Information Security Analyst Up to £53,000 per annum plus benefits This is remote based role but ideally looking for someone close to West Midlands or West Yorkshire as these are the two UK offices PLEASE NOTE Due to the volume we will receive on this role please do not call to follow up on your application. You will receive confirmation your CV has been received and we will be in touch within 7 days if you are shortlisted. This superb international FinTech corporate with UK offices in the West Midlands and West Yorkshire are seeking an Information Security Analyst to join their skilled Security Team, responsible for protecting the organisations IT systems and Data. This is a permanent role with a base salary up to £53,000 per annum plus benefits. The role can be home based but you will need to live within a commutable distance of their offices in either Solihull or Halifax. This role involves monitoring, analysing, and reporting on the performance of the security controls and security tooling that have been implemented in the Organisation. By utilising the security tools the business has implemented, the Information Security Analyst will be responsible for ensuring that these tools are being utilised correctly, providing the necessary management information (MI) and using this MI to produce regular reports to senior management. The Information Security Analyst will also provide support to the necessary business functions in responding to security incidents, implementing security measures, and ensuring compliance with security policies and regulations. Key Responsibilities will include: Configure and manage security tolls and technologies to monitor and defend against cyber threats Generate reports on security vulnerabilities and compliance status for management Collaborate with IT Teams to integrate security controls into infrastructure and applications Monitor security alerts and incidents, investigate security breaches, and implement incident response procedures Analyse security incidents to identify root causes and recommend corrective actions Provide security guidance and support to IT teams and business units Stay up to date on emerging security threats, vulnerabilities, and technologies Conduct security assessments and audits to identify vulnerabilities and weaknesses in systems and networks Skills and experience required: You must have previous experience working within a Cyber Security or Information Security role A sound understanding the cyber security landscape Understanding of regulatory compliance requirements such as GDPR, ISO27001, or PCI DSS (Payment Card Industry Data Security Standard) Experience with security tools such as SIEM (Security Information and Event Management), IDS/IPS (Intrusion Detection/Prevention System), and malware protection Developing security reporting packs for differing targeted audiences Knowledge of risk assessment tools, technologies and methods Ability to communicate security issues to peers and management Strong knowledge of networking protocols, operating systems, and security technologies Excellent analytical and problem-solving skills Strong communication and teamwork skills Ability to work independently and prioritize tasks in a fast-paced environment Experience with cloud security principles and technologies (eg, AWS, Azure)
Apr 18, 2024
Full time
Information Security Analyst Up to £53,000 per annum plus benefits This is remote based role but ideally looking for someone close to West Midlands or West Yorkshire as these are the two UK offices PLEASE NOTE Due to the volume we will receive on this role please do not call to follow up on your application. You will receive confirmation your CV has been received and we will be in touch within 7 days if you are shortlisted. This superb international FinTech corporate with UK offices in the West Midlands and West Yorkshire are seeking an Information Security Analyst to join their skilled Security Team, responsible for protecting the organisations IT systems and Data. This is a permanent role with a base salary up to £53,000 per annum plus benefits. The role can be home based but you will need to live within a commutable distance of their offices in either Solihull or Halifax. This role involves monitoring, analysing, and reporting on the performance of the security controls and security tooling that have been implemented in the Organisation. By utilising the security tools the business has implemented, the Information Security Analyst will be responsible for ensuring that these tools are being utilised correctly, providing the necessary management information (MI) and using this MI to produce regular reports to senior management. The Information Security Analyst will also provide support to the necessary business functions in responding to security incidents, implementing security measures, and ensuring compliance with security policies and regulations. Key Responsibilities will include: Configure and manage security tolls and technologies to monitor and defend against cyber threats Generate reports on security vulnerabilities and compliance status for management Collaborate with IT Teams to integrate security controls into infrastructure and applications Monitor security alerts and incidents, investigate security breaches, and implement incident response procedures Analyse security incidents to identify root causes and recommend corrective actions Provide security guidance and support to IT teams and business units Stay up to date on emerging security threats, vulnerabilities, and technologies Conduct security assessments and audits to identify vulnerabilities and weaknesses in systems and networks Skills and experience required: You must have previous experience working within a Cyber Security or Information Security role A sound understanding the cyber security landscape Understanding of regulatory compliance requirements such as GDPR, ISO27001, or PCI DSS (Payment Card Industry Data Security Standard) Experience with security tools such as SIEM (Security Information and Event Management), IDS/IPS (Intrusion Detection/Prevention System), and malware protection Developing security reporting packs for differing targeted audiences Knowledge of risk assessment tools, technologies and methods Ability to communicate security issues to peers and management Strong knowledge of networking protocols, operating systems, and security technologies Excellent analytical and problem-solving skills Strong communication and teamwork skills Ability to work independently and prioritize tasks in a fast-paced environment Experience with cloud security principles and technologies (eg, AWS, Azure)
International Logistics Group
East Grinstead, Sussex
IT Security & Infrastructure Manager Location: East Grinstead - Flexible Hours: 40 hours per week, working 9am 6pm Monday Friday Salary: £60,000 - £75,000 per annum, depending on experience About us We re an award-winning, market-leading 3PL specialising in high-quality order fulfilment and delivery services. ILG customers are premium brands, many in the beauty, fashion and wellbeing sectors. Our mission is to help them succeed. ILG is a people business - we invest in training and development, recognising and rewarding our people s achievements and creating opportunities for them to progress within our business. So, if you want to develop an exciting career, learn from a friendly team and realise your full potential in a fast-growing company, this is the role for you. The role You will be reporting to the IT Director and will be responsible for driving a culture of IT Security best practice within ILG as a subject matter expert, ensuring our systems, processes and controls meet agreed standards. You will also have responsibility to ensure ILG s core IT infrastructure and network is suitably managed, scaled and secured, to meet the requirements of the business. What we are looking for - Previous practical experience working as an IT Manager, IT Security Analyst, Infrastructure/Network engineer, Systems Analyst, or equivalent role. - Familiar with common cyber security attack methods (e.g. Denial of service, phishing, ransomware, and hacking), and knowledge of how to mitigate risk. - Bachelor s degree in computer science, cyber security, or similar field (desirable). - Relevant professional qualifications, e.g. SSCP, CISSP, CISM (desirable). - Knowledge of IT Compliance standard, ISO27001, Cyber Essentials or similar. - Microsoft Azure certified (Azure Administrator Associate / Azure Solutions Architect / Azure Security Engineer) or related qualifications (desirable). - Technical implementation and/or management experience with Azure infrastructure services, Azure Defender and Microsoft Entra ID. - Good practical knowledge of data classification, data confidentiality and applicable laws including GDPR. - IT and Network infrastructure design experience, e.g new site implementations and expansions. - Previous experience writing IT and/or InfoSec policies and procedures. - People management and leadership experience. - Proven ability to work in a high pressure, deadline driven environment. - Excellent communication skills. - Excellent analytical, organizational, and decision-making skills. - ITIL Foundation qualified (desirable). - Budget management skills (desirable). - IT Project management skills. - The role requires you to be able to travel to ILG sites as needed in support of business needs, therefore a driving licence and car is essential. Benefits - Flexible working location, this role can either be office based, hybrid or home based, there will be travel to ILG sites when required - Discretionary company bonus scheme - Pension, Life Assurance, Healthshield Cash Plan and Discount Perks - 22 days holiday (plus Bank Holidays), with the option to buy/sell holiday - Birthday leave - Dedicated rest areas with free tea and coffee plus monthly fruit baskets - Free electric car charging points, at certain sites - Dedicated platform for learning and development - Staff member of the month rewards - Monthly company social events and an annual awards ceremony - Employee assistance programme to promote mental health wellbeing - Cycle to work scheme Please be aware we will be considering applications as we receive them and arranging interviews accordingly. Depending on the volume of applications we receive, we may close this advert ahead of the advertised closing date. For more information about our company or employee benefits, please visit our website. So, if you d like to join us as an IT Security & Infrastructure Manager, please apply via the button shown. This vacancy is being advertised by Webrecruit. The services advertised by Webrecruit are those of an Employment Agency.
Apr 18, 2024
Full time
IT Security & Infrastructure Manager Location: East Grinstead - Flexible Hours: 40 hours per week, working 9am 6pm Monday Friday Salary: £60,000 - £75,000 per annum, depending on experience About us We re an award-winning, market-leading 3PL specialising in high-quality order fulfilment and delivery services. ILG customers are premium brands, many in the beauty, fashion and wellbeing sectors. Our mission is to help them succeed. ILG is a people business - we invest in training and development, recognising and rewarding our people s achievements and creating opportunities for them to progress within our business. So, if you want to develop an exciting career, learn from a friendly team and realise your full potential in a fast-growing company, this is the role for you. The role You will be reporting to the IT Director and will be responsible for driving a culture of IT Security best practice within ILG as a subject matter expert, ensuring our systems, processes and controls meet agreed standards. You will also have responsibility to ensure ILG s core IT infrastructure and network is suitably managed, scaled and secured, to meet the requirements of the business. What we are looking for - Previous practical experience working as an IT Manager, IT Security Analyst, Infrastructure/Network engineer, Systems Analyst, or equivalent role. - Familiar with common cyber security attack methods (e.g. Denial of service, phishing, ransomware, and hacking), and knowledge of how to mitigate risk. - Bachelor s degree in computer science, cyber security, or similar field (desirable). - Relevant professional qualifications, e.g. SSCP, CISSP, CISM (desirable). - Knowledge of IT Compliance standard, ISO27001, Cyber Essentials or similar. - Microsoft Azure certified (Azure Administrator Associate / Azure Solutions Architect / Azure Security Engineer) or related qualifications (desirable). - Technical implementation and/or management experience with Azure infrastructure services, Azure Defender and Microsoft Entra ID. - Good practical knowledge of data classification, data confidentiality and applicable laws including GDPR. - IT and Network infrastructure design experience, e.g new site implementations and expansions. - Previous experience writing IT and/or InfoSec policies and procedures. - People management and leadership experience. - Proven ability to work in a high pressure, deadline driven environment. - Excellent communication skills. - Excellent analytical, organizational, and decision-making skills. - ITIL Foundation qualified (desirable). - Budget management skills (desirable). - IT Project management skills. - The role requires you to be able to travel to ILG sites as needed in support of business needs, therefore a driving licence and car is essential. Benefits - Flexible working location, this role can either be office based, hybrid or home based, there will be travel to ILG sites when required - Discretionary company bonus scheme - Pension, Life Assurance, Healthshield Cash Plan and Discount Perks - 22 days holiday (plus Bank Holidays), with the option to buy/sell holiday - Birthday leave - Dedicated rest areas with free tea and coffee plus monthly fruit baskets - Free electric car charging points, at certain sites - Dedicated platform for learning and development - Staff member of the month rewards - Monthly company social events and an annual awards ceremony - Employee assistance programme to promote mental health wellbeing - Cycle to work scheme Please be aware we will be considering applications as we receive them and arranging interviews accordingly. Depending on the volume of applications we receive, we may close this advert ahead of the advertised closing date. For more information about our company or employee benefits, please visit our website. So, if you d like to join us as an IT Security & Infrastructure Manager, please apply via the button shown. This vacancy is being advertised by Webrecruit. The services advertised by Webrecruit are those of an Employment Agency.
CSOC Analyst About Us: We are the tech company with people at heart. At Advania, we believe in empowering people to create sustainable value through the clever use of technology. As one of Microsoft's leading partners in the UK, specialising in Azure, Security, Dynamics 365, and Microsoft 365, we have a proven track record of success in delivering transformational IT services. Position Overview: The CSOC Analyst role is part of the Cyber Security Operations Centre (CSOC) and sits within the Security & Networks area of Advania. The candidate will be an active player within the Cyber Security Operations Centre (CSOC) using a variety of SIEM and security toolsets to meet the requirements of the business and its customers. This is a hands-on role and requires a broad technical knowledge, skills and abilities. Although the focus is on Cyber Security, knowledge and/or experience of modern IT systems and infrastructure is advantageous to assist with the development and continuous improvement of the security platforms within Advania and its customer's environments. Responsibilities: Work within a multi-disciplined CSOC team identifying, owning, progressing and resolving security incidents. Perform the prompt and effective triage and investigation of security events and incidents applying sound problem solving methods to determine scope, urgency, and potential impact. Provide technical support for the identification and response to events or incidents of a suspicious or malicious nature, and apparent security breaches. Work with internal and external stakeholders to resolve computer security incidents and vulnerability compliance. Drive customer satisfaction and continuously seek to improve operational performance. Maintain a continuous understanding of the threat landscape with in-depth knowledge around threat actors, TTPs and vulnerabilities Qualifications & Experience: Essential: Demonstrable experience working with SIEM technology, preferably within a CSOC / SOC environment Demonstrable technical knowledge, skills and/or experience in intrusion analysis, and network and security investigation using a variety of security tools (EDR, DLP, AV, Snort, Wireshark, TCPdump etc.). Working knowledge and experience of core security and infrastructure technologies (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS) Strong knowledge of understanding of multiple operating systems. Desired but not essential: One or more Microsoft security focused accreditations, SC-200 or AZ-500 Having achieved a BSc or MSc in Cyber Security incorporating Ethical Hacking, Digital Forensics or Information Security One or more of the following industry certifications: CEH, GCIA, GCIH, GSEC, Security+, GCTI Experience in secured cloud architectures (Azure, AWS) and engineering solutions An awareness of cyber security related standards and regulations, for example, NIST, CIS, ISO 27001 and PCI DSS Shift Pattern This role has a shift pattern on a 4 day on / 4 day off rota. Early shift - 06:00 - 17:00 Late shift - 10:00 - 21:00 Night - 20:00 - 07:00 / 21:00 - 08:00 Click here for the list of benefits. This role requires eligibility to obtain security clearance (SC) , which requires UK citizenship and at least 5 years residency in the UK. If you have any questions on this requirement please ask the recruitment team during the process. This is a remote-first hybrid role. See here for details about our hybrid workstyle, although please note that night shifts can be worked from home. Our Selection Process: We are committed to ensuring an equitable experience for all candidates, regardless of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, gender identity, or any other basis as protected by applicable law. Please do let us know if you'll need any reasonable adjustments as part of the selection process by highlighting these on your application form.
Apr 18, 2024
Full time
CSOC Analyst About Us: We are the tech company with people at heart. At Advania, we believe in empowering people to create sustainable value through the clever use of technology. As one of Microsoft's leading partners in the UK, specialising in Azure, Security, Dynamics 365, and Microsoft 365, we have a proven track record of success in delivering transformational IT services. Position Overview: The CSOC Analyst role is part of the Cyber Security Operations Centre (CSOC) and sits within the Security & Networks area of Advania. The candidate will be an active player within the Cyber Security Operations Centre (CSOC) using a variety of SIEM and security toolsets to meet the requirements of the business and its customers. This is a hands-on role and requires a broad technical knowledge, skills and abilities. Although the focus is on Cyber Security, knowledge and/or experience of modern IT systems and infrastructure is advantageous to assist with the development and continuous improvement of the security platforms within Advania and its customer's environments. Responsibilities: Work within a multi-disciplined CSOC team identifying, owning, progressing and resolving security incidents. Perform the prompt and effective triage and investigation of security events and incidents applying sound problem solving methods to determine scope, urgency, and potential impact. Provide technical support for the identification and response to events or incidents of a suspicious or malicious nature, and apparent security breaches. Work with internal and external stakeholders to resolve computer security incidents and vulnerability compliance. Drive customer satisfaction and continuously seek to improve operational performance. Maintain a continuous understanding of the threat landscape with in-depth knowledge around threat actors, TTPs and vulnerabilities Qualifications & Experience: Essential: Demonstrable experience working with SIEM technology, preferably within a CSOC / SOC environment Demonstrable technical knowledge, skills and/or experience in intrusion analysis, and network and security investigation using a variety of security tools (EDR, DLP, AV, Snort, Wireshark, TCPdump etc.). Working knowledge and experience of core security and infrastructure technologies (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS) Strong knowledge of understanding of multiple operating systems. Desired but not essential: One or more Microsoft security focused accreditations, SC-200 or AZ-500 Having achieved a BSc or MSc in Cyber Security incorporating Ethical Hacking, Digital Forensics or Information Security One or more of the following industry certifications: CEH, GCIA, GCIH, GSEC, Security+, GCTI Experience in secured cloud architectures (Azure, AWS) and engineering solutions An awareness of cyber security related standards and regulations, for example, NIST, CIS, ISO 27001 and PCI DSS Shift Pattern This role has a shift pattern on a 4 day on / 4 day off rota. Early shift - 06:00 - 17:00 Late shift - 10:00 - 21:00 Night - 20:00 - 07:00 / 21:00 - 08:00 Click here for the list of benefits. This role requires eligibility to obtain security clearance (SC) , which requires UK citizenship and at least 5 years residency in the UK. If you have any questions on this requirement please ask the recruitment team during the process. This is a remote-first hybrid role. See here for details about our hybrid workstyle, although please note that night shifts can be worked from home. Our Selection Process: We are committed to ensuring an equitable experience for all candidates, regardless of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, gender identity, or any other basis as protected by applicable law. Please do let us know if you'll need any reasonable adjustments as part of the selection process by highlighting these on your application form.
IT Technical Services Manager Sheffield Our Sheffield client seeks a skilled IT Technical Services Manager to lead a UK-based team supporting a global multi-site environment. You will oversee service desk analysts and infrastructure engineers, ensuring high-quality technical services. A deep understanding of ITIL, SLA management, vital networking, and Microsoft hybrid solutions is required. You will have a strong technical background in infrastructure services, proficient in networking, cloud computing, and managing ITIL service teams. Responsibilities: Define technical strategy aligned with the global IT vision. Manage ITIL-based service function for a global user base. Implement ITIL processes and manage SLAs and KPIs. Lead and mentored a team and provided technical guidance. Skills / Experience: Expertise in server administration, virtualization, and cloud technologies. Proficiency in complex networking, Cisco, and Fortinet deployments. In-depth knowledge of Microsoft 365, including Intune and Autopilot. Experience in end-user computing support and cybersecurity best practices. Proven leadership skills and effective team management. Monitor system performance, optimize, and ensure SLA adherence. Respond to escalated issues promptly and implement service improvements. Stay updated with emerging technologies. Cisco CCNP or CCNA certification. Fortinet Certified. Microsoft Azure certifications. ITIL 4 certification, 2+ years managing ITIL-based service functions. Familiarity with ISO 27001 and Cyber Essentials standards. Excellent leadership and communication skills. Benefits: Hybrid working Flexible working 25 days + Birthday off Life Assurance Learning and development opportunities Interested? Please Click Apply Now! IT Technical Services Manager Sheffield
Apr 18, 2024
Full time
IT Technical Services Manager Sheffield Our Sheffield client seeks a skilled IT Technical Services Manager to lead a UK-based team supporting a global multi-site environment. You will oversee service desk analysts and infrastructure engineers, ensuring high-quality technical services. A deep understanding of ITIL, SLA management, vital networking, and Microsoft hybrid solutions is required. You will have a strong technical background in infrastructure services, proficient in networking, cloud computing, and managing ITIL service teams. Responsibilities: Define technical strategy aligned with the global IT vision. Manage ITIL-based service function for a global user base. Implement ITIL processes and manage SLAs and KPIs. Lead and mentored a team and provided technical guidance. Skills / Experience: Expertise in server administration, virtualization, and cloud technologies. Proficiency in complex networking, Cisco, and Fortinet deployments. In-depth knowledge of Microsoft 365, including Intune and Autopilot. Experience in end-user computing support and cybersecurity best practices. Proven leadership skills and effective team management. Monitor system performance, optimize, and ensure SLA adherence. Respond to escalated issues promptly and implement service improvements. Stay updated with emerging technologies. Cisco CCNP or CCNA certification. Fortinet Certified. Microsoft Azure certifications. ITIL 4 certification, 2+ years managing ITIL-based service functions. Familiarity with ISO 27001 and Cyber Essentials standards. Excellent leadership and communication skills. Benefits: Hybrid working Flexible working 25 days + Birthday off Life Assurance Learning and development opportunities Interested? Please Click Apply Now! IT Technical Services Manager Sheffield
Senior Threat Intelligence Analyst About Us: We are the tech company with people at heart. At Advania, we believe in empowering people to create sustainable value through the clever use of technology. As one of Microsoft's leading partners in the UK, specialising in Azure, Security, Dynamics 365, and Microsoft 365, we have a proven track record of success in delivering transformational IT services. Position Overview: As a Senior Cyber Threat Intelligence Analyst, you will be responsible for the day-today delivery of Cyber Threat Intelligence to clients spanning multiple industries, as well as leadership and coaching of junior analysts, and ongoing development of our service. This is a hands-on role and requires both a broad technical knowledge of Cyber Security, as well as specific focused knowledge of CTI tools and processes. Knowledge and/or experience of modern IT Systems, particularly Microsoft solutions and network infrastructure is advantageous. Responsibilities: Proactively research and analyse emerging cyber threats, malware variants, and attacker Tactics, Techniques, and Procedures (TTPs) from various open and closed sources, including threat intelligence feeds, dark web monitoring, and open-source reporting. Develop and maintain comprehensive threat intelligence reports and briefings tailored for technical and non-technical audiences, translating complex information into actionable insights for informed decision-making. Lead or participate in incident response activities, including investigation, analysis of evidence, and collaboration with other teams like IT operations and forensics. Conduct advanced threat hunting to proactively identify hidden threats within the organisation's network, utilising advanced tools and techniques. Participate in vulnerability management activities, collaborating with the vulnerability management team to prioritise and remediate critical vulnerabilities identified through intelligence gathering and risk assessments. Contribute to the development and implementation of comprehensive security policies and procedures to strengthen the organisation's overall cyber defence posture. Stay up to date with the latest cyber security trends and developments through continuous learning and participation in industry conferences and training programs. Mentor and support junior cyber security analysts within the team. Analyse large volumes of complex data from security tools, logs, and incident reports to identify potential threats and assess their risk level. Professional Experience: Demonstrable understanding of the Cybersecurity Ecosystem and Infrastructure Technologies (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS). Experience in secured cloud architectures (Azure, AWS, or similar) and engineering solutions. An understanding of operating systems and their programming interfaces such as UNIX Shell and PowerShell. Experience with scripting languages (Python, Bash) and familiarity with APIs beneficial. An awareness of cyber security related standards and regulations, for example, NIST, CIS, ISO 27001 and PCI DSS. Experience leading teams and providing deputy support to Management. Experience designing a service, reviewing effectiveness of services, procurement, or business project work. Qualifications: One or more of the following industry certifications: SANS301/SANS401/FOR578, Crest CRTIA/CCTIM, Security+, or similar. Ideally a BSc or MSc in Cyber Security, preferably including modules on Ethical Hacking, Digital Forensics, Information Security or Threat Intelligence Please note you need to be eligible to undergo the Security Clearance process for this position. This means you will need to be a British national with 5 years residency in the UK. Click here for the list of benefits. Our Selection Process: We are committed to ensuring an equitable experience for all candidates, regardless of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, gender identity, or any other basis as protected by applicable law. Please do let us know if you'll need any reasonable adjustments as part of the selection process by highlighting these on your application form.
Apr 18, 2024
Full time
Senior Threat Intelligence Analyst About Us: We are the tech company with people at heart. At Advania, we believe in empowering people to create sustainable value through the clever use of technology. As one of Microsoft's leading partners in the UK, specialising in Azure, Security, Dynamics 365, and Microsoft 365, we have a proven track record of success in delivering transformational IT services. Position Overview: As a Senior Cyber Threat Intelligence Analyst, you will be responsible for the day-today delivery of Cyber Threat Intelligence to clients spanning multiple industries, as well as leadership and coaching of junior analysts, and ongoing development of our service. This is a hands-on role and requires both a broad technical knowledge of Cyber Security, as well as specific focused knowledge of CTI tools and processes. Knowledge and/or experience of modern IT Systems, particularly Microsoft solutions and network infrastructure is advantageous. Responsibilities: Proactively research and analyse emerging cyber threats, malware variants, and attacker Tactics, Techniques, and Procedures (TTPs) from various open and closed sources, including threat intelligence feeds, dark web monitoring, and open-source reporting. Develop and maintain comprehensive threat intelligence reports and briefings tailored for technical and non-technical audiences, translating complex information into actionable insights for informed decision-making. Lead or participate in incident response activities, including investigation, analysis of evidence, and collaboration with other teams like IT operations and forensics. Conduct advanced threat hunting to proactively identify hidden threats within the organisation's network, utilising advanced tools and techniques. Participate in vulnerability management activities, collaborating with the vulnerability management team to prioritise and remediate critical vulnerabilities identified through intelligence gathering and risk assessments. Contribute to the development and implementation of comprehensive security policies and procedures to strengthen the organisation's overall cyber defence posture. Stay up to date with the latest cyber security trends and developments through continuous learning and participation in industry conferences and training programs. Mentor and support junior cyber security analysts within the team. Analyse large volumes of complex data from security tools, logs, and incident reports to identify potential threats and assess their risk level. Professional Experience: Demonstrable understanding of the Cybersecurity Ecosystem and Infrastructure Technologies (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS). Experience in secured cloud architectures (Azure, AWS, or similar) and engineering solutions. An understanding of operating systems and their programming interfaces such as UNIX Shell and PowerShell. Experience with scripting languages (Python, Bash) and familiarity with APIs beneficial. An awareness of cyber security related standards and regulations, for example, NIST, CIS, ISO 27001 and PCI DSS. Experience leading teams and providing deputy support to Management. Experience designing a service, reviewing effectiveness of services, procurement, or business project work. Qualifications: One or more of the following industry certifications: SANS301/SANS401/FOR578, Crest CRTIA/CCTIM, Security+, or similar. Ideally a BSc or MSc in Cyber Security, preferably including modules on Ethical Hacking, Digital Forensics, Information Security or Threat Intelligence Please note you need to be eligible to undergo the Security Clearance process for this position. This means you will need to be a British national with 5 years residency in the UK. Click here for the list of benefits. Our Selection Process: We are committed to ensuring an equitable experience for all candidates, regardless of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, gender identity, or any other basis as protected by applicable law. Please do let us know if you'll need any reasonable adjustments as part of the selection process by highlighting these on your application form.
Technology Security Analyst £50,000 - £60,000 Hybrid - 2 days per week in either Glasgow/Edinburgh/Horley/Portsmouth office depending on location We are looking for a brilliant SecOps Analyst to join a market leading organisation within the energy sector embarking on a transformation of their IT Security Team. This well-established company owns and manages critical national infrastructure and is engaging in a forward funded futureproofing program with enormous potential for growth. Information Security is an integral part of their business operation, so this role is critical to the business. Within this role, you will be responsible for ensuring the IT and OT networks are secure, managed and maintained in line with policies and legal and regulatory requirements. You will act as the Security subject matter expert in your respective area and act as the primary contact when assisting with Security Incident remediation. You will possess strong technical and security knowledge, and will provide technical/non technical security support to the wider Security team and organisation. We are looking for an individual that has: Expertise in Cloud (IaaS, PaaS, SaaS) in particular AWS, MS Sentinel and Defender Good understanding of Security Operations and related security tools such as Firewalls, VPN Gateway, SIEM, SOAR, EDR, MDR, UEBA, DLP Good understanding and practical experience of Cyber Security Frameworks and standards such as NCSC security principles, NIST Framework, ISO 27001, ISO27005, IEC62443 etc. Experience and knowledge of Industrial Control Systems is advantageous, but you will be provided with the opportunity to learn new technical skills. In turn, we can offer you: A permanent role which has huge career progression and training in Information Security Salary sacrifice pension scheme 25 days holiday + Bank Holidays This is a huge opportunity to be a part of an extraordinary transition taking place as the organisation decarbonises their networks. If this sounds of interest, please apply.
Apr 18, 2024
Full time
Technology Security Analyst £50,000 - £60,000 Hybrid - 2 days per week in either Glasgow/Edinburgh/Horley/Portsmouth office depending on location We are looking for a brilliant SecOps Analyst to join a market leading organisation within the energy sector embarking on a transformation of their IT Security Team. This well-established company owns and manages critical national infrastructure and is engaging in a forward funded futureproofing program with enormous potential for growth. Information Security is an integral part of their business operation, so this role is critical to the business. Within this role, you will be responsible for ensuring the IT and OT networks are secure, managed and maintained in line with policies and legal and regulatory requirements. You will act as the Security subject matter expert in your respective area and act as the primary contact when assisting with Security Incident remediation. You will possess strong technical and security knowledge, and will provide technical/non technical security support to the wider Security team and organisation. We are looking for an individual that has: Expertise in Cloud (IaaS, PaaS, SaaS) in particular AWS, MS Sentinel and Defender Good understanding of Security Operations and related security tools such as Firewalls, VPN Gateway, SIEM, SOAR, EDR, MDR, UEBA, DLP Good understanding and practical experience of Cyber Security Frameworks and standards such as NCSC security principles, NIST Framework, ISO 27001, ISO27005, IEC62443 etc. Experience and knowledge of Industrial Control Systems is advantageous, but you will be provided with the opportunity to learn new technical skills. In turn, we can offer you: A permanent role which has huge career progression and training in Information Security Salary sacrifice pension scheme 25 days holiday + Bank Holidays This is a huge opportunity to be a part of an extraordinary transition taking place as the organisation decarbonises their networks. If this sounds of interest, please apply.
Governance, Risk and Compliance (GRC) Analyst - ISO27001 - SOX - Audit Kingston-Upon-Thames, Surrey (3 days per week in the office) My client, a successful UK based company are looking for a GRC Analyst to join them on a permanent basis. Working in a small Information Security team this responsible role involves supporting the operation, maintenance and maturity of the Information Security program. Duties and responsibilities will include: Ensuring the protection of information assets and technologies Contribution to completion of security related audits such as ISO27001, ISO27017, NIST-CSF, IASME Governance, SOX Conduct and document internal audits Manage Third Party Risk Management (TPRM) including vendor security programme reviews, Contribution to Subject Access Request and eDiscovery processes You will need: Extensive Information Security Governance, Risk and Compliance (GRC) experience as well as InfoSec Operations experience Experience contributing to an Information Security Management System (ISMS) certified to ISO27001 standards Good knowledge of the Cyber Essentials Plus Scheme as well as UK & EU General Data Protection Regulation (GDPR) and the Data Protection Act (2018) The ability to work autonomously and as part of a team, excellent communication skills Advantageous certifications ISO/IEC 27001 Lead Implementer ISO/IEC 27001 Internal Auditor Security+ CISM / CISSP This is an excellent opportunity within a stable organisation dedicated to IT Security. Governance, Risk and Compliance (GRC) Analyst - ISO27001 - SOX - Audit Kingston-Upon-Thames, Surrey (3 days per week in the office)
Apr 18, 2024
Full time
Governance, Risk and Compliance (GRC) Analyst - ISO27001 - SOX - Audit Kingston-Upon-Thames, Surrey (3 days per week in the office) My client, a successful UK based company are looking for a GRC Analyst to join them on a permanent basis. Working in a small Information Security team this responsible role involves supporting the operation, maintenance and maturity of the Information Security program. Duties and responsibilities will include: Ensuring the protection of information assets and technologies Contribution to completion of security related audits such as ISO27001, ISO27017, NIST-CSF, IASME Governance, SOX Conduct and document internal audits Manage Third Party Risk Management (TPRM) including vendor security programme reviews, Contribution to Subject Access Request and eDiscovery processes You will need: Extensive Information Security Governance, Risk and Compliance (GRC) experience as well as InfoSec Operations experience Experience contributing to an Information Security Management System (ISMS) certified to ISO27001 standards Good knowledge of the Cyber Essentials Plus Scheme as well as UK & EU General Data Protection Regulation (GDPR) and the Data Protection Act (2018) The ability to work autonomously and as part of a team, excellent communication skills Advantageous certifications ISO/IEC 27001 Lead Implementer ISO/IEC 27001 Internal Auditor Security+ CISM / CISSP This is an excellent opportunity within a stable organisation dedicated to IT Security. Governance, Risk and Compliance (GRC) Analyst - ISO27001 - SOX - Audit Kingston-Upon-Thames, Surrey (3 days per week in the office)
Job Title : Cyber Security Engineer L1/L2 and Team Lead Location : Ashford Salary : 20,000 - 38,000 (DOE) We are working with a leading cyber security service provider a leading provider of innovative security solutions dedicated to safeguarding digital assets and protecting businesses from evolving cyber threats. With a commitment to excellence and a passion for staying ahead of the curve, we are seeking a talented Cyber Security Analyst to join our dynamic team. We are on the lookout for L1/L2 and Team Lead engineers as the company is growing and are on the lookout for 3 new engineers! If you're passionate about cybersecurity and thrive in a fast-paced environment, we want to hear from you! Responsibilities: Monitor and analyse security events and incidents using SIEM tools to identify potential threats and vulnerabilities. Conduct in-depth investigations into security incidents, including malware analysis, network forensics, and log analysis. Develop and maintain security policies, procedures, and standards to ensure compliance with industry regulations and best practices. Collaborate with cross-functional teams to implement security controls and measures to protect against emerging threats. Perform regular security assessments and penetration tests to identify and remediate vulnerabilities in the organization's systems and applications. Stay abreast of the latest cybersecurity trends, threats, and technologies to continuously improve the organization's security posture. Provide guidance and support to internal stakeholders on cybersecurity best practices and incident response procedures. Participate in security awareness training and education programs for employees to promote a culture of security awareness and compliance. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field. Experience in a cybersecurity role, preferably as a Security Analyst or Incident Responder. Strong knowledge of cybersecurity principles, practices, and technologies, including SIEM, IDS/IPS, firewalls, antivirus, and endpoint protection. Hands-on experience with security tools such as Splunk, Wireshark, Nessus, and Metasploit. Experience with threat hunting, malware analysis, and forensic investigation techniques. Understanding of common cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Excellent analytical and problem-solving skills with a keen attention to detail. Strong communication and interpersonal skills, with the ability to effectively communicate technical information to non-technical stakeholders. Relevant certifications such as CISSP, CEH, or GIAC are a plus. If you are looking for your next challenge in a cybersecurity focused environment than look no further. Please apply with an up-to-date CV to be considered, like mentioned above, we are on the lookout for 3 new engineers. In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy. In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy.
Apr 18, 2024
Full time
Job Title : Cyber Security Engineer L1/L2 and Team Lead Location : Ashford Salary : 20,000 - 38,000 (DOE) We are working with a leading cyber security service provider a leading provider of innovative security solutions dedicated to safeguarding digital assets and protecting businesses from evolving cyber threats. With a commitment to excellence and a passion for staying ahead of the curve, we are seeking a talented Cyber Security Analyst to join our dynamic team. We are on the lookout for L1/L2 and Team Lead engineers as the company is growing and are on the lookout for 3 new engineers! If you're passionate about cybersecurity and thrive in a fast-paced environment, we want to hear from you! Responsibilities: Monitor and analyse security events and incidents using SIEM tools to identify potential threats and vulnerabilities. Conduct in-depth investigations into security incidents, including malware analysis, network forensics, and log analysis. Develop and maintain security policies, procedures, and standards to ensure compliance with industry regulations and best practices. Collaborate with cross-functional teams to implement security controls and measures to protect against emerging threats. Perform regular security assessments and penetration tests to identify and remediate vulnerabilities in the organization's systems and applications. Stay abreast of the latest cybersecurity trends, threats, and technologies to continuously improve the organization's security posture. Provide guidance and support to internal stakeholders on cybersecurity best practices and incident response procedures. Participate in security awareness training and education programs for employees to promote a culture of security awareness and compliance. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field. Experience in a cybersecurity role, preferably as a Security Analyst or Incident Responder. Strong knowledge of cybersecurity principles, practices, and technologies, including SIEM, IDS/IPS, firewalls, antivirus, and endpoint protection. Hands-on experience with security tools such as Splunk, Wireshark, Nessus, and Metasploit. Experience with threat hunting, malware analysis, and forensic investigation techniques. Understanding of common cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Excellent analytical and problem-solving skills with a keen attention to detail. Strong communication and interpersonal skills, with the ability to effectively communicate technical information to non-technical stakeholders. Relevant certifications such as CISSP, CEH, or GIAC are a plus. If you are looking for your next challenge in a cybersecurity focused environment than look no further. Please apply with an up-to-date CV to be considered, like mentioned above, we are on the lookout for 3 new engineers. In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy. In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy.
Your new company A well known private sector organisation based in Glasgow City Centre. They have a fantastic track record with investment into their IT team and are looking to expand their Cyber Security team. Having been through a recent transformation within their technology function, this is an exciting time to join the team and help drive the business forward. Your new role As a cybersecurity analyst, your role encompasses several critical responsibilities. You will stay informed about the latest security and technology developments, ensuring you remain up-to-date with industry trends. Your primary task involves researching and evaluating emerging cyber threats, devising effective strategies to manage and mitigate them. Disaster recovery planning and the creation of contingency measures in case of security breaches are essential components of your work. Vigilance is key, you'll monitor for attacks, intrusions, and any unusual or unauthorised activity within your organization's systems. Additionally, you'll assess security tools, collaborate with stakeholders, and provide timely incident responses. Your role plays a crucial part in safeguarding sensitive information and maintaining system integrity.What you'll need to succeedThe ideal candidate will have experience of the following: Cyber Security Essentials: Familiarity with fundamental security principles. ISO 27001/22301: Knowledge of international standards for information security management. Microsoft 365/Azure: Understanding of Microsoft's cloud services and platforms. Network and Application Firewalls: Proficiency in configuring and managing firewalls. Host Intrusion Prevention and Anti-Virus: Skills in safeguarding systems against threats. Malware Sandboxing Reports: Ability to analyze and respond to malware incidents. Security Tooling (Windows & Cloud Environment): Experience with security tools across different environments. XDR, EDR, Email & Remote Access Security: Expertise in threat detection and secure communication. Content Filtering (Web/Email): Implementing filters to protect against malicious content. Cloud Security (SaaS, PaaS, IaaS): Understanding cloud security models. Anomaly Detection: Identifying unusual patterns or behaviors. O365, Azure, MS Intune, Identity Management: Proficiency in Microsoft technologies. Cyber-Attack Techniques, Vulnerabilities, and Mitigation Strategies: Knowledge of attack vectors and effective defenses. Mitre ATT&CK and NIST Frameworks: Familiarity with industry frameworks. What you'll get in return -Salary £50,000 - £55,000-Hybrid working 2 days a week in the office-Pension Contribution-Onsite Parking-Subsidised canteen What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion on your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk
Apr 18, 2024
Full time
Your new company A well known private sector organisation based in Glasgow City Centre. They have a fantastic track record with investment into their IT team and are looking to expand their Cyber Security team. Having been through a recent transformation within their technology function, this is an exciting time to join the team and help drive the business forward. Your new role As a cybersecurity analyst, your role encompasses several critical responsibilities. You will stay informed about the latest security and technology developments, ensuring you remain up-to-date with industry trends. Your primary task involves researching and evaluating emerging cyber threats, devising effective strategies to manage and mitigate them. Disaster recovery planning and the creation of contingency measures in case of security breaches are essential components of your work. Vigilance is key, you'll monitor for attacks, intrusions, and any unusual or unauthorised activity within your organization's systems. Additionally, you'll assess security tools, collaborate with stakeholders, and provide timely incident responses. Your role plays a crucial part in safeguarding sensitive information and maintaining system integrity.What you'll need to succeedThe ideal candidate will have experience of the following: Cyber Security Essentials: Familiarity with fundamental security principles. ISO 27001/22301: Knowledge of international standards for information security management. Microsoft 365/Azure: Understanding of Microsoft's cloud services and platforms. Network and Application Firewalls: Proficiency in configuring and managing firewalls. Host Intrusion Prevention and Anti-Virus: Skills in safeguarding systems against threats. Malware Sandboxing Reports: Ability to analyze and respond to malware incidents. Security Tooling (Windows & Cloud Environment): Experience with security tools across different environments. XDR, EDR, Email & Remote Access Security: Expertise in threat detection and secure communication. Content Filtering (Web/Email): Implementing filters to protect against malicious content. Cloud Security (SaaS, PaaS, IaaS): Understanding cloud security models. Anomaly Detection: Identifying unusual patterns or behaviors. O365, Azure, MS Intune, Identity Management: Proficiency in Microsoft technologies. Cyber-Attack Techniques, Vulnerabilities, and Mitigation Strategies: Knowledge of attack vectors and effective defenses. Mitre ATT&CK and NIST Frameworks: Familiarity with industry frameworks. What you'll get in return -Salary £50,000 - £55,000-Hybrid working 2 days a week in the office-Pension Contribution-Onsite Parking-Subsidised canteen What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion on your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk
Are you looking for a Security role within a dynamic, innovative financial technology organisation? If so, we are recruiting for a Cyber Operations Engineer to join our IT Department! Working alongside the Cyber Operations Lead you will help to design, develop, and mature the company's cybersecurity capability, including the selection, implementation, and management of security tools/technologies, focused on detection, prevention, and analysis of security threats. This role offers a great opportunity to help define and shape the security function within a collaborative IT department, ensuring the protection of customer assets. Responsibilities include: Work with technology and business teams to deliver security processes, technologies and controls, acting as the authority on security related queries. Define, design, implement, and maintain security solutions appropriate to the business' needs. Support the definition, execution and continuous improvement of key cybersecurity processes including vulnerability & patch management, security incident response, security monitoring, endpoint security, identity and access management, network security, and cryptography. Assist with developing and maintaining security policies, processes and incident response management plans and playbooks. Prepare and document standard operating procedures and protocols. Provide expertise on security requirements into core technology processes like asset management, change management, third-party management, technology development & acquisition, configuration management, etc. Contribute as a team member in projects and change initiatives aimed at increasing enterprise security capabilities e.g., identity and access management, log aggregation, etc. Required experience: Minimum of 3 years' experience in a Security/Cyber Engineer/Analyst, role focusing on designing and implementing security solutions and managing security infrastructure. Previous experience working within a financial services environment and a working understanding of relevant regulations. Experience and in-depth technical knowledge of deploying, maintaining, and configuring a wide range of security technologies within a large and complex environment (anti-malware/EDR, SIEM solutions, vulnerability scanners, patch management, CASB, DLP, penetration testing tools, etc.) Knowledge of TCP/IP and related network protocols: knowledge of standard network protocols like TCP, ARP, ICMP, DHCP, DNS, HTTP, SNMP, VPN etc., and accompanying protocol/packet analysis/manipulation tools. Understanding of key operating systems and network appliances and the ability to assess their security posture based on their configuration/deployment. Experience of working effectively with a variety of stakeholders from different technology and business teams. Strong verbal and written communication skills. Desirable experience: Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM). Strong knowledge of Operating System security and system hardening concepts such as CIS Benchmarks. Experience in working with information security frameworks and regulatory requirements including ISO27001, NIST, PCI DSS, GDPR, Cyber Essentials. Experience of general IT Audit processes and conducting risk assessments. You will be a proactive self - starter with strong communication skills and comfortable interacting with stakeholders at all levels. You will have the ability to tailor your approach and translate requirements to non-technical members of staff. We offer a competitive remuneration package, including company discretionary bonus, excellent pension contributions, an attractive staff share scheme, BUPA health insurance, buying and selling of annual leave and sponsorship of relevant professional qualifications. The role is based in our central London office, working a minimum of two days a week in the office and three days a week from home. About Us Transact is the leading independent investment wrap platform in the UK. Established in 2000, we have over £54.9 billion of funds under direction (as at Sept 2023) on behalf of over 7,600 advisers and 230,000 investor clients. Our service includes an online platform, owned and built by us, and dedicated regional adviser support to help bring clients' assets and investments together in a smarter, more tax efficient way. We offer access to a wide range of tax wrappers (including ISAs, pensions and life insurance investment bonds) and funds which advisers use to build client investment portfolios. Portfolio valuations, purchases and sales are all supported via Transact Online which is available 24/7. Transact's parent company, IntegraFin Holdings plc, is listed on the London Stock Exchange and is a constituent of the FTSE 250 index. Equal Opportunities We provide a diverse and inclusive workplace and ensure that all of our staff respect and understand individual differences. We are an equal opportunities employer and positively encourage applications from suitably qualified and eligible candidates regardless of age, disability, gender reassignment, marital or civil partner status, pregnancy or maternity, race, religion or belief, sex or sexual orientation.
