CWE, OWASP). An in depth understanding of cyber security technologies and applicable security controls A good understanding of information security principles and best-practices Ability to carry out risk assessments Supplier engagement and collaboration What to expect: We offer opportunities for career progression, paid overtime (subject to level), bonus scheme, comprehensive pension package, annual salary review, collaborative working environment and excellent on-site facilities. We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process. We also welcome applicants who are looking for flexible working arrangements. Follow us on LinkedIn (MBDA), Twitter Instagram (lifeatMBDA_UK) and Glassdoor or visit our MBDA Careers website for more information. Please Note: MBDA UK requires all employees to achieve appropriate clearances.
24/09/2022
Full time
MBDA Missile Systems - Together. For the future of defence. Salary: Up to £62,000 dependent on experience + bonus + benefits Hybrid working pattern: Where possible, we will seek to accommodate a blended approach to on-site and remote working. The opportunity: An opportunity has arisen for a role in the MBDA Security Operations and CERT. Reporting to the UK SOC manager, you will support the Cyber Security Operations team to defend against cyber threats and vulnerabilities by ensuring the Information Management (IM) environment is following the correct processes and remains compliant by proactively managing identified vulnerabilities that could be exploited. You will provide remediation action through compliance to relevant security standards and confirm that remediation is completed in accordance with the identified risk categorisation. You will be joining a diverse and hard-working team of cyber security specialists responsible for the protection, security and safety of MBDA UK networks and IM/IS environments. This is a traversal function that covers all areas of IM and will require Group collaboration. The team are working towards growing our current capabilities and supporting the business as it securely evolves to a "new way of working" in response to the pandemic and establishing international CERTs. The Role Report and track remediation activities affecting all Infrastructure and applications within the IM estate. First line management of vulnerability analysts. Support compliance and due diligence led activities and audits, including regulatory updates. Collaborate with teams and business partners to create both tactical and strategic plans as it relates to vulnerability management. Also providing security advice at a technical level. Champion security best practice within technology and be regarded as the 'go-to' individual for security vulnerability management. Advise technical and non-technical audiences on appropriate prioritisation of patch deployment. Manage vulnerability remediation by suppliers and teams through re-test & closure. Help drive security maturity in vulnerability management and security in general across the business, through positive engagement and teaching. Maintain and further improve the scanning scope and capability of the vulnerability scanning service, through automation and tooling. Manage the remediation plan of vulnerabilities discovered during penetration tests and health checks. Provide vulnerability assessment scan guidance and process oversight. What we're looking for from you: Familiarity with Infrastructure and web application scanning tools (e.g. Qualys, Nessus) and relevant remediation management/risk tools supported in the Security Operations Centre (SOC) Managing vulnerabilities 2+ years (planning and remediation) 2+ years of first line management A demonstrable knowledge of Vulnerability lifecycle management (MITRE) and IT/ OT/ IoT vulnerability remediation plans Experience or knowledge of risk management frameworks (e.g CIS, NIST) Sound understanding of network/infrastructure and web/mobile application weakness and anti-patterns (CWE, OWASP). An in depth understanding of cyber security technologies and applicable security controls A good understanding of information security principles and best-practices Ability to carry out risk assessments Supplier engagement and collaboration What to expect: We offer opportunities for career progression, paid overtime (subject to level), bonus scheme, comprehensive pension package, annual salary review, collaborative working environment and excellent on-site facilities. We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process. We also welcome applicants who are looking for flexible working arrangements. Follow us on LinkedIn (MBDA), Twitter Instagram (lifeatMBDA_UK) and Glassdoor or visit our MBDA Careers website for more information. Please Note: MBDA UK requires all employees to achieve appropriate clearances.
