Are you looking for a Security role within a dynamic, innovative financial technology organisation? If so, we are recruiting for a Cyber Operations Engineer to join our IT Department! Working alongside the Cyber Operations Lead you will help to design, develop, and mature the company's cybersecurity capability, including the selection, implementation, and management of security tools/technologies, focused on detection, prevention, and analysis of security threats. This role offers a great opportunity to help define and shape the security function within a collaborative IT department, ensuring the protection of customer assets. Responsibilities include: Work with technology and business teams to deliver security processes, technologies and controls, acting as the authority on security related queries. Define, design, implement, and maintain security solutions appropriate to the business' needs. Support the definition, execution and continuous improvement of key cybersecurity processes including vulnerability & patch management, security incident response, security monitoring, endpoint security, identity and access management, network security, and cryptography. Assist with developing and maintaining security policies, processes and incident response management plans and playbooks. Prepare and document standard operating procedures and protocols. Provide expertise on security requirements into core technology processes like asset management, change management, third-party management, technology development & acquisition, configuration management, etc. Contribute as a team member in projects and change initiatives aimed at increasing enterprise security capabilities e.g., identity and access management, log aggregation, etc. Required experience: Minimum of 3 years' experience in a Security/Cyber Engineer/Analyst, role focusing on designing and implementing security solutions and managing security infrastructure. Previous experience working within a financial services environment and a working understanding of relevant regulations. Experience and in-depth technical knowledge of deploying, maintaining, and configuring a wide range of security technologies within a large and complex environment (anti-malware/EDR, SIEM solutions, vulnerability scanners, patch management, CASB, DLP, penetration testing tools, etc.) Knowledge of TCP/IP and related network protocols: knowledge of standard network protocols like TCP, ARP, ICMP, DHCP, DNS, HTTP, SNMP, VPN etc., and accompanying protocol/packet analysis/manipulation tools. Understanding of key operating systems and network appliances and the ability to assess their security posture based on their configuration/deployment. Experience of working effectively with a variety of stakeholders from different technology and business teams. Strong verbal and written communication skills. Desirable experience: Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM). Strong knowledge of Operating System security and system hardening concepts such as CIS Benchmarks. Experience in working with information security frameworks and regulatory requirements including ISO27001, NIST, PCI DSS, GDPR, Cyber Essentials. Experience of general IT Audit processes and conducting risk assessments. You will be a proactive self - starter with strong communication skills and comfortable interacting with stakeholders at all levels. You will have the ability to tailor your approach and translate requirements to non-technical members of staff. We offer a competitive remuneration package, including company discretionary bonus, excellent pension contributions, an attractive staff share scheme, BUPA health insurance, buying and selling of annual leave and sponsorship of relevant professional qualifications. The role is based in our central London office, working a minimum of two days a week in the office and three days a week from home. About Us Transact is the leading independent investment wrap platform in the UK. Established in 2000, we have over £54.9 billion of funds under direction (as at Sept 2023) on behalf of over 7,600 advisers and 230,000 investor clients. Our service includes an online platform, owned and built by us, and dedicated regional adviser support to help bring clients' assets and investments together in a smarter, more tax efficient way. We offer access to a wide range of tax wrappers (including ISAs, pensions and life insurance investment bonds) and funds which advisers use to build client investment portfolios. Portfolio valuations, purchases and sales are all supported via Transact Online which is available 24/7. Transact's parent company, IntegraFin Holdings plc, is listed on the London Stock Exchange and is a constituent of the FTSE 250 index. Equal Opportunities We provide a diverse and inclusive workplace and ensure that all of our staff respect and understand individual differences. We are an equal opportunities employer and positively encourage applications from suitably qualified and eligible candidates regardless of age, disability, gender reassignment, marital or civil partner status, pregnancy or maternity, race, religion or belief, sex or sexual orientation.
May 02, 2024
Full time
Are you looking for a Security role within a dynamic, innovative financial technology organisation? If so, we are recruiting for a Cyber Operations Engineer to join our IT Department! Working alongside the Cyber Operations Lead you will help to design, develop, and mature the company's cybersecurity capability, including the selection, implementation, and management of security tools/technologies, focused on detection, prevention, and analysis of security threats. This role offers a great opportunity to help define and shape the security function within a collaborative IT department, ensuring the protection of customer assets. Responsibilities include: Work with technology and business teams to deliver security processes, technologies and controls, acting as the authority on security related queries. Define, design, implement, and maintain security solutions appropriate to the business' needs. Support the definition, execution and continuous improvement of key cybersecurity processes including vulnerability & patch management, security incident response, security monitoring, endpoint security, identity and access management, network security, and cryptography. Assist with developing and maintaining security policies, processes and incident response management plans and playbooks. Prepare and document standard operating procedures and protocols. Provide expertise on security requirements into core technology processes like asset management, change management, third-party management, technology development & acquisition, configuration management, etc. Contribute as a team member in projects and change initiatives aimed at increasing enterprise security capabilities e.g., identity and access management, log aggregation, etc. Required experience: Minimum of 3 years' experience in a Security/Cyber Engineer/Analyst, role focusing on designing and implementing security solutions and managing security infrastructure. Previous experience working within a financial services environment and a working understanding of relevant regulations. Experience and in-depth technical knowledge of deploying, maintaining, and configuring a wide range of security technologies within a large and complex environment (anti-malware/EDR, SIEM solutions, vulnerability scanners, patch management, CASB, DLP, penetration testing tools, etc.) Knowledge of TCP/IP and related network protocols: knowledge of standard network protocols like TCP, ARP, ICMP, DHCP, DNS, HTTP, SNMP, VPN etc., and accompanying protocol/packet analysis/manipulation tools. Understanding of key operating systems and network appliances and the ability to assess their security posture based on their configuration/deployment. Experience of working effectively with a variety of stakeholders from different technology and business teams. Strong verbal and written communication skills. Desirable experience: Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM). Strong knowledge of Operating System security and system hardening concepts such as CIS Benchmarks. Experience in working with information security frameworks and regulatory requirements including ISO27001, NIST, PCI DSS, GDPR, Cyber Essentials. Experience of general IT Audit processes and conducting risk assessments. You will be a proactive self - starter with strong communication skills and comfortable interacting with stakeholders at all levels. You will have the ability to tailor your approach and translate requirements to non-technical members of staff. We offer a competitive remuneration package, including company discretionary bonus, excellent pension contributions, an attractive staff share scheme, BUPA health insurance, buying and selling of annual leave and sponsorship of relevant professional qualifications. The role is based in our central London office, working a minimum of two days a week in the office and three days a week from home. About Us Transact is the leading independent investment wrap platform in the UK. Established in 2000, we have over £54.9 billion of funds under direction (as at Sept 2023) on behalf of over 7,600 advisers and 230,000 investor clients. Our service includes an online platform, owned and built by us, and dedicated regional adviser support to help bring clients' assets and investments together in a smarter, more tax efficient way. We offer access to a wide range of tax wrappers (including ISAs, pensions and life insurance investment bonds) and funds which advisers use to build client investment portfolios. Portfolio valuations, purchases and sales are all supported via Transact Online which is available 24/7. Transact's parent company, IntegraFin Holdings plc, is listed on the London Stock Exchange and is a constituent of the FTSE 250 index. Equal Opportunities We provide a diverse and inclusive workplace and ensure that all of our staff respect and understand individual differences. We are an equal opportunities employer and positively encourage applications from suitably qualified and eligible candidates regardless of age, disability, gender reassignment, marital or civil partner status, pregnancy or maternity, race, religion or belief, sex or sexual orientation.
Security Analyst - Hybrid - 3 days on site - Nottinghamshire Main Responsibilities: - Triage, analyse and investigate alerts, log data and network traffic using security tools to identify cyber-attacks/security incidents. This includes the investigation and root cause analysis of potential security incidents. - Proactively investigate potential security breaches by utilising threat intelligence and internal and external security systems and provide subject matter expertise for technical responses to confirmed cyber security incidents. - Create and maintain the clients target cyber security architecture. - Deliver subject matter expertise to key stakeholders to drive the implementation of security controls to meet the target architecture. - Accountable for vulnerability scanning, including the prioritisation of unpatched vulnerabilities and reporting against agreed KPIs and KRIs. - Support the annual penetration testing schedule by arranging penetration testing, including tracking, and communicating penetration testing results. - Perform supplementary testing of clients detection and response controls by procuring, installing, and running penetration testing tooling. - Participate in process improvement work to automate and improve critical cyber security processes such as monitoring, patching, and hardening. - Develop and maintain process documentation for security architecture, vulnerability management, cyber incident response, and playbooks. - Provide security representation across multiple geographies, business units and teams to achieve objectives, including engagement with the Information Security Enhancement Office. Skills, Knowledge and Experience - Has obtained one or more of the following qualifications: CEH, CRTSA, and OSCP. - Qualifications such as CISSP and CISM would be advantageous. - Problem solving skills, and the ability to come up with new solutions to existing challenges. - Strengths in key 'soft skill' areas such as relationship management, communication, and presentation of technical security information to a variety of audiences. - Technical skills to investigate potential breaches through existing tools, packet capture and log file analysis. - A logical mindset, the ability to identify proportionate, appropriate mitigations to identified security incidents, and to prioritise incidents based on risk. - Capable of working independently/without ongoing supervision on projects and day to day tasks. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
May 02, 2024
Full time
Security Analyst - Hybrid - 3 days on site - Nottinghamshire Main Responsibilities: - Triage, analyse and investigate alerts, log data and network traffic using security tools to identify cyber-attacks/security incidents. This includes the investigation and root cause analysis of potential security incidents. - Proactively investigate potential security breaches by utilising threat intelligence and internal and external security systems and provide subject matter expertise for technical responses to confirmed cyber security incidents. - Create and maintain the clients target cyber security architecture. - Deliver subject matter expertise to key stakeholders to drive the implementation of security controls to meet the target architecture. - Accountable for vulnerability scanning, including the prioritisation of unpatched vulnerabilities and reporting against agreed KPIs and KRIs. - Support the annual penetration testing schedule by arranging penetration testing, including tracking, and communicating penetration testing results. - Perform supplementary testing of clients detection and response controls by procuring, installing, and running penetration testing tooling. - Participate in process improvement work to automate and improve critical cyber security processes such as monitoring, patching, and hardening. - Develop and maintain process documentation for security architecture, vulnerability management, cyber incident response, and playbooks. - Provide security representation across multiple geographies, business units and teams to achieve objectives, including engagement with the Information Security Enhancement Office. Skills, Knowledge and Experience - Has obtained one or more of the following qualifications: CEH, CRTSA, and OSCP. - Qualifications such as CISSP and CISM would be advantageous. - Problem solving skills, and the ability to come up with new solutions to existing challenges. - Strengths in key 'soft skill' areas such as relationship management, communication, and presentation of technical security information to a variety of audiences. - Technical skills to investigate potential breaches through existing tools, packet capture and log file analysis. - A logical mindset, the ability to identify proportionate, appropriate mitigations to identified security incidents, and to prioritise incidents based on risk. - Capable of working independently/without ongoing supervision on projects and day to day tasks. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
Job title: Cyber Lead Location: Glascoed, Radway Green or Washington We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: £52k - £62k per annum What you'll be doing: Provide security architecture / technical input into the development of secure solutions for IM&T, Cyber and Operational Technology Support development of strategy and continual service improvement for the Cyber Assurance function at Business and Sector Level and act as a subject matter expert for the wider organisation Line management responsibility for members of the team of cyber analysts Defining Cyber Security requirements, with development and execution of a plan to gain compliance to the NIST Cyber framework in line with Corporate Guidance covering Enterprise Systems, Operational Technologies services and Cloud Conducting and reporting compliance assessments of Land UK IM&T capabilities to identify Cyber Security Risks in line with business risk appetite and the changing cyber threat Identification of risk and appropriate mitigations, development & analysis of secure solutions and assessment of compliance with internal and external standards and regulations Defining a schedule of assurance activities to review security control compliance with standards on a prioritised risk basis Deliver documentation and conduct impact assessments to demonstrate compliance to internal and external stakeholders Your skills and experiences: Essential Relevant experience in a related discipline (ICT/Computing, assurance, risk management, vulnerability/threat assessment) Wide ranging knowledge of application, infrastructure and security technologies and familiarity with implementing them in a secure configuration Desirable Previous experience of providing security input and advice to projects in the Government sector or commercial organisations Knowledge of security policies, NIST, DEFSTAN 05-138 (or other similar standards) and good practice guidance regarding their application Experience of working in a project environment and awareness of system development lifecycle methodologies CCP, CISM or CISSP qualification Benefits: You'll receive benefits including a competitive pension scheme, enhanced annual leave allowance and a Company contributed Share Incentive Plan. You'll also have access to additional benefits such as flexible working, an employee assistance programme, Cycle2work and employee discounts - you may also be eligible for an annual incentive. The IM&T team: Within a dedicated team providing a wide range of IT services and further exploiting our digital landscape, the successful candidate will play a key role in keeping our systems and data secure. This role will provide you with the opportunity to work on critical business change programmes, adding great value and collaborating with various functions in a growing business. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome candidates from all backgrounds and particularly from sections of the community who are currently underrepresented within our industry, including women, ethnic minorities, people with disabilities and LGBTQ+ individuals. We also want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles working for BAE Systems will be subject to both security and export control restrictions. These restrictions mean that factors including your nationality, any previous nationalities you have held, and your place of birth may limit those roles you can perform for the organisation. Closing Date: 14th May 2023 We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible.
May 02, 2024
Full time
Job title: Cyber Lead Location: Glascoed, Radway Green or Washington We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: £52k - £62k per annum What you'll be doing: Provide security architecture / technical input into the development of secure solutions for IM&T, Cyber and Operational Technology Support development of strategy and continual service improvement for the Cyber Assurance function at Business and Sector Level and act as a subject matter expert for the wider organisation Line management responsibility for members of the team of cyber analysts Defining Cyber Security requirements, with development and execution of a plan to gain compliance to the NIST Cyber framework in line with Corporate Guidance covering Enterprise Systems, Operational Technologies services and Cloud Conducting and reporting compliance assessments of Land UK IM&T capabilities to identify Cyber Security Risks in line with business risk appetite and the changing cyber threat Identification of risk and appropriate mitigations, development & analysis of secure solutions and assessment of compliance with internal and external standards and regulations Defining a schedule of assurance activities to review security control compliance with standards on a prioritised risk basis Deliver documentation and conduct impact assessments to demonstrate compliance to internal and external stakeholders Your skills and experiences: Essential Relevant experience in a related discipline (ICT/Computing, assurance, risk management, vulnerability/threat assessment) Wide ranging knowledge of application, infrastructure and security technologies and familiarity with implementing them in a secure configuration Desirable Previous experience of providing security input and advice to projects in the Government sector or commercial organisations Knowledge of security policies, NIST, DEFSTAN 05-138 (or other similar standards) and good practice guidance regarding their application Experience of working in a project environment and awareness of system development lifecycle methodologies CCP, CISM or CISSP qualification Benefits: You'll receive benefits including a competitive pension scheme, enhanced annual leave allowance and a Company contributed Share Incentive Plan. You'll also have access to additional benefits such as flexible working, an employee assistance programme, Cycle2work and employee discounts - you may also be eligible for an annual incentive. The IM&T team: Within a dedicated team providing a wide range of IT services and further exploiting our digital landscape, the successful candidate will play a key role in keeping our systems and data secure. This role will provide you with the opportunity to work on critical business change programmes, adding great value and collaborating with various functions in a growing business. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome candidates from all backgrounds and particularly from sections of the community who are currently underrepresented within our industry, including women, ethnic minorities, people with disabilities and LGBTQ+ individuals. We also want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles working for BAE Systems will be subject to both security and export control restrictions. These restrictions mean that factors including your nationality, any previous nationalities you have held, and your place of birth may limit those roles you can perform for the organisation. Closing Date: 14th May 2023 We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible.
Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high-growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, they explore and they implement the new ideas helping us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an IT role at BDO, you'll become part of a team that act as the backbone for our business. No matter who you are or what your skillset is, we'll give you the training and support you need to achieve whatever you put your mind to. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. The Security Operations Manager role is integral to BDO, ensuring that we protect our colleagues, clients and partners information as we rapidly expand our digital footprint. Reporting into the Head of IT Security, you'll ensure the delivery of cybersecurity improvement initiatives, operational excellence, technical security assurance and develop a talent pipeline. You'll work closely alongside the Head of IT Security to instill the right structure and processes to support the delivery of continual Cybersecurity improvements across BDO and will have direct line management responsibilities of 3x Cybersecurity Analysts where you will conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members. You'll also: Deliver security operations technology roadmaps in conjunction with the wider Cybersecurity strategy. Propose changes to existing policies, procedures and configurations to ensure operating efficiency and regulatory compliance. Contribute to the security strategy, ensuring that technical and structural considerations regarding design, build and run components are considered. Aid the Head of IT Security in chairing various defined security management working groups, ensuring that reporting against progress vs plan is developed. Manage security operational production incidents and participate in problem and change management forums. Serve as an active participant in the information security governance process, working with Business Analysts, Governance and PMO functions in order to ensure that cyber risks are accurately reported, assessed and mitigated. Consult with IT and support staff to ensure that security is factored into the evaluation, selection, installation and configuration of new products and services. Report on the implementation of technical controls to support and enforce defined security policies. Report on the technical aspects of security management against pre-defined Cybersecurity operational metrics. Engage with the MSSP re Service Level Agreements (SLA's), monitoring metrics, including contract and performance metrics Own day-to-day management IT Security Service Requests and tickets, including: Reporting, Knowledge Management, Root Cause Analysis and Proactive Problem Repetition Avoidance. Contribute to a Cybersecurity knowledgebase comprising technical reference libraries, security advisories and alerts, information on security trends and practices, and laws and regulations. Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements. Contribute to the development of a Cybersecurity Operations Resource and Capacity planner managed through BDO's Azure DevOps environment. Oversee incident response, threat detection, and mitigation efforts You'll be someone with: A good understanding of monitoring frameworks eg MITRE ATT&CK and SIEM technologies eg Microsoft Sentinel An interest in automation of Security operation function including artificial intelligence An understanding of Microsoft security product portfolio CISSP/CISM (Desired) CCSP/SSCP (Desired) Proven experience in Cybersecurity and IT Operations (Required) DLP, EDR/XDR, CASB, E-mail Security, SWG and ZTNA/SASE You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we're always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions We've got a clear purpose, and we're confident in our future, because we're adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.
May 01, 2024
Full time
Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high-growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, they explore and they implement the new ideas helping us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an IT role at BDO, you'll become part of a team that act as the backbone for our business. No matter who you are or what your skillset is, we'll give you the training and support you need to achieve whatever you put your mind to. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. The Security Operations Manager role is integral to BDO, ensuring that we protect our colleagues, clients and partners information as we rapidly expand our digital footprint. Reporting into the Head of IT Security, you'll ensure the delivery of cybersecurity improvement initiatives, operational excellence, technical security assurance and develop a talent pipeline. You'll work closely alongside the Head of IT Security to instill the right structure and processes to support the delivery of continual Cybersecurity improvements across BDO and will have direct line management responsibilities of 3x Cybersecurity Analysts where you will conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members. You'll also: Deliver security operations technology roadmaps in conjunction with the wider Cybersecurity strategy. Propose changes to existing policies, procedures and configurations to ensure operating efficiency and regulatory compliance. Contribute to the security strategy, ensuring that technical and structural considerations regarding design, build and run components are considered. Aid the Head of IT Security in chairing various defined security management working groups, ensuring that reporting against progress vs plan is developed. Manage security operational production incidents and participate in problem and change management forums. Serve as an active participant in the information security governance process, working with Business Analysts, Governance and PMO functions in order to ensure that cyber risks are accurately reported, assessed and mitigated. Consult with IT and support staff to ensure that security is factored into the evaluation, selection, installation and configuration of new products and services. Report on the implementation of technical controls to support and enforce defined security policies. Report on the technical aspects of security management against pre-defined Cybersecurity operational metrics. Engage with the MSSP re Service Level Agreements (SLA's), monitoring metrics, including contract and performance metrics Own day-to-day management IT Security Service Requests and tickets, including: Reporting, Knowledge Management, Root Cause Analysis and Proactive Problem Repetition Avoidance. Contribute to a Cybersecurity knowledgebase comprising technical reference libraries, security advisories and alerts, information on security trends and practices, and laws and regulations. Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements. Contribute to the development of a Cybersecurity Operations Resource and Capacity planner managed through BDO's Azure DevOps environment. Oversee incident response, threat detection, and mitigation efforts You'll be someone with: A good understanding of monitoring frameworks eg MITRE ATT&CK and SIEM technologies eg Microsoft Sentinel An interest in automation of Security operation function including artificial intelligence An understanding of Microsoft security product portfolio CISSP/CISM (Desired) CCSP/SSCP (Desired) Proven experience in Cybersecurity and IT Operations (Required) DLP, EDR/XDR, CASB, E-mail Security, SWG and ZTNA/SASE You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we're always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions We've got a clear purpose, and we're confident in our future, because we're adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.
SOC Analyst - Reading/Hybrid - Up to £65k + BenefitsSOC Analyst required to join the growing cyber security team at a large enterprise that serves millions of customers!In this challenging and varied role, you will be responsible for maintaining Security Operations (SecOps) solutions, controls, and processes across the organisation. You will provide proactive risk remediation, will help with incident readiness & response and will also contribute to the continuous improvement of the security environment. This organisation is making a big investment in cyber and there are lots of initiatives and projects to get stuck into. If you are looking for a role where you can make an impact, influence the future and have your voice and opinions heard then look no further!As SOC Analyst you will bring a good understanding of SecOps concepts, technologies, and best practices and will collaborate effectively with cross-functional teams to ensure the highest level of security, compliance, and user experience.Amongst your responsibilities you will: Collaborate with stakeholders to ensure security controls align with business requirements and risk levels Develop and maintain SecOps documentation, policies, and procedures Maintain cybersecurity solutions across systems, applications, and infrastructure Investigate security alerts from the SIEM tool and take appropriate incident response actions. Communicate with stakeholders about security incidents, detailing actions taken. Support the Cyber Incident Response Manager by triaging events and conducting root cause analysis for security and privacy incidents. On-call duty is required for major incidents. Conduct proactive threat hunting to detect emerging cyber threats. Collect data for cybersecurity compliance dashboards and ensure compliance with GDPR, NIS, and ISO 27001. Monitor and optimize the performance of SecOps tools. Stay updated with industry trends and best practices to improve security operations. This is a SOC role that offers a good chance to test and advance your skills across a range of projects including the migration of legacy to more modern solutions. To be considered you must be a Security, Cyber or SOC professional who has ideally operated within an enterprise environment. You will have solid exposure to cyber security concepts and principles and must bring a sound knowledge of the Microsoft stack including O365, Windows and MFA (Multifactor Authenticator). You must also have hands-on experience utilising and configuring Microsoft Security Operations tools such as Sentinel and Defender.You will possess a good general understanding of IT/Infrastructure and will have strong analytical and problem-solving abilities. A strong communicator, you will have no trouble explaining complex IT or security problems in a simple manner to non-technical audiences. Industry certifications are desirable, ideally a Microsoft SecOps specific certification(s) e.g. Microsoft Security Operations Analyst (SC-200) and/or cyber security industry certification(s) such as CISSP, CISM, or CCSP.If you are Security, Cyber or SOC professional looking for a role which gives you new challenges, opportunity for growth and the chance to make a real impact then APPLY NOW!If you are interested please apply ASAP. The People Network is an employment agency and will respond to all applicants within three - five working days. If you do not hear within these timescales please feel free to get in touch.
May 01, 2024
Full time
SOC Analyst - Reading/Hybrid - Up to £65k + BenefitsSOC Analyst required to join the growing cyber security team at a large enterprise that serves millions of customers!In this challenging and varied role, you will be responsible for maintaining Security Operations (SecOps) solutions, controls, and processes across the organisation. You will provide proactive risk remediation, will help with incident readiness & response and will also contribute to the continuous improvement of the security environment. This organisation is making a big investment in cyber and there are lots of initiatives and projects to get stuck into. If you are looking for a role where you can make an impact, influence the future and have your voice and opinions heard then look no further!As SOC Analyst you will bring a good understanding of SecOps concepts, technologies, and best practices and will collaborate effectively with cross-functional teams to ensure the highest level of security, compliance, and user experience.Amongst your responsibilities you will: Collaborate with stakeholders to ensure security controls align with business requirements and risk levels Develop and maintain SecOps documentation, policies, and procedures Maintain cybersecurity solutions across systems, applications, and infrastructure Investigate security alerts from the SIEM tool and take appropriate incident response actions. Communicate with stakeholders about security incidents, detailing actions taken. Support the Cyber Incident Response Manager by triaging events and conducting root cause analysis for security and privacy incidents. On-call duty is required for major incidents. Conduct proactive threat hunting to detect emerging cyber threats. Collect data for cybersecurity compliance dashboards and ensure compliance with GDPR, NIS, and ISO 27001. Monitor and optimize the performance of SecOps tools. Stay updated with industry trends and best practices to improve security operations. This is a SOC role that offers a good chance to test and advance your skills across a range of projects including the migration of legacy to more modern solutions. To be considered you must be a Security, Cyber or SOC professional who has ideally operated within an enterprise environment. You will have solid exposure to cyber security concepts and principles and must bring a sound knowledge of the Microsoft stack including O365, Windows and MFA (Multifactor Authenticator). You must also have hands-on experience utilising and configuring Microsoft Security Operations tools such as Sentinel and Defender.You will possess a good general understanding of IT/Infrastructure and will have strong analytical and problem-solving abilities. A strong communicator, you will have no trouble explaining complex IT or security problems in a simple manner to non-technical audiences. Industry certifications are desirable, ideally a Microsoft SecOps specific certification(s) e.g. Microsoft Security Operations Analyst (SC-200) and/or cyber security industry certification(s) such as CISSP, CISM, or CCSP.If you are Security, Cyber or SOC professional looking for a role which gives you new challenges, opportunity for growth and the chance to make a real impact then APPLY NOW!If you are interested please apply ASAP. The People Network is an employment agency and will respond to all applicants within three - five working days. If you do not hear within these timescales please feel free to get in touch.
Junior SOC Analyst - Hybrid - 3 days on site - Nottinghamshire Main Responsibilities: - Triage, analyse and investigate alerts, log data and network traffic using security tools to identify cyber-attacks / security incidents. This includes the investigation and root cause analysis of potential security incidents. - Proactively investigate potential security breaches by utilising threat intelligence and internal and external security systems and provide subject matter expertise for technical responses to confirmed cyber security incidents. - Create and maintain the clients target cyber security architecture. - Deliver subject matter expertise to key stakeholders to drive the implementation of security controls to meet the target architecture. - Accountable for vulnerability scanning, including the prioritisation of unpatched vulnerabilities and reporting against agreed KPIs and KRIs. - Support the annual penetration testing schedule by arranging penetration testing, including tracking, and communicating penetration testing results. - Perform supplementary testing of clients detection and response controls by procuring, installing, and running penetration testing tooling. - Participate in process improvement work to automate and improve critical cyber security processes such as monitoring, patching, and hardening. - Develop and maintain process documentation for security architecture, vulnerability management, cyber incident response, and playbooks. - Provide security representation across multiple geographies, business units and teams to achieve objectives, including engagement with the Information Security Enhancement Office. Skills, Knowledge and Experience - Has obtained one or more of the following qualifications: CEH, CRTSA, and OSCP. - Qualifications such as CISSP and CISM would be advantageous. - Problem solving skills, and the ability to come up with new solutions to existing challenges. - Strengths in key 'soft skill' areas such as relationship management, communication, and presentation of technical security information to a variety of audiences. - Technical skills to investigate potential breaches through existing tools, packet capture and log file analysis. - A logical mindset, the ability to identify proportionate, appropriate mitigations to identified security incidents, and to prioritise incidents based on risk. - Capable of working independently/without ongoing supervision on projects and day to day tasks. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
Apr 28, 2024
Full time
Junior SOC Analyst - Hybrid - 3 days on site - Nottinghamshire Main Responsibilities: - Triage, analyse and investigate alerts, log data and network traffic using security tools to identify cyber-attacks / security incidents. This includes the investigation and root cause analysis of potential security incidents. - Proactively investigate potential security breaches by utilising threat intelligence and internal and external security systems and provide subject matter expertise for technical responses to confirmed cyber security incidents. - Create and maintain the clients target cyber security architecture. - Deliver subject matter expertise to key stakeholders to drive the implementation of security controls to meet the target architecture. - Accountable for vulnerability scanning, including the prioritisation of unpatched vulnerabilities and reporting against agreed KPIs and KRIs. - Support the annual penetration testing schedule by arranging penetration testing, including tracking, and communicating penetration testing results. - Perform supplementary testing of clients detection and response controls by procuring, installing, and running penetration testing tooling. - Participate in process improvement work to automate and improve critical cyber security processes such as monitoring, patching, and hardening. - Develop and maintain process documentation for security architecture, vulnerability management, cyber incident response, and playbooks. - Provide security representation across multiple geographies, business units and teams to achieve objectives, including engagement with the Information Security Enhancement Office. Skills, Knowledge and Experience - Has obtained one or more of the following qualifications: CEH, CRTSA, and OSCP. - Qualifications such as CISSP and CISM would be advantageous. - Problem solving skills, and the ability to come up with new solutions to existing challenges. - Strengths in key 'soft skill' areas such as relationship management, communication, and presentation of technical security information to a variety of audiences. - Technical skills to investigate potential breaches through existing tools, packet capture and log file analysis. - A logical mindset, the ability to identify proportionate, appropriate mitigations to identified security incidents, and to prioritise incidents based on risk. - Capable of working independently/without ongoing supervision on projects and day to day tasks. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
Information Systems Security Analyst Huddersfield OR Newbury 37.5 hours per week- Hybrid role Saint-Gobain - Winners of 'TOP EMPLOYER UK AND GLOBAL' five years running! (2) Saint-Gobain is a global leader in the construction industry with a presence in over 67 countries worldwide. Our businesses designs, manufactures and distributes building materials and solutions globally. Due to demand in workload we are now looking for a Information Security Analyst to join our digital function. You can be based from either our Huddersfield or Newbury office. The purpose of the role is to ensure that new business applications are implemented and integrated securely with existing Saint-Gobain systems. You will carry out security assessments against new and existing applications, highlighting areas of non-compliance and working with the relevant teams to ensure that they are addressed applying industry best practice to application implementation. You will also establish a comprehensive understanding of the group security rules and associated service offerings. Build working relationships with Group Security and business security teams and remain up to date with changes to company policy. No one day is the same, this is a varied role doing duties such as complete annual application reviews to ensure continued compliance, liaise with third party software providers to complete SG Security Documentation and challenge responses to verify validity of submissions, schedule periodic Penetration tests and code reviews where relevant, highlight and challenge internally where industry best practices are not implemented and so much more. What you need to be successful In order to be successful in this role you will have proven experience of security applications, you will work very closely with the Data team so experience of working on data security projects (big data, data lakes etc) will be great. You will also have experience of working with e-Commerce platforms, documentation and/or process writing, an understanding of application architecture and experience of systems integration and transfer of data between systems. You will have the ability to adopt new technical skills, maintain own knowledge on new technologies, in addition to a good level of awareness across a broad range of IT systems and solutions. If you have any certifications/qualifications in security i.e. Cyber security, CISM OR CISSP that would be an advantage but not a must! What you will get in return Competitive Salary Exposure to working on different technologies A defined contribution pension scheme 25 days' holiday + bank holidays Flexible Holiday buy-sell scheme (allowing up to 3 days' holiday to be bought or sold). As an employee you are automatically covered by the Saint-Gobain Life Assurance Scheme. Staff discounts on high street and leisure activities and various other benefits. About Us Diversity : We are an inclusive employer and keen to hire talented people regardless of their background, abilities, ethnicity, religion, sexual orientation, gender, national origin, what football team you support, taste in music, fashion sense or anything else that makes you, you! We believe that working in a diverse business can be more enjoyable, teams can be more innovative, and make better decisions. We already employ many fantastic people from diverse backgrounds, but we still want to do more. So, we are on a mission to make Saint-Gobain inclusive and accessible to all, with role models for you to look up to and learn from, no matter who you are! At Saint-Gobain, our purpose is to 'Make the world a better home'. We are both manufacturers and distributors. Together with and for our customers, we design materials and solutions that have a positive impact on everyone's life and provide well-being, quality of life and performance, while caring for the planet. Our materials can be found everywhere in our living places and daily life: in buildings, transportation, infrastructure and in many industrial applications.
Sep 15, 2021
Full time
Information Systems Security Analyst Huddersfield OR Newbury 37.5 hours per week- Hybrid role Saint-Gobain - Winners of 'TOP EMPLOYER UK AND GLOBAL' five years running! (2) Saint-Gobain is a global leader in the construction industry with a presence in over 67 countries worldwide. Our businesses designs, manufactures and distributes building materials and solutions globally. Due to demand in workload we are now looking for a Information Security Analyst to join our digital function. You can be based from either our Huddersfield or Newbury office. The purpose of the role is to ensure that new business applications are implemented and integrated securely with existing Saint-Gobain systems. You will carry out security assessments against new and existing applications, highlighting areas of non-compliance and working with the relevant teams to ensure that they are addressed applying industry best practice to application implementation. You will also establish a comprehensive understanding of the group security rules and associated service offerings. Build working relationships with Group Security and business security teams and remain up to date with changes to company policy. No one day is the same, this is a varied role doing duties such as complete annual application reviews to ensure continued compliance, liaise with third party software providers to complete SG Security Documentation and challenge responses to verify validity of submissions, schedule periodic Penetration tests and code reviews where relevant, highlight and challenge internally where industry best practices are not implemented and so much more. What you need to be successful In order to be successful in this role you will have proven experience of security applications, you will work very closely with the Data team so experience of working on data security projects (big data, data lakes etc) will be great. You will also have experience of working with e-Commerce platforms, documentation and/or process writing, an understanding of application architecture and experience of systems integration and transfer of data between systems. You will have the ability to adopt new technical skills, maintain own knowledge on new technologies, in addition to a good level of awareness across a broad range of IT systems and solutions. If you have any certifications/qualifications in security i.e. Cyber security, CISM OR CISSP that would be an advantage but not a must! What you will get in return Competitive Salary Exposure to working on different technologies A defined contribution pension scheme 25 days' holiday + bank holidays Flexible Holiday buy-sell scheme (allowing up to 3 days' holiday to be bought or sold). As an employee you are automatically covered by the Saint-Gobain Life Assurance Scheme. Staff discounts on high street and leisure activities and various other benefits. About Us Diversity : We are an inclusive employer and keen to hire talented people regardless of their background, abilities, ethnicity, religion, sexual orientation, gender, national origin, what football team you support, taste in music, fashion sense or anything else that makes you, you! We believe that working in a diverse business can be more enjoyable, teams can be more innovative, and make better decisions. We already employ many fantastic people from diverse backgrounds, but we still want to do more. So, we are on a mission to make Saint-Gobain inclusive and accessible to all, with role models for you to look up to and learn from, no matter who you are! At Saint-Gobain, our purpose is to 'Make the world a better home'. We are both manufacturers and distributors. Together with and for our customers, we design materials and solutions that have a positive impact on everyone's life and provide well-being, quality of life and performance, while caring for the planet. Our materials can be found everywhere in our living places and daily life: in buildings, transportation, infrastructure and in many industrial applications.
Ordnance Survey has an opportunity available for a Security Analyst to join the team based in Southampton. You will join us on a full time, permanent basis and in return, you will receive a competitive salary of circa £40,000 per annum plus excellent benefits – this is a fantastic opportunity to develop a rewarding career.
About us:
Ordnance Survey (OS) is the national mapping agency for Great Britain, and a world-leading geospatial data and technology organisation. As a reliable partner to government, business and citizens across Britain and the world, OS helps its customers in virtually all sectors improve quality of life. OS expertise and data supports efficient public services and infrastructure, new technologies in transport and communications, national security and emergency services and exploring the great outdoors. By being at the forefront of geospatial capability for more than 225 years, we’ve built a reputation as the world’s most inspiring and trusted geospatial partner.
We offer fantastic benefits to our Security Analyst:
- Salary – circa £80,000
- Competitive pension
- 37 hour working week with flexible working hours
- 25 days annual leave - (30 days after five years) bank holidays and an extra 3 over Christmas
- Training & Development
- Paid volunteer day
- Bike to Work scheme (with secure bike storage and excellent changing facilities)
- Free onsite parking
- Subsidised on-site staff restaurant
- On-site nursery
- Very generous staff benefits including over 500 discounts from national stores
- Wide variety of sports and social clubs
- Support for your health and wellbeing from eye care vouchers to health checks
- Flexible working hours
About the role:
You’ll be part of an organisation with a clear strategy to become a digital business and with an ambitious transformation agenda to enable us to give our customers the services, products and experiences that they have come to expect. You will play a critical role in ensuring we can realise these goals.
Your role will include working with our IT department and members of the Information Security Team to identify, select and implement technical controls, tooling, policies and procedures, as well as working with operational and service management teams to assess the severity of security patches, hot-fixes and service packs.
You will be at the front-line of monitoring and responding to security-related events across the organisation, responding to and investigating alerts. Additionally, you will conduct cyber-security risk assessment activities, analysing the results and producing recommendations to address and mitigate risks. And you will support our Security Architect in the development of strategies, plans, policies and standards to enforce security requirements.
Skills and experience required to be our Security Analyst:
- Excellent knowledge and experience of IT and network security
- Excellent knowledge, understanding and experience of information risk concepts and principles
- Very good knowledge and experience of cloud platforms, such as Azure, AWS and Oracle, as well as Windows and Linux platforms
- Good knowledge of vulnerability Management tools, Security Incident Event Management processes and Security Operations Centre
- Knowledge of the Data Protection Act and General Data Protection Regulation (GDPR)
- Good familiarity with industry compliance and security standards such as Cyber Essentials, ISO 27001, cloud security, 10 Steps to Cyber Security
- Relevant qualifications, either Systems Security Certified Practitioner (SSCP), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or BCS Information Security Management Principles
- A minimum of two years in a security role or five years’ experience working in a 2nd or 3rd level technical role.
Why not click ‘apply’ today? Don’t miss out on this opportunity to join our team as our Security Analyst.
Closing date: 8th November 2018
Oct 29, 2018
Ordnance Survey has an opportunity available for a Security Analyst to join the team based in Southampton. You will join us on a full time, permanent basis and in return, you will receive a competitive salary of circa £40,000 per annum plus excellent benefits – this is a fantastic opportunity to develop a rewarding career.
About us:
Ordnance Survey (OS) is the national mapping agency for Great Britain, and a world-leading geospatial data and technology organisation. As a reliable partner to government, business and citizens across Britain and the world, OS helps its customers in virtually all sectors improve quality of life. OS expertise and data supports efficient public services and infrastructure, new technologies in transport and communications, national security and emergency services and exploring the great outdoors. By being at the forefront of geospatial capability for more than 225 years, we’ve built a reputation as the world’s most inspiring and trusted geospatial partner.
We offer fantastic benefits to our Security Analyst:
- Salary – circa £80,000
- Competitive pension
- 37 hour working week with flexible working hours
- 25 days annual leave - (30 days after five years) bank holidays and an extra 3 over Christmas
- Training & Development
- Paid volunteer day
- Bike to Work scheme (with secure bike storage and excellent changing facilities)
- Free onsite parking
- Subsidised on-site staff restaurant
- On-site nursery
- Very generous staff benefits including over 500 discounts from national stores
- Wide variety of sports and social clubs
- Support for your health and wellbeing from eye care vouchers to health checks
- Flexible working hours
About the role:
You’ll be part of an organisation with a clear strategy to become a digital business and with an ambitious transformation agenda to enable us to give our customers the services, products and experiences that they have come to expect. You will play a critical role in ensuring we can realise these goals.
Your role will include working with our IT department and members of the Information Security Team to identify, select and implement technical controls, tooling, policies and procedures, as well as working with operational and service management teams to assess the severity of security patches, hot-fixes and service packs.
You will be at the front-line of monitoring and responding to security-related events across the organisation, responding to and investigating alerts. Additionally, you will conduct cyber-security risk assessment activities, analysing the results and producing recommendations to address and mitigate risks. And you will support our Security Architect in the development of strategies, plans, policies and standards to enforce security requirements.
Skills and experience required to be our Security Analyst:
- Excellent knowledge and experience of IT and network security
- Excellent knowledge, understanding and experience of information risk concepts and principles
- Very good knowledge and experience of cloud platforms, such as Azure, AWS and Oracle, as well as Windows and Linux platforms
- Good knowledge of vulnerability Management tools, Security Incident Event Management processes and Security Operations Centre
- Knowledge of the Data Protection Act and General Data Protection Regulation (GDPR)
- Good familiarity with industry compliance and security standards such as Cyber Essentials, ISO 27001, cloud security, 10 Steps to Cyber Security
- Relevant qualifications, either Systems Security Certified Practitioner (SSCP), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or BCS Information Security Management Principles
- A minimum of two years in a security role or five years’ experience working in a 2nd or 3rd level technical role.
Why not click ‘apply’ today? Don’t miss out on this opportunity to join our team as our Security Analyst.