Apr 18, 2024
Full time
Are you looking for a Security role within a dynamic, innovative financial technology organisation? If so, we are recruiting for a Cyber Operations Engineer to join our IT Department! Working alongside the Cyber Operations Lead you will help to design, develop, and mature the company's cybersecurity capability, including the selection, implementation, and management of security tools/technologies, focused on detection, prevention, and analysis of security threats. This role offers a great opportunity to help define and shape the security function within a collaborative IT department, ensuring the protection of customer assets. Responsibilities include: Work with technology and business teams to deliver security processes, technologies and controls, acting as the authority on security related queries. Define, design, implement, and maintain security solutions appropriate to the business' needs. Support the definition, execution and continuous improvement of key cybersecurity processes including vulnerability & patch management, security incident response, security monitoring, endpoint security, identity and access management, network security, and cryptography. Assist with developing and maintaining security policies, processes and incident response management plans and playbooks. Prepare and document standard operating procedures and protocols. Provide expertise on security requirements into core technology processes like asset management, change management, third-party management, technology development & acquisition, configuration management, etc. Contribute as a team member in projects and change initiatives aimed at increasing enterprise security capabilities e.g., identity and access management, log aggregation, etc. Required experience: Minimum of 3 years' experience in a Security/Cyber Engineer/Analyst, role focusing on designing and implementing security solutions and managing security infrastructure. Previous experience working within a financial services environment and a working understanding of relevant regulations. Experience and in-depth technical knowledge of deploying, maintaining, and configuring a wide range of security technologies within a large and complex environment (anti-malware/EDR, SIEM solutions, vulnerability scanners, patch management, CASB, DLP, penetration testing tools, etc.) Knowledge of TCP/IP and related network protocols: knowledge of standard network protocols like TCP, ARP, ICMP, DHCP, DNS, HTTP, SNMP, VPN etc., and accompanying protocol/packet analysis/manipulation tools. Understanding of key operating systems and network appliances and the ability to assess their security posture based on their configuration/deployment. Experience of working effectively with a variety of stakeholders from different technology and business teams. Strong verbal and written communication skills. Desirable experience: Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM). Strong knowledge of Operating System security and system hardening concepts such as CIS Benchmarks. Experience in working with information security frameworks and regulatory requirements including ISO27001, NIST, PCI DSS, GDPR, Cyber Essentials. Experience of general IT Audit processes and conducting risk assessments. You will be a proactive self - starter with strong communication skills and comfortable interacting with stakeholders at all levels. You will have the ability to tailor your approach and translate requirements to non-technical members of staff. We offer a competitive remuneration package, including company discretionary bonus, excellent pension contributions, an attractive staff share scheme, BUPA health insurance, buying and selling of annual leave and sponsorship of relevant professional qualifications. The role is based in our central London office, working a minimum of two days a week in the office and three days a week from home. About Us Transact is the leading independent investment wrap platform in the UK. Established in 2000, we have over £54.9 billion of funds under direction (as at Sept 2023) on behalf of over 7,600 advisers and 230,000 investor clients. Our service includes an online platform, owned and built by us, and dedicated regional adviser support to help bring clients' assets and investments together in a smarter, more tax efficient way. We offer access to a wide range of tax wrappers (including ISAs, pensions and life insurance investment bonds) and funds which advisers use to build client investment portfolios. Portfolio valuations, purchases and sales are all supported via Transact Online which is available 24/7. Transact's parent company, IntegraFin Holdings plc, is listed on the London Stock Exchange and is a constituent of the FTSE 250 index. Equal Opportunities We provide a diverse and inclusive workplace and ensure that all of our staff respect and understand individual differences. We are an equal opportunities employer and positively encourage applications from suitably qualified and eligible candidates regardless of age, disability, gender reassignment, marital or civil partner status, pregnancy or maternity, race, religion or belief, sex or sexual orientation.
Your new company A well known private sector organisation based in Glasgow City Centre. They have a fantastic track record with investment into their IT team and are looking to expand their Cyber Security team. Having been through a recent transformation within their technology function, this is an exciting time to join the team and help drive the business forward. Your new role As a cybersecurity analyst, your role encompasses several critical responsibilities. You will stay informed about the latest security and technology developments, ensuring you remain up-to-date with industry trends. Your primary task involves researching and evaluating emerging cyber threats, devising effective strategies to manage and mitigate them. Disaster recovery planning and the creation of contingency measures in case of security breaches are essential components of your work. Vigilance is key, you'll monitor for attacks, intrusions, and any unusual or unauthorised activity within your organization's systems. Additionally, you'll assess security tools, collaborate with stakeholders, and provide timely incident responses. Your role plays a crucial part in safeguarding sensitive information and maintaining system integrity.What you'll need to succeedThe ideal candidate will have experience of the following: Cyber Security Essentials: Familiarity with fundamental security principles. ISO 27001/22301: Knowledge of international standards for information security management. Microsoft 365/Azure: Understanding of Microsoft's cloud services and platforms. Network and Application Firewalls: Proficiency in configuring and managing firewalls. Host Intrusion Prevention and Anti-Virus: Skills in safeguarding systems against threats. Malware Sandboxing Reports: Ability to analyze and respond to malware incidents. Security Tooling (Windows & Cloud Environment): Experience with security tools across different environments. XDR, EDR, Email & Remote Access Security: Expertise in threat detection and secure communication. Content Filtering (Web/Email): Implementing filters to protect against malicious content. Cloud Security (SaaS, PaaS, IaaS): Understanding cloud security models. Anomaly Detection: Identifying unusual patterns or behaviors. O365, Azure, MS Intune, Identity Management: Proficiency in Microsoft technologies. Cyber-Attack Techniques, Vulnerabilities, and Mitigation Strategies: Knowledge of attack vectors and effective defenses. Mitre ATT&CK and NIST Frameworks: Familiarity with industry frameworks. What you'll get in return -Salary 50,000 - 55,000-Hybrid working 2 days a week in the office-Pension Contribution -Onsite Parking -Subsidised canteen What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion on your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Apr 18, 2024
Full time
Your new company A well known private sector organisation based in Glasgow City Centre. They have a fantastic track record with investment into their IT team and are looking to expand their Cyber Security team. Having been through a recent transformation within their technology function, this is an exciting time to join the team and help drive the business forward. Your new role As a cybersecurity analyst, your role encompasses several critical responsibilities. You will stay informed about the latest security and technology developments, ensuring you remain up-to-date with industry trends. Your primary task involves researching and evaluating emerging cyber threats, devising effective strategies to manage and mitigate them. Disaster recovery planning and the creation of contingency measures in case of security breaches are essential components of your work. Vigilance is key, you'll monitor for attacks, intrusions, and any unusual or unauthorised activity within your organization's systems. Additionally, you'll assess security tools, collaborate with stakeholders, and provide timely incident responses. Your role plays a crucial part in safeguarding sensitive information and maintaining system integrity.What you'll need to succeedThe ideal candidate will have experience of the following: Cyber Security Essentials: Familiarity with fundamental security principles. ISO 27001/22301: Knowledge of international standards for information security management. Microsoft 365/Azure: Understanding of Microsoft's cloud services and platforms. Network and Application Firewalls: Proficiency in configuring and managing firewalls. Host Intrusion Prevention and Anti-Virus: Skills in safeguarding systems against threats. Malware Sandboxing Reports: Ability to analyze and respond to malware incidents. Security Tooling (Windows & Cloud Environment): Experience with security tools across different environments. XDR, EDR, Email & Remote Access Security: Expertise in threat detection and secure communication. Content Filtering (Web/Email): Implementing filters to protect against malicious content. Cloud Security (SaaS, PaaS, IaaS): Understanding cloud security models. Anomaly Detection: Identifying unusual patterns or behaviors. O365, Azure, MS Intune, Identity Management: Proficiency in Microsoft technologies. Cyber-Attack Techniques, Vulnerabilities, and Mitigation Strategies: Knowledge of attack vectors and effective defenses. Mitre ATT&CK and NIST Frameworks: Familiarity with industry frameworks. What you'll get in return -Salary 50,000 - 55,000-Hybrid working 2 days a week in the office-Pension Contribution -Onsite Parking -Subsidised canteen What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion on your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Cyber Security Lead (Windows Azure SIEM) WFH / Epsom to £85k Are you an experienced Security Engineer / Analyst with a strong knowledge of Windows and Azure security? You could be progressing your career in a hands-on Cyber Security Lead role at an Independent Building Society that specialise in savings and mortgages, in a friendly and supportive environment where you can work with autonomy and enjoy flexible working. As a Cyber Security Lead, you will take ownership of threat management and response, establishing and maintaining robust cyber security policies, playbooks and procedure to ensure compliance with regulatory requirements, industry standards in an Operational role. You'll remain hands-on, acting as an escalation point for the Service Desk, investigating and remediating security threats. You'll perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incident response capabilities and overall security posture. Office & WFH Policy: You'll have flexibility to work from home, meeting up with colleagues in the Epsom office three days a week; there's flexible start and finish times too. Requirements: You have experience in a similar Senior Cyber Security Analyst / Engineer role You have experience using security tools (such as SIEM, FIM, EDR, or NDR) and security framework and standards implementation (NiST, ISO27001, PCI-DSS, etc) You have experience of a Windows and Azure environment You have strong analysis and problem solving skills with meticulous attention to detail You have excellent communication and collaboration skills including stakeholder management and are happy to mentor one other Salary & Benefits: As a Cyber Security Lead, you can expect to earn competitive salary (up to £85k) plus benefits. Pension (up to 10% contribution) Private Healthcare Life Assurance Company bonus Professional study support Apply now to find out more about this Cyber Security Lead (Windows Azure SIEM) role. At Client Server we believe in a diverse workplace that allows people to play to their strengths and continually learn. We're an equal opportunities employer whose people come from all walks of life and will never discriminate based on race, colour, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. The clients we work with share our values.