Overview: Ensure all your application information is up to date and in order before applying for this opportunity. The Senior Infrastructure Analyst will manage and participate in the delivery and support of IT infrastructure and IT infrastructure security for new and existing systems / solutions. You will ensure RSSB infrastructure is secure and adheres to Cyber Security standards, manage DR processes and business continuity. Where appropriate, you will assist other team members in the provision of 2nd and 3rd line technical IM&T support (Desktop, Software, Infrastructure and Telephony), as well as maintain and deliver a high degree of customer service for all RSSB IM&T support queries and Requests for Change. Responsibilities: Proactively respond to security vulnerabilities identified by monitoring tools, performing remediation tasks Responsible for monitoring and reporting for on-premise and cloud infrastructure systems, for the early identification of issues Act as escalation point for technical issues Responsible for the security, effective management, administration and operation of the RSSB cloud and onsite physical infrastructure environment Management and oversight of the network infrastructure, including network switches, routers, firewalls and virtualised environment. Analyse and make recommendations to improve infrastructure, network, security and reliability of systems Responsible for system and data backups, restores and DR tests Work with the wider IM&T Team, business, internal and external business partners to ensure that security is factored into the evaluation, selection, installation, delivery and configuration process of solutions and systems Plan, manage and communicate infrastructure change with IT Operation Team Leads, Information Security manager and wider IM&T / business departments Mentor and coach colleagues and provide peer to peer advice, as required Qualifications: Computer science, Microsoft, CompTIA or related field qualifications / certifications or relevant demonstrable experience Proactive with a willingness to take ownership and responsibility for work tasks and issues, delivering a high standard of work Proficient in Windows Server v2008/2012/2019+ management to include Active Directory (AD) and Group Policy (GPO) and SQL Server Deploy patches and software applications using InTune / WSUS Knowledge of administering and supporting Azure AD, Azure IaaS/PaaS Management of backup/recovery solutions (g. Veeam, Arcserve) Experience with operating system hardening, vulnerability assessments, security audits, penetration testing, intrusion prevention systems and other security control systems for example PAM, SIEM, IDR etc. Practical experience with endpoint security, content filtering, vulnerability scanning and anti-malware Knowledge of at least one scripting language (e.g., PowerShell) MS InTune device management (mobile and Windows 10 OS) Effective communication, stakeholder' and supplier management skills Ability to work in Teams and individually using own initiative and capable of self-managing workload. Demonstrable knowledge of common vulnerabilities and exploitation techniques would be beneficial Familiarity with Cyber Essentials/Plus or ISO 27001 and ITIL best practice - Incident, Problem and Change management would be beneficial Early applications are encouraged, as we may close this vacancy before the advertised deadline if sufficient numbers of applications are received. We value diversity and equal opportunities in employment and are committed to creating a workplace which is inclusive to everyone. As a member of the Disability Confident Scheme, we encourage candidates with disabilities who meet the minimum criteria, to apply for our jobs. If you have applied under the Disability Confident Scheme, please let us know in advance by emailing If you require any reasonable adjustments with respect to our selection process including information in an alternative format, please contact us at We understand the importance of work-life balance and we offer our staff the flexibility to work within our core hours and the option to vary their location between both the office and home. If you are looking for further flexibility, speak to us at interview stage so that we can consider your request. We value our staff and we offer a competitive benefits package to ensure our staff can achieve their best throughout their journey with us. This includes 30 days annual leave (plus bank holidays); a holiday buy and sell scheme; private medical and dental cover; a season ticket loan and travel subsidy; access to a cycle to work scheme; volunteer leave; a performance related bonus and pension.
24/09/2022
Full time
Overview: Ensure all your application information is up to date and in order before applying for this opportunity. The Senior Infrastructure Analyst will manage and participate in the delivery and support of IT infrastructure and IT infrastructure security for new and existing systems / solutions. You will ensure RSSB infrastructure is secure and adheres to Cyber Security standards, manage DR processes and business continuity. Where appropriate, you will assist other team members in the provision of 2nd and 3rd line technical IM&T support (Desktop, Software, Infrastructure and Telephony), as well as maintain and deliver a high degree of customer service for all RSSB IM&T support queries and Requests for Change. Responsibilities: Proactively respond to security vulnerabilities identified by monitoring tools, performing remediation tasks Responsible for monitoring and reporting for on-premise and cloud infrastructure systems, for the early identification of issues Act as escalation point for technical issues Responsible for the security, effective management, administration and operation of the RSSB cloud and onsite physical infrastructure environment Management and oversight of the network infrastructure, including network switches, routers, firewalls and virtualised environment. Analyse and make recommendations to improve infrastructure, network, security and reliability of systems Responsible for system and data backups, restores and DR tests Work with the wider IM&T Team, business, internal and external business partners to ensure that security is factored into the evaluation, selection, installation, delivery and configuration process of solutions and systems Plan, manage and communicate infrastructure change with IT Operation Team Leads, Information Security manager and wider IM&T / business departments Mentor and coach colleagues and provide peer to peer advice, as required Qualifications: Computer science, Microsoft, CompTIA or related field qualifications / certifications or relevant demonstrable experience Proactive with a willingness to take ownership and responsibility for work tasks and issues, delivering a high standard of work Proficient in Windows Server v2008/2012/2019+ management to include Active Directory (AD) and Group Policy (GPO) and SQL Server Deploy patches and software applications using InTune / WSUS Knowledge of administering and supporting Azure AD, Azure IaaS/PaaS Management of backup/recovery solutions (g. Veeam, Arcserve) Experience with operating system hardening, vulnerability assessments, security audits, penetration testing, intrusion prevention systems and other security control systems for example PAM, SIEM, IDR etc. Practical experience with endpoint security, content filtering, vulnerability scanning and anti-malware Knowledge of at least one scripting language (e.g., PowerShell) MS InTune device management (mobile and Windows 10 OS) Effective communication, stakeholder' and supplier management skills Ability to work in Teams and individually using own initiative and capable of self-managing workload. Demonstrable knowledge of common vulnerabilities and exploitation techniques would be beneficial Familiarity with Cyber Essentials/Plus or ISO 27001 and ITIL best practice - Incident, Problem and Change management would be beneficial Early applications are encouraged, as we may close this vacancy before the advertised deadline if sufficient numbers of applications are received. We value diversity and equal opportunities in employment and are committed to creating a workplace which is inclusive to everyone. As a member of the Disability Confident Scheme, we encourage candidates with disabilities who meet the minimum criteria, to apply for our jobs. If you have applied under the Disability Confident Scheme, please let us know in advance by emailing If you require any reasonable adjustments with respect to our selection process including information in an alternative format, please contact us at We understand the importance of work-life balance and we offer our staff the flexibility to work within our core hours and the option to vary their location between both the office and home. If you are looking for further flexibility, speak to us at interview stage so that we can consider your request. We value our staff and we offer a competitive benefits package to ensure our staff can achieve their best throughout their journey with us. This includes 30 days annual leave (plus bank holidays); a holiday buy and sell scheme; private medical and dental cover; a season ticket loan and travel subsidy; access to a cycle to work scheme; volunteer leave; a performance related bonus and pension.
Facebook's bug bounty program is seeking a skilled and motivated security analyst to help us secure close to 3 billion users You will be responsible for communicating with and validating security vulnerabilities from a community of security researchers around the globe. You will gain insights of Meta's codebase to understand the root cause of each vulnerability, and have the opportunity to play a key role in one of the largest bug bounty programs in the world. Security Analyst, Whitehat Responsibilities: Analyze, assess, and respond to various security vulnerabilities we receive as part of our Whitehat program. Follow up with researchers on unclear reports. Understand the root cause of security vulnerabilities to help the product team fix them. Play an active role in continuing to grow and develop the bug bounty program and other internal security and privacy initiatives. Own expansions to the program, including private programs. Own critical submissions to resolution - liaise a plan with product teams, advise on the right mitigation strategy. Implement bug fixes and feature enhancements to the program's public and internal code base. Minimum Qualifications: Good communication skills. Familiarity with web security issues (e.g. OWASP top 10). Ability to follow bug reports, reproduce and triage them. Preferred Qualifications: Experience writing in scripting languages and willingness to learn new languages. Participation in bug bounty programs (not necessarily Facebook's bug bounty program). 2+ years of experience analyzing source code to find security vulnerabilities. Contributions to the security community (public research, blogging, presentations, etc).
23/09/2022
Full time
Facebook's bug bounty program is seeking a skilled and motivated security analyst to help us secure close to 3 billion users You will be responsible for communicating with and validating security vulnerabilities from a community of security researchers around the globe. You will gain insights of Meta's codebase to understand the root cause of each vulnerability, and have the opportunity to play a key role in one of the largest bug bounty programs in the world. Security Analyst, Whitehat Responsibilities: Analyze, assess, and respond to various security vulnerabilities we receive as part of our Whitehat program. Follow up with researchers on unclear reports. Understand the root cause of security vulnerabilities to help the product team fix them. Play an active role in continuing to grow and develop the bug bounty program and other internal security and privacy initiatives. Own expansions to the program, including private programs. Own critical submissions to resolution - liaise a plan with product teams, advise on the right mitigation strategy. Implement bug fixes and feature enhancements to the program's public and internal code base. Minimum Qualifications: Good communication skills. Familiarity with web security issues (e.g. OWASP top 10). Ability to follow bug reports, reproduce and triage them. Preferred Qualifications: Experience writing in scripting languages and willingness to learn new languages. Participation in bug bounty programs (not necessarily Facebook's bug bounty program). 2+ years of experience analyzing source code to find security vulnerabilities. Contributions to the security community (public research, blogging, presentations, etc).
You'll do more than the expected. You'll do the unexpected. American Express is looking for a Senior Information Security Analyst to be a technical lead in our Cyber Fusion Center. The team provides rapid investigation and response to cyber security incidents which impact American Express globally. The Senior Information Security Analyst will serve as a leader and will be responsible for handling escalated security incidents, performing investigations, and driving operational maturity. If you want to be part of a diverse and inclusive world-class team, this could be the role for you. How will you make an impact in this role?: Provide advanced technical oversight and support to Information Security Analysts conducting cyber incident investigations Maintain awareness of real-world infosec threats and engage in the innovation of new analytic methods for detecting threats Support senior leadership in continuous development of incident response capabilities Coach and mentor Information Security Analysts Participate in rotational weekend coverage Required Skills/Qualifications: Substantial Information Security experience and technical understanding, including: Network, endpoint and OSINT security tools A range of cloud, Mac, Linux and Windows platforms Excellent business and technical risk analysis and prioritisation skills Excellent written and oral communication skills including in high pressure situations Committed to continuous learning and professional development, and passionate about developing others Preferred Additional Experience & Skills: Experience in a Security Operations Center (SOC), Computer Incident Response Team (CSIRT), Computer Security Incident Response Center (CSIRC), or Cyber Fusion Center Security industry certification (CISSP, CEH, OSCP, CCNP Security, GCFE, GCFA, GNFA, GREM) Specialism in one or more security domains (e.g platform hardening, vulnerability management, penetration testing, applied cryptography, network/application traffic control, forensics, or exploits and malware.) Experience in programming and/or scripting languages (python, javascript, php, sql, C/C++, Go) Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations. Why American Express? There's a difference between having a job and making a difference. Amex have been making a difference in people's lives for over 160 years, backing them in moments big and small, granting access, tools, and resources to take on their biggest challenges and reap the greatest rewards. We've also made a difference in the lives of our people, providing a culture of learning and collaboration, and helping them with what they need to succeed and thrive. We have their backs as they grow their skills, conquer new challenges, or even take time to spend with their family or community. And when they're ready to take on a new career path, we're right there with them, giving them the guidance and momentum into the best future they envision. When you join , you become part of a diverse community of over 60,000 colleagues, all with a common goal to deliver an exceptional customer experience every day. We back our colleagues with the support they need to thrive, professionally and personally. That's why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually. Because we believe that the best way to back our customers is to back our people. The powerful backing of American Express. Don't make a difference without it. Don't live life without it. To complete your application please click on the links below. However, if you require any assistance with the completion of this process - or need any reasonable adjustments to be made - then please contact the Recruitment Team on
23/09/2022
Full time
You'll do more than the expected. You'll do the unexpected. American Express is looking for a Senior Information Security Analyst to be a technical lead in our Cyber Fusion Center. The team provides rapid investigation and response to cyber security incidents which impact American Express globally. The Senior Information Security Analyst will serve as a leader and will be responsible for handling escalated security incidents, performing investigations, and driving operational maturity. If you want to be part of a diverse and inclusive world-class team, this could be the role for you. How will you make an impact in this role?: Provide advanced technical oversight and support to Information Security Analysts conducting cyber incident investigations Maintain awareness of real-world infosec threats and engage in the innovation of new analytic methods for detecting threats Support senior leadership in continuous development of incident response capabilities Coach and mentor Information Security Analysts Participate in rotational weekend coverage Required Skills/Qualifications: Substantial Information Security experience and technical understanding, including: Network, endpoint and OSINT security tools A range of cloud, Mac, Linux and Windows platforms Excellent business and technical risk analysis and prioritisation skills Excellent written and oral communication skills including in high pressure situations Committed to continuous learning and professional development, and passionate about developing others Preferred Additional Experience & Skills: Experience in a Security Operations Center (SOC), Computer Incident Response Team (CSIRT), Computer Security Incident Response Center (CSIRC), or Cyber Fusion Center Security industry certification (CISSP, CEH, OSCP, CCNP Security, GCFE, GCFA, GNFA, GREM) Specialism in one or more security domains (e.g platform hardening, vulnerability management, penetration testing, applied cryptography, network/application traffic control, forensics, or exploits and malware.) Experience in programming and/or scripting languages (python, javascript, php, sql, C/C++, Go) Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations. Why American Express? There's a difference between having a job and making a difference. Amex have been making a difference in people's lives for over 160 years, backing them in moments big and small, granting access, tools, and resources to take on their biggest challenges and reap the greatest rewards. We've also made a difference in the lives of our people, providing a culture of learning and collaboration, and helping them with what they need to succeed and thrive. We have their backs as they grow their skills, conquer new challenges, or even take time to spend with their family or community. And when they're ready to take on a new career path, we're right there with them, giving them the guidance and momentum into the best future they envision. When you join , you become part of a diverse community of over 60,000 colleagues, all with a common goal to deliver an exceptional customer experience every day. We back our colleagues with the support they need to thrive, professionally and personally. That's why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually. Because we believe that the best way to back our customers is to back our people. The powerful backing of American Express. Don't make a difference without it. Don't live life without it. To complete your application please click on the links below. However, if you require any assistance with the completion of this process - or need any reasonable adjustments to be made - then please contact the Recruitment Team on
Job Summary An operational cyber researcher is able to plan and perform research into a wide range of systems and technologies with a focus on discovering and exploiting weaknesses in their design or implementation. The role provides technical guidance for customers as well as supporting bids and proposals. An operational cyber researcher has broad skills which generally involve, but are not limited to, the following activities: Exploratory Research. Vulnerability & Technical Research. Experimental Development. Key Responsibilities Researchers undertaking exploratory research are expected to: Rapidly summarise and assess new domains. Provide domain knowledge for technical analysis, experimental development and subsequent engineering. Researchers undertaking vulnerability & technical research are expected to: Know which pen-testing and reverse engineering tools and methodologies are appropriate to a given problem. Have experience of advanced vulnerability assessment techniques such as fuzzing and code injection. Researchers undertaking experimental development are expected to: Develop, assess and prioritize prototype and simulated capabilities. Mandatory Skills and Experience Required A wide range of skills are required for Operational Research. The number one skill is being able to think systematically and take logical steps towards deconstructing a complex system. For lower-level work, an intermediate/advanced understanding of how computers work is important (eg knowing the difference between the heap and the stack, and between compiled and interpreted languages). More required skills for this role include: Skills General: Technical writing Presentation skills Innovative problem solving Team working Technical Analysis: Scripting (e.g. with Python) Rapid development of prototypes or simulations (e.g. with C#) Other Desirable Skills and Experience As well as the above, an Operational Cyber Researcher will need skills and experience in at least one of the areas below. An ideal candidate will cover several areas. Skills Technical Analysis: Network traffic analysis Reverse engineering Vulnerability analysis Exploit development Exploratory Research: OSINT and interacting with SMEs Developing new research skills as appropriate General: Technical Leadership Team management Knowledge Exploratory Research: Network architecture and security Risk assessment Systems engineering Architectural frameworks Technical Analysis: Processor architecture Operating systems and firmware Standard and domain-specific protocols and data formats Experimental Development: Software development life cycle Assured development practices (at a high-level) Technology A wide range of tools exist, and the researcher should be able to determine which are most appropriate for a given task. Types of tools used include: Scripting languages (e.g. Python); Traffic capture and analysis tools (e.g. Wireshark); Disassemblers (e.g. IDA Pro); Debuggers (e.g. gdb); Decompilers (e.g. Hex-Rays Decompiler); Virtualization environments; Integrated development environments; Domain-specific simulation and development tools. Security Clearance is required for this vacancy. If you are not currently Security Cleared, you will need to be eligible for this and willing to go through the process. For more guidance on National Security Vetting please click here. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we re working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Government At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Government contracts are an area we have many decades of experience in. Our Government business unit houses four of our critical client groups: UK National Security, Global National Security, defence and central government. Government and key infrastructure networks are critical targets to defend as the effects of these networks being breached can be devastating. As a member of the Government business unit, you will defend the connected world and ensure the protection of nations. We all have a role to play in defending our clients, and this is yours.
22/09/2022
Full time
Job Summary An operational cyber researcher is able to plan and perform research into a wide range of systems and technologies with a focus on discovering and exploiting weaknesses in their design or implementation. The role provides technical guidance for customers as well as supporting bids and proposals. An operational cyber researcher has broad skills which generally involve, but are not limited to, the following activities: Exploratory Research. Vulnerability & Technical Research. Experimental Development. Key Responsibilities Researchers undertaking exploratory research are expected to: Rapidly summarise and assess new domains. Provide domain knowledge for technical analysis, experimental development and subsequent engineering. Researchers undertaking vulnerability & technical research are expected to: Know which pen-testing and reverse engineering tools and methodologies are appropriate to a given problem. Have experience of advanced vulnerability assessment techniques such as fuzzing and code injection. Researchers undertaking experimental development are expected to: Develop, assess and prioritize prototype and simulated capabilities. Mandatory Skills and Experience Required A wide range of skills are required for Operational Research. The number one skill is being able to think systematically and take logical steps towards deconstructing a complex system. For lower-level work, an intermediate/advanced understanding of how computers work is important (eg knowing the difference between the heap and the stack, and between compiled and interpreted languages). More required skills for this role include: Skills General: Technical writing Presentation skills Innovative problem solving Team working Technical Analysis: Scripting (e.g. with Python) Rapid development of prototypes or simulations (e.g. with C#) Other Desirable Skills and Experience As well as the above, an Operational Cyber Researcher will need skills and experience in at least one of the areas below. An ideal candidate will cover several areas. Skills Technical Analysis: Network traffic analysis Reverse engineering Vulnerability analysis Exploit development Exploratory Research: OSINT and interacting with SMEs Developing new research skills as appropriate General: Technical Leadership Team management Knowledge Exploratory Research: Network architecture and security Risk assessment Systems engineering Architectural frameworks Technical Analysis: Processor architecture Operating systems and firmware Standard and domain-specific protocols and data formats Experimental Development: Software development life cycle Assured development practices (at a high-level) Technology A wide range of tools exist, and the researcher should be able to determine which are most appropriate for a given task. Types of tools used include: Scripting languages (e.g. Python); Traffic capture and analysis tools (e.g. Wireshark); Disassemblers (e.g. IDA Pro); Debuggers (e.g. gdb); Decompilers (e.g. Hex-Rays Decompiler); Virtualization environments; Integrated development environments; Domain-specific simulation and development tools. Security Clearance is required for this vacancy. If you are not currently Security Cleared, you will need to be eligible for this and willing to go through the process. For more guidance on National Security Vetting please click here. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we re working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Government At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Government contracts are an area we have many decades of experience in. Our Government business unit houses four of our critical client groups: UK National Security, Global National Security, defence and central government. Government and key infrastructure networks are critical targets to defend as the effects of these networks being breached can be devastating. As a member of the Government business unit, you will defend the connected world and ensure the protection of nations. We all have a role to play in defending our clients, and this is yours.
and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks. We're looking for people with limitless passion, a relentless focus on innovation and a fanatical commitment to the customer to join us in shaping the future of cybersecurity. Consistently recognized as a top workplace, CrowdStrike is committed to cultivating an inclusive, remote-first culture that offers people the autonomy and flexibility to balance the needs of work and life while taking their career to the next level. Interested in working for a company that sets the standard and leads with integrity? Join us on a mission that matters - one team, one fight. Please read the following job description thoroughly to ensure you are the right fit for this role before applying. About the Role This is an Engineering Manager role in the Spotlight Content global team responsible for developing and delivering the Spotlight vulnerability assessment detections for CrowdStrike. This person would work closely with other internal teams and product management to understand the requirements and needs on Vulnerability Detection capabilities for the product. They will be technically responsible for the capabilities for Spotlight to detect, track, report and prioritize vulnerabilities on assets. This person would also own the team culture and will be responsible for building a strong team of contributors who work well together and raise the bar for a good working environment. This includes working across the organization and time zones for collaboration. Strong communication and organizational skills are essential. The successful candidate should have had experience building and leading a team focused on building detection pipelines for vulnerabilities and other threats. Work experience in the security industry is highly desirable, including a strong understanding of some of the current prevalent products in this space. Responsibilities Manage the Global Spotlight Security Analysts team and coordinate with other teams to assess detection capabilities- including content validation. Lead a team of Security Analysts to Actively investigate the latest in security vulnerabilities, advisories, incidents, and provide insights (sources like, Microsoft, Oracle, etc) Vulnerability data discovery and validation (Data efficacy & Accuracy) Collaborate with multi-functional teams across various physical locations including product management and other engineering disciplines. Lead and manage other projects as assigned Manage a Team of Analyst and Researchers to plan, coordinate and execute Vulnerability Detection Coverage for Spotlight Supported Platforms Participate in Company Thought Leadership efforts and guidance for analysis on prevalent vulnerabilities and Risk Based Vulnerability Management. What you will need Minimum five years of overall experience as an Individual Contributor and at least two years in management of technology products. Ability and desire to being hands on as well as leading the team and collaborating cross functionally Ability to develop, coordinate and execute on an engineering roadmap Ability to communicate and articulate crisply at all levels from executive staff to engineers Ability to communicate, collaborate, and work effectively in a distributed team Familiarity and experience with the Agile process Experience in Cybersecurity Industry Desirable Skills: Understanding of Vulnerabilities, mitigations and remediations Understanding of Vulnerability and Software Detection techniques Experience with Security/Vulnerability detections development and release Experience of Vulnerability Management product development Experience designing and implementing validation workflows for Security Based products Experience working in remote & distributed environments Solid design and problem-solving skills with a demonstrated passion for engineering excellence, pragmatism, quality, security, and performance Experience with Go and/or Python would be a plus Benefits of Working at CrowdStrike: Remote-first culture Market leader in compensation and equity awards Competitive vacation and flexible working arrangements Comprehensive and inclusive health benefits Physical and mental wellness programs Paid parental leave, including adoption A variety of professional development and mentorship opportunities Offices with stocked kitchens when you need to fuel innovation and collaboration We are committed to fostering a culture of belonging where everyone feels seen, heard, valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve. CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law. Remote working/work at home options are available for this role.
21/09/2022
Full time
and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks. We're looking for people with limitless passion, a relentless focus on innovation and a fanatical commitment to the customer to join us in shaping the future of cybersecurity. Consistently recognized as a top workplace, CrowdStrike is committed to cultivating an inclusive, remote-first culture that offers people the autonomy and flexibility to balance the needs of work and life while taking their career to the next level. Interested in working for a company that sets the standard and leads with integrity? Join us on a mission that matters - one team, one fight. Please read the following job description thoroughly to ensure you are the right fit for this role before applying. About the Role This is an Engineering Manager role in the Spotlight Content global team responsible for developing and delivering the Spotlight vulnerability assessment detections for CrowdStrike. This person would work closely with other internal teams and product management to understand the requirements and needs on Vulnerability Detection capabilities for the product. They will be technically responsible for the capabilities for Spotlight to detect, track, report and prioritize vulnerabilities on assets. This person would also own the team culture and will be responsible for building a strong team of contributors who work well together and raise the bar for a good working environment. This includes working across the organization and time zones for collaboration. Strong communication and organizational skills are essential. The successful candidate should have had experience building and leading a team focused on building detection pipelines for vulnerabilities and other threats. Work experience in the security industry is highly desirable, including a strong understanding of some of the current prevalent products in this space. Responsibilities Manage the Global Spotlight Security Analysts team and coordinate with other teams to assess detection capabilities- including content validation. Lead a team of Security Analysts to Actively investigate the latest in security vulnerabilities, advisories, incidents, and provide insights (sources like, Microsoft, Oracle, etc) Vulnerability data discovery and validation (Data efficacy & Accuracy) Collaborate with multi-functional teams across various physical locations including product management and other engineering disciplines. Lead and manage other projects as assigned Manage a Team of Analyst and Researchers to plan, coordinate and execute Vulnerability Detection Coverage for Spotlight Supported Platforms Participate in Company Thought Leadership efforts and guidance for analysis on prevalent vulnerabilities and Risk Based Vulnerability Management. What you will need Minimum five years of overall experience as an Individual Contributor and at least two years in management of technology products. Ability and desire to being hands on as well as leading the team and collaborating cross functionally Ability to develop, coordinate and execute on an engineering roadmap Ability to communicate and articulate crisply at all levels from executive staff to engineers Ability to communicate, collaborate, and work effectively in a distributed team Familiarity and experience with the Agile process Experience in Cybersecurity Industry Desirable Skills: Understanding of Vulnerabilities, mitigations and remediations Understanding of Vulnerability and Software Detection techniques Experience with Security/Vulnerability detections development and release Experience of Vulnerability Management product development Experience designing and implementing validation workflows for Security Based products Experience working in remote & distributed environments Solid design and problem-solving skills with a demonstrated passion for engineering excellence, pragmatism, quality, security, and performance Experience with Go and/or Python would be a plus Benefits of Working at CrowdStrike: Remote-first culture Market leader in compensation and equity awards Competitive vacation and flexible working arrangements Comprehensive and inclusive health benefits Physical and mental wellness programs Paid parental leave, including adoption A variety of professional development and mentorship opportunities Offices with stocked kitchens when you need to fuel innovation and collaboration We are committed to fostering a culture of belonging where everyone feels seen, heard, valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve. CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law. Remote working/work at home options are available for this role.
Cyber Security Analyst Permanent - Salary £35,000 - £40,000 + Excellent Company Benefits Luton - Mon-Fri - 9am-5:30pm | Onsite - (flexible working) Lucid Connect are working in partnership with a leading organisation in the Bedfordshire area. The Cyber Security Analyst are required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve general security tasks, supporting cyber security projects and assisting with regulatory compliance. The role will involve using a diverse security toolset and the successful applicant will build extensive experience in all areas of cyber security. Daily Duties: Endpoint monitoring and analysis Incident readiness and handling as part of the CSIRT team Monitor and administer Security Information and Event Management Malware analysis and forensics research Understanding/differentiation of intrusion attempts and false positives Investigation tracking and threat resolution Vulnerability identification & mitigation/remediation Compose security alert notifications Help develop cyber security process & procedures Advise incident responders & other teams on threat Triage security events and incidents apply containment and mitigation/remediation strategies. Generate reports and document security incidents/events To take a pro-active approach in this job role, through monitoring the performance of systems and making regular routine inspections of installed equipment and taking corrective avoidance actions to prevent wider problems. Act as the point of escalation for the Service desk for security related tickets Analysis of weekly vulnerability scans and add the risks to the risk register Key Requirements: A well organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines to deliver the desired results. Knowledge & experience in Microsoft Windows Operating Systems. Knowledge & experience of Active Directory, Group policies, TCP/IP, DNS, DHCP and Exchange Server. Abilities in multi-tasking, prioritizing work, and handling competing interests Abilities in analysing information technology logs and events sources preferred Working knowledge of data storage systems, data backup and restoration methods. Good Understanding of security tooling, its purpose and functionality (Anti-Malware, IPS, Web and Email Gateways, security analysis tools, web security tools, next generation Firewall/UTMs) A very good team working ethic, communicating with colleagues in a clear and professional manner, whilst maintaining a customer-service based approach. The ability to work alone using own initiative and managing support calls to a high standard Self-motivated to advance own knowledge & gain formal qualifications Desirable IT Qualifications/Certifications such as CompTIA A+, Network+, Security+ IT Helpdesk experience or knowledge Cyber Security Operation Centre experience
21/09/2022
Full time
Cyber Security Analyst Permanent - Salary £35,000 - £40,000 + Excellent Company Benefits Luton - Mon-Fri - 9am-5:30pm | Onsite - (flexible working) Lucid Connect are working in partnership with a leading organisation in the Bedfordshire area. The Cyber Security Analyst are required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve general security tasks, supporting cyber security projects and assisting with regulatory compliance. The role will involve using a diverse security toolset and the successful applicant will build extensive experience in all areas of cyber security. Daily Duties: Endpoint monitoring and analysis Incident readiness and handling as part of the CSIRT team Monitor and administer Security Information and Event Management Malware analysis and forensics research Understanding/differentiation of intrusion attempts and false positives Investigation tracking and threat resolution Vulnerability identification & mitigation/remediation Compose security alert notifications Help develop cyber security process & procedures Advise incident responders & other teams on threat Triage security events and incidents apply containment and mitigation/remediation strategies. Generate reports and document security incidents/events To take a pro-active approach in this job role, through monitoring the performance of systems and making regular routine inspections of installed equipment and taking corrective avoidance actions to prevent wider problems. Act as the point of escalation for the Service desk for security related tickets Analysis of weekly vulnerability scans and add the risks to the risk register Key Requirements: A well organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines to deliver the desired results. Knowledge & experience in Microsoft Windows Operating Systems. Knowledge & experience of Active Directory, Group policies, TCP/IP, DNS, DHCP and Exchange Server. Abilities in multi-tasking, prioritizing work, and handling competing interests Abilities in analysing information technology logs and events sources preferred Working knowledge of data storage systems, data backup and restoration methods. Good Understanding of security tooling, its purpose and functionality (Anti-Malware, IPS, Web and Email Gateways, security analysis tools, web security tools, next generation Firewall/UTMs) A very good team working ethic, communicating with colleagues in a clear and professional manner, whilst maintaining a customer-service based approach. The ability to work alone using own initiative and managing support calls to a high standard Self-motivated to advance own knowledge & gain formal qualifications Desirable IT Qualifications/Certifications such as CompTIA A+, Network+, Security+ IT Helpdesk experience or knowledge Cyber Security Operation Centre experience
Jobs - Frequently Asked Questions
Use the location filter to find IT jobs in cities like London, Manchester, Birmingham, and across the UK.
Entry-level roles include IT support technician, junior developer, QA tester, and helpdesk analyst.
New jobs are posted daily. Set up alerts to be notified as soon as new roles match your preferences.
Key skills include problem-solving, coding, cloud computing, networking, and familiarity with tools like AWS or SQL.
Yes, many employers offer training or junior roles. Focus on building a strong CV with relevant coursework or personal projects.