Closing date: 8th November 2018
Ordnance Survey has an opportunity available for a Security Analyst to join the team based in Southampton. You will join us on a full time, permanent basis and in return, you will receive a competitive salary of circa £40,000 per annum plus excellent benefits – this is a fantastic opportunity to develop a rewarding career.
About us:
Ordnance Survey (OS) is the national mapping agency for Great Britain, and a world-leading geospatial data and technology organisation. As a reliable partner to government, business and citizens across Britain and the world, OS helps its customers in virtually all sectors improve quality of life. OS expertise and data supports efficient public services and infrastructure, new technologies in transport and communications, national security and emergency services and exploring the great outdoors. By being at the forefront of geospatial capability for more than 225 years, we’ve built a reputation as the world’s most inspiring and trusted geospatial partner.
We offer fantastic benefits to our Security Analyst:
- Salary – circa £80,000
- Competitive pension
- 37 hour working week with flexible working hours
- 25 days annual leave - (30 days after five years) bank holidays and an extra 3 over Christmas
- Training & Development
- Paid volunteer day
- Bike to Work scheme (with secure bike storage and excellent changing facilities)
- Free onsite parking
- Subsidised on-site staff restaurant
- On-site nursery
- Very generous staff benefits including over 500 discounts from national stores
- Wide variety of sports and social clubs
- Support for your health and wellbeing from eye care vouchers to health checks
- Flexible working hours
About the role:
You’ll be part of an organisation with a clear strategy to become a digital business and with an ambitious transformation agenda to enable us to give our customers the services, products and experiences that they have come to expect. You will play a critical role in ensuring we can realise these goals.
Your role will include working with our IT department and members of the Information Security Team to identify, select and implement technical controls, tooling, policies and procedures, as well as working with operational and service management teams to assess the severity of security patches, hot-fixes and service packs.
You will be at the front-line of monitoring and responding to security-related events across the organisation, responding to and investigating alerts. Additionally, you will conduct cyber-security risk assessment activities, analysing the results and producing recommendations to address and mitigate risks. And you will support our Security Architect in the development of strategies, plans, policies and standards to enforce security requirements.
Skills and experience required to be our Security Analyst:
- Excellent knowledge and experience of IT and network security
- Excellent knowledge, understanding and experience of information risk concepts and principles
- Very good knowledge and experience of cloud platforms, such as Azure, AWS and Oracle, as well as Windows and Linux platforms
- Good knowledge of vulnerability Management tools, Security Incident Event Management processes and Security Operations Centre
- Knowledge of the Data Protection Act and General Data Protection Regulation (GDPR)
- Good familiarity with industry compliance and security standards such as Cyber Essentials, ISO 27001, cloud security, 10 Steps to Cyber Security
- Relevant qualifications, either Systems Security Certified Practitioner (SSCP), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or BCS Information Security Management Principles
- A minimum of two years in a security role or five years’ experience working in a 2nd or 3rd level technical role.
Why not click ‘apply’ today? Don’t miss out on this opportunity to join our team as our Security Analyst.
Closing date: 8th November 2018
Oct 29, 2018
Ordnance Survey has an opportunity available for a Security Analyst to join the team based in Southampton. You will join us on a full time, permanent basis and in return, you will receive a competitive salary of circa £40,000 per annum plus excellent benefits – this is a fantastic opportunity to develop a rewarding career.
About us:
Ordnance Survey (OS) is the national mapping agency for Great Britain, and a world-leading geospatial data and technology organisation. As a reliable partner to government, business and citizens across Britain and the world, OS helps its customers in virtually all sectors improve quality of life. OS expertise and data supports efficient public services and infrastructure, new technologies in transport and communications, national security and emergency services and exploring the great outdoors. By being at the forefront of geospatial capability for more than 225 years, we’ve built a reputation as the world’s most inspiring and trusted geospatial partner.
We offer fantastic benefits to our Security Analyst:
- Salary – circa £80,000
- Competitive pension
- 37 hour working week with flexible working hours
- 25 days annual leave - (30 days after five years) bank holidays and an extra 3 over Christmas
- Training & Development
- Paid volunteer day
- Bike to Work scheme (with secure bike storage and excellent changing facilities)
- Free onsite parking
- Subsidised on-site staff restaurant
- On-site nursery
- Very generous staff benefits including over 500 discounts from national stores
- Wide variety of sports and social clubs
- Support for your health and wellbeing from eye care vouchers to health checks
- Flexible working hours
About the role:
You’ll be part of an organisation with a clear strategy to become a digital business and with an ambitious transformation agenda to enable us to give our customers the services, products and experiences that they have come to expect. You will play a critical role in ensuring we can realise these goals.
Your role will include working with our IT department and members of the Information Security Team to identify, select and implement technical controls, tooling, policies and procedures, as well as working with operational and service management teams to assess the severity of security patches, hot-fixes and service packs.
You will be at the front-line of monitoring and responding to security-related events across the organisation, responding to and investigating alerts. Additionally, you will conduct cyber-security risk assessment activities, analysing the results and producing recommendations to address and mitigate risks. And you will support our Security Architect in the development of strategies, plans, policies and standards to enforce security requirements.
Skills and experience required to be our Security Analyst:
- Excellent knowledge and experience of IT and network security
- Excellent knowledge, understanding and experience of information risk concepts and principles
- Very good knowledge and experience of cloud platforms, such as Azure, AWS and Oracle, as well as Windows and Linux platforms
- Good knowledge of vulnerability Management tools, Security Incident Event Management processes and Security Operations Centre
- Knowledge of the Data Protection Act and General Data Protection Regulation (GDPR)
- Good familiarity with industry compliance and security standards such as Cyber Essentials, ISO 27001, cloud security, 10 Steps to Cyber Security
- Relevant qualifications, either Systems Security Certified Practitioner (SSCP), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or BCS Information Security Management Principles
- A minimum of two years in a security role or five years’ experience working in a 2nd or 3rd level technical role.
Why not click ‘apply’ today? Don’t miss out on this opportunity to join our team as our Security Analyst.
Closing date: 8th November 2018