Apr 17, 2024
Full time
Cyber Security Lead (Windows Azure SIEM) WFH / Epsom to £85k Are you an experienced Security Engineer / Analyst with a strong knowledge of Windows and Azure security? You could be progressing your career in a hands-on Cyber Security Lead role at an Independent Building Society that specialise in savings and mortgages, in a friendly and supportive environment where you can work with autonomy and enjoy flexible working. As a Cyber Security Lead, you will take ownership of threat management and response, establishing and maintaining robust cyber security policies, playbooks and procedure to ensure compliance with regulatory requirements, industry standards in an Operational role. You'll remain hands-on, acting as an escalation point for the Service Desk, investigating and remediating security threats. You'll perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incident response capabilities and overall security posture. Office & WFH Policy: You'll have flexibility to work from home, meeting up with colleagues in the Epsom office three days a week; there's flexible start and finish times too. Requirements: You have experience in a similar Senior Cyber Security Analyst / Engineer role You have experience using security tools (such as SIEM, FIM, EDR, or NDR) and security framework and standards implementation (NiST, ISO27001, PCI-DSS, etc) You have experience of a Windows and Azure environment You have strong analysis and problem solving skills with meticulous attention to detail You have excellent communication and collaboration skills including stakeholder management and are happy to mentor one other Salary & Benefits: As a Cyber Security Lead, you can expect to earn competitive salary (up to £85k) plus benefits. Pension (up to 10% contribution) Private Healthcare Life Assurance Company bonus Professional study support Apply now to find out more about this Cyber Security Lead (Windows Azure SIEM) role. At Client Server we believe in a diverse workplace that allows people to play to their strengths and continually learn. We're an equal opportunities employer whose people come from all walks of life and will never discriminate based on race, colour, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. The clients we work with share our values.
Summary We are currently recruiting for an Information Security Analyst to join our team and play a key role in risk and compliance, driving change and awareness, assisting with security requirements, supporting the information security framework and assisting business-wide colleagues to find the right solution for them and the National Trust. This is a great opportunity for an individual who is looking to make their next step up in their security career and advance their skills and experience with a major charitable organisation that will offer development and career progression. What it's like to work here Reporting to the Information Security Manager, you'll be providing assurance of the completeness and effectiveness of security controls across the National Trust's businesses and be a proactive advocate of information security good practice with respect to GRC (Governance, Risk and Compliance). You'll understand the security risks that the Trust may face and what controls are needed, where vulnerabilities have been found. Your contractual location will be our head office in Swindon and there will be an expectation for you to attend the office. However, there is flexibility on where you are based at other times. You will be required to work at a National Trust location for 40-60% of your working week. This will be discussed in more detail at interview. What you'll be doing We expect the role holder to provide information security advice and apply best practices to drive awareness, assist with the implementation, monitoring and assurance reviews of IT security controls and manage the policy development lifecycle. You'll ensure that strong relationships are built with key business and IT stakeholders and work with stakeholders to propose and agree security remediation. You'll undertake due diligence of new suppliers and technology solutions by performing risk assessments and supplier reviews and support the security awareness and training activities, ensuring it engages employees and volunteers to understand and adopt the principles in the manner which they work. You'll demonstrate security continuous improvement in ways to engage and communicate to key stakeholders. Who we're looking for You can view the full role profile for this role in the document attached, this is just to provide a full picture of what is possible in this role, we'd love to hear from you if you have: A wealth of experience of working as part of a team, supporting all members of the team when needed but also capable of being independently motivated, self-sufficient, and able to multitask. Excellent communication skills, written and verbal, including the ability to communicate with people with varying levels of technical knowledge. The ability to challenge effectively and provide well thought out justification and reasoning - with alternative recommendations, as appropriate. A strong working understanding of Data Protection and GDPR, information security management frameworks such as ISO/IEC 27001 and NIST; and PCI DSS. A proven background of working in an information security GRC capacity with broad and solid understanding of information security concepts and risks. A recognised certification to CompTIA Security+ or equivalent and you will be working towards professional exams in the field of Security frameworks, risk management or assessment and testing. Experience with IT Infrastructure and cloud technology The package The National Trust has the motto 'For everyone, for ever' at its heart. We're working hard to create an inclusive culture, where everyone feels they belong. It's important that our people reflect and represent the diversity of the communities and audiences we serve. We welcome and value difference, so when we say we're for everyone, we want everyone to be welcome in our teams too. Substantial pension scheme of up to 10% basic salary Free entry to National Trust places for you, a guest and your children (under 18) Tax-free childcare scheme Rental deposit loan scheme Season ticket loan Perks at work discounts such as gym memberships, shopping discount codes, cinema discounts Holiday allowance up to 32 days relating to length of service, plus holiday purchase scheme, subject to meeting minimum criteria. Flexible working whenever possible Employee assistance programme Free parking at most Trust places Independent financial advice Click here to find out more about the benefits we offer to support you.
Apr 17, 2024
Full time
Summary We are currently recruiting for an Information Security Analyst to join our team and play a key role in risk and compliance, driving change and awareness, assisting with security requirements, supporting the information security framework and assisting business-wide colleagues to find the right solution for them and the National Trust. This is a great opportunity for an individual who is looking to make their next step up in their security career and advance their skills and experience with a major charitable organisation that will offer development and career progression. What it's like to work here Reporting to the Information Security Manager, you'll be providing assurance of the completeness and effectiveness of security controls across the National Trust's businesses and be a proactive advocate of information security good practice with respect to GRC (Governance, Risk and Compliance). You'll understand the security risks that the Trust may face and what controls are needed, where vulnerabilities have been found. Your contractual location will be our head office in Swindon and there will be an expectation for you to attend the office. However, there is flexibility on where you are based at other times. You will be required to work at a National Trust location for 40-60% of your working week. This will be discussed in more detail at interview. What you'll be doing We expect the role holder to provide information security advice and apply best practices to drive awareness, assist with the implementation, monitoring and assurance reviews of IT security controls and manage the policy development lifecycle. You'll ensure that strong relationships are built with key business and IT stakeholders and work with stakeholders to propose and agree security remediation. You'll undertake due diligence of new suppliers and technology solutions by performing risk assessments and supplier reviews and support the security awareness and training activities, ensuring it engages employees and volunteers to understand and adopt the principles in the manner which they work. You'll demonstrate security continuous improvement in ways to engage and communicate to key stakeholders. Who we're looking for You can view the full role profile for this role in the document attached, this is just to provide a full picture of what is possible in this role, we'd love to hear from you if you have: A wealth of experience of working as part of a team, supporting all members of the team when needed but also capable of being independently motivated, self-sufficient, and able to multitask. Excellent communication skills, written and verbal, including the ability to communicate with people with varying levels of technical knowledge. The ability to challenge effectively and provide well thought out justification and reasoning - with alternative recommendations, as appropriate. A strong working understanding of Data Protection and GDPR, information security management frameworks such as ISO/IEC 27001 and NIST; and PCI DSS. A proven background of working in an information security GRC capacity with broad and solid understanding of information security concepts and risks. A recognised certification to CompTIA Security+ or equivalent and you will be working towards professional exams in the field of Security frameworks, risk management or assessment and testing. Experience with IT Infrastructure and cloud technology The package The National Trust has the motto 'For everyone, for ever' at its heart. We're working hard to create an inclusive culture, where everyone feels they belong. It's important that our people reflect and represent the diversity of the communities and audiences we serve. We welcome and value difference, so when we say we're for everyone, we want everyone to be welcome in our teams too. Substantial pension scheme of up to 10% basic salary Free entry to National Trust places for you, a guest and your children (under 18) Tax-free childcare scheme Rental deposit loan scheme Season ticket loan Perks at work discounts such as gym memberships, shopping discount codes, cinema discounts Holiday allowance up to 32 days relating to length of service, plus holiday purchase scheme, subject to meeting minimum criteria. Flexible working whenever possible Employee assistance programme Free parking at most Trust places Independent financial advice Click here to find out more about the benefits we offer to support you.
GRC Analyst (InfoSec ISO 27001) Sunderland / WFH to £40k Are you a tech savvy GRC Analyst looking to progress your career? You could be joining a successful and growing online gaming / gambling site as they expand their European presence. As a GRC Analyst you will help to build on the existing technology group governance, risk and compliance capabilities as part of the wider Information Security programme with the ultimate aim of protecting customers and the business alike from cyber security attacks. You'll maintain and continuously improve ISO 27001 / 2 policies, standards and procedures; collaborate across teams to drive adoption and adherence to InfoSec policy and guidelines and contribute to the continuous improvement and tactical strategic roadmaps to ensure that all technology platforms meet compliance. There are a broad range of responsibilities and challenges, you'll be collaborating in advisory role where you'll build expertise. WFH Policy: There's a hybrid work from home policy with 2-3 days a week; when you're in the office you'll be collaborating with accomplished colleagues in awesome custom built offices in Sunderland with a range of facilities and perks including three, free meals a days at the onsite restaurant as well as membership at onsite gym. Requirements: You have experience of analysing security and technical compliance requirements, including performing risk assessments and designing risk treatment plans You have a strong knowledge of security and technology compliance regulations, ideally within betting although could be other industry e.g., finance You have a good understanding of governance standards and frameworks e.g., ISO 27001 / 2, PCI-DSS, NIST, ISF, GDPR You have good commercial awareness and experience of delivery security awareness within a large scale organisation You have excellent communication, collaboration and stakeholder engagement skills Salary & benefits: As a GRC Analyst you will earn a competitive salary (to £40k) plus benefits including: Bonus Pension Private medical care And a range of other perks and benefits Apply now to find out more about this GRC Analyst opportunity. At Client Server we believe in a diverse workplace that allows people to play to their strengths and continually learn. We're an equal opportunities employer whose people come from all walks of life and will never discriminate based on race, colour, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. The clients we work with share our values.
