Location
Dstl Porton Down, Salisbury, Wiltshire, SP4 0JQ or Dstl Portsdown West, Fareham, Hampshire, PO17 6AD
About the job
Job summary
Dstl is the science and technology arm of the Ministry of Defence. We improve the front-line capability of the UK Armed Forces helping keep our country safe.
The Cyber Security and Safety Group has never been more important. Many military platforms such as fast jets, unmanned air vehicles, helicopters, naval vessels, and land vehicles are becoming increasingly reliant on Software, Artificial Intelligence (AI) and Autonomous functions to control all aspects of their behaviour.
We’re looking for mathematically strong data scientists to help make AI reliant military systems robust and trustworthy in complex operations to help save lives.
An example of our world class inspiring work is designing and trialling a variety of autonomous air and ground vehicles out in Salisbury plain with the US and Australia. AI models were retrained in flight to meet changing mission situations to enhance commanders’ decision-making.
You could be involved in:
Assessing and improving AI content in Defence and Security safety critical systems in the Air, Sea and Land domains, to ensure that they are safe, secure and protected.
Applying the latest thinking in verification and validation of artificial intelligence and autonomous functions for defence and security purposes.
Innovating to support the delivery of the UK Cyber Strategy by researching algorithms for Cyber defence.
Dstl recognises the importance of diversity and inclusion as people from diverse backgrounds bring fresh ideas. We are committed to building an inclusive working environment in which each employee fulfils their potential and maximises their contribution.
We particularly welcome female and ethnic minority applicants and those from the LGBTQI community, as they are under-represented within Dstl at these levels.
Job description
In this role you will:
Have a drive for keeping abreast of the latest developments in cyber security and emerging trends in artificial intelligence. We give our people the opportunity to think and innovate. We offer loads of opportunities for training and scholarships, attending and presenting at conferences, and collaborating with internal research and industry and academia.
Work in a team consisting of highly professional Autonomy and Mathematical experts with enviable national and international reputations to take part in cutting edge research. Use your critical thinking and creative problem solving skills to implement state of art methods and tools.
Develop a knowledge of undertaking verification, validation and vulnerability assessments on Systems of interest.
Appreciate the importance of safety, security requirements to have a positive impact on defence and security of the UK.
Deliver technical reports and recommendations to leadership, senior officials across government and military and other non-technical audiences through clear data storytelling and well-crafted verbal presentations
Person specification
We are looking for someone who has:
A keen interest in algorithms, AI, ML or statistical analysis along with a willingness to develop additional capabilities in cyber security and safety.
Experience contributing to Software or AI / ML intensive projects.
Is looking for a career with a difference, doing a job that provides the latest and most effective tools to defend our nation and uphold the principle of freedom.
Important Information:
Our work in defence, security and intelligence requires our employees to be UK Nationals who are able to gain a high level of security clearance to undertake the projects we are involved in to protect us from security threats. For this reason, only UK Nationals will be able to apply for this role. If you are an international or dual-national candidate, and you think you have the skills we need, please consider applying to any of our government, security or defence partners.
This role will require full UK security clearance and you should have resided in the UK for the past 5 years. For some roles Developed Vetting will also be required, in this case you should have resided in the UK for the past 10 years.
Behaviours
We'll assess you against these behaviours during the selection process:
Changing and Improving
Communicating and Influencing
Seeing the Big Picture
Working Together
Benefits
Benefits
Dstl’s full range of great benefits can be found in the information pack which includes:
Financial : An excellent pension scheme starting from 26% employer contribution ( find out more here ). In Year Rewarding Achievement bonuses and thank you vouchers. Rental deposit scheme and cycle to work scheme.
Flexible working : Options include alternative working patterns such as; compressed hours (e.g. working a 4 day week/ 9 day fortnight), job shares and annualised hours (agreed number of hours per annum paid monthly i.e. working term-time only).
Working hours: Flexibility around your working day (e.g. start time, finish time). Ability to bank hours in a 12 month reference period including the ability to accrue and use 3 days per calendar month.
Where you work: Depending on your role, blended working may be available including remote working to suit you and your team. This can be discussed at interview.
Annual leave: 25 days pro rata (rising to 30 after 5 years) plus 8 public holidays with the ability to buy/sell 5 additional days per annum.
Family: Maternity, adoption or shared parental leave of up to 26 weeks with full pay, an additional 13 weeks statutory pay and a further 13 weeks unpaid
Learning and Development: Dstl encourages and supports charterships, accreditations and provides employees access to fully funded apprenticeships up to level 7 (Masters Degree). Dstl will pay for 2 memberships with relevant bodies/institutions. Employees also have access to Civil Service Learning.
Facilities: Onsite parking, EV Charging points, restaurants, cafés and gyms.
Things you need to know
Selection process details
This vacancy is using Success Profiles (opens in a new window) , and will assess your Behaviours and Experience.
We want you to have your best chance of success in our recruitment process, so If at any stage of the application process you would like help or assistance please contact the Dstl Recruitment Team dstlrecruitment@dstl.gov.uk and we will do all we can to support you.
Sifting will be taking place bi-weekly throughout the campaign, successful applicants will be invited to attend an online interview via MS Teams.
Feedback will only be provided if you attend an interview or assessment.
Security
Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window) . See our vetting charter (opens in a new window) . People working with government assets must complete baseline personnel security standard (opens in new window) checks.
Nationality requirements
Open to UK nationals only. This job is not open to candidates who hold a dual nationality.
Working for the Civil Service
The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants. We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window) . The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.
Apply and further information
This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative. Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.
Contact point for applicants
Job contact :
Name : Dstl Recruitment
Email : dstlrecruitment@dstl.gov.uk
Recruitment team
Email : dstlrecruitment@dstl.gov.uk
Further information
Should you wish to raise a formal complaint about the Dstl recruitment process you should email dstlrecruitment@dstl.gov.uk stating the nature of the issue. We will respond within 5 working days.
Attachments
20230626_CSAS_Data_Scientist_Autonomy_Dependability_L5 Opens in new window (docx, 66kB) Candidate_info_pack_CIS - 20220824 Opens in new window (pdf, 1378kB)
Jul 03, 2023
Full time
Location
Dstl Porton Down, Salisbury, Wiltshire, SP4 0JQ or Dstl Portsdown West, Fareham, Hampshire, PO17 6AD
About the job
Job summary
Dstl is the science and technology arm of the Ministry of Defence. We improve the front-line capability of the UK Armed Forces helping keep our country safe.
The Cyber Security and Safety Group has never been more important. Many military platforms such as fast jets, unmanned air vehicles, helicopters, naval vessels, and land vehicles are becoming increasingly reliant on Software, Artificial Intelligence (AI) and Autonomous functions to control all aspects of their behaviour.
We’re looking for mathematically strong data scientists to help make AI reliant military systems robust and trustworthy in complex operations to help save lives.
An example of our world class inspiring work is designing and trialling a variety of autonomous air and ground vehicles out in Salisbury plain with the US and Australia. AI models were retrained in flight to meet changing mission situations to enhance commanders’ decision-making.
You could be involved in:
Assessing and improving AI content in Defence and Security safety critical systems in the Air, Sea and Land domains, to ensure that they are safe, secure and protected.
Applying the latest thinking in verification and validation of artificial intelligence and autonomous functions for defence and security purposes.
Innovating to support the delivery of the UK Cyber Strategy by researching algorithms for Cyber defence.
Dstl recognises the importance of diversity and inclusion as people from diverse backgrounds bring fresh ideas. We are committed to building an inclusive working environment in which each employee fulfils their potential and maximises their contribution.
We particularly welcome female and ethnic minority applicants and those from the LGBTQI community, as they are under-represented within Dstl at these levels.
Job description
In this role you will:
Have a drive for keeping abreast of the latest developments in cyber security and emerging trends in artificial intelligence. We give our people the opportunity to think and innovate. We offer loads of opportunities for training and scholarships, attending and presenting at conferences, and collaborating with internal research and industry and academia.
Work in a team consisting of highly professional Autonomy and Mathematical experts with enviable national and international reputations to take part in cutting edge research. Use your critical thinking and creative problem solving skills to implement state of art methods and tools.
Develop a knowledge of undertaking verification, validation and vulnerability assessments on Systems of interest.
Appreciate the importance of safety, security requirements to have a positive impact on defence and security of the UK.
Deliver technical reports and recommendations to leadership, senior officials across government and military and other non-technical audiences through clear data storytelling and well-crafted verbal presentations
Person specification
We are looking for someone who has:
A keen interest in algorithms, AI, ML or statistical analysis along with a willingness to develop additional capabilities in cyber security and safety.
Experience contributing to Software or AI / ML intensive projects.
Is looking for a career with a difference, doing a job that provides the latest and most effective tools to defend our nation and uphold the principle of freedom.
Important Information:
Our work in defence, security and intelligence requires our employees to be UK Nationals who are able to gain a high level of security clearance to undertake the projects we are involved in to protect us from security threats. For this reason, only UK Nationals will be able to apply for this role. If you are an international or dual-national candidate, and you think you have the skills we need, please consider applying to any of our government, security or defence partners.
This role will require full UK security clearance and you should have resided in the UK for the past 5 years. For some roles Developed Vetting will also be required, in this case you should have resided in the UK for the past 10 years.
Behaviours
We'll assess you against these behaviours during the selection process:
Changing and Improving
Communicating and Influencing
Seeing the Big Picture
Working Together
Benefits
Benefits
Dstl’s full range of great benefits can be found in the information pack which includes:
Financial : An excellent pension scheme starting from 26% employer contribution ( find out more here ). In Year Rewarding Achievement bonuses and thank you vouchers. Rental deposit scheme and cycle to work scheme.
Flexible working : Options include alternative working patterns such as; compressed hours (e.g. working a 4 day week/ 9 day fortnight), job shares and annualised hours (agreed number of hours per annum paid monthly i.e. working term-time only).
Working hours: Flexibility around your working day (e.g. start time, finish time). Ability to bank hours in a 12 month reference period including the ability to accrue and use 3 days per calendar month.
Where you work: Depending on your role, blended working may be available including remote working to suit you and your team. This can be discussed at interview.
Annual leave: 25 days pro rata (rising to 30 after 5 years) plus 8 public holidays with the ability to buy/sell 5 additional days per annum.
Family: Maternity, adoption or shared parental leave of up to 26 weeks with full pay, an additional 13 weeks statutory pay and a further 13 weeks unpaid
Learning and Development: Dstl encourages and supports charterships, accreditations and provides employees access to fully funded apprenticeships up to level 7 (Masters Degree). Dstl will pay for 2 memberships with relevant bodies/institutions. Employees also have access to Civil Service Learning.
Facilities: Onsite parking, EV Charging points, restaurants, cafés and gyms.
Things you need to know
Selection process details
This vacancy is using Success Profiles (opens in a new window) , and will assess your Behaviours and Experience.
We want you to have your best chance of success in our recruitment process, so If at any stage of the application process you would like help or assistance please contact the Dstl Recruitment Team dstlrecruitment@dstl.gov.uk and we will do all we can to support you.
Sifting will be taking place bi-weekly throughout the campaign, successful applicants will be invited to attend an online interview via MS Teams.
Feedback will only be provided if you attend an interview or assessment.
Security
Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window) . See our vetting charter (opens in a new window) . People working with government assets must complete baseline personnel security standard (opens in new window) checks.
Nationality requirements
Open to UK nationals only. This job is not open to candidates who hold a dual nationality.
Working for the Civil Service
The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants. We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window) . The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.
Apply and further information
This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative. Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.
Contact point for applicants
Job contact :
Name : Dstl Recruitment
Email : dstlrecruitment@dstl.gov.uk
Recruitment team
Email : dstlrecruitment@dstl.gov.uk
Further information
Should you wish to raise a formal complaint about the Dstl recruitment process you should email dstlrecruitment@dstl.gov.uk stating the nature of the issue. We will respond within 5 working days.
Attachments
20230626_CSAS_Data_Scientist_Autonomy_Dependability_L5 Opens in new window (docx, 66kB) Candidate_info_pack_CIS - 20220824 Opens in new window (pdf, 1378kB)
SENIOR SOC ANALYST OPPORTUNITY WITH A LEADING GLOBAL SOFTWARE SOLUTIONS PROVIDER IN STOKE-ON-TRENT Salary up to £65,000 + Bonus and Benefits Hybrid working 2 days per week onsite requirement in the Stoke-on-Trent office If you have experience as an SOC Analyst, then please apply or contact via / or ABOUT OUR CLIENT: Founded over 20 years ago, our client is a leading global software solutions provider, employing more than 7,000 people across the world. They invest heavily into employee development, to ensure everyone reaches their full potential to help drive innovation across the brand, as well as offering market leading benefits and investment into employee experience across all departments. Due to continued growth they are looking for a hands on Senior SOC Analyst to join their information security team, working in a hybrid capacity with 2 days on-site per week from the Stoke-on-Trent office. WHAT THEY OFFER: Flexible work arrangements, including the option to work remotely as part of our client's hybrid model. Bonus schemes and employee discounts Life event and long service rewards Company pension Employee assistance programme, income protection and life assurance Generous paid annual leave Free gym membership + more SENIOR SOC ANALYST ROLE: Our client's SOC Analysts play a vital role in ensuring the integrity of their large technical estate, and they pride themselves on having a team of knowledge hungry individuals who work in a supportive and collaborative environment. Responsibilities will include monitoring SIEM Systems, identifying and investigating security threats, responding to alerts, collaborating within an information security environment, proactive threat intelligence and documentation. THE SENIOR SOC ANALYST SHOULD HAVE: Experience in leading an information security project lifecycleTechnical experience securing operating systems, using security related tools and security related technical investigations TO APPLY: Please either apply by clicking online or emailing . For further information please contact via or . By applying for this role, you give express consent for us to process & submit (subject to required skills) your application to our client in conjunction with this vacancy only. SENIOR SOC ANALYST KEY SKILLS: Security Operations / Monitoring / Identifying Threats / Investigation / Prevention / Documentation
Apr 25, 2024
Full time
SENIOR SOC ANALYST OPPORTUNITY WITH A LEADING GLOBAL SOFTWARE SOLUTIONS PROVIDER IN STOKE-ON-TRENT Salary up to £65,000 + Bonus and Benefits Hybrid working 2 days per week onsite requirement in the Stoke-on-Trent office If you have experience as an SOC Analyst, then please apply or contact via / or ABOUT OUR CLIENT: Founded over 20 years ago, our client is a leading global software solutions provider, employing more than 7,000 people across the world. They invest heavily into employee development, to ensure everyone reaches their full potential to help drive innovation across the brand, as well as offering market leading benefits and investment into employee experience across all departments. Due to continued growth they are looking for a hands on Senior SOC Analyst to join their information security team, working in a hybrid capacity with 2 days on-site per week from the Stoke-on-Trent office. WHAT THEY OFFER: Flexible work arrangements, including the option to work remotely as part of our client's hybrid model. Bonus schemes and employee discounts Life event and long service rewards Company pension Employee assistance programme, income protection and life assurance Generous paid annual leave Free gym membership + more SENIOR SOC ANALYST ROLE: Our client's SOC Analysts play a vital role in ensuring the integrity of their large technical estate, and they pride themselves on having a team of knowledge hungry individuals who work in a supportive and collaborative environment. Responsibilities will include monitoring SIEM Systems, identifying and investigating security threats, responding to alerts, collaborating within an information security environment, proactive threat intelligence and documentation. THE SENIOR SOC ANALYST SHOULD HAVE: Experience in leading an information security project lifecycleTechnical experience securing operating systems, using security related tools and security related technical investigations TO APPLY: Please either apply by clicking online or emailing . For further information please contact via or . By applying for this role, you give express consent for us to process & submit (subject to required skills) your application to our client in conjunction with this vacancy only. SENIOR SOC ANALYST KEY SKILLS: Security Operations / Monitoring / Identifying Threats / Investigation / Prevention / Documentation
SENIOR SOC ANALYST OPPORTUNITY WITH A LEADING GLOBAL SOFTWARE SOLUTIONS PROVIDER IN MANCHESTER Salary up to £65,000 + Bonus and Benefits Hybrid working 2 days per week onsite requirement in the Manchester office If you have experience as an SOC Analyst then please apply or contact via / or ABOUT OUR CLIENT: Founded over 20 years ago, our client is a leading global software solutions provider, employing more than 7,000 people across the world. They invest heavily into employee development, to ensure everyone reaches their full potential to help drive innovation across the brand, as well as offering market leading benefits and investment into employee experience across all departments. Due to continued growth they are looking for a hands on Senior SOC Analyst to join their information security team, working in a hybrid capacity with 2 days on-site per week from the Manchester office, which is based in the City Centre with great commuter links and a variety of restaurants and shops on your doorstep. WHAT THEY OFFER: Flexible work arrangements, including the option to work remotely as part of our client's hybrid model. Bonus schemes and employee discounts Life event and long service rewards Company pension Employee assistance programme, income protection and life assurance Generous paid annual leave Free gym membership + more SENIOR SOC ANALYST ROLE: Our client's SOC Analysts play a vital role in ensuring the integrity of their large technical estate, and they pride themselves on having a team of knowledge hungry individuals who work in a supportive and collaborative environment. Responsibilities will include monitoring SIEM Systems, identifying and investigating security threats, responding to alerts, collaborating within an information security environment, proactive threat intelligence and documentation. THE SENIOR SOC ANALYST SHOULD HAVE: Experience in leading an information security project lifecycleTechnical experience securing operating systems, using security related tools and security related technical investigations TO APPLY: Please either apply by clicking online or emailing . For further information please contact via or . By applying for this role, you give express consent for us to process & submit (subject to required skills) your application to our client in conjunction with this vacancy only. SENIOR SOC ANALYST KEY SKILLS: Security Operations / Monitoring / Identifying Threats / Investigation / Prevention / Documentation
Apr 25, 2024
Full time
SENIOR SOC ANALYST OPPORTUNITY WITH A LEADING GLOBAL SOFTWARE SOLUTIONS PROVIDER IN MANCHESTER Salary up to £65,000 + Bonus and Benefits Hybrid working 2 days per week onsite requirement in the Manchester office If you have experience as an SOC Analyst then please apply or contact via / or ABOUT OUR CLIENT: Founded over 20 years ago, our client is a leading global software solutions provider, employing more than 7,000 people across the world. They invest heavily into employee development, to ensure everyone reaches their full potential to help drive innovation across the brand, as well as offering market leading benefits and investment into employee experience across all departments. Due to continued growth they are looking for a hands on Senior SOC Analyst to join their information security team, working in a hybrid capacity with 2 days on-site per week from the Manchester office, which is based in the City Centre with great commuter links and a variety of restaurants and shops on your doorstep. WHAT THEY OFFER: Flexible work arrangements, including the option to work remotely as part of our client's hybrid model. Bonus schemes and employee discounts Life event and long service rewards Company pension Employee assistance programme, income protection and life assurance Generous paid annual leave Free gym membership + more SENIOR SOC ANALYST ROLE: Our client's SOC Analysts play a vital role in ensuring the integrity of their large technical estate, and they pride themselves on having a team of knowledge hungry individuals who work in a supportive and collaborative environment. Responsibilities will include monitoring SIEM Systems, identifying and investigating security threats, responding to alerts, collaborating within an information security environment, proactive threat intelligence and documentation. THE SENIOR SOC ANALYST SHOULD HAVE: Experience in leading an information security project lifecycleTechnical experience securing operating systems, using security related tools and security related technical investigations TO APPLY: Please either apply by clicking online or emailing . For further information please contact via or . By applying for this role, you give express consent for us to process & submit (subject to required skills) your application to our client in conjunction with this vacancy only. SENIOR SOC ANALYST KEY SKILLS: Security Operations / Monitoring / Identifying Threats / Investigation / Prevention / Documentation
Cyber Security Analytics Analyst is required to join the security division of prestigious financial services organisation with offices in the heart of the city. Within this role you will join a high-functioning in-house security analytics team with a presence both in the UK and US. The team monitors and analyses the organisation's information security and risk profile, using data and alerts generated from various systems - evaluating and taking appropriate action as required. You will also assist in establishing processes and best practices as well as helping to select and implement new technologies. This role would ideally suit a graduate with a degree in computer science/ data science or someone with previous commercial experience in data or cyber security. This is a fantastic opportunity with a stable yet growth organisation with excellent scope for ongoing learning and career advancement. Key Responsibilities: Monitoring information security systems, technologies, processes, and procedures, analysing the findings and communicating exceptions, concerns and remedial steps as necessary. Executing security threat management process, ensuring all aspects of an event are documented and remediated. Monitoring and analysing security relevant logs, events, and alerts including, but not limited to, logs from systems, applications, SIEM, AV, Firewalls, and IPS; document relevant incidents and suggest/co-ordinate appropriate remedial actions. Designing and managing security logging and SIEM programs and working with the SOC team to implement these. Coordinate with the SOC and various teams to investigate security events/incidents. Analyse security appliance logs, identify patterns, respond to security incidents and suggest possible process improvements as appropriate. Participating in projects, programs, and initiative to ensure implementation of and adherence to information security technology policies, procedures, processes, and technologies. Key Skills and Experience: Data or Computer Science Graduate or 1 to 3 years' experience in cyber security, security analytics or data analytics. Knowledge around compliance would be useful. Ability to think and act strategically as well as tactically to support the organisation's global risk management functions. Good interpersonal, communication, organisation, collaboration, and team-building skills. Basic knowledge of designing and deploying information technology and solutions in one or more of the core domains: endpoint protection; incident response; malware analysis; application and data security; infrastructure and endpoint; and security intelligence / SIEM. Understanding and experience working with structured design methodologies. Knowledge of scripting language such as python, power shell a plus. Bachelor's degree in engineering or computer science a plus. For a full consultation on this pivotal role, send your CV to ARC IT Recruitment. Please note salaries quoted are dependent on experience.
Apr 24, 2024
Full time
Cyber Security Analytics Analyst is required to join the security division of prestigious financial services organisation with offices in the heart of the city. Within this role you will join a high-functioning in-house security analytics team with a presence both in the UK and US. The team monitors and analyses the organisation's information security and risk profile, using data and alerts generated from various systems - evaluating and taking appropriate action as required. You will also assist in establishing processes and best practices as well as helping to select and implement new technologies. This role would ideally suit a graduate with a degree in computer science/ data science or someone with previous commercial experience in data or cyber security. This is a fantastic opportunity with a stable yet growth organisation with excellent scope for ongoing learning and career advancement. Key Responsibilities: Monitoring information security systems, technologies, processes, and procedures, analysing the findings and communicating exceptions, concerns and remedial steps as necessary. Executing security threat management process, ensuring all aspects of an event are documented and remediated. Monitoring and analysing security relevant logs, events, and alerts including, but not limited to, logs from systems, applications, SIEM, AV, Firewalls, and IPS; document relevant incidents and suggest/co-ordinate appropriate remedial actions. Designing and managing security logging and SIEM programs and working with the SOC team to implement these. Coordinate with the SOC and various teams to investigate security events/incidents. Analyse security appliance logs, identify patterns, respond to security incidents and suggest possible process improvements as appropriate. Participating in projects, programs, and initiative to ensure implementation of and adherence to information security technology policies, procedures, processes, and technologies. Key Skills and Experience: Data or Computer Science Graduate or 1 to 3 years' experience in cyber security, security analytics or data analytics. Knowledge around compliance would be useful. Ability to think and act strategically as well as tactically to support the organisation's global risk management functions. Good interpersonal, communication, organisation, collaboration, and team-building skills. Basic knowledge of designing and deploying information technology and solutions in one or more of the core domains: endpoint protection; incident response; malware analysis; application and data security; infrastructure and endpoint; and security intelligence / SIEM. Understanding and experience working with structured design methodologies. Knowledge of scripting language such as python, power shell a plus. Bachelor's degree in engineering or computer science a plus. For a full consultation on this pivotal role, send your CV to ARC IT Recruitment. Please note salaries quoted are dependent on experience.
Title: Information Security Consultant Salary: Up to 60,000 DOE Location: Leeds (on-site) My client is looking for a skilled Information Security Consultant to join their existing Information Security team to offer guidance on IT security and further develop IT policies across a multi-region infrastructure. This is an opportunity to join a growing team, with a great company culture and several exciting projects to get stuck into, all in a fast-paced environment! They are unable to offer sponsorship, so the perfect candidate will have the full right to work in the UK, without a visa that will expire. Responsibilities: Assist in managing security incidents and alerts. Conduct regular security checks and investigate exceptions. Complete client security questionnaires for bidding. Raise awareness of security risks. Enhance security policies, processes, and controls. Proactively identify security risks and mitigations. Participate in system and application design. Develop training guides for users and staff. Manage the IT Risk register. Test and improve Disaster Recovery plans. Technical Requirements: Minimum two years of practical experience in enterprise security and infrastructure. Familiarity with enterprise information security standards: Cyber Essentials, ISO 27001, 27002, Data Protection Act, GDPR. Proficiency in Microsoft O365 Security, Networking, Security operations, Vulnerability Management, and Security Auditing. Strong understanding of security testing principles, including hands-on experience in vulnerability scanning, risk identification, resolution, and reporting. Demonstrated expertise in formal document creation, including report and procedure development. Essential Skills: Microsoft O365 platform expertise. Advanced Threat Intelligence analysis and best practices implementation. Proficient in managing Security Incident Response processes. Knowledgeable about Disaster Recovery and Business Continuity principles. Experienced in event and log analysis. The company is looking to fill this position ASAP, so please apply with a copy of your CV if interested! Key Words: Information Security Analyst, Information Security Engineer, Security Analyst, Information Security, NIST, COBIT, ISO-27001, ISO-27002, Compliance, Governance, Risk, Cyber Security, SOX, Sentinel, Defender, InTune BeTechnology Group Limited is acting as an Employment Agency in relation to this vacancy.
Apr 24, 2024
Full time
Title: Information Security Consultant Salary: Up to 60,000 DOE Location: Leeds (on-site) My client is looking for a skilled Information Security Consultant to join their existing Information Security team to offer guidance on IT security and further develop IT policies across a multi-region infrastructure. This is an opportunity to join a growing team, with a great company culture and several exciting projects to get stuck into, all in a fast-paced environment! They are unable to offer sponsorship, so the perfect candidate will have the full right to work in the UK, without a visa that will expire. Responsibilities: Assist in managing security incidents and alerts. Conduct regular security checks and investigate exceptions. Complete client security questionnaires for bidding. Raise awareness of security risks. Enhance security policies, processes, and controls. Proactively identify security risks and mitigations. Participate in system and application design. Develop training guides for users and staff. Manage the IT Risk register. Test and improve Disaster Recovery plans. Technical Requirements: Minimum two years of practical experience in enterprise security and infrastructure. Familiarity with enterprise information security standards: Cyber Essentials, ISO 27001, 27002, Data Protection Act, GDPR. Proficiency in Microsoft O365 Security, Networking, Security operations, Vulnerability Management, and Security Auditing. Strong understanding of security testing principles, including hands-on experience in vulnerability scanning, risk identification, resolution, and reporting. Demonstrated expertise in formal document creation, including report and procedure development. Essential Skills: Microsoft O365 platform expertise. Advanced Threat Intelligence analysis and best practices implementation. Proficient in managing Security Incident Response processes. Knowledgeable about Disaster Recovery and Business Continuity principles. Experienced in event and log analysis. The company is looking to fill this position ASAP, so please apply with a copy of your CV if interested! Key Words: Information Security Analyst, Information Security Engineer, Security Analyst, Information Security, NIST, COBIT, ISO-27001, ISO-27002, Compliance, Governance, Risk, Cyber Security, SOX, Sentinel, Defender, InTune BeTechnology Group Limited is acting as an Employment Agency in relation to this vacancy.
Senior Threat Intelligence Analyst About Us: We are the tech company with people at heart. At Advania, we believe in empowering people to create sustainable value through the clever use of technology. As one of Microsoft's leading partners in the UK, specialising in Azure, Security, Dynamics 365, and Microsoft 365, we have a proven track record of success in delivering transformational IT services. Position Overview: As a Senior Cyber Threat Intelligence Analyst, you will be responsible for the day-today delivery of Cyber Threat Intelligence to clients spanning multiple industries, as well as leadership and coaching of junior analysts, and ongoing development of our service. This is a hands-on role and requires both a broad technical knowledge of Cyber Security, as well as specific focused knowledge of CTI tools and processes. Knowledge and/or experience of modern IT Systems, particularly Microsoft solutions and network infrastructure is advantageous. Responsibilities: Proactively research and analyse emerging cyber threats, malware variants, and attacker Tactics, Techniques, and Procedures (TTPs) from various open and closed sources, including threat intelligence feeds, dark web monitoring, and open-source reporting. Develop and maintain comprehensive threat intelligence reports and briefings tailored for technical and non-technical audiences, translating complex information into actionable insights for informed decision-making. Lead or participate in incident response activities, including investigation, analysis of evidence, and collaboration with other teams like IT operations and forensics. Conduct advanced threat hunting to proactively identify hidden threats within the organisation's network, utilising advanced tools and techniques. Participate in vulnerability management activities, collaborating with the vulnerability management team to prioritise and remediate critical vulnerabilities identified through intelligence gathering and risk assessments. Contribute to the development and implementation of comprehensive security policies and procedures to strengthen the organisation's overall cyber defence posture. Stay up to date with the latest cyber security trends and developments through continuous learning and participation in industry conferences and training programs. Mentor and support junior cyber security analysts within the team. Analyse large volumes of complex data from security tools, logs, and incident reports to identify potential threats and assess their risk level. Professional Experience: Demonstrable understanding of the Cybersecurity Ecosystem and Infrastructure Technologies (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS). Experience in secured cloud architectures (Azure, AWS, or similar) and engineering solutions. An understanding of operating systems and their programming interfaces such as UNIX Shell and PowerShell. Experience with scripting languages (Python, Bash) and familiarity with APIs beneficial. An awareness of cyber security related standards and regulations, for example, NIST, CIS, ISO 27001 and PCI DSS. Experience leading teams and providing deputy support to Management. Experience designing a service, reviewing effectiveness of services, procurement, or business project work. Qualifications: One or more of the following industry certifications: SANS301/SANS401/FOR578, Crest CRTIA/CCTIM, Security+, or similar. Ideally a BSc or MSc in Cyber Security, preferably including modules on Ethical Hacking, Digital Forensics, Information Security or Threat Intelligence Please note you need to be eligible to undergo the Security Clearance process for this position. This means you will need to be a British national with 5 years residency in the UK. Click here for the list of benefits. Our Selection Process: We are committed to ensuring an equitable experience for all candidates, regardless of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, gender identity, or any other basis as protected by applicable law. Please do let us know if you'll need any reasonable adjustments as part of the selection process by highlighting these on your application form.
Apr 24, 2024
Full time
Senior Threat Intelligence Analyst About Us: We are the tech company with people at heart. At Advania, we believe in empowering people to create sustainable value through the clever use of technology. As one of Microsoft's leading partners in the UK, specialising in Azure, Security, Dynamics 365, and Microsoft 365, we have a proven track record of success in delivering transformational IT services. Position Overview: As a Senior Cyber Threat Intelligence Analyst, you will be responsible for the day-today delivery of Cyber Threat Intelligence to clients spanning multiple industries, as well as leadership and coaching of junior analysts, and ongoing development of our service. This is a hands-on role and requires both a broad technical knowledge of Cyber Security, as well as specific focused knowledge of CTI tools and processes. Knowledge and/or experience of modern IT Systems, particularly Microsoft solutions and network infrastructure is advantageous. Responsibilities: Proactively research and analyse emerging cyber threats, malware variants, and attacker Tactics, Techniques, and Procedures (TTPs) from various open and closed sources, including threat intelligence feeds, dark web monitoring, and open-source reporting. Develop and maintain comprehensive threat intelligence reports and briefings tailored for technical and non-technical audiences, translating complex information into actionable insights for informed decision-making. Lead or participate in incident response activities, including investigation, analysis of evidence, and collaboration with other teams like IT operations and forensics. Conduct advanced threat hunting to proactively identify hidden threats within the organisation's network, utilising advanced tools and techniques. Participate in vulnerability management activities, collaborating with the vulnerability management team to prioritise and remediate critical vulnerabilities identified through intelligence gathering and risk assessments. Contribute to the development and implementation of comprehensive security policies and procedures to strengthen the organisation's overall cyber defence posture. Stay up to date with the latest cyber security trends and developments through continuous learning and participation in industry conferences and training programs. Mentor and support junior cyber security analysts within the team. Analyse large volumes of complex data from security tools, logs, and incident reports to identify potential threats and assess their risk level. Professional Experience: Demonstrable understanding of the Cybersecurity Ecosystem and Infrastructure Technologies (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS). Experience in secured cloud architectures (Azure, AWS, or similar) and engineering solutions. An understanding of operating systems and their programming interfaces such as UNIX Shell and PowerShell. Experience with scripting languages (Python, Bash) and familiarity with APIs beneficial. An awareness of cyber security related standards and regulations, for example, NIST, CIS, ISO 27001 and PCI DSS. Experience leading teams and providing deputy support to Management. Experience designing a service, reviewing effectiveness of services, procurement, or business project work. Qualifications: One or more of the following industry certifications: SANS301/SANS401/FOR578, Crest CRTIA/CCTIM, Security+, or similar. Ideally a BSc or MSc in Cyber Security, preferably including modules on Ethical Hacking, Digital Forensics, Information Security or Threat Intelligence Please note you need to be eligible to undergo the Security Clearance process for this position. This means you will need to be a British national with 5 years residency in the UK. Click here for the list of benefits. Our Selection Process: We are committed to ensuring an equitable experience for all candidates, regardless of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, gender identity, or any other basis as protected by applicable law. Please do let us know if you'll need any reasonable adjustments as part of the selection process by highlighting these on your application form.
Title: Information Security Consultant Salary: Up to £60,000 DOE Location: Leeds (on-site) My client is looking for a skilled Information Security Consultant to join their existing Information Security team to offer guidance on IT security and further develop IT policies across a multi-region infrastructure. This is an opportunity to join a growing team, with a great company culture and several exciting projects to get stuck into, all in a fast-paced environment! They are unable to offer sponsorship, so the perfect candidate will have the full right to work in the UK, without a visa that will expire. Responsibilities: Assist in managing security incidents and alerts. Conduct regular security checks and investigate exceptions. Complete client security questionnaires for bidding. Raise awareness of security risks. Enhance security policies, processes, and controls. Proactively identify security risks and mitigations. Participate in system and application design. Develop training guides for users and staff. Manage the IT Risk register. Test and improve Disaster Recovery plans. Technical Requirements: Minimum two years of practical experience in enterprise security and infrastructure. Familiarity with enterprise information security standards: Cyber Essentials, ISO 27001, 27002, Data Protection Act, GDPR. Proficiency in Microsoft O365 Security, Networking, Security operations, Vulnerability Management, and Security Auditing. Strong understanding of security testing principles, including hands-on experience in vulnerability scanning, risk identification, resolution, and reporting. Demonstrated expertise in formal document creation, including report and procedure development. Essential Skills: Microsoft O365 platform expertise. Advanced Threat Intelligence analysis and best practices implementation. Proficient in managing Security Incident Response processes. Knowledgeable about Disaster Recovery and Business Continuity principles. Experienced in event and log analysis. The company is looking to fill this position ASAP, so please apply with a copy of your CV if interested! Key Words: Information Security Analyst, Information Security Engineer, Security Analyst, Information Security, NIST, COBIT, ISO-27001, ISO-27002, Compliance, Governance, Risk, Cyber Security, SOX, Sentinel, Defender, InTune BeTechnology Group Limited is acting as an Employment Agency in relation to this vacancy.
Apr 23, 2024
Full time
Title: Information Security Consultant Salary: Up to £60,000 DOE Location: Leeds (on-site) My client is looking for a skilled Information Security Consultant to join their existing Information Security team to offer guidance on IT security and further develop IT policies across a multi-region infrastructure. This is an opportunity to join a growing team, with a great company culture and several exciting projects to get stuck into, all in a fast-paced environment! They are unable to offer sponsorship, so the perfect candidate will have the full right to work in the UK, without a visa that will expire. Responsibilities: Assist in managing security incidents and alerts. Conduct regular security checks and investigate exceptions. Complete client security questionnaires for bidding. Raise awareness of security risks. Enhance security policies, processes, and controls. Proactively identify security risks and mitigations. Participate in system and application design. Develop training guides for users and staff. Manage the IT Risk register. Test and improve Disaster Recovery plans. Technical Requirements: Minimum two years of practical experience in enterprise security and infrastructure. Familiarity with enterprise information security standards: Cyber Essentials, ISO 27001, 27002, Data Protection Act, GDPR. Proficiency in Microsoft O365 Security, Networking, Security operations, Vulnerability Management, and Security Auditing. Strong understanding of security testing principles, including hands-on experience in vulnerability scanning, risk identification, resolution, and reporting. Demonstrated expertise in formal document creation, including report and procedure development. Essential Skills: Microsoft O365 platform expertise. Advanced Threat Intelligence analysis and best practices implementation. Proficient in managing Security Incident Response processes. Knowledgeable about Disaster Recovery and Business Continuity principles. Experienced in event and log analysis. The company is looking to fill this position ASAP, so please apply with a copy of your CV if interested! Key Words: Information Security Analyst, Information Security Engineer, Security Analyst, Information Security, NIST, COBIT, ISO-27001, ISO-27002, Compliance, Governance, Risk, Cyber Security, SOX, Sentinel, Defender, InTune BeTechnology Group Limited is acting as an Employment Agency in relation to this vacancy.
Global Information Security Operations Manager This is a senior technical lead position that will focus on MLP's security incident response and manage global security operations staff. The role will also include maintenance, monitoring and administration of key information security technologies. The Information Security Team fosters a collaborative environment and is building a best of breed practice to partner with the business to protect the Firm's information and computer systems. The successful candidate must have hands-on technical experience in supporting infrastructure platforms and providing leadership to junior members of the team. The role is suited to individuals with prior experience developing and implementing security procedures and controls as well as management experience in a Security Operations Center (SOC) environment. Millennium is a complex and robust technical environment and securing the Firm from external and internal threats is a top priority which makes this role very challenging. Principal Responsibilities Responsible for the daily operation of enterprise security systems including SIEM, SOAR, Elastic, ticketing, alerting, and messaging systems. Manage junior level analysts in the daily operation of enterprise security systems including shift rotations and hand-offs. Work closely with Managed Security Providers (MSP) to maintain runbooks, escalation procedures, and consume available threat intelligence. Utilize detective controls to develop rules and alerts to drive security monitoring. Perform hunt activities across our log aggregation and SIEM platforms. Recommend, test, tune and implement SIEM and other tooling correlation rules. Identify false-positives from alerting, and perform incident response, triage, incident analysis and remediation tasks. Recommend and develop new SIEM use cases/rules with engineering teams. Maintain documentation for the SOC function, including training program for new Security Operations personnel. Participate in Information Security Incident Response activities for the Firm's environment. Enforce security policies and procedures by administering and monitoring appropriate systems, events and answering client queries. Perform threat and vulnerability management functions including vulnerability scans and/or analyze results of scans and assist with remediation as required. Collaborate with the Information Security Team to consume feeds from a suite of security tools including AV, Advanced Malware Detection, SIEM, IDS, Vulnerability scanners, etc. Ensure MLP enterprise security products are functioning and protecting the environment as expected while providing stability and maintaining policies and procedures. Actively monitor new and emerging security and privacy related technologies, trends, issues, and solutions and assess their applicability to Millennium key business initiatives and business strategies. Provide technical support to IT staff in the detection and resolution of security problems. Develop and maintain documentation of all Security products including specific tools, technologies and processes. Qualifications/Skills Required Experience performing security monitoring and incident response and triage work in a 24/7 environment. Experience with people management in a technical role, preferably in a SOC setting. Experience with ticketing systems and API integration work. Hands-on experience with one of the major SIEM platforms in use i.e Splunk, Q1Radar, etc Excellent understanding of common exploit scenarios and indicators of compromise (IOCs) Log analysis and experience reviewing security events. Ability to manipulate data and produce relevant metrics and reporting around security incidents. Excellent understanding and experience across broad spectrum of technologies - including operating system, cloud, Active Directory, Group Policy, DNS, Messaging. High level understanding of internetworking, data transmission and encryption protocols. Experience with vulnerability management scanning platforms. Ability to handle sensitive and/or confidential materials with appropriate discretion. Scripting and development skills (Python, Powershell, VBscript, Rest a plus). Possess a passion for Information Security and Technology. Able to prioritize in a fast moving, high pressure, constantly changing environment; High sense of urgency Ability to communicate and collaborate across technology teams. Bachelor's degree (Computer Science or Engineering preferred) with strong IT background. Have substantial experience working in a technical role and extensive experience concentrating on information security, financial industry At least one security certification (CISSP, CEH, GCIA, CISM, etc.).
Apr 23, 2024
Full time
Global Information Security Operations Manager This is a senior technical lead position that will focus on MLP's security incident response and manage global security operations staff. The role will also include maintenance, monitoring and administration of key information security technologies. The Information Security Team fosters a collaborative environment and is building a best of breed practice to partner with the business to protect the Firm's information and computer systems. The successful candidate must have hands-on technical experience in supporting infrastructure platforms and providing leadership to junior members of the team. The role is suited to individuals with prior experience developing and implementing security procedures and controls as well as management experience in a Security Operations Center (SOC) environment. Millennium is a complex and robust technical environment and securing the Firm from external and internal threats is a top priority which makes this role very challenging. Principal Responsibilities Responsible for the daily operation of enterprise security systems including SIEM, SOAR, Elastic, ticketing, alerting, and messaging systems. Manage junior level analysts in the daily operation of enterprise security systems including shift rotations and hand-offs. Work closely with Managed Security Providers (MSP) to maintain runbooks, escalation procedures, and consume available threat intelligence. Utilize detective controls to develop rules and alerts to drive security monitoring. Perform hunt activities across our log aggregation and SIEM platforms. Recommend, test, tune and implement SIEM and other tooling correlation rules. Identify false-positives from alerting, and perform incident response, triage, incident analysis and remediation tasks. Recommend and develop new SIEM use cases/rules with engineering teams. Maintain documentation for the SOC function, including training program for new Security Operations personnel. Participate in Information Security Incident Response activities for the Firm's environment. Enforce security policies and procedures by administering and monitoring appropriate systems, events and answering client queries. Perform threat and vulnerability management functions including vulnerability scans and/or analyze results of scans and assist with remediation as required. Collaborate with the Information Security Team to consume feeds from a suite of security tools including AV, Advanced Malware Detection, SIEM, IDS, Vulnerability scanners, etc. Ensure MLP enterprise security products are functioning and protecting the environment as expected while providing stability and maintaining policies and procedures. Actively monitor new and emerging security and privacy related technologies, trends, issues, and solutions and assess their applicability to Millennium key business initiatives and business strategies. Provide technical support to IT staff in the detection and resolution of security problems. Develop and maintain documentation of all Security products including specific tools, technologies and processes. Qualifications/Skills Required Experience performing security monitoring and incident response and triage work in a 24/7 environment. Experience with people management in a technical role, preferably in a SOC setting. Experience with ticketing systems and API integration work. Hands-on experience with one of the major SIEM platforms in use i.e Splunk, Q1Radar, etc Excellent understanding of common exploit scenarios and indicators of compromise (IOCs) Log analysis and experience reviewing security events. Ability to manipulate data and produce relevant metrics and reporting around security incidents. Excellent understanding and experience across broad spectrum of technologies - including operating system, cloud, Active Directory, Group Policy, DNS, Messaging. High level understanding of internetworking, data transmission and encryption protocols. Experience with vulnerability management scanning platforms. Ability to handle sensitive and/or confidential materials with appropriate discretion. Scripting and development skills (Python, Powershell, VBscript, Rest a plus). Possess a passion for Information Security and Technology. Able to prioritize in a fast moving, high pressure, constantly changing environment; High sense of urgency Ability to communicate and collaborate across technology teams. Bachelor's degree (Computer Science or Engineering preferred) with strong IT background. Have substantial experience working in a technical role and extensive experience concentrating on information security, financial industry At least one security certification (CISSP, CEH, GCIA, CISM, etc.).
As a SOC Analyst, you will play a pivotal role in our client's cybersecurity operations, monitoring and analysing our clients' network infrastructure to detect and respond to potential security incidents. Leveraging cutting-edge tools and technologies, you will proactively identify threats, investigate security breaches, and implement effective countermeasures to mitigate risks. This role offers an exciting opportunity to work in a fast-paced environment, collaborating with skilled professionals to protect digital assets and uphold the highest standards of security. Key Responsibilities: Monitor security event alerts generated by various detection systems and respond promptly to potential threats. Conduct in-depth analysis of security incidents to determine their scope, impact, and root cause. Coordinate with internal teams and external stakeholders to escalate and remediate security breaches in a timely manner. Develop and maintain comprehensive documentation of security incidents, including incident reports and post-mortem analyses. Stay current with emerging cybersecurity threats, vulnerabilities, and industry best practices to continuously enhance our security posture. Participate in security incident response exercises and drills to test and refine our incident response procedures. Collaborate with cross-functional teams to implement security controls and measures to protect against known and emerging threats. Provide guidance and support to junior SOC analysts, sharing knowledge and best practices to build a strong and cohesive team. Qualifications: Experience in cybersecurity, particularly within a SOC. Solid understanding of network protocols, security architectures, and threat intelligence frameworks. Hands-on experience with SIEM tools, intrusion detection/prevention systems, and endpoint security technologies. Proficiency in scripting languages such as Python or PowerShell for automation and data analysis. Strong analytical skills with the ability to methodically investigate and resolve security incidents. Excellent communication skills, with the ability to convey technical information effectively to both technical and non-technical audiences. Relevant industry certifications such as CISSP, GIAC, or CompTIA Security+ are a plus. If you are passionate about cybersecurity and eager to contribute your skills and expertise to a dynamic team, we would love to hear from you!
Apr 22, 2024
Full time
As a SOC Analyst, you will play a pivotal role in our client's cybersecurity operations, monitoring and analysing our clients' network infrastructure to detect and respond to potential security incidents. Leveraging cutting-edge tools and technologies, you will proactively identify threats, investigate security breaches, and implement effective countermeasures to mitigate risks. This role offers an exciting opportunity to work in a fast-paced environment, collaborating with skilled professionals to protect digital assets and uphold the highest standards of security. Key Responsibilities: Monitor security event alerts generated by various detection systems and respond promptly to potential threats. Conduct in-depth analysis of security incidents to determine their scope, impact, and root cause. Coordinate with internal teams and external stakeholders to escalate and remediate security breaches in a timely manner. Develop and maintain comprehensive documentation of security incidents, including incident reports and post-mortem analyses. Stay current with emerging cybersecurity threats, vulnerabilities, and industry best practices to continuously enhance our security posture. Participate in security incident response exercises and drills to test and refine our incident response procedures. Collaborate with cross-functional teams to implement security controls and measures to protect against known and emerging threats. Provide guidance and support to junior SOC analysts, sharing knowledge and best practices to build a strong and cohesive team. Qualifications: Experience in cybersecurity, particularly within a SOC. Solid understanding of network protocols, security architectures, and threat intelligence frameworks. Hands-on experience with SIEM tools, intrusion detection/prevention systems, and endpoint security technologies. Proficiency in scripting languages such as Python or PowerShell for automation and data analysis. Strong analytical skills with the ability to methodically investigate and resolve security incidents. Excellent communication skills, with the ability to convey technical information effectively to both technical and non-technical audiences. Relevant industry certifications such as CISSP, GIAC, or CompTIA Security+ are a plus. If you are passionate about cybersecurity and eager to contribute your skills and expertise to a dynamic team, we would love to hear from you!
IT Security Analyst is required to join a prestigious financial services organisation with offices in the heart of the city. Within this role you will join a high-functioning in-house security team to monitor and analyse the organisation's information security and risk profile, using data and alerts generated from various systems - evaluating and taking appropriate action as required. You will also assist in establishing processes and best practices as well as helping to select and implement new technologies. This role would ideally suit a graduate with a degree/master's degree in cyber security and some commercial experience or someone from a wider IT background who has moved to specialise in IT security. This is a fantastic opportunity with a stable yet growth organisation with excellent scope for ongoing learning and career advancement. Key Responsibilities: Monitoring information security systems, technologies, processes, and procedures, analysing the findings and communicating exceptions, concerns and remedial steps as necessary. Executing security threat management process, ensuring all aspects of an event are documented and remediated. Monitoring and analysing security relevant logs, events, and alerts including, but not limited to, logs from systems, applications, SIEM, AV, Firewalls, and IPS; document relevant incidents and suggest/co-ordinate appropriate remedial actions. Designing and managing security logging and SIEM programs and working with the SOC team to implement these. Coordinate with the SOC and various teams to investigate security events/incidents. Analyse security appliance logs, identify patterns, respond to security incidents and suggest possible process improvements as appropriate. Participating in projects, programs, and initiative to ensure implementation of and adherence to information security technology policies, procedures, processes, and technologies. Key Skills and Experience: At least 1 to 3 years' experience in one or more security domain, proven track record of implementing and operating information security systems and working in projects related to the core domains applicable to information security architecture. Ability to think and act strategically as well as tactically to support the organisation's global risk management functions. Good interpersonal, communication, organisation, collaboration, and team-building skills. Basic knowledge of designing and deploying information technology and solutions in one or more of the core domains: endpoint protection; incident response; malware analysis; application and data security; infrastructure and endpoint; and security intelligence / SIEM. Understanding and experience working with structured design methodologies. Data analytical skills and have a passion for threat hunting. Knowledge of scripting language such as python, power shell a plus. Knowledge of scripting language such as python, power shell a plus. Bachelor's degree in engineering or computer science a plus. For a full consultation on this pivotal role, send your CV to ARC IT Recruitment. Please note salaries quoted are dependent on experience.
Apr 22, 2024
Full time
IT Security Analyst is required to join a prestigious financial services organisation with offices in the heart of the city. Within this role you will join a high-functioning in-house security team to monitor and analyse the organisation's information security and risk profile, using data and alerts generated from various systems - evaluating and taking appropriate action as required. You will also assist in establishing processes and best practices as well as helping to select and implement new technologies. This role would ideally suit a graduate with a degree/master's degree in cyber security and some commercial experience or someone from a wider IT background who has moved to specialise in IT security. This is a fantastic opportunity with a stable yet growth organisation with excellent scope for ongoing learning and career advancement. Key Responsibilities: Monitoring information security systems, technologies, processes, and procedures, analysing the findings and communicating exceptions, concerns and remedial steps as necessary. Executing security threat management process, ensuring all aspects of an event are documented and remediated. Monitoring and analysing security relevant logs, events, and alerts including, but not limited to, logs from systems, applications, SIEM, AV, Firewalls, and IPS; document relevant incidents and suggest/co-ordinate appropriate remedial actions. Designing and managing security logging and SIEM programs and working with the SOC team to implement these. Coordinate with the SOC and various teams to investigate security events/incidents. Analyse security appliance logs, identify patterns, respond to security incidents and suggest possible process improvements as appropriate. Participating in projects, programs, and initiative to ensure implementation of and adherence to information security technology policies, procedures, processes, and technologies. Key Skills and Experience: At least 1 to 3 years' experience in one or more security domain, proven track record of implementing and operating information security systems and working in projects related to the core domains applicable to information security architecture. Ability to think and act strategically as well as tactically to support the organisation's global risk management functions. Good interpersonal, communication, organisation, collaboration, and team-building skills. Basic knowledge of designing and deploying information technology and solutions in one or more of the core domains: endpoint protection; incident response; malware analysis; application and data security; infrastructure and endpoint; and security intelligence / SIEM. Understanding and experience working with structured design methodologies. Data analytical skills and have a passion for threat hunting. Knowledge of scripting language such as python, power shell a plus. Knowledge of scripting language such as python, power shell a plus. Bachelor's degree in engineering or computer science a plus. For a full consultation on this pivotal role, send your CV to ARC IT Recruitment. Please note salaries quoted are dependent on experience.
