As a Senior DevOps Engineer, you will take full ownership of a wide range of infrastructure and tooling aspects, enabling multiple agile teams developing market-leading insurance pricing solutions. You will work together with engineering managers and product owners to refine and prioritize DevOps backlog, working closely with the engineering architecture group to develop new solutions in the cloud. This is a critical and varied role, using a wide range of technologies, combining strategic work with short-term tactical fixes and improvements. You will build upon our DevOps culture across the Product and Engineering organization, sharing modern practices and always challenging the status quo.You will also line manage other DevOps Engineers and coach and mentor them.The Role: Manage the roadmap for your area. Make prioritization decisions and build trust with stakeholders by building an understandable, accurate roadmap Working with engineering teams to maintain and improve the existing continuous integration pipeline, optimizing and upgrading build systems on an ongoing basis, Extending and monitoring the various CI/build/QA/project dashboards to ensure they remain "green", Debugging tooling and infrastructure issues or performance bottlenecks as required, and dispatching product-related issues to the teams, Participating in product design meetings to ensure the infrastructure required to support new product requirements is identified upfront and put in place in a timely manner, Working with the QA Leads to ensure Azure-based test environments are continuously optimized to execute a high volume of test cases in a fast and cost-efficient way, Designing, implementing and documenting test environments and frameworks, assisting in the design and implementation of automated tests, Keeping an inventory of the various tools supporting the development environment and continuously modernizing/upgrading them, providing guidance and instructions to the development team as required Participating in scrum meetings as relevant (e.g. sprint demos and retrospectives The Requirements: Extensive experience administering CI systems, creating build configurations and pipelines (VSTS/Azure DevOps, TeamCity, NuGet, MSBuild) Experience administering version control systems such as VSTS / Git and SVN Familiarity with Microsoft .NET development environment, Visual Studio Strong scripting skills (PowerShell), software development skills using C# .NET Self-reliance, attention to detail, commitment to high-quality, ability to learn quickly and to innovate Strong problem-solving skills, including providing simple solutions to complex situations Strong team player with the ability to communicate and collaborate effectively Other highly desirable, but not essential skills are: Experience of using configuration management tools (Chef, Puppet, Ansible etc.) Experience of cloud technologies (primarily Azure but also AWS), and of migrating on-premise infrastructure to the cloud Knowledge of Linux operating systems e.g. RHEL/OpenShift Understanding of network topologies and common network protocols and services Knowledge of security best practices and tools Experience of Windows & Linux containers and orchestration platforms (Docker, Kubernetes) NodeJS, Angular, React MS Test or other unit testing frameworks, mocking framework Experience of working in an Agile/Scrum environment General knowledge of the Insurance Industry Degree-educated with Computer Science, Engineering, Mathematics or relevant discipline Equal Opportunity Employer At WTW, we believe difference makes us stronger. We want our workforce to reflect the different and varied markets we operate in and to build a culture of inclusivity that makes colleagues feel welcome, valued and empowered to bring their whole selves to work every day. We are an equal opportunity employer committed to fostering an inclusive work environment throughout our organisation. We embrace all types of diversity.
Apr 17, 2024
Full time
As a Senior DevOps Engineer, you will take full ownership of a wide range of infrastructure and tooling aspects, enabling multiple agile teams developing market-leading insurance pricing solutions. You will work together with engineering managers and product owners to refine and prioritize DevOps backlog, working closely with the engineering architecture group to develop new solutions in the cloud. This is a critical and varied role, using a wide range of technologies, combining strategic work with short-term tactical fixes and improvements. You will build upon our DevOps culture across the Product and Engineering organization, sharing modern practices and always challenging the status quo.You will also line manage other DevOps Engineers and coach and mentor them.The Role: Manage the roadmap for your area. Make prioritization decisions and build trust with stakeholders by building an understandable, accurate roadmap Working with engineering teams to maintain and improve the existing continuous integration pipeline, optimizing and upgrading build systems on an ongoing basis, Extending and monitoring the various CI/build/QA/project dashboards to ensure they remain "green", Debugging tooling and infrastructure issues or performance bottlenecks as required, and dispatching product-related issues to the teams, Participating in product design meetings to ensure the infrastructure required to support new product requirements is identified upfront and put in place in a timely manner, Working with the QA Leads to ensure Azure-based test environments are continuously optimized to execute a high volume of test cases in a fast and cost-efficient way, Designing, implementing and documenting test environments and frameworks, assisting in the design and implementation of automated tests, Keeping an inventory of the various tools supporting the development environment and continuously modernizing/upgrading them, providing guidance and instructions to the development team as required Participating in scrum meetings as relevant (e.g. sprint demos and retrospectives The Requirements: Extensive experience administering CI systems, creating build configurations and pipelines (VSTS/Azure DevOps, TeamCity, NuGet, MSBuild) Experience administering version control systems such as VSTS / Git and SVN Familiarity with Microsoft .NET development environment, Visual Studio Strong scripting skills (PowerShell), software development skills using C# .NET Self-reliance, attention to detail, commitment to high-quality, ability to learn quickly and to innovate Strong problem-solving skills, including providing simple solutions to complex situations Strong team player with the ability to communicate and collaborate effectively Other highly desirable, but not essential skills are: Experience of using configuration management tools (Chef, Puppet, Ansible etc.) Experience of cloud technologies (primarily Azure but also AWS), and of migrating on-premise infrastructure to the cloud Knowledge of Linux operating systems e.g. RHEL/OpenShift Understanding of network topologies and common network protocols and services Knowledge of security best practices and tools Experience of Windows & Linux containers and orchestration platforms (Docker, Kubernetes) NodeJS, Angular, React MS Test or other unit testing frameworks, mocking framework Experience of working in an Agile/Scrum environment General knowledge of the Insurance Industry Degree-educated with Computer Science, Engineering, Mathematics or relevant discipline Equal Opportunity Employer At WTW, we believe difference makes us stronger. We want our workforce to reflect the different and varied markets we operate in and to build a culture of inclusivity that makes colleagues feel welcome, valued and empowered to bring their whole selves to work every day. We are an equal opportunity employer committed to fostering an inclusive work environment throughout our organisation. We embrace all types of diversity.
Position: Information Security Lead Salary: £59k Location: Oxford ( Hybrid ) Responsibilities: Develop and maintain an Information Security improvement plan for the group. Work with IT staff within the group to build on an existing information security program and ongoing security projects that address information security risks and compliance requirements. Recommend, coordinate and where appropriate, implement agreed technical controls. Be responsible for decisions regarding operational activities in relation to Information Security improvement within the group. Work with the Head of IT and College governance structures to create and maintain security policies. Monitor and report on compliance with security policies, as well as the enforcement of policies. Plan and prioritise own work ensuring effective support to the group and delivery of key Cyber Security improvement objectives. Research, evaluate, design, test, recommend and plan the implementation of new or updated information security hardware or software, and analyse its impact on the existing environment; provide technical and managerial expertise for the administration of security tools. Develop strong working relationships with the Head of IT, Technical Services Manager, and IT Managers to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements. Ensure all IT staff have access to IT systems limited by need and role. Research/evaluate emerging information security threats and ways to manage them. Assist Colleges with maintaining suitable TPSA templates and maintaining a list of assessed third parties. Monitor and test vulnerabilities in technological infrastructure, managed services, and devices. Use influencing skills to ensure collaborative working to engender a level of quality improvement across the group. Consult with IT colleagues to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications, and software as part of Privacy by Design and Default. Manage and coordinate operational components of security incident management, including detection response and reporting. Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans, and communicate information about residual risk. Manage security projects, provide expert guidance on security matters for other IT projects and work with suppliers to obtain best value. Evaluate requests for exceptions to policies, ensuring sufficient mitigating controls are in place. Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are following policies and audit requirements. Review, escalate and action any unusual event behaviour identified through the groups information security systems. Create standards in system hardening, change management, documentation. Perform periodic firewall Ensure disaster recovery and data restoration processes work. Ensure appropriate Corrective and Preventative Actions are implemented in line with best practice guidance. Essential: A record of accomplishment in and experience of introducing Information Security Improvement through successfully designing, implementing, and improving IT security architecture and controls. Working technical knowledge in broad domains of IT infrastructure such as data networks, server and desktop hardware and operating systems, storage and backups, and related monitoring and management systems. Demonstrable experience of applying security controls in one or more of the following areas: Unix/Linux Servers, Windows servers, firewalls, IDS/IPS, vulnerability management, WAF, Wi-Fi, mobile security, Data Loss Prevention, digital certificates, encryption and authentication techniques, forensics, and LAN / WANs. Solid understanding of security protocols, cryptography, authentication, authorisation, and security. Able to manage own workload, resolve competing demands, and cope with changing priorities in a flexible and proactive way. High level of personal integrity, as well as the ability to handle confidential matters and show an appropriate level of judgment and maturity. Excellent written and oral communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and non-technical audiences. INDIT Planet Recruitment acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. Planet Recruitment is an Equal Opportunities Employer.By applying for this role your details will be submitted to Planet Recruitment. Our Candidate Privacy Information Statement explains how we will use your information. Only candidates with the relevant skills and experience will be contacted after application, if you do not hear back from us within 7 days you have unfortunately been unsuccessful in your application. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and abilities to perform the duties of the position.
Apr 11, 2024
Full time
Position: Information Security Lead Salary: £59k Location: Oxford ( Hybrid ) Responsibilities: Develop and maintain an Information Security improvement plan for the group. Work with IT staff within the group to build on an existing information security program and ongoing security projects that address information security risks and compliance requirements. Recommend, coordinate and where appropriate, implement agreed technical controls. Be responsible for decisions regarding operational activities in relation to Information Security improvement within the group. Work with the Head of IT and College governance structures to create and maintain security policies. Monitor and report on compliance with security policies, as well as the enforcement of policies. Plan and prioritise own work ensuring effective support to the group and delivery of key Cyber Security improvement objectives. Research, evaluate, design, test, recommend and plan the implementation of new or updated information security hardware or software, and analyse its impact on the existing environment; provide technical and managerial expertise for the administration of security tools. Develop strong working relationships with the Head of IT, Technical Services Manager, and IT Managers to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements. Ensure all IT staff have access to IT systems limited by need and role. Research/evaluate emerging information security threats and ways to manage them. Assist Colleges with maintaining suitable TPSA templates and maintaining a list of assessed third parties. Monitor and test vulnerabilities in technological infrastructure, managed services, and devices. Use influencing skills to ensure collaborative working to engender a level of quality improvement across the group. Consult with IT colleagues to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications, and software as part of Privacy by Design and Default. Manage and coordinate operational components of security incident management, including detection response and reporting. Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans, and communicate information about residual risk. Manage security projects, provide expert guidance on security matters for other IT projects and work with suppliers to obtain best value. Evaluate requests for exceptions to policies, ensuring sufficient mitigating controls are in place. Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are following policies and audit requirements. Review, escalate and action any unusual event behaviour identified through the groups information security systems. Create standards in system hardening, change management, documentation. Perform periodic firewall Ensure disaster recovery and data restoration processes work. Ensure appropriate Corrective and Preventative Actions are implemented in line with best practice guidance. Essential: A record of accomplishment in and experience of introducing Information Security Improvement through successfully designing, implementing, and improving IT security architecture and controls. Working technical knowledge in broad domains of IT infrastructure such as data networks, server and desktop hardware and operating systems, storage and backups, and related monitoring and management systems. Demonstrable experience of applying security controls in one or more of the following areas: Unix/Linux Servers, Windows servers, firewalls, IDS/IPS, vulnerability management, WAF, Wi-Fi, mobile security, Data Loss Prevention, digital certificates, encryption and authentication techniques, forensics, and LAN / WANs. Solid understanding of security protocols, cryptography, authentication, authorisation, and security. Able to manage own workload, resolve competing demands, and cope with changing priorities in a flexible and proactive way. High level of personal integrity, as well as the ability to handle confidential matters and show an appropriate level of judgment and maturity. Excellent written and oral communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and non-technical audiences. INDIT Planet Recruitment acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. Planet Recruitment is an Equal Opportunities Employer.By applying for this role your details will be submitted to Planet Recruitment. Our Candidate Privacy Information Statement explains how we will use your information. Only candidates with the relevant skills and experience will be contacted after application, if you do not hear back from us within 7 days you have unfortunately been unsuccessful in your application. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and abilities to perform the duties of the position.
Position: Information Security Lead Salary: 59k Location: Oxford ( Hybrid ) Responsibilities: Develop and maintain an Information Security improvement plan for the group. Work with IT staff within the group to build on an existing information security program and ongoing security projects that address information security risks and compliance requirements. Recommend, coordinate and where appropriate, implement agreed technical controls. Be responsible for decisions regarding operational activities in relation to Information Security improvement within the group. Work with the Head of IT and College governance structures to create and maintain security policies. Monitor and report on compliance with security policies, as well as the enforcement of policies. Plan and prioritise own work ensuring effective support to the group and delivery of key Cyber Security improvement objectives. Research, evaluate, design, test, recommend and plan the implementation of new or updated information security hardware or software, and analyse its impact on the existing environment; provide technical and managerial expertise for the administration of security tools. Develop strong working relationships with the Head of IT, Technical Services Manager, and IT Managers to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements. Ensure all IT staff have access to IT systems limited by need and role. Research/evaluate emerging information security threats and ways to manage them. Assist Colleges with maintaining suitable TPSA templates and maintaining a list of assessed third parties. Monitor and test vulnerabilities in technological infrastructure, managed services, and devices. Use influencing skills to ensure collaborative working to engender a level of quality improvement across the group. Consult with IT colleagues to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications, and software as part of Privacy by Design and Default. Manage and coordinate operational components of security incident management, including detection response and reporting. Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans, and communicate information about residual risk. Manage security projects, provide expert guidance on security matters for other IT projects and work with suppliers to obtain best value. Evaluate requests for exceptions to policies, ensuring sufficient mitigating controls are in place. Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are following policies and audit requirements. Review, escalate and action any unusual event behaviour identified through the groups information security systems. Create standards in system hardening, change management, documentation. Perform periodic firewall Ensure disaster recovery and data restoration processes work. Ensure appropriate Corrective and Preventative Actions are implemented in line with best practice guidance. Essential: A record of accomplishment in and experience of introducing Information Security Improvement through successfully designing, implementing, and improving IT security architecture and controls. Working technical knowledge in broad domains of IT infrastructure such as data networks, server and desktop hardware and operating systems, storage and backups, and related monitoring and management systems. Demonstrable experience of applying security controls in one or more of the following areas: Unix/Linux Servers, Windows servers, firewalls, IDS/IPS, vulnerability management, WAF, Wi-Fi, mobile security, Data Loss Prevention, digital certificates, encryption and authentication techniques, forensics, and LAN / WANs. Solid understanding of security protocols, cryptography, authentication, authorisation, and security. Able to manage own workload, resolve competing demands, and cope with changing priorities in a flexible and proactive way. High level of personal integrity, as well as the ability to handle confidential matters and show an appropriate level of judgment and maturity. Excellent written and oral communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and non-technical audiences. INDIT Planet Recruitment acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. Planet Recruitment is an Equal Opportunities Employer. By applying for this role your details will be submitted to Planet Recruitment. Our Candidate Privacy Information Statement explains how we will use your information. Only candidates with the relevant skills and experience will be contacted after application, if you do not hear back from us within 7 days you have unfortunately been unsuccessful in your application. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and abilities to perform the duties of the position.