Apr 16, 2024
Full time
GRC Analyst (InfoSec ISO 27001) Sunderland / WFH to £40k Are you a tech savvy GRC Analyst looking to progress your career? You could be joining a successful and growing online gaming / gambling site as they expand their European presence. As a GRC Analyst you will help to build on the existing technology group governance, risk and compliance capabilities as part of the wider Information Security programme with the ultimate aim of protecting customers and the business alike from cyber security attacks. You'll maintain and continuously improve ISO 27001 / 2 policies, standards and procedures; collaborate across teams to drive adoption and adherence to InfoSec policy and guidelines and contribute to the continuous improvement and tactical strategic roadmaps to ensure that all technology platforms meet compliance. There are a broad range of responsibilities and challenges, you'll be collaborating in advisory role where you'll build expertise. WFH Policy: There's a hybrid work from home policy with 2-3 days a week; when you're in the office you'll be collaborating with accomplished colleagues in awesome custom built offices in Sunderland with a range of facilities and perks including three, free meals a days at the onsite restaurant as well as membership at onsite gym. Requirements: You have experience of analysing security and technical compliance requirements, including performing risk assessments and designing risk treatment plans You have a strong knowledge of security and technology compliance regulations, ideally within betting although could be other industry e.g., finance You have a good understanding of governance standards and frameworks e.g., ISO 27001 / 2, PCI-DSS, NIST, ISF, GDPR You have good commercial awareness and experience of delivery security awareness within a large scale organisation You have excellent communication, collaboration and stakeholder engagement skills Salary & benefits: As a GRC Analyst you will earn a competitive salary (to £40k) plus benefits including: Bonus Pension Private medical care And a range of other perks and benefits Apply now to find out more about this GRC Analyst opportunity. At Client Server we believe in a diverse workplace that allows people to play to their strengths and continually learn. We're an equal opportunities employer whose people come from all walks of life and will never discriminate based on race, colour, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. The clients we work with share our values.
Title: Information Security Consultant Salary: Up to £60,000 DOE Location: Leeds (on-site) My client is looking for a skilled Information Security Consultant to join their existing Information Security team to offer guidance on IT security and further develop IT policies across a multi-region infrastructure. This is an opportunity to join a growing team, with a great company culture and several exciting projects to get stuck into, all in a fast-paced environment! They are unable to offer sponsorship, so the perfect candidate will have the full right to work in the UK, without a visa that will expire. Responsibilities: Assist in managing security incidents and alerts. Conduct regular security checks and investigate exceptions. Complete client security questionnaires for bidding. Raise awareness of security risks. Enhance security policies, processes, and controls. Proactively identify security risks and mitigations. Participate in system and application design. Develop training guides for users and staff. Manage the IT Risk register. Test and improve Disaster Recovery plans. Technical Requirements: Minimum two years of practical experience in enterprise security and infrastructure. Familiarity with enterprise information security standards: Cyber Essentials, ISO 27001, 27002, Data Protection Act, GDPR. Proficiency in Microsoft O365 Security, Networking, Security operations, Vulnerability Management, and Security Auditing. Strong understanding of security testing principles, including hands-on experience in vulnerability scanning, risk identification, resolution, and reporting. Demonstrated expertise in formal document creation, including report and procedure development. Essential Skills: Microsoft O365 platform expertise. Advanced Threat Intelligence analysis and best practices implementation. Proficient in managing Security Incident Response processes. Knowledgeable about Disaster Recovery and Business Continuity principles. Experienced in event and log analysis. The company is looking to fill this position ASAP, so please apply with a copy of your CV if interested! Key Words: Information Security Analyst, Information Security Engineer, Security Analyst, Information Security, NIST, COBIT, ISO-27001, ISO-27002, Compliance, Governance, Risk, Cyber Security, SOX, Sentinel, Defender, InTune BeTechnology Group Limited is acting as an Employment Agency in relation to this vacancy.
Apr 16, 2024
Full time
Title: Information Security Consultant Salary: Up to £60,000 DOE Location: Leeds (on-site) My client is looking for a skilled Information Security Consultant to join their existing Information Security team to offer guidance on IT security and further develop IT policies across a multi-region infrastructure. This is an opportunity to join a growing team, with a great company culture and several exciting projects to get stuck into, all in a fast-paced environment! They are unable to offer sponsorship, so the perfect candidate will have the full right to work in the UK, without a visa that will expire. Responsibilities: Assist in managing security incidents and alerts. Conduct regular security checks and investigate exceptions. Complete client security questionnaires for bidding. Raise awareness of security risks. Enhance security policies, processes, and controls. Proactively identify security risks and mitigations. Participate in system and application design. Develop training guides for users and staff. Manage the IT Risk register. Test and improve Disaster Recovery plans. Technical Requirements: Minimum two years of practical experience in enterprise security and infrastructure. Familiarity with enterprise information security standards: Cyber Essentials, ISO 27001, 27002, Data Protection Act, GDPR. Proficiency in Microsoft O365 Security, Networking, Security operations, Vulnerability Management, and Security Auditing. Strong understanding of security testing principles, including hands-on experience in vulnerability scanning, risk identification, resolution, and reporting. Demonstrated expertise in formal document creation, including report and procedure development. Essential Skills: Microsoft O365 platform expertise. Advanced Threat Intelligence analysis and best practices implementation. Proficient in managing Security Incident Response processes. Knowledgeable about Disaster Recovery and Business Continuity principles. Experienced in event and log analysis. The company is looking to fill this position ASAP, so please apply with a copy of your CV if interested! Key Words: Information Security Analyst, Information Security Engineer, Security Analyst, Information Security, NIST, COBIT, ISO-27001, ISO-27002, Compliance, Governance, Risk, Cyber Security, SOX, Sentinel, Defender, InTune BeTechnology Group Limited is acting as an Employment Agency in relation to this vacancy.
.A highly regarded and successful Bristol institution is seeking a meticulous Information Security Analyst as part of a wider restructure of their Cyber Security function. In a role offering hybrid working (requirement of only 2 days per week on site), this role suits a Cyber Security professional who is passionate about the development and implementation of controls, and is passionate about their own career development. A short summary of the duties involved includes, and is not limited to: Establish and maintain internal guidelines for information security, ensuring alignment with industry standards and regulations. Conduct regular reviews of policies to ensure compliance and offer support on security matters. Assist with the Information Security Awareness For Everyone (SAFE) initiative. Evaluate internal controls through reviews, produce compliance reports, and develop action plans. Coordinate with auditors for assessments and oversee risk registers. Collaborate with stakeholders to implement security controls for critical systems. Assess and monitor third-party security using established criteria. Schedule routine security assessments. Work with internal teams to implement preventive measures based on incident findings. Maintain accurate compliance records and provide reports to relevant parties. Support the improvement of the Information Security Management System (ISMS) and stay abreast of industry developments. Requirements: Demonstrated expertise in conducting evaluations of IT/Cyber security controls. At least four years of relevant experience in IT, information security, or program management roles, with a focus on Governance, Risk, and Compliance (GRC) initiatives preferred. Diverse analytical skills gained from involvement in various IT and/or business projects. Proficiency in solution management, encompassing requirements analysis, solution proposal, progress monitoring, and benefits assessment. Familiarity with Information security frameworks and adherence to compliance standards such as ISO27001, Cyber Essentials Plus, NIST, SOC2, and PCI-DSS.
Apr 16, 2024
Full time
.A highly regarded and successful Bristol institution is seeking a meticulous Information Security Analyst as part of a wider restructure of their Cyber Security function. In a role offering hybrid working (requirement of only 2 days per week on site), this role suits a Cyber Security professional who is passionate about the development and implementation of controls, and is passionate about their own career development. A short summary of the duties involved includes, and is not limited to: Establish and maintain internal guidelines for information security, ensuring alignment with industry standards and regulations. Conduct regular reviews of policies to ensure compliance and offer support on security matters. Assist with the Information Security Awareness For Everyone (SAFE) initiative. Evaluate internal controls through reviews, produce compliance reports, and develop action plans. Coordinate with auditors for assessments and oversee risk registers. Collaborate with stakeholders to implement security controls for critical systems. Assess and monitor third-party security using established criteria. Schedule routine security assessments. Work with internal teams to implement preventive measures based on incident findings. Maintain accurate compliance records and provide reports to relevant parties. Support the improvement of the Information Security Management System (ISMS) and stay abreast of industry developments. Requirements: Demonstrated expertise in conducting evaluations of IT/Cyber security controls. At least four years of relevant experience in IT, information security, or program management roles, with a focus on Governance, Risk, and Compliance (GRC) initiatives preferred. Diverse analytical skills gained from involvement in various IT and/or business projects. Proficiency in solution management, encompassing requirements analysis, solution proposal, progress monitoring, and benefits assessment. Familiarity with Information security frameworks and adherence to compliance standards such as ISO27001, Cyber Essentials Plus, NIST, SOC2, and PCI-DSS.
Senior Cyber Security Analyst Salary: Around £50,000 Glasgow Hybrid: 2 Days a Week in the Office In this role will be responsible for implementing, developing, and executing security operations to protect users, infrastructure, and data from various threats. This role involves monitoring networks and systems, detecting security threats, analysing and assessing alarms, and reporting on threats and intrusion attempts. Key Responsibilities: Stay updated with the latest security and technology developments. Research and evaluate emerging cyber security threats. Plan and create contingency plans for disaster recovery. Monitor for attacks, intrusions, and unusual activities. Test and evaluate security products. Design and upgrade security systems. Use advanced analytics to determine threat patterns and vulnerabilities. Liaise with stakeholders on cyber security issues. Manage 3rd party relationships. Skills/Experience: Essential: Degree level qualification in Cyber Security or Network and System Administration. CompTIA Security+ Sentinel Experience Knowledge of cyber security essentials and ISO 27001/22301. Experience with network and application firewalls, intrusion prevention, anti-virus, and security tooling. Familiarity with Microsoft 365/Azure. Desirable: SSCP or CISSP CISM Ethical Hacking/Purple Teaming
Apr 16, 2024
Full time
Senior Cyber Security Analyst Salary: Around £50,000 Glasgow Hybrid: 2 Days a Week in the Office In this role will be responsible for implementing, developing, and executing security operations to protect users, infrastructure, and data from various threats. This role involves monitoring networks and systems, detecting security threats, analysing and assessing alarms, and reporting on threats and intrusion attempts. Key Responsibilities: Stay updated with the latest security and technology developments. Research and evaluate emerging cyber security threats. Plan and create contingency plans for disaster recovery. Monitor for attacks, intrusions, and unusual activities. Test and evaluate security products. Design and upgrade security systems. Use advanced analytics to determine threat patterns and vulnerabilities. Liaise with stakeholders on cyber security issues. Manage 3rd party relationships. Skills/Experience: Essential: Degree level qualification in Cyber Security or Network and System Administration. CompTIA Security+ Sentinel Experience Knowledge of cyber security essentials and ISO 27001/22301. Experience with network and application firewalls, intrusion prevention, anti-virus, and security tooling. Familiarity with Microsoft 365/Azure. Desirable: SSCP or CISSP CISM Ethical Hacking/Purple Teaming
Title: Information Security Consultant Salary: Up to 60,000 DOE Location: Leeds (on-site) My client is looking for a skilled Information Security Consultant to join their existing Information Security team to offer guidance on IT security and further develop IT policies across a multi-region infrastructure. This is an opportunity to join a growing team, with a great company culture and several exciting projects to get stuck into, all in a fast-paced environment! They are unable to offer sponsorship, so the perfect candidate will have the full right to work in the UK, without a visa that will expire. Responsibilities: Assist in managing security incidents and alerts. Conduct regular security checks and investigate exceptions. Complete client security questionnaires for bidding. Raise awareness of security risks. Enhance security policies, processes, and controls. Proactively identify security risks and mitigations. Participate in system and application design. Develop training guides for users and staff. Manage the IT Risk register. Test and improve Disaster Recovery plans. Technical Requirements: Minimum two years of practical experience in enterprise security and infrastructure. Familiarity with enterprise information security standards: Cyber Essentials, ISO 27001, 27002, Data Protection Act, GDPR. Proficiency in Microsoft O365 Security, Networking, Security operations, Vulnerability Management, and Security Auditing. Strong understanding of security testing principles, including hands-on experience in vulnerability scanning, risk identification, resolution, and reporting. Demonstrated expertise in formal document creation, including report and procedure development. Essential Skills: Microsoft O365 platform expertise. Advanced Threat Intelligence analysis and best practices implementation. Proficient in managing Security Incident Response processes. Knowledgeable about Disaster Recovery and Business Continuity principles. Experienced in event and log analysis. The company is looking to fill this position ASAP, so please apply with a copy of your CV if interested! Key Words: Information Security Analyst, Information Security Engineer, Security Analyst, Information Security, NIST, COBIT, ISO-27001, ISO-27002, Compliance, Governance, Risk, Cyber Security, SOX, Sentinel, Defender, InTune BeTechnology Group Limited is acting as an Employment Agency in relation to this vacancy.