About the role We're on a mission to make affordable loans available to more people. We have built award-winning technology to look beyond credit scores and offer fair credit to people ignored by traditional lenders. We have two parts of our business. On the consumer side, we have Abound. Abound has helped us prove that our approach works at scale. While other lenders only look at your credit score, we look at all of the full picture - what you earn, how you spend, and what's left at the end. We're able to do this thanks to Open Banking. On the B2B side, we have Render. Render is the platform that allows Abound to make better lending decisions. By better we mean less risky. And less risky decisions mean we can offer customers better rates than they can usually find elsewhere. We're taking Render global so that more companies can offer affordable credit to their customers. Who you are 5+ years professional experience as a security analyst Strong understanding of security principles, threat intelligence, and risk management. Experience implementing ISO27001 / SOC2 and conducting associated compliance assessments Experience performing security assessments on cloud-based production services and endpoint devices Verify the security of third-party vendors and collaborate with them to meet security requirements Ideally, you'll also have Proficiency in ethical hacking, intrusion prevention, and incident response. Experience setting up private bug-bounty programs Experience using or deploying a CSPM tool Familiarity using or deploying EDR, SIEM, SOAR platforms for endpoint devices What you'll be doing Support the implementation of policies and controls to attain and maintain security certifications Support both internal and external 3rd party security assessments Set up processes to monitor and provide continual improvement of the security posture of the organization Facilitate regular pen-tests Own internal security training programs Collaborate with compliance, IT and development teams to implement security best practice and policy controls What we offer Everyone owns a piece of the company - equity 25 days' holiday a year, plus 8 bank holidays 2 paid volunteering days per year One month paid sabbatical after 4 years Free gym membership Save up to 60% on an electric vehicle through our salary sacrifice scheme with Loveelectric Team wellness budget to be active together - set up a yoga class, a tennis lesson or go bouldering
Apr 22, 2024
Full time
About the role We're on a mission to make affordable loans available to more people. We have built award-winning technology to look beyond credit scores and offer fair credit to people ignored by traditional lenders. We have two parts of our business. On the consumer side, we have Abound. Abound has helped us prove that our approach works at scale. While other lenders only look at your credit score, we look at all of the full picture - what you earn, how you spend, and what's left at the end. We're able to do this thanks to Open Banking. On the B2B side, we have Render. Render is the platform that allows Abound to make better lending decisions. By better we mean less risky. And less risky decisions mean we can offer customers better rates than they can usually find elsewhere. We're taking Render global so that more companies can offer affordable credit to their customers. Who you are 5+ years professional experience as a security analyst Strong understanding of security principles, threat intelligence, and risk management. Experience implementing ISO27001 / SOC2 and conducting associated compliance assessments Experience performing security assessments on cloud-based production services and endpoint devices Verify the security of third-party vendors and collaborate with them to meet security requirements Ideally, you'll also have Proficiency in ethical hacking, intrusion prevention, and incident response. Experience setting up private bug-bounty programs Experience using or deploying a CSPM tool Familiarity using or deploying EDR, SIEM, SOAR platforms for endpoint devices What you'll be doing Support the implementation of policies and controls to attain and maintain security certifications Support both internal and external 3rd party security assessments Set up processes to monitor and provide continual improvement of the security posture of the organization Facilitate regular pen-tests Own internal security training programs Collaborate with compliance, IT and development teams to implement security best practice and policy controls What we offer Everyone owns a piece of the company - equity 25 days' holiday a year, plus 8 bank holidays 2 paid volunteering days per year One month paid sabbatical after 4 years Free gym membership Save up to 60% on an electric vehicle through our salary sacrifice scheme with Loveelectric Team wellness budget to be active together - set up a yoga class, a tennis lesson or go bouldering
Cyber Security Analyst - Threat Intelligence - Permanent full time role with global financial services company - Joining a cyber security team of over 100 professionals - Salary up to £75,000 plus bonus, excellent pension scheme, private medical insurance and genuine career progression opportunity A leading global financial company is looking for a Cyber Threat Intelligence Analyst to join its London team. This is a fantastic opportunity to join a company who invest heavily in the latest cyber security technology. Day to day duties will include: - Threat intelligence - analysing and researching of threats and vulnerabilities to understand what will effect the business and what remediation activities should take place - Intel briefings and reporting to senior teams within the organisation - Deliver data driven insights on current and evolving threats - Insider threat /forensics assessment - Develop approaches for leveraging commercial and open-source resources to perform comprehensive research and analysis on current and evolving cyber threats. To be considered suitable for the role you will need to have the following skills and experience: - Strong communication skills - Background in cyber security threat intelligence - Operational knowledge on the effects of cyber attacks and threats - Strong ability to investigate risks and threats - Understanding of frameworks and tools such as MITRE ATT&CK Framework, the Cyber Kill Chain, and the Diamond Model of Intrusion Analysis. - Any experience with scripting would be seen as an advantage but is not essential
Apr 22, 2024
Full time
Cyber Security Analyst - Threat Intelligence - Permanent full time role with global financial services company - Joining a cyber security team of over 100 professionals - Salary up to £75,000 plus bonus, excellent pension scheme, private medical insurance and genuine career progression opportunity A leading global financial company is looking for a Cyber Threat Intelligence Analyst to join its London team. This is a fantastic opportunity to join a company who invest heavily in the latest cyber security technology. Day to day duties will include: - Threat intelligence - analysing and researching of threats and vulnerabilities to understand what will effect the business and what remediation activities should take place - Intel briefings and reporting to senior teams within the organisation - Deliver data driven insights on current and evolving threats - Insider threat /forensics assessment - Develop approaches for leveraging commercial and open-source resources to perform comprehensive research and analysis on current and evolving cyber threats. To be considered suitable for the role you will need to have the following skills and experience: - Strong communication skills - Background in cyber security threat intelligence - Operational knowledge on the effects of cyber attacks and threats - Strong ability to investigate risks and threats - Understanding of frameworks and tools such as MITRE ATT&CK Framework, the Cyber Kill Chain, and the Diamond Model of Intrusion Analysis. - Any experience with scripting would be seen as an advantage but is not essential
Junior SOC Analyst - Hybrid - 3 days on site - Nottinghamshire Main Responsibilities: - Triage, analyse and investigate alerts, log data and network traffic using security tools to identify cyber-attacks / security incidents. This includes the investigation and root cause analysis of potential security incidents. - Proactively investigate potential security breaches by utilising threat intelligence and internal and external security systems and provide subject matter expertise for technical responses to confirmed cyber security incidents. - Create and maintain the clients target cyber security architecture. - Deliver subject matter expertise to key stakeholders to drive the implementation of security controls to meet the target architecture. - Accountable for vulnerability scanning, including the prioritisation of unpatched vulnerabilities and reporting against agreed KPIs and KRIs. - Support the annual penetration testing schedule by arranging penetration testing, including tracking, and communicating penetration testing results. - Perform supplementary testing of clients detection and response controls by procuring, installing, and running penetration testing tooling. - Participate in process improvement work to automate and improve critical cyber security processes such as monitoring, patching, and hardening. - Develop and maintain process documentation for security architecture, vulnerability management, cyber incident response, and playbooks. - Provide security representation across multiple geographies, business units and teams to achieve objectives, including engagement with the Information Security Enhancement Office. Skills, Knowledge and Experience - Has obtained one or more of the following qualifications: CEH, CRTSA, and OSCP. - Qualifications such as CISSP and CISM would be advantageous. - Problem solving skills, and the ability to come up with new solutions to existing challenges. - Strengths in key 'soft skill' areas such as relationship management, communication, and presentation of technical security information to a variety of audiences. - Technical skills to investigate potential breaches through existing tools, packet capture and log file analysis. - A logical mindset, the ability to identify proportionate, appropriate mitigations to identified security incidents, and to prioritise incidents based on risk. - Capable of working independently/without ongoing supervision on projects and day to day tasks. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
Apr 21, 2024
Full time
Junior SOC Analyst - Hybrid - 3 days on site - Nottinghamshire Main Responsibilities: - Triage, analyse and investigate alerts, log data and network traffic using security tools to identify cyber-attacks / security incidents. This includes the investigation and root cause analysis of potential security incidents. - Proactively investigate potential security breaches by utilising threat intelligence and internal and external security systems and provide subject matter expertise for technical responses to confirmed cyber security incidents. - Create and maintain the clients target cyber security architecture. - Deliver subject matter expertise to key stakeholders to drive the implementation of security controls to meet the target architecture. - Accountable for vulnerability scanning, including the prioritisation of unpatched vulnerabilities and reporting against agreed KPIs and KRIs. - Support the annual penetration testing schedule by arranging penetration testing, including tracking, and communicating penetration testing results. - Perform supplementary testing of clients detection and response controls by procuring, installing, and running penetration testing tooling. - Participate in process improvement work to automate and improve critical cyber security processes such as monitoring, patching, and hardening. - Develop and maintain process documentation for security architecture, vulnerability management, cyber incident response, and playbooks. - Provide security representation across multiple geographies, business units and teams to achieve objectives, including engagement with the Information Security Enhancement Office. Skills, Knowledge and Experience - Has obtained one or more of the following qualifications: CEH, CRTSA, and OSCP. - Qualifications such as CISSP and CISM would be advantageous. - Problem solving skills, and the ability to come up with new solutions to existing challenges. - Strengths in key 'soft skill' areas such as relationship management, communication, and presentation of technical security information to a variety of audiences. - Technical skills to investigate potential breaches through existing tools, packet capture and log file analysis. - A logical mindset, the ability to identify proportionate, appropriate mitigations to identified security incidents, and to prioritise incidents based on risk. - Capable of working independently/without ongoing supervision on projects and day to day tasks. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
Salary: £65,000 Location: Hybrid working (1-2 days Becrypt Head Office in Central London/Home Working) The Opportunity As part of the Becrypt Managed Services strategy we are looking to recruit a Senior SOC Analyst to build a new SOC function from the ground up. The role will initially be very hands on, responsible for monitoring and triaging of events and incidents for our client base, using such tools as Microsoft Sentinel and Manage Engine Log 360. The role will also involve standing up new SIEM tools to support multiple environments, an in-depth understanding of configuring and tuning tools, as well as monitoring, is a must. This is a chance for an individual to be involved at the start of the development of the SOC function. This role will play a leading part in the day-to-day activities of the SOC and influence the SOC on an operational, technical and strategic level. This role requires someone driven, willing to get hands on, has a keen eye for documentation and is passionate about delivering an excellent security service. A great team player is a must. Job Purpose: The main purpose of this role is to bring stability and a standard approach to security monitoring across a number of SIEM tools for multiple environments, thus ensuring a strong security posture is maintained. Primarily the role will be concerned with taking on all security monitoring for a handful of small client environments and the corporate environment. The role will also be accountable for ensuring a SIEM platform is embedded as a BAU service for a new Private Cloud solution. As a Senior SOC Analyst you will play a pivotal role in ensuring the security and resilience of our organisation, and client's information systems. The Senior SOC analyst will be the first recruit into the SOC Team and will be expected to work with management to ensure the service is built and grows to suit the requirements of the business. Main Duties and Responsibilities: Security Monitoring: & Investigation: Monitoring multiple SIEM tools to assure high a level of security on solutions Becrypt deliver. Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary. Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. Ensure runbooks are followed and are fit for purpose. Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident. Follow major incident process. Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Security Tool Management: Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness. Evaluate new security technologies and recommend enhancements to the security infrastructure. Collaboration: Collaborate with cross-functional teams, including IT, legal, and management, to address security incidents and implement preventive measures. Provide expertise and guidance to other analysts. Working with the Technical Delivery Team to ensure all new and changed services are monitored accordingly. Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Create monthly reporting packs as per contractual requirements. Create and document robust event and incident management processesRunbooks & Playbooks. Other responsibilities: Involvement in scoping and standing up new solutions for new opportunities. Assisting Pre-Sales team with requirements on new opportunities. Demonstrations of SOC tools to clients. Continual Service Improvement - Recommendations for change to address incidents or persistent events. Essential Skills and Experience: Analytical mindset with the ability to troubleshoot and solve complex security issues. Excellent communication and interpersonal skills for collaborating with diverse teams. Leadership qualities to guide other team member and drive security initiatives. Up-to-date knowledge of cybersecurity trends and threats. Full understanding of SIEM systems -Microsoft Sentinel, Manage Engine Log 360, IBM QRadar, Splunk, Sentinel etc Demonstrable understanding of IT Security Management, Policies, Procedures, Standards and Guidelines. Ability to work autonomously Clear understanding of runbooks and playbooks with the ability create these from scratch Understanding of ISO 27001, ISO 9001 & Cyber Essentials would be extremely advantageous Security Operations and Incident Handling Previous experience working within a SOC team A great opportunity for a SOC professional to push their career forward in a challenging and exciting environment. Due to the high level of Security clearance required, applicants must be British Nationals. You must hold SC Clearance for this role or be willing to go through SC Clearance. Salary: £65,000 Location: Hybrid working (1-2 days Becrypt Head Office in Central London/Home Working) Apply Now To apply for the Senior SOC Analyst role, please send a copy of your CV and covering letter by using the apply button provided on the page.
Apr 20, 2024
Full time
Salary: £65,000 Location: Hybrid working (1-2 days Becrypt Head Office in Central London/Home Working) The Opportunity As part of the Becrypt Managed Services strategy we are looking to recruit a Senior SOC Analyst to build a new SOC function from the ground up. The role will initially be very hands on, responsible for monitoring and triaging of events and incidents for our client base, using such tools as Microsoft Sentinel and Manage Engine Log 360. The role will also involve standing up new SIEM tools to support multiple environments, an in-depth understanding of configuring and tuning tools, as well as monitoring, is a must. This is a chance for an individual to be involved at the start of the development of the SOC function. This role will play a leading part in the day-to-day activities of the SOC and influence the SOC on an operational, technical and strategic level. This role requires someone driven, willing to get hands on, has a keen eye for documentation and is passionate about delivering an excellent security service. A great team player is a must. Job Purpose: The main purpose of this role is to bring stability and a standard approach to security monitoring across a number of SIEM tools for multiple environments, thus ensuring a strong security posture is maintained. Primarily the role will be concerned with taking on all security monitoring for a handful of small client environments and the corporate environment. The role will also be accountable for ensuring a SIEM platform is embedded as a BAU service for a new Private Cloud solution. As a Senior SOC Analyst you will play a pivotal role in ensuring the security and resilience of our organisation, and client's information systems. The Senior SOC analyst will be the first recruit into the SOC Team and will be expected to work with management to ensure the service is built and grows to suit the requirements of the business. Main Duties and Responsibilities: Security Monitoring: & Investigation: Monitoring multiple SIEM tools to assure high a level of security on solutions Becrypt deliver. Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary. Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. Ensure runbooks are followed and are fit for purpose. Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident. Follow major incident process. Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Security Tool Management: Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness. Evaluate new security technologies and recommend enhancements to the security infrastructure. Collaboration: Collaborate with cross-functional teams, including IT, legal, and management, to address security incidents and implement preventive measures. Provide expertise and guidance to other analysts. Working with the Technical Delivery Team to ensure all new and changed services are monitored accordingly. Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Create monthly reporting packs as per contractual requirements. Create and document robust event and incident management processesRunbooks & Playbooks. Other responsibilities: Involvement in scoping and standing up new solutions for new opportunities. Assisting Pre-Sales team with requirements on new opportunities. Demonstrations of SOC tools to clients. Continual Service Improvement - Recommendations for change to address incidents or persistent events. Essential Skills and Experience: Analytical mindset with the ability to troubleshoot and solve complex security issues. Excellent communication and interpersonal skills for collaborating with diverse teams. Leadership qualities to guide other team member and drive security initiatives. Up-to-date knowledge of cybersecurity trends and threats. Full understanding of SIEM systems -Microsoft Sentinel, Manage Engine Log 360, IBM QRadar, Splunk, Sentinel etc Demonstrable understanding of IT Security Management, Policies, Procedures, Standards and Guidelines. Ability to work autonomously Clear understanding of runbooks and playbooks with the ability create these from scratch Understanding of ISO 27001, ISO 9001 & Cyber Essentials would be extremely advantageous Security Operations and Incident Handling Previous experience working within a SOC team A great opportunity for a SOC professional to push their career forward in a challenging and exciting environment. Due to the high level of Security clearance required, applicants must be British Nationals. You must hold SC Clearance for this role or be willing to go through SC Clearance. Salary: £65,000 Location: Hybrid working (1-2 days Becrypt Head Office in Central London/Home Working) Apply Now To apply for the Senior SOC Analyst role, please send a copy of your CV and covering letter by using the apply button provided on the page.
Cyber Security Analyst - Threat Intelligence - Permanent full time role with global financial services company - Joining a cyber security team of over 100 professionals - Salary up to £75,000 plus bonus, excellent pension scheme, private medical insurance and genuine career progression opportunity A leading global financial company is looking for a Cyber Threat Intelligence Analyst to join its London team. This is a fantastic opportunity to join a company who invest heavily in the latest cyber security technology. Day to day duties will include: - Threat intelligence - analysing and researching of threats and vulnerabilities to understand what will effect the business and what remediation activities should take place - Intel briefings and reporting to senior teams within the organisation - Deliver data driven insights on current and evolving threats - Insider threat /forensics assessment - Develop approaches for leveraging commercial and open-source resources to perform comprehensive research and analysis on current and evolving cyber threats. To be considered suitable for the role you will need to have the following skills and experience: - Strong communication skills - Background in cyber security threat intelligence - Operational knowledge on the effects of cyber attacks and threats - Strong ability to investigate risks and threats - Understanding of frameworks and tools such as MITRE ATT&CK Framework, the Cyber Kill Chain, and the Diamond Model of Intrusion Analysis. - Any experience with scripting would be seen as an advantage but is not essential
Apr 20, 2024
Full time
Cyber Security Analyst - Threat Intelligence - Permanent full time role with global financial services company - Joining a cyber security team of over 100 professionals - Salary up to £75,000 plus bonus, excellent pension scheme, private medical insurance and genuine career progression opportunity A leading global financial company is looking for a Cyber Threat Intelligence Analyst to join its London team. This is a fantastic opportunity to join a company who invest heavily in the latest cyber security technology. Day to day duties will include: - Threat intelligence - analysing and researching of threats and vulnerabilities to understand what will effect the business and what remediation activities should take place - Intel briefings and reporting to senior teams within the organisation - Deliver data driven insights on current and evolving threats - Insider threat /forensics assessment - Develop approaches for leveraging commercial and open-source resources to perform comprehensive research and analysis on current and evolving cyber threats. To be considered suitable for the role you will need to have the following skills and experience: - Strong communication skills - Background in cyber security threat intelligence - Operational knowledge on the effects of cyber attacks and threats - Strong ability to investigate risks and threats - Understanding of frameworks and tools such as MITRE ATT&CK Framework, the Cyber Kill Chain, and the Diamond Model of Intrusion Analysis. - Any experience with scripting would be seen as an advantage but is not essential
SOC Analyst Hemel Hempstead, United KingdomA Security Operations Centre (SOC) Analyst is required to join a premier consulting business serving the aerospace, defence, and security industries to further enhance the current SOC. My client is dedicated to offering proficient and successful services defending country critical systems. As a result, we are looking for SOC Analysts who can provide our team's new insights and skills. This position is on a 24 x 7 shift schedule at the Hemel Hempstead location.Due to the nature of the work, you must have a high level of security clearance and have lived in the UK for the last five years.Responsibilities: Monitor, triage, and investigate security incidents on critical client infrastructure. Conduct a thorough examination of system events, logs, and network traffic to spot any security flaws. Facilitate containment, eradication, and recovery efforts by offering support for incident response Help the team stay up to date on security operations, triage, and SOC tool expertise. In-depth reports for both technical and non-technical audiences should be prepared for managed customers. Using threat-informed defence and Mitre Att&ck, analyse and improve detection rules and use cases. Keep up to current and maintain documentation of security incidents, such as incident reports, analytical results, and mitigating techniques. Whenever necessary, participate in threat intelligence operations. Requirements: Proven experience in a Security Operations Centre. SIEM experience with Sentinel or Splunk. Knowledge and experience with the Mitre Att&ck Framework. Deep technical expertise in log data analysis and intrusion detection systems. Detail-oriented, with strong organizational and analytical skills. Ability to obtain and maintain SC level Security Clearance. Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus products. Good understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. Able to work shifts from our office in Hemel Hempstead. An excellent chance for a SOC professional to advance their career in a demanding and stimulating setting. Owing to the stringent security clearance requirements, candidates must be citizens of the United Kingdom.If you are interested please apply ASAP. The People Network is an employment agency and will respond to all applicants within three - five working days. If you do not hear within these timescales please feel free to get in touch.
Apr 20, 2024
Full time
SOC Analyst Hemel Hempstead, United KingdomA Security Operations Centre (SOC) Analyst is required to join a premier consulting business serving the aerospace, defence, and security industries to further enhance the current SOC. My client is dedicated to offering proficient and successful services defending country critical systems. As a result, we are looking for SOC Analysts who can provide our team's new insights and skills. This position is on a 24 x 7 shift schedule at the Hemel Hempstead location.Due to the nature of the work, you must have a high level of security clearance and have lived in the UK for the last five years.Responsibilities: Monitor, triage, and investigate security incidents on critical client infrastructure. Conduct a thorough examination of system events, logs, and network traffic to spot any security flaws. Facilitate containment, eradication, and recovery efforts by offering support for incident response Help the team stay up to date on security operations, triage, and SOC tool expertise. In-depth reports for both technical and non-technical audiences should be prepared for managed customers. Using threat-informed defence and Mitre Att&ck, analyse and improve detection rules and use cases. Keep up to current and maintain documentation of security incidents, such as incident reports, analytical results, and mitigating techniques. Whenever necessary, participate in threat intelligence operations. Requirements: Proven experience in a Security Operations Centre. SIEM experience with Sentinel or Splunk. Knowledge and experience with the Mitre Att&ck Framework. Deep technical expertise in log data analysis and intrusion detection systems. Detail-oriented, with strong organizational and analytical skills. Ability to obtain and maintain SC level Security Clearance. Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus products. Good understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. Able to work shifts from our office in Hemel Hempstead. An excellent chance for a SOC professional to advance their career in a demanding and stimulating setting. Owing to the stringent security clearance requirements, candidates must be citizens of the United Kingdom.If you are interested please apply ASAP. The People Network is an employment agency and will respond to all applicants within three - five working days. If you do not hear within these timescales please feel free to get in touch.
Crisis24, a GardaWorld company, is widely regarded as the leading integrated risk management, crisis response, consulting, and global protective solutions firm, serving the world's most influential people, disruptive brands, and prominent organizations. Championed by our advanced Global Operation Centers and our skilled team of intelligence analysts, we offer highly specialized services, security and consulting, with the technology and AI to power it all across the globe. At Crisis24, we go beyond mere employment; we pave the way to a realm where your skills become instrumental in shaping global security, guiding clients through a multifaceted and challenging landscape. Your journey with us will be deeply fulfilling, driven by a powerful sense of purpose and accomplishment. Within our thriving environment, you'll discover abundant chances for both personal and career advancement. Seize this moment to push your limits, broaden your expertise, and elevate your professional journey to unprecedented levels. Join the Crisis24 team today and be a part of something extraordinary where growth and impact converge. Crisis24's Crisis & Security Consulting (CSC) division, specifically the All-Hazards Response team, is on the lookout for a Senior Consultant. This role is ideally suited for candidates based in the UK or in mainland Europe. As a part of our dynamic and agile Response Group, the successful applicant will have the chance to enhance their skill set and knowledge, enabling them to contribute across various teams within the organization. Candidates should possess comprehensive experience in crisis management at both tactical and strategic levels and have a wide-ranging understanding of different industries. The position involves readiness to deploy globally at short notice, often in challenging situations, requiring confidence and the ability to provide immediate support and guidance to high-level / C-Suite stakeholders. What You Will Work On Summary You will deliver All Hazards Response services, providing expert advice and guidance to clients facing crises, from threats and violence to political and cyber-related issues. This role entails global deployment, often without prior notice, creating documentation in line with CSC's methodologies, conducting sensitive investigations, and potentially training as a subject matter expert for example as a crisis communications consultant. You will also support the development of junior team members and collaborate with the global consulting team on service delivery, maintaining accurate records across platforms such as Salesforce. Specifics Provide advice and guidance to clients in response to case activations on the following peril types: Active Assailant / Workplace Violence; Political Violence & Terrorism; Cyber Extortion; and Any other crisis-level event in which All-Hazard Response are engaged. Deployment globally in support of any new case activation, often with no notice. Produce all relevant documentation in support of assigned response cases, in line with CSC's doctrine and methodology. Coordinate and conduct sensitive investigational support to clients. Train as a Crisis Communications consultant. Support the development of more junior team members and work in cooperation with the wider global consulting team on all other aspects of consulting services delivery. Keep Salesforce and any other platforms used by Crisis24 up to date and accurate in relation to relevant accounts and proposals. Obtain the skill set and knowledge to actively respond as a Special Risks Response Consultant when required. Support to Insurance Partners Deliver onboarding briefings to new policy holders. Provide capability briefings in support of marketing the wider insurance policies. Assist in the delivery of update reports to insurance underwriters during ongoing cases. Generation of new response retainers, providing services to insurance partners or private clients. Direct engagement contracts for new response cases when insurance options are not present. Assist wider CSC team members in any business development briefings and activity when required. Support the implementation of a business development plan for the region. Scope, price, manage and/or oversee the development of client proposals and responses to RFPs. Represent CSC, Crisis24 and GardaWorld in client pitches/senior-level presentations/in-person meetings. Duty officer Following training, there may be a requirement to join the Duty Officer roster for All-Hazards Response activations. Account management Client liaison and account/client relationship management of new and existing consulting clients. Other Support the wider Crisis24 and GardaWorld business as required. Who You Will Work With Under the guidance of the Associate Director for All Hazards Response, you will collaborate on a variety of response cases and projects. These initiatives are diverse in terms of geography, industry, and complexity, necessitating effective management of pressures. You will be an integral part of both the Response Group and the wider CSC team, frequently assisting other teams within Crisis24 and GardaWorld. Owing to the sensitive nature of the case activity, All Hazards personnel are often visible to the highest levels of leadership within Crisis24 and GardaWorld. What You Will Bring Summary Candidates should have at least 10 years of experience in Crisis Management, preferably within a corporate or consulting environment, and a solid background in Security Risk and Crisis Management. You should be knowledgeable about crisis response processes, the specialist insurance market, and have a track record of developing new business opportunities. The role demands extensive global travel, often to high-risk areas, and requires strong analytical, problem-solving, and communication skills. Candidates must be adaptable, motivated to work irregular hours, and committed to continuous professional development. Specifics 10+ years of experience in Crisis Management, preferably in a corporate and/or consulting setting. Strong working knowledge of Security Risk and Crisis Management. In-depth knowledge and experience of crisis response processes. An understanding of specialist insurance markets. Demonstrable commercial experience developing new business opportunities. Extensive travel experience globally, including in high-threat/hostile environments. Strong analytical and problem-solving skills; a creative thinker who can apply initiative and create solutions to solve clients' problems. Ability to manage multiple cases simultaneously with strong attention to detail. Personable and able to communicate effectively at all levels with team members and clients, with the gravitas to influence at a very senior level, including verbal communications and presentations skills. Able to relate well to others with confidence and empathy, build trust and be calm and resourceful during difficult and emotive situations. The flexibility and motivation to work irregular hours and maintain quality delivery. Invested in development; maintains a high level of industry knowledge and awareness of geopolitical and security/crisis management issues and trends. The annual leave year runs from 1 January to 31 December. Your paid annual leave entitlement will be 25 days per annum (pro rata for part time hours). Group Life Insurance effective upon commencement of employment. Death in Service pays out at 4x base salary. Employee Assistance Program effective upon commencement of employment. Full details will be provided after joining the company. A Discretionary Bonus Scheme, effective in the year following your employment, and based on company performance in the previous fiscal year. Group Pension Scheme, to which you will be automatically enrolled from the beginning of the third month following start date: We will match your contributions up to 5%. The minimum contribution you can make to the scheme is 4%. You will be entitled to opt out should you wish. Information Security Protect the data and systems of Crisis24 and its stakeholders by adhering to policies, reporting incidents and potential problems, completing regular training, and identifying opportunities for improvement. Crisis24, A GardaWorld Company is dedicated to equal opportunity in employment. We are committed to a work environment that celebrates diversity. We do not discriminate against any individual based on race, color, sex, national origin, age, religion, marital or parental status, sexual orientation, gender identity, gender expression, military or veteran status, disability, or any factors protected by applicable laws.
Apr 19, 2024
Full time
Crisis24, a GardaWorld company, is widely regarded as the leading integrated risk management, crisis response, consulting, and global protective solutions firm, serving the world's most influential people, disruptive brands, and prominent organizations. Championed by our advanced Global Operation Centers and our skilled team of intelligence analysts, we offer highly specialized services, security and consulting, with the technology and AI to power it all across the globe. At Crisis24, we go beyond mere employment; we pave the way to a realm where your skills become instrumental in shaping global security, guiding clients through a multifaceted and challenging landscape. Your journey with us will be deeply fulfilling, driven by a powerful sense of purpose and accomplishment. Within our thriving environment, you'll discover abundant chances for both personal and career advancement. Seize this moment to push your limits, broaden your expertise, and elevate your professional journey to unprecedented levels. Join the Crisis24 team today and be a part of something extraordinary where growth and impact converge. Crisis24's Crisis & Security Consulting (CSC) division, specifically the All-Hazards Response team, is on the lookout for a Senior Consultant. This role is ideally suited for candidates based in the UK or in mainland Europe. As a part of our dynamic and agile Response Group, the successful applicant will have the chance to enhance their skill set and knowledge, enabling them to contribute across various teams within the organization. Candidates should possess comprehensive experience in crisis management at both tactical and strategic levels and have a wide-ranging understanding of different industries. The position involves readiness to deploy globally at short notice, often in challenging situations, requiring confidence and the ability to provide immediate support and guidance to high-level / C-Suite stakeholders. What You Will Work On Summary You will deliver All Hazards Response services, providing expert advice and guidance to clients facing crises, from threats and violence to political and cyber-related issues. This role entails global deployment, often without prior notice, creating documentation in line with CSC's methodologies, conducting sensitive investigations, and potentially training as a subject matter expert for example as a crisis communications consultant. You will also support the development of junior team members and collaborate with the global consulting team on service delivery, maintaining accurate records across platforms such as Salesforce. Specifics Provide advice and guidance to clients in response to case activations on the following peril types: Active Assailant / Workplace Violence; Political Violence & Terrorism; Cyber Extortion; and Any other crisis-level event in which All-Hazard Response are engaged. Deployment globally in support of any new case activation, often with no notice. Produce all relevant documentation in support of assigned response cases, in line with CSC's doctrine and methodology. Coordinate and conduct sensitive investigational support to clients. Train as a Crisis Communications consultant. Support the development of more junior team members and work in cooperation with the wider global consulting team on all other aspects of consulting services delivery. Keep Salesforce and any other platforms used by Crisis24 up to date and accurate in relation to relevant accounts and proposals. Obtain the skill set and knowledge to actively respond as a Special Risks Response Consultant when required. Support to Insurance Partners Deliver onboarding briefings to new policy holders. Provide capability briefings in support of marketing the wider insurance policies. Assist in the delivery of update reports to insurance underwriters during ongoing cases. Generation of new response retainers, providing services to insurance partners or private clients. Direct engagement contracts for new response cases when insurance options are not present. Assist wider CSC team members in any business development briefings and activity when required. Support the implementation of a business development plan for the region. Scope, price, manage and/or oversee the development of client proposals and responses to RFPs. Represent CSC, Crisis24 and GardaWorld in client pitches/senior-level presentations/in-person meetings. Duty officer Following training, there may be a requirement to join the Duty Officer roster for All-Hazards Response activations. Account management Client liaison and account/client relationship management of new and existing consulting clients. Other Support the wider Crisis24 and GardaWorld business as required. Who You Will Work With Under the guidance of the Associate Director for All Hazards Response, you will collaborate on a variety of response cases and projects. These initiatives are diverse in terms of geography, industry, and complexity, necessitating effective management of pressures. You will be an integral part of both the Response Group and the wider CSC team, frequently assisting other teams within Crisis24 and GardaWorld. Owing to the sensitive nature of the case activity, All Hazards personnel are often visible to the highest levels of leadership within Crisis24 and GardaWorld. What You Will Bring Summary Candidates should have at least 10 years of experience in Crisis Management, preferably within a corporate or consulting environment, and a solid background in Security Risk and Crisis Management. You should be knowledgeable about crisis response processes, the specialist insurance market, and have a track record of developing new business opportunities. The role demands extensive global travel, often to high-risk areas, and requires strong analytical, problem-solving, and communication skills. Candidates must be adaptable, motivated to work irregular hours, and committed to continuous professional development. Specifics 10+ years of experience in Crisis Management, preferably in a corporate and/or consulting setting. Strong working knowledge of Security Risk and Crisis Management. In-depth knowledge and experience of crisis response processes. An understanding of specialist insurance markets. Demonstrable commercial experience developing new business opportunities. Extensive travel experience globally, including in high-threat/hostile environments. Strong analytical and problem-solving skills; a creative thinker who can apply initiative and create solutions to solve clients' problems. Ability to manage multiple cases simultaneously with strong attention to detail. Personable and able to communicate effectively at all levels with team members and clients, with the gravitas to influence at a very senior level, including verbal communications and presentations skills. Able to relate well to others with confidence and empathy, build trust and be calm and resourceful during difficult and emotive situations. The flexibility and motivation to work irregular hours and maintain quality delivery. Invested in development; maintains a high level of industry knowledge and awareness of geopolitical and security/crisis management issues and trends. The annual leave year runs from 1 January to 31 December. Your paid annual leave entitlement will be 25 days per annum (pro rata for part time hours). Group Life Insurance effective upon commencement of employment. Death in Service pays out at 4x base salary. Employee Assistance Program effective upon commencement of employment. Full details will be provided after joining the company. A Discretionary Bonus Scheme, effective in the year following your employment, and based on company performance in the previous fiscal year. Group Pension Scheme, to which you will be automatically enrolled from the beginning of the third month following start date: We will match your contributions up to 5%. The minimum contribution you can make to the scheme is 4%. You will be entitled to opt out should you wish. Information Security Protect the data and systems of Crisis24 and its stakeholders by adhering to policies, reporting incidents and potential problems, completing regular training, and identifying opportunities for improvement. Crisis24, A GardaWorld Company is dedicated to equal opportunity in employment. We are committed to a work environment that celebrates diversity. We do not discriminate against any individual based on race, color, sex, national origin, age, religion, marital or parental status, sexual orientation, gender identity, gender expression, military or veteran status, disability, or any factors protected by applicable laws.
Eames are working with a reputable insurer on the hire of an IT Security Analyst. Please find details on the role below. Responsibilities: Consistently monitor the network, systems, and applications of the organization to detect security threats and vulnerabilities. Respond promptly to security alerts and incidents when necessary. Identify vulnerabilities in software, hardware, and infrastructure and collaborate with IT teams to address them, monitoring progress throughout. Provide support for incident response efforts, including containment, investigation, and recovery, while documenting all actions taken for subsequent analysis. Contribute to the development, implementation, and reinforcement of security policies, standards, and procedures, ensuring adherence to relevant regulatory requirements and industry standards. Supervise user access controls, overseeing processes such as account provisioning, deprovisioning, and permissions management, as well as managing the identity and access management process. Promote security awareness throughout the organization by providing training and guidance on best practices. Analyze security logs, events, and alerts to detect any abnormal or suspicious activities, conducting regular security assessments and risk evaluations. Remain updated on emerging cybersecurity threats and vulnerabilities, utilizing threat intelligence to enhance security measures. Prepare and deliver routine security reports to management and stakeholders, summarizing the organization's security posture, incidents encountered, and risk assessments conducted. Provide assistance with internal and external audit activities, supporting ongoing efforts for ISO27001 certification compliance. Eames Consulting is acting as an Employment Agency in relation to this vacancy.
Apr 10, 2024
Full time
Eames are working with a reputable insurer on the hire of an IT Security Analyst. Please find details on the role below. Responsibilities: Consistently monitor the network, systems, and applications of the organization to detect security threats and vulnerabilities. Respond promptly to security alerts and incidents when necessary. Identify vulnerabilities in software, hardware, and infrastructure and collaborate with IT teams to address them, monitoring progress throughout. Provide support for incident response efforts, including containment, investigation, and recovery, while documenting all actions taken for subsequent analysis. Contribute to the development, implementation, and reinforcement of security policies, standards, and procedures, ensuring adherence to relevant regulatory requirements and industry standards. Supervise user access controls, overseeing processes such as account provisioning, deprovisioning, and permissions management, as well as managing the identity and access management process. Promote security awareness throughout the organization by providing training and guidance on best practices. Analyze security logs, events, and alerts to detect any abnormal or suspicious activities, conducting regular security assessments and risk evaluations. Remain updated on emerging cybersecurity threats and vulnerabilities, utilizing threat intelligence to enhance security measures. Prepare and deliver routine security reports to management and stakeholders, summarizing the organization's security posture, incidents encountered, and risk assessments conducted. Provide assistance with internal and external audit activities, supporting ongoing efforts for ISO27001 certification compliance. Eames Consulting is acting as an Employment Agency in relation to this vacancy.
ROLE SUMMARY The Global Information Security (GIS) organization delivers proactive cyber defense for the global Pfizer enterprise. Our mission is to secure all of Pfizer's information assets ranging from the manufacturing floor to the core data centers and out to the patient facing solutions. We achieve this mission through a team of world-class talent, utilizing top-tier technologies, advanced analytics, and the promotion of a cybersecurity ownership culture across the company. The Cyber Threat Intelligence team works with internal and external partners to reduce risk to Pfizer. The team provides timely situational awareness, conducts in depth analysis of threats, and translates indicators of threat into actionable information to reduce impact to Pfizer. Stakeholders include cybersecurity response teams, internal lines of business, senior leadership, external organizations such as law enforcement, and industry peers and intelligence sharing partners. The Senior Cyber Intelligence Analyst is responsible for conducting in-depth research, documentation, and intelligence analysis of key cyber threats, including threat actor tactics, techniques, and procedures (TTPs), to develop a comprehensive picture of the cyber threat landscape, improve Pfizer's security posture, and reduce risk. This individual will provide domain expertise to aid in the effective prioritization and analysis of threats in line with the needs of our stakeholders. The individual will have experience successfully executing all phases of the intelligence lifecycle in support of driving an intelligence led security organization. An ideal candidate for this role will have technical, communication, and interpersonal skills with previous experience mentoring peer CTI analysts and leading CTI initiatives. The position is an individual contributor role that will engage with cross functional internal colleagues and external partners and reports to the Director, Global Threat Research within the Pfizer Digital Global Information Security organization. ROLE RESPONSIBILITIES Perform intelligence analysis of cyber threat activity through execution of the threat intelligence lifecycle. Conduct in-depth intrusion analysis of cyber threats utilizing frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model and MITRE ATT&CK. Develop strategic, tactical, and operational intelligence products for stakeholder dissemination in support of priority intelligence requirements. Curate threat intelligence related to the cyber threat landscape such as threat actors, malware, vulnerabilities and tactics, techniques, and procedures. Present cyber threat intelligence to stakeholders that helps drive both tactical and strategic priorities. Participate in and lead team projects centered around the cyber threat intelligence mission. Mentor peer CTI analysts through on the job training opportunities. Interface with external sharing communities through the sharing of timely and relevant cyber threats. QUALIFICATIONS BS in Information Security, Computer Sciences, Information Systems, Engineering, or equivalent with demonstrable professional experience in a corporate environment. Experience in understanding the techniques of Computer Network Exploitation and Defense (CNE / CND). Experience using frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model and MITRE ATT&CK. Experience in information analysis and execution of the intelligence lifecycle. Experience developing and curating intelligence related to the cyber threat landscape such as threat actors, malware, vulnerabilities and tactics, techniques, and procedures. Experience with translating threat intelligence from OSINT and private intelligence reports into custom detections and mitigations across multiple security technologies. Experience performing technical indicator and TTP analysis using both open and closed source intelligence sources Ability to provide concise and accurate communications (both verbal and written) in disseminated intelligence products. Ability to communicate and establish rapport with a global team of incident responders and intelligence analysts. Experience mentoring peer analysts in all stages of the intelligence lifecycle. Work Location Assignment: Flexible
Aug 19, 2023
Full time
ROLE SUMMARY The Global Information Security (GIS) organization delivers proactive cyber defense for the global Pfizer enterprise. Our mission is to secure all of Pfizer's information assets ranging from the manufacturing floor to the core data centers and out to the patient facing solutions. We achieve this mission through a team of world-class talent, utilizing top-tier technologies, advanced analytics, and the promotion of a cybersecurity ownership culture across the company. The Cyber Threat Intelligence team works with internal and external partners to reduce risk to Pfizer. The team provides timely situational awareness, conducts in depth analysis of threats, and translates indicators of threat into actionable information to reduce impact to Pfizer. Stakeholders include cybersecurity response teams, internal lines of business, senior leadership, external organizations such as law enforcement, and industry peers and intelligence sharing partners. The Senior Cyber Intelligence Analyst is responsible for conducting in-depth research, documentation, and intelligence analysis of key cyber threats, including threat actor tactics, techniques, and procedures (TTPs), to develop a comprehensive picture of the cyber threat landscape, improve Pfizer's security posture, and reduce risk. This individual will provide domain expertise to aid in the effective prioritization and analysis of threats in line with the needs of our stakeholders. The individual will have experience successfully executing all phases of the intelligence lifecycle in support of driving an intelligence led security organization. An ideal candidate for this role will have technical, communication, and interpersonal skills with previous experience mentoring peer CTI analysts and leading CTI initiatives. The position is an individual contributor role that will engage with cross functional internal colleagues and external partners and reports to the Director, Global Threat Research within the Pfizer Digital Global Information Security organization. ROLE RESPONSIBILITIES Perform intelligence analysis of cyber threat activity through execution of the threat intelligence lifecycle. Conduct in-depth intrusion analysis of cyber threats utilizing frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model and MITRE ATT&CK. Develop strategic, tactical, and operational intelligence products for stakeholder dissemination in support of priority intelligence requirements. Curate threat intelligence related to the cyber threat landscape such as threat actors, malware, vulnerabilities and tactics, techniques, and procedures. Present cyber threat intelligence to stakeholders that helps drive both tactical and strategic priorities. Participate in and lead team projects centered around the cyber threat intelligence mission. Mentor peer CTI analysts through on the job training opportunities. Interface with external sharing communities through the sharing of timely and relevant cyber threats. QUALIFICATIONS BS in Information Security, Computer Sciences, Information Systems, Engineering, or equivalent with demonstrable professional experience in a corporate environment. Experience in understanding the techniques of Computer Network Exploitation and Defense (CNE / CND). Experience using frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model and MITRE ATT&CK. Experience in information analysis and execution of the intelligence lifecycle. Experience developing and curating intelligence related to the cyber threat landscape such as threat actors, malware, vulnerabilities and tactics, techniques, and procedures. Experience with translating threat intelligence from OSINT and private intelligence reports into custom detections and mitigations across multiple security technologies. Experience performing technical indicator and TTP analysis using both open and closed source intelligence sources Ability to provide concise and accurate communications (both verbal and written) in disseminated intelligence products. Ability to communicate and establish rapport with a global team of incident responders and intelligence analysts. Experience mentoring peer analysts in all stages of the intelligence lifecycle. Work Location Assignment: Flexible
Job Description: Job Title: Application Security Analyst Corporate Title: Vice President Location: Chester Role Description: Resource will function as a member of an enterprise network application layer intrusion, detection, prevention, and response team. Will develop and implement custom alerts and dashboards monitoring controls based on OSI layer 7 attack and threat indicators. Provides leadership in assessing new threat vectors and designing and implementing effective controls. Leverages advanced investigative skills using best in class data correlation and network/packet analysis tools. Will partner with senior leaders from lines of business organizations to triage security events and report on impacting security initiatives. Responsible for mentoring and developing the skill sets of less experienced team members. Develops and implements processes or controls in support of audit and risk requirements. The Team: The Network and Endpoint Cybersecurity Operations team provides the first line of defense for Bank of America's global network. It defends against various threats including DDoS, Malware, Web Based Attacks, Remote Attacks, and provides network access assurance across our network and endpoint boundaries. Provides network and endpoint anomaly monitoring for indicators of compromise, and a 24x7 rapid response capability for network and endpoint security related events and incidents. Core Skills: Required Skills: Strong Splunk skill set. The security analyst will leverage Splunk to analyze logs and other security events to find targeted attacks against network-based bank assets. Strong Intrusion Analysis background. Resource must be able to identify and interpret weblogs from various webservers. Knowledgeable of current exploits. Resource must be able to identify common exploits from the appropriate web and event logs. Working knowledge of Linux, Windows, and OS X operating systems. Comfortable with scripting languages and regular expressions Strong knowledge common network protocols Working knowledge of enterprise Client / Server architecture Working knowledge of OSI model 3 through 7 We are a front-line team that handles active security events and highly current threats. On call and after-hours work can be expected although we rotate to approximately one week every 2 months. The analyst will use new intelligence to update existing controls to detect new threats against the bank. Will be expected to have solid technical skills to operate independently and to support others within the security team. Preferred Skills: Experience doing packet captures and interpreting them (wireshark for example). Understanding of stateful firewalls and able to interpret firewall rules. Able to interpret SQL, Apache web logs, IIS, Active Directory and other security logs. Full understanding of modern web site deployments and technology. Familiarity with web application attacks including SQL injection, cross-site scripting, and remote file inclusion. Use tools to detect anomalous/malicious data transmissions on the network. Use advanced analytics / security tools to detect malware on the network. Bank of America: Every day, across the globe, our employees bring a commitment to our purpose and to driving responsible growth by living our values: deliver together, act responsibly, realize the power of our people and trust the team. A key aspect of driving responsible growth is doing so in a sustainable manner, a critical pillar of which is being a great place to work for our teammates. In line with these values, in EMEA we have 9 Employee Networks, a wide range of Sports & Social clubs, and other development and networking opportunities so that you can enjoy a range of experiences and connect with colleagues across the bank. We also offer exclusive discounts to some of the most iconic cultural experiences for you to enjoy in your spare time outside of work. Learn more about our benefits here. Good conduct and sound judgment is crucial to our long term success. It's important that all employees in the organisation understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mind-set are the cornerstones of our Code of Conduct and are at the heart of managing risk well. We are an equal opportunities employer, and ensure that no applicant is subject to less favourable treatment on the grounds of gender, gender identity, marital status, race, colour, nationality, ethnic or national origins, age, sexual orientation, socio-economic background, responsibilities for dependants, physical or mental disability. The Bank selects candidates for interview based on their skills, qualifications and experience. We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements. As part of our standard hiring process to manage risk, please note background screening checks will be conducted on all hires before commencing employment. Job Band: H5 Shift: Hours Per Week: 35 Weekly Schedule: Referral Bonus Amount: 0
Sep 24, 2022
Full time
Job Description: Job Title: Application Security Analyst Corporate Title: Vice President Location: Chester Role Description: Resource will function as a member of an enterprise network application layer intrusion, detection, prevention, and response team. Will develop and implement custom alerts and dashboards monitoring controls based on OSI layer 7 attack and threat indicators. Provides leadership in assessing new threat vectors and designing and implementing effective controls. Leverages advanced investigative skills using best in class data correlation and network/packet analysis tools. Will partner with senior leaders from lines of business organizations to triage security events and report on impacting security initiatives. Responsible for mentoring and developing the skill sets of less experienced team members. Develops and implements processes or controls in support of audit and risk requirements. The Team: The Network and Endpoint Cybersecurity Operations team provides the first line of defense for Bank of America's global network. It defends against various threats including DDoS, Malware, Web Based Attacks, Remote Attacks, and provides network access assurance across our network and endpoint boundaries. Provides network and endpoint anomaly monitoring for indicators of compromise, and a 24x7 rapid response capability for network and endpoint security related events and incidents. Core Skills: Required Skills: Strong Splunk skill set. The security analyst will leverage Splunk to analyze logs and other security events to find targeted attacks against network-based bank assets. Strong Intrusion Analysis background. Resource must be able to identify and interpret weblogs from various webservers. Knowledgeable of current exploits. Resource must be able to identify common exploits from the appropriate web and event logs. Working knowledge of Linux, Windows, and OS X operating systems. Comfortable with scripting languages and regular expressions Strong knowledge common network protocols Working knowledge of enterprise Client / Server architecture Working knowledge of OSI model 3 through 7 We are a front-line team that handles active security events and highly current threats. On call and after-hours work can be expected although we rotate to approximately one week every 2 months. The analyst will use new intelligence to update existing controls to detect new threats against the bank. Will be expected to have solid technical skills to operate independently and to support others within the security team. Preferred Skills: Experience doing packet captures and interpreting them (wireshark for example). Understanding of stateful firewalls and able to interpret firewall rules. Able to interpret SQL, Apache web logs, IIS, Active Directory and other security logs. Full understanding of modern web site deployments and technology. Familiarity with web application attacks including SQL injection, cross-site scripting, and remote file inclusion. Use tools to detect anomalous/malicious data transmissions on the network. Use advanced analytics / security tools to detect malware on the network. Bank of America: Every day, across the globe, our employees bring a commitment to our purpose and to driving responsible growth by living our values: deliver together, act responsibly, realize the power of our people and trust the team. A key aspect of driving responsible growth is doing so in a sustainable manner, a critical pillar of which is being a great place to work for our teammates. In line with these values, in EMEA we have 9 Employee Networks, a wide range of Sports & Social clubs, and other development and networking opportunities so that you can enjoy a range of experiences and connect with colleagues across the bank. We also offer exclusive discounts to some of the most iconic cultural experiences for you to enjoy in your spare time outside of work. Learn more about our benefits here. Good conduct and sound judgment is crucial to our long term success. It's important that all employees in the organisation understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mind-set are the cornerstones of our Code of Conduct and are at the heart of managing risk well. We are an equal opportunities employer, and ensure that no applicant is subject to less favourable treatment on the grounds of gender, gender identity, marital status, race, colour, nationality, ethnic or national origins, age, sexual orientation, socio-economic background, responsibilities for dependants, physical or mental disability. The Bank selects candidates for interview based on their skills, qualifications and experience. We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements. As part of our standard hiring process to manage risk, please note background screening checks will be conducted on all hires before commencing employment. Job Band: H5 Shift: Hours Per Week: 35 Weekly Schedule: Referral Bonus Amount: 0