Apr 11, 2024
Full time
Position: Information Security Lead Salary: 59k Location: Oxford ( Hybrid ) Responsibilities: Develop and maintain an Information Security improvement plan for the group. Work with IT staff within the group to build on an existing information security program and ongoing security projects that address information security risks and compliance requirements. Recommend, coordinate and where appropriate, implement agreed technical controls. Be responsible for decisions regarding operational activities in relation to Information Security improvement within the group. Work with the Head of IT and College governance structures to create and maintain security policies. Monitor and report on compliance with security policies, as well as the enforcement of policies. Plan and prioritise own work ensuring effective support to the group and delivery of key Cyber Security improvement objectives. Research, evaluate, design, test, recommend and plan the implementation of new or updated information security hardware or software, and analyse its impact on the existing environment; provide technical and managerial expertise for the administration of security tools. Develop strong working relationships with the Head of IT, Technical Services Manager, and IT Managers to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements. Ensure all IT staff have access to IT systems limited by need and role. Research/evaluate emerging information security threats and ways to manage them. Assist Colleges with maintaining suitable TPSA templates and maintaining a list of assessed third parties. Monitor and test vulnerabilities in technological infrastructure, managed services, and devices. Use influencing skills to ensure collaborative working to engender a level of quality improvement across the group. Consult with IT colleagues to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications, and software as part of Privacy by Design and Default. Manage and coordinate operational components of security incident management, including detection response and reporting. Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans, and communicate information about residual risk. Manage security projects, provide expert guidance on security matters for other IT projects and work with suppliers to obtain best value. Evaluate requests for exceptions to policies, ensuring sufficient mitigating controls are in place. Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are following policies and audit requirements. Review, escalate and action any unusual event behaviour identified through the groups information security systems. Create standards in system hardening, change management, documentation. Perform periodic firewall Ensure disaster recovery and data restoration processes work. Ensure appropriate Corrective and Preventative Actions are implemented in line with best practice guidance. Essential: A record of accomplishment in and experience of introducing Information Security Improvement through successfully designing, implementing, and improving IT security architecture and controls. Working technical knowledge in broad domains of IT infrastructure such as data networks, server and desktop hardware and operating systems, storage and backups, and related monitoring and management systems. Demonstrable experience of applying security controls in one or more of the following areas: Unix/Linux Servers, Windows servers, firewalls, IDS/IPS, vulnerability management, WAF, Wi-Fi, mobile security, Data Loss Prevention, digital certificates, encryption and authentication techniques, forensics, and LAN / WANs. Solid understanding of security protocols, cryptography, authentication, authorisation, and security. Able to manage own workload, resolve competing demands, and cope with changing priorities in a flexible and proactive way. High level of personal integrity, as well as the ability to handle confidential matters and show an appropriate level of judgment and maturity. Excellent written and oral communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and non-technical audiences. INDIT Planet Recruitment acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. Planet Recruitment is an Equal Opportunities Employer. By applying for this role your details will be submitted to Planet Recruitment. Our Candidate Privacy Information Statement explains how we will use your information. Only candidates with the relevant skills and experience will be contacted after application, if you do not hear back from us within 7 days you have unfortunately been unsuccessful in your application. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and abilities to perform the duties of the position.
Malware Reverse Engineer Location: Remote working - Office based in Reading Salary: Competitive Salary and Benefits Career Level : Specialist, Associate Manager or Manager About Accenture Cyber Threat Intelligence (ACTI) ACTI is a global team that spans 13 countries and 4 continents and speaks more than 30 languages. We are passionate about delivering intelligence analysis, and providing industry-leading analytic insights, cyber context, and critical services our clients need to achieve their business-line and strategic-growth initiatives. We know success is only possible by developing and supporting our most-critical resources: our talented analysts, developers, and supporting team members. We value creativity and entrepreneurship in our team; where possible, we back staff initiatives with opportunities and investments. We enjoy the hunt. We strive to automate and innovate while working with powerful resources and differentiated data. Above all else, we value an egoless approach to guiding our clients as they navigate their businesses through all aspects of the cyber domain. Who You Are You are passionate about cybersecurity and intelligence analysis. You stay abreast of the latest threats, recognize the value of intelligence, and believe it should drive operations. You are a devoted team member who is always willing to lend a hand, mentor a colleague, or increase our global team's awareness by sharing your knowledge and approaches with others. You are productive, easy to work with, and understand that adherence to a good process is key to excellence. Role Description As a Malware Reverse Engineer at ACTI, you will reverse engineer and analyze malware to evaluate sophisticated malicious code to settle malware capabilities and purposes. Analysis includes the use of specialized systems and tools, including dissemblers, debuggers, hex editors, unpackers, virtual machines, and those for network traffic analysis. Key Responsibilities Analyze malicious events and campaigns to determine attack vectors and retrieve malware payloads. Reverse engineer files suspected or known to belong to identified malware families to determine their command-and-control (C2) infrastructure and targeting. Incorporate analysis results into detailed reporting to include purpose, behavior, C2 server infrastructure, and mitigation techniques related to analyzed malware families, malicious campaigns, and events. Track prevailing malware families, including downloaders, banking Trojans, information stealers, ransomware, and remote access Trojans. Reverse engineer recently discovered malware variants to check potential feature augmentation or configuration structure changes. Improve existing tools that extract known malware family configurations based on reverse engineering results. Research the latest malware detection evasion techniques, such as use of customized packers, customized crypters, fully undetectable (FUD) techniques, host intrusion prevention system (HIPS) bypassing, and anti-virus (AV) software bypassing. Based on research, design and develop generic unpacking methods and tools for use as standalone tools or within automated analysis systems and sandboxes. Provide customer support by responding to requests related to suspicious file analysis that sometimes require malware reverse engineering and determination of contextual information surrounding indicators of compromise; do so by providing detailed analysis reports and mitigation recommendations. Provide customer support by responding to cybersecurity requests, including those for: open-source intelligence (OSINT) research; domain, IP address, or URL analysis; malicious campaign information; and/or event attribution. Provide answers to specific questions, the answers of which clients use for operational mentorship to aid their strategies. Design, develop, and implement Windows kernel modules to support automated malware analysis; such modules include kernel system service filtering modules able to intercept operating system services on 32-bit and 64-bit Windows operating systems without triggering those systems' self-protection mechanisms, and kernel-mode modules able to force designated processes to load specific modules that load decoders designed for extracting malware configurations. Design, develop, and implement generic unpackers that combat widely used malware packing methods to retrieve malicious payloads from packed malware samples automatically. Create detection rules and signatures for detecting malware families, and provide detection or blocking recommendations. Develop decoders to extract malware configurations-including basic C2 settings or secondary dynamic configurations, such as those outlining targeted institutions and web injects-based on reverse engineering results. Provide junior engineers with technical training, including: training on malware analysis; reverse engineering; Windows internals; and development, identification, unpacking, and de-obfuscation of malicious code. Travel occasionally as this position may require doing so to address client needs, improve results, or otherwise support projects. Basic Qualifications Bachelor's Degree in Computer Forensics, Science, Engineering, Information Systems, or another related security field, or comparable experience. Experience with malware analysis, reverse engineering, and development. Ability to write, understand, and/or analyze code in programming and scripting languages, including Assembly x86/x64, C, C++, Python, JavaScript, Java, PHP, and HTML. Basic knowledge of and experience with malware packers, crypters, and obfuscation techniques. Understanding of operating system internals and the Windows API. Experience with debuggers, decompilers, and network traffic analysis tools. Development experience in Assembly, Python, C, or C++. Strong understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.). Practical understanding of malware analysis and/or reverse engineering, and the ability to develop malware detection signatures (e.g. YARA). Required Skills Ability to analyze and unpack obfuscated code. Strong written and verbal skills; can communicate complex concepts at a high level while retaining accuracy and highlighting features in a way that improves audience engagement. Strong problem solving and critical thinking capabilities. Desired Skills Two or more years of experience in malware analysis, reverse engineering, and development fields. Deep understanding of operating system internals and the Windows API. Ability to work with a high degree of independence. Ability to collaborate in a team environment to focus on a common goal. Show more Show less Qualifications What's in it for you At Accenture in addition to a competitive basic salary, you will alsohave an extensive benefits package which includes 25days' vacation per year, gym subsidy, private medical insurance and 3 extra days leave per year for charitable work of your choice! About Accenture Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience and specialized capabilities across more than 40 industries - powered by the world's largest network of Advanced Technology and Intelligent Operations centers. With 509,000 people serving clients in more than 120 countries, Accenture brings continuous innovation to help clients improve their performance and create lasting value across their enterprises. Visit us at Accenture is an equal opportunities employer and encourages applications from all sections of society and does not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, or gender identity, or any other basis as protected by applicable law. Closing Date for Applications: 30/10/2022 Accenture reserves the right to close the role prior to this date should a suitable applicant be found.
Sep 24, 2022
Full time
Malware Reverse Engineer Location: Remote working - Office based in Reading Salary: Competitive Salary and Benefits Career Level : Specialist, Associate Manager or Manager About Accenture Cyber Threat Intelligence (ACTI) ACTI is a global team that spans 13 countries and 4 continents and speaks more than 30 languages. We are passionate about delivering intelligence analysis, and providing industry-leading analytic insights, cyber context, and critical services our clients need to achieve their business-line and strategic-growth initiatives. We know success is only possible by developing and supporting our most-critical resources: our talented analysts, developers, and supporting team members. We value creativity and entrepreneurship in our team; where possible, we back staff initiatives with opportunities and investments. We enjoy the hunt. We strive to automate and innovate while working with powerful resources and differentiated data. Above all else, we value an egoless approach to guiding our clients as they navigate their businesses through all aspects of the cyber domain. Who You Are You are passionate about cybersecurity and intelligence analysis. You stay abreast of the latest threats, recognize the value of intelligence, and believe it should drive operations. You are a devoted team member who is always willing to lend a hand, mentor a colleague, or increase our global team's awareness by sharing your knowledge and approaches with others. You are productive, easy to work with, and understand that adherence to a good process is key to excellence. Role Description As a Malware Reverse Engineer at ACTI, you will reverse engineer and analyze malware to evaluate sophisticated malicious code to settle malware capabilities and purposes. Analysis includes the use of specialized systems and tools, including dissemblers, debuggers, hex editors, unpackers, virtual machines, and those for network traffic analysis. Key Responsibilities Analyze malicious events and campaigns to determine attack vectors and retrieve malware payloads. Reverse engineer files suspected or known to belong to identified malware families to determine their command-and-control (C2) infrastructure and targeting. Incorporate analysis results into detailed reporting to include purpose, behavior, C2 server infrastructure, and mitigation techniques related to analyzed malware families, malicious campaigns, and events. Track prevailing malware families, including downloaders, banking Trojans, information stealers, ransomware, and remote access Trojans. Reverse engineer recently discovered malware variants to check potential feature augmentation or configuration structure changes. Improve existing tools that extract known malware family configurations based on reverse engineering results. Research the latest malware detection evasion techniques, such as use of customized packers, customized crypters, fully undetectable (FUD) techniques, host intrusion prevention system (HIPS) bypassing, and anti-virus (AV) software bypassing. Based on research, design and develop generic unpacking methods and tools for use as standalone tools or within automated analysis systems and sandboxes. Provide customer support by responding to requests related to suspicious file analysis that sometimes require malware reverse engineering and determination of contextual information surrounding indicators of compromise; do so by providing detailed analysis reports and mitigation recommendations. Provide customer support by responding to cybersecurity requests, including those for: open-source intelligence (OSINT) research; domain, IP address, or URL analysis; malicious campaign information; and/or event attribution. Provide answers to specific questions, the answers of which clients use for operational mentorship to aid their strategies. Design, develop, and implement Windows kernel modules to support automated malware analysis; such modules include kernel system service filtering modules able to intercept operating system services on 32-bit and 64-bit Windows operating systems without triggering those systems' self-protection mechanisms, and kernel-mode modules able to force designated processes to load specific modules that load decoders designed for extracting malware configurations. Design, develop, and implement generic unpackers that combat widely used malware packing methods to retrieve malicious payloads from packed malware samples automatically. Create detection rules and signatures for detecting malware families, and provide detection or blocking recommendations. Develop decoders to extract malware configurations-including basic C2 settings or secondary dynamic configurations, such as those outlining targeted institutions and web injects-based on reverse engineering results. Provide junior engineers with technical training, including: training on malware analysis; reverse engineering; Windows internals; and development, identification, unpacking, and de-obfuscation of malicious code. Travel occasionally as this position may require doing so to address client needs, improve results, or otherwise support projects. Basic Qualifications Bachelor's Degree in Computer Forensics, Science, Engineering, Information Systems, or another related security field, or comparable experience. Experience with malware analysis, reverse engineering, and development. Ability to write, understand, and/or analyze code in programming and scripting languages, including Assembly x86/x64, C, C++, Python, JavaScript, Java, PHP, and HTML. Basic knowledge of and experience with malware packers, crypters, and obfuscation techniques. Understanding of operating system internals and the Windows API. Experience with debuggers, decompilers, and network traffic analysis tools. Development experience in Assembly, Python, C, or C++. Strong understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.). Practical understanding of malware analysis and/or reverse engineering, and the ability to develop malware detection signatures (e.g. YARA). Required Skills Ability to analyze and unpack obfuscated code. Strong written and verbal skills; can communicate complex concepts at a high level while retaining accuracy and highlighting features in a way that improves audience engagement. Strong problem solving and critical thinking capabilities. Desired Skills Two or more years of experience in malware analysis, reverse engineering, and development fields. Deep understanding of operating system internals and the Windows API. Ability to work with a high degree of independence. Ability to collaborate in a team environment to focus on a common goal. Show more Show less Qualifications What's in it for you At Accenture in addition to a competitive basic salary, you will alsohave an extensive benefits package which includes 25days' vacation per year, gym subsidy, private medical insurance and 3 extra days leave per year for charitable work of your choice! About Accenture Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience and specialized capabilities across more than 40 industries - powered by the world's largest network of Advanced Technology and Intelligent Operations centers. With 509,000 people serving clients in more than 120 countries, Accenture brings continuous innovation to help clients improve their performance and create lasting value across their enterprises. Visit us at Accenture is an equal opportunities employer and encourages applications from all sections of society and does not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, or gender identity, or any other basis as protected by applicable law. Closing Date for Applications: 30/10/2022 Accenture reserves the right to close the role prior to this date should a suitable applicant be found.
Overview: All potential applicants are encouraged to scroll through and read the complete job description before applying. RSSB are seeking an experienced Sitecore Developer, who will work as a developer in the Application Delivery team. The role will involve planning and developing of several Sitecore websites and system integrations following company code standards, best practices, and operational procedures. The team has recently completed a Sitecore 10 upgrade which being is deployed to Azure Kubernetes. CI/CD and a blue/green deployment strategy are being implemented using Azure DevOps pipelines. Responsibilities: Developing and maintaining Sitecore-centric-based solutions. Accountable for the timely and technical quality delivery on Sitecore-related elements/phases for software development projects. Contribute to software delivery project planning (scope, time estimates, technical skills) Ensuring technical implementation and delivery processes (i.e. Unit testing, Source control, Coding Standards, Deployments) and technical documentation are followed, improved, and continuously evolved Work in a collaborative team environment and work closely with colleagues to achieve business objectives. Collaborate with stakeholders (e.g. business stakeholders, product owners, project managers, and end users) to understand functional and non-functional requirements. Investigate and propose solutions to development and design problems. Participate in the scope of work estimation and forecasting. Adhere to architecture, design, implementation, and security standards and best practices. Build and develop prototypes for proof of concept Write high-quality code that satisfies customer needs and strives for simplicity, clarity, and testability. Participate in code reviews or use collaborative programming techniques to promote high quality business outcomes. Conduct analysis to determine integration needs, and design and plan integrations. Implement unit and integration tests and conduct functional and performance testing where appropriate. Develop reusable software building blocks to enable faster delivery. Improve performance of existing software by diagnosing and resolving critical issues. Prepare technical documentation, including software design evaluation plans, test results, and technical manuals. Analyse and create new configurations for packaged software. Review new releases of packaged software and identify new features that can be enabled for the business. Qualifications: You will be a full-stack Sitecore Developer with experience working with Sitecore. Essential Sitecore development experience Sitecore Helix Sitecore Experience Accelerator (SXA) Sitecore solution 9/10 Developer Certification Development using Microsoft technologies and frameworks (E.g. MVC, ASP.NET and C#) HTML, CSS, SASS, Bootstrap, Javascript, JQuery, Gulp, NPM Git in Azure DevOps Microsoft Azure - PaaS, IaaS MS SQL Server Agile/sprint-based development PowerShell scripting Desirable E-commerce experience Relevant Microsoft Azure Certifications Continuous integration - implementing Azure DevOps pipelines Sitecore Analytics and Personalization Docker, Containers and Kubernetes Early applications are encouraged, as we may close this vacancy before the advertised deadline if sufficient numbers of applications are received. We value diversity and equal opportunities in employment and are committed to creating a workplace which is inclusive to everyone. As a member of the Disability Confident Scheme, we encourage candidates with disabilities who meet the minimum criteria, to apply for our jobs. If you have applied under the Disability Confident Scheme, please let us know in advance by emailing If you require any reasonable adjustments with respect to our selection process including information in an alternative format, please contact us at We understand the importance of work-life balance and we offer our staff the flexibility to work within our core hours and the option to vary their location between both the office and home. If you are looking for further flexibility, speak to us at interview stage so that we can consider your request. We value our staff and we offer a competitive benefits package to ensure our staff can achieve their best throughout their journey with us. This includes 30 days annual leave (plus bank holidays); a holiday buy and sell scheme; private medical and dental cover; a season ticket loan and travel subsidy; access to a cycle to work scheme; volunteer leave; a performance related bonus and pension.
Sep 24, 2022
Full time
Overview: All potential applicants are encouraged to scroll through and read the complete job description before applying. RSSB are seeking an experienced Sitecore Developer, who will work as a developer in the Application Delivery team. The role will involve planning and developing of several Sitecore websites and system integrations following company code standards, best practices, and operational procedures. The team has recently completed a Sitecore 10 upgrade which being is deployed to Azure Kubernetes. CI/CD and a blue/green deployment strategy are being implemented using Azure DevOps pipelines. Responsibilities: Developing and maintaining Sitecore-centric-based solutions. Accountable for the timely and technical quality delivery on Sitecore-related elements/phases for software development projects. Contribute to software delivery project planning (scope, time estimates, technical skills) Ensuring technical implementation and delivery processes (i.e. Unit testing, Source control, Coding Standards, Deployments) and technical documentation are followed, improved, and continuously evolved Work in a collaborative team environment and work closely with colleagues to achieve business objectives. Collaborate with stakeholders (e.g. business stakeholders, product owners, project managers, and end users) to understand functional and non-functional requirements. Investigate and propose solutions to development and design problems. Participate in the scope of work estimation and forecasting. Adhere to architecture, design, implementation, and security standards and best practices. Build and develop prototypes for proof of concept Write high-quality code that satisfies customer needs and strives for simplicity, clarity, and testability. Participate in code reviews or use collaborative programming techniques to promote high quality business outcomes. Conduct analysis to determine integration needs, and design and plan integrations. Implement unit and integration tests and conduct functional and performance testing where appropriate. Develop reusable software building blocks to enable faster delivery. Improve performance of existing software by diagnosing and resolving critical issues. Prepare technical documentation, including software design evaluation plans, test results, and technical manuals. Analyse and create new configurations for packaged software. Review new releases of packaged software and identify new features that can be enabled for the business. Qualifications: You will be a full-stack Sitecore Developer with experience working with Sitecore. Essential Sitecore development experience Sitecore Helix Sitecore Experience Accelerator (SXA) Sitecore solution 9/10 Developer Certification Development using Microsoft technologies and frameworks (E.g. MVC, ASP.NET and C#) HTML, CSS, SASS, Bootstrap, Javascript, JQuery, Gulp, NPM Git in Azure DevOps Microsoft Azure - PaaS, IaaS MS SQL Server Agile/sprint-based development PowerShell scripting Desirable E-commerce experience Relevant Microsoft Azure Certifications Continuous integration - implementing Azure DevOps pipelines Sitecore Analytics and Personalization Docker, Containers and Kubernetes Early applications are encouraged, as we may close this vacancy before the advertised deadline if sufficient numbers of applications are received. We value diversity and equal opportunities in employment and are committed to creating a workplace which is inclusive to everyone. As a member of the Disability Confident Scheme, we encourage candidates with disabilities who meet the minimum criteria, to apply for our jobs. If you have applied under the Disability Confident Scheme, please let us know in advance by emailing If you require any reasonable adjustments with respect to our selection process including information in an alternative format, please contact us at We understand the importance of work-life balance and we offer our staff the flexibility to work within our core hours and the option to vary their location between both the office and home. If you are looking for further flexibility, speak to us at interview stage so that we can consider your request. We value our staff and we offer a competitive benefits package to ensure our staff can achieve their best throughout their journey with us. This includes 30 days annual leave (plus bank holidays); a holiday buy and sell scheme; private medical and dental cover; a season ticket loan and travel subsidy; access to a cycle to work scheme; volunteer leave; a performance related bonus and pension.
It can usually take years to gain the skills of a good developer, how would you like to do it in weeks, and then be deployed as one of our consultants to hone those skills? By joining Sparta Global you will be provided with the practical skills that you need to develop in the workplace to our clients standards, we're going to take you to a level where you can wield programming languages to their full potential. Once you have completed our tech academy and your class has graduated, we place you with one of our incredible clients - You will have the know-how and a job with incredible prospects - you're future-proofing yourself. We will train you in a lot more depth than just the user facing experience and front-end frameworks, you'll have the ability to build the structure of applications, understand and utilise server side code, build and interact with databases, construct automation frameworks, understand how to build apps with security in mind, production environments and configurations, microservices, cloud computing, optimisation, scaling, pipelining, creating and employing APIs - We're giving you the skills to develop the things you dreamed of when you first started playing with tech. What You'll do If you get a thrill from problem solving - and aren't easily disheartened when things don't work - software development is the career for you. As a Developer, you will: Help our clients to champion software excellence and improve delivery and service Embrace agile best practices and Continuous Delivery Support software development projects, creating new features, while also maintaining high standards for code quality Test your creativity daily as you experiment and explore different approaches to problem solving Collaborate across departments with developers, product managers, business analysts, and tests Why work for us. Sparta Global is an award-winning provider of business and technology training and careers. We help graduates, non-graduates, returners and career changers kickstart technology careers in a matter of months. Become a Spartan, complete our award-winning, paid training programme, and be assigned to work on-site with one of our clients as a fully-fledged consultant. We will make sure you are ready and confident for the workplace. Our programmes provide you with in-depth knowledge of the technical tools and skills you'll need to succeed in your future career. We'll even support with developing your business acumen, collaborative skills and personal development to give you the confidence to thrive in the workplace - regardless of your background. Why we're different. Diversity is in our DNA. We are proud to have been recognised by a number of awards bodies for our hard work across technology training, employer excellence, and diversity and inclusion. We are a people-powered business and take every opportunity to recognise and reward the hard work of our Spartans, too. This includes putting them forward for individual industry awards, including Rising Star of the Year, Rising Digital Hero, and specific awards around their skill specialisms. Who you are. Previous experience of any programming language e.g. C#, Java, Python or similar languages Have a love for technology and its application Naturally curious about how things work Critical thinker and keen problem solver Presentable, professional, and punctual Able to relocate as necessary throughout the UK for client projects Hold the full rights to work in the UK without sponsorship
Sep 17, 2022
Full time
It can usually take years to gain the skills of a good developer, how would you like to do it in weeks, and then be deployed as one of our consultants to hone those skills? By joining Sparta Global you will be provided with the practical skills that you need to develop in the workplace to our clients standards, we're going to take you to a level where you can wield programming languages to their full potential. Once you have completed our tech academy and your class has graduated, we place you with one of our incredible clients - You will have the know-how and a job with incredible prospects - you're future-proofing yourself. We will train you in a lot more depth than just the user facing experience and front-end frameworks, you'll have the ability to build the structure of applications, understand and utilise server side code, build and interact with databases, construct automation frameworks, understand how to build apps with security in mind, production environments and configurations, microservices, cloud computing, optimisation, scaling, pipelining, creating and employing APIs - We're giving you the skills to develop the things you dreamed of when you first started playing with tech. What You'll do If you get a thrill from problem solving - and aren't easily disheartened when things don't work - software development is the career for you. As a Developer, you will: Help our clients to champion software excellence and improve delivery and service Embrace agile best practices and Continuous Delivery Support software development projects, creating new features, while also maintaining high standards for code quality Test your creativity daily as you experiment and explore different approaches to problem solving Collaborate across departments with developers, product managers, business analysts, and tests Why work for us. Sparta Global is an award-winning provider of business and technology training and careers. We help graduates, non-graduates, returners and career changers kickstart technology careers in a matter of months. Become a Spartan, complete our award-winning, paid training programme, and be assigned to work on-site with one of our clients as a fully-fledged consultant. We will make sure you are ready and confident for the workplace. Our programmes provide you with in-depth knowledge of the technical tools and skills you'll need to succeed in your future career. We'll even support with developing your business acumen, collaborative skills and personal development to give you the confidence to thrive in the workplace - regardless of your background. Why we're different. Diversity is in our DNA. We are proud to have been recognised by a number of awards bodies for our hard work across technology training, employer excellence, and diversity and inclusion. We are a people-powered business and take every opportunity to recognise and reward the hard work of our Spartans, too. This includes putting them forward for individual industry awards, including Rising Star of the Year, Rising Digital Hero, and specific awards around their skill specialisms. Who you are. Previous experience of any programming language e.g. C#, Java, Python or similar languages Have a love for technology and its application Naturally curious about how things work Critical thinker and keen problem solver Presentable, professional, and punctual Able to relocate as necessary throughout the UK for client projects Hold the full rights to work in the UK without sponsorship