Apr 16, 2024
Full time
Title: Information Security Consultant Salary: Up to 60,000 DOE Location: Leeds (on-site) My client is looking for a skilled Information Security Consultant to join their existing Information Security team to offer guidance on IT security and further develop IT policies across a multi-region infrastructure. This is an opportunity to join a growing team, with a great company culture and several exciting projects to get stuck into, all in a fast-paced environment! They are unable to offer sponsorship, so the perfect candidate will have the full right to work in the UK, without a visa that will expire. Responsibilities: Assist in managing security incidents and alerts. Conduct regular security checks and investigate exceptions. Complete client security questionnaires for bidding. Raise awareness of security risks. Enhance security policies, processes, and controls. Proactively identify security risks and mitigations. Participate in system and application design. Develop training guides for users and staff. Manage the IT Risk register. Test and improve Disaster Recovery plans. Technical Requirements: Minimum two years of practical experience in enterprise security and infrastructure. Familiarity with enterprise information security standards: Cyber Essentials, ISO 27001, 27002, Data Protection Act, GDPR. Proficiency in Microsoft O365 Security, Networking, Security operations, Vulnerability Management, and Security Auditing. Strong understanding of security testing principles, including hands-on experience in vulnerability scanning, risk identification, resolution, and reporting. Demonstrated expertise in formal document creation, including report and procedure development. Essential Skills: Microsoft O365 platform expertise. Advanced Threat Intelligence analysis and best practices implementation. Proficient in managing Security Incident Response processes. Knowledgeable about Disaster Recovery and Business Continuity principles. Experienced in event and log analysis. The company is looking to fill this position ASAP, so please apply with a copy of your CV if interested! Key Words: Information Security Analyst, Information Security Engineer, Security Analyst, Information Security, NIST, COBIT, ISO-27001, ISO-27002, Compliance, Governance, Risk, Cyber Security, SOX, Sentinel, Defender, InTune BeTechnology Group Limited is acting as an Employment Agency in relation to this vacancy.
Information Security Analyst Location: Manchester Salary: £40,000-£45,000 Summary: Our client requires an experienced Information Security Analyst to oversee and bolster their European Information and Cyber Security protocols across multiple countries, including the UK, Germany, Poland, Netherlands, Italy, and Belgium. Reporting directly to the CISO and Head of IT, this role demands a deep understanding of Information Security, technology architecture, and business security. It presents an excellent opportunity for individuals seeking to advance their IT Security expertise within an environment that fosters both autonomy and support. Key Responsibilities Develop, implement, and maintain security policies aligned with ISO27001, CIS, and NIST standards, including Incident Response Plans and Business Continuity strategies, with tabletop exercises for evaluation. Plan and implement disaster recovery measures for security breaches. Act as a DPO Ambassador, liaising with stakeholders, aiding in ROPA development, and collaborating within the privacy network group. Coordinate vulnerability analysis and patch management with a risk-based approach. Investigate security alerts and execute incident response procedures. Manage identity and access systems. Engage stakeholders, including C-level executives, for cyber security recommendations. Maintain an information security risk register and support audits. Develop and deliver cyber security awareness training. Ensure regulatory compliance through collaboration with teams. Stay updated on security and tech developments. May involve travel within Europe. Skills & Experience 1-2 years implementing ISMS and cyber security standards (ISO27001, Cyber Essentials, NIST, CIS, PCI). Awareness of GDPR framework. Understanding of cybersecurity threats and emerging technologies. Knowledge of physical, virtual, and cloud architectures (IaaS, SaaS, PaaS). Proficiency in ITIL service management. Experience with Qualys Vulnerability Scanning. Possess recognised Information Security certification (Security+, CISSP, or similar). Diverse tech background including Private/Public cloud Infrastructure, Networking (Cisco, Fortinet), Microsoft, Linux, etc.Top of Form Processing Your Data Bis Henderson Recruitment is a leading provider of recruitment, interim management and consultancy services to the supply chain and logistics industry. Should you respond to this advertisement we may store your CV and contact details and will process this data for recruitment purposes only. Should we process your data, then we will always tell you that we are doing so. Please visit our website to read our Privacy Policy in full, in this Policy you will find information about our compliance with the UK General Data Protection Regulations. All applicants must have an unrestricted right to work in the UK as our client will not support visa sponsorship for this role.
Apr 16, 2024
Full time
Information Security Analyst Location: Manchester Salary: £40,000-£45,000 Summary: Our client requires an experienced Information Security Analyst to oversee and bolster their European Information and Cyber Security protocols across multiple countries, including the UK, Germany, Poland, Netherlands, Italy, and Belgium. Reporting directly to the CISO and Head of IT, this role demands a deep understanding of Information Security, technology architecture, and business security. It presents an excellent opportunity for individuals seeking to advance their IT Security expertise within an environment that fosters both autonomy and support. Key Responsibilities Develop, implement, and maintain security policies aligned with ISO27001, CIS, and NIST standards, including Incident Response Plans and Business Continuity strategies, with tabletop exercises for evaluation. Plan and implement disaster recovery measures for security breaches. Act as a DPO Ambassador, liaising with stakeholders, aiding in ROPA development, and collaborating within the privacy network group. Coordinate vulnerability analysis and patch management with a risk-based approach. Investigate security alerts and execute incident response procedures. Manage identity and access systems. Engage stakeholders, including C-level executives, for cyber security recommendations. Maintain an information security risk register and support audits. Develop and deliver cyber security awareness training. Ensure regulatory compliance through collaboration with teams. Stay updated on security and tech developments. May involve travel within Europe. Skills & Experience 1-2 years implementing ISMS and cyber security standards (ISO27001, Cyber Essentials, NIST, CIS, PCI). Awareness of GDPR framework. Understanding of cybersecurity threats and emerging technologies. Knowledge of physical, virtual, and cloud architectures (IaaS, SaaS, PaaS). Proficiency in ITIL service management. Experience with Qualys Vulnerability Scanning. Possess recognised Information Security certification (Security+, CISSP, or similar). Diverse tech background including Private/Public cloud Infrastructure, Networking (Cisco, Fortinet), Microsoft, Linux, etc.Top of Form Processing Your Data Bis Henderson Recruitment is a leading provider of recruitment, interim management and consultancy services to the supply chain and logistics industry. Should you respond to this advertisement we may store your CV and contact details and will process this data for recruitment purposes only. Should we process your data, then we will always tell you that we are doing so. Please visit our website to read our Privacy Policy in full, in this Policy you will find information about our compliance with the UK General Data Protection Regulations. All applicants must have an unrestricted right to work in the UK as our client will not support visa sponsorship for this role.
Role: Senior Cyber Security Analyst Location: Ipswich Salary: 50,000 Are you passionate about safeguarding digital landscapes from evolving threats? Do you possess a keen eye for detail and a knack for problem-solving in the realm of cybersecurity? If so, we have an exciting opportunity for you! Join our dynamic team as a Cyber Security Analyst and become an integral part of our mission to fortify our digital infrastructure against emerging cyber threats. Key Responsibilities: Monitor, analyse, and respond to security incidents and alerts in real-time. Conduct thorough assessments of system vulnerabilities and recommend proactive solutions. Collaborate with cross-functional teams to implement and maintain robust security measures. Develop and enforce security policies and procedures to ensure compliance with industry standards and regulations including ISO27001 and Cyber essentials Stay abreast of the latest cybersecurity trends and technologies to continuously enhance our defence mechanisms. Requirements: Proven experience in cyber threat detection, incident response, and vulnerability management. Proficiency in security tools such as SIEM, IDS/IPS, antivirus software, and penetration testing frameworks. Strong understanding of networking protocols, encryption techniques, and risk assessment methodologies. Excellent communication skills with the ability to convey complex technical concepts to non-technical stakeholders. What We Offer: Opportunities for professional development and career growth. 25 days holiday Pension Healthcare and dental cover Holiday scheme Professional development If you're ready to take on the challenge of defending against cyber adversaries and making a difference in the world of cybersecurity, apply now to join our team as a Cyber Security Analyst! Together, let's secure a safer digital future. Apply today! In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy.
Apr 16, 2024
Full time
Role: Senior Cyber Security Analyst Location: Ipswich Salary: 50,000 Are you passionate about safeguarding digital landscapes from evolving threats? Do you possess a keen eye for detail and a knack for problem-solving in the realm of cybersecurity? If so, we have an exciting opportunity for you! Join our dynamic team as a Cyber Security Analyst and become an integral part of our mission to fortify our digital infrastructure against emerging cyber threats. Key Responsibilities: Monitor, analyse, and respond to security incidents and alerts in real-time. Conduct thorough assessments of system vulnerabilities and recommend proactive solutions. Collaborate with cross-functional teams to implement and maintain robust security measures. Develop and enforce security policies and procedures to ensure compliance with industry standards and regulations including ISO27001 and Cyber essentials Stay abreast of the latest cybersecurity trends and technologies to continuously enhance our defence mechanisms. Requirements: Proven experience in cyber threat detection, incident response, and vulnerability management. Proficiency in security tools such as SIEM, IDS/IPS, antivirus software, and penetration testing frameworks. Strong understanding of networking protocols, encryption techniques, and risk assessment methodologies. Excellent communication skills with the ability to convey complex technical concepts to non-technical stakeholders. What We Offer: Opportunities for professional development and career growth. 25 days holiday Pension Healthcare and dental cover Holiday scheme Professional development If you're ready to take on the challenge of defending against cyber adversaries and making a difference in the world of cybersecurity, apply now to join our team as a Cyber Security Analyst! Together, let's secure a safer digital future. Apply today! In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy.