I am supporting a cyber security business, based on The South Coast, as they undergo expansion in 2024. As part of this expansion, they are looking for 2 Senior IT Project Engineers with a specialised focus on project delivery and ransomware recovery. In this role, you will be the lead project egineer, responding to incidents to protect the security and integrity clients' digital assets by ustilising robust cybersecurity strategies. Reporting to the Security Operations Head of Service, you will be key in their UK-based incident response team, supporting customers accross the UK. With a head office on the South Coast, there is the option of remote working but all applicants must be UK based with the ability to respond quickly. Duties: This is a senior role and the sucessful candidates will lead on project delivery and ransomware recovery, working closely with Digital Forensics, performing various tasks to manage and maintain customers cyber security. It is critical that all candidates understand the reactive nature of this role and are prepared to work overtime to ensure they are available and responding to threats as they occur. Generous overtime pay will be offered. Key responsibilities include: Incident Response and Analysis: • Investigate and respond to security incidents promptly and effectively. • Perform in-depth analysis of security events to understand the scope, impact, and root cause of incidents. Security Monitoring and Incident Detection: • Monitor security information and event management (SIEM) tools and other security monitoring systems. • Identify potential security incidents and anomalies. • Analyse alerts and log data to assess the severity and impact of potential threats. Threat Hunting: • Proactively search for hidden threats and potential security weaknesses. • Utilize various security tools and methodologies to identify and address potential vulnerabilities before exploitation. Vulnerability Management: • Assist in vulnerability assessments and penetration testing activities. • Evaluate and prioritize identified vulnerabilities for remediation. Security Reporting and Documentation: • Create detailed reports on security incidents, response actions taken, and recommendations for improvement. • Maintain accurate records of incidents, investigations, and security-related activities. Security Tools Management: • Configure, update, and maintain security tools, including firewalls, intrusion detection/prevention systems, endpoint protection, and SIEM solutions. Who? Successful candidates will undergo a comprehensive training and certification program across the service portfolio. Prior experience of infrastructure recovery or ransomware rebuilding is essential. Ideally, I am interested in speaking with anyone with the following certifications and experiences: • Experience in an IT Support/MSP support role. • Experience in IT project delivery • Certification in Microsoft Azure / Server OS. • Certification in Fortinet Firewall, FortiSIEM, FortiEDR beneficial. • Understanding of cybersecurity principles, networking concepts, and various operating systems. • Knowledge of common security threats, attack vectors, and mitigation strategies. • Excellent communication skills to convey technical information to both technical and non-technical audiences. • Strong attention to detail and the ability to work under pressure in a fast-paced environment. You will be joining a successful organisation who places employees at the heart of the organisation. Your personal passion for technology and continuous learning will be pivotal in your success in Cyber Security. A comprehensive training plan and real-world experience will be provided. PLEASE NOTE THERE WILL BE THE NEED TO TRAVEL AND WORK ON CLIENTS SITES WITH EXCELLENT OVERTIME OPPORTUNITIES - CANDIDATES MUST BE AVAILABLE TO WORK AWAY AND, ON OCCASSION, OVER THE WEEKENDS IF REQUIRED.
Mar 29, 2024
Full time
I am supporting a cyber security business, based on The South Coast, as they undergo expansion in 2024. As part of this expansion, they are looking for 2 Senior IT Project Engineers with a specialised focus on project delivery and ransomware recovery. In this role, you will be the lead project egineer, responding to incidents to protect the security and integrity clients' digital assets by ustilising robust cybersecurity strategies. Reporting to the Security Operations Head of Service, you will be key in their UK-based incident response team, supporting customers accross the UK. With a head office on the South Coast, there is the option of remote working but all applicants must be UK based with the ability to respond quickly. Duties: This is a senior role and the sucessful candidates will lead on project delivery and ransomware recovery, working closely with Digital Forensics, performing various tasks to manage and maintain customers cyber security. It is critical that all candidates understand the reactive nature of this role and are prepared to work overtime to ensure they are available and responding to threats as they occur. Generous overtime pay will be offered. Key responsibilities include: Incident Response and Analysis: • Investigate and respond to security incidents promptly and effectively. • Perform in-depth analysis of security events to understand the scope, impact, and root cause of incidents. Security Monitoring and Incident Detection: • Monitor security information and event management (SIEM) tools and other security monitoring systems. • Identify potential security incidents and anomalies. • Analyse alerts and log data to assess the severity and impact of potential threats. Threat Hunting: • Proactively search for hidden threats and potential security weaknesses. • Utilize various security tools and methodologies to identify and address potential vulnerabilities before exploitation. Vulnerability Management: • Assist in vulnerability assessments and penetration testing activities. • Evaluate and prioritize identified vulnerabilities for remediation. Security Reporting and Documentation: • Create detailed reports on security incidents, response actions taken, and recommendations for improvement. • Maintain accurate records of incidents, investigations, and security-related activities. Security Tools Management: • Configure, update, and maintain security tools, including firewalls, intrusion detection/prevention systems, endpoint protection, and SIEM solutions. Who? Successful candidates will undergo a comprehensive training and certification program across the service portfolio. Prior experience of infrastructure recovery or ransomware rebuilding is essential. Ideally, I am interested in speaking with anyone with the following certifications and experiences: • Experience in an IT Support/MSP support role. • Experience in IT project delivery • Certification in Microsoft Azure / Server OS. • Certification in Fortinet Firewall, FortiSIEM, FortiEDR beneficial. • Understanding of cybersecurity principles, networking concepts, and various operating systems. • Knowledge of common security threats, attack vectors, and mitigation strategies. • Excellent communication skills to convey technical information to both technical and non-technical audiences. • Strong attention to detail and the ability to work under pressure in a fast-paced environment. You will be joining a successful organisation who places employees at the heart of the organisation. Your personal passion for technology and continuous learning will be pivotal in your success in Cyber Security. A comprehensive training plan and real-world experience will be provided. PLEASE NOTE THERE WILL BE THE NEED TO TRAVEL AND WORK ON CLIENTS SITES WITH EXCELLENT OVERTIME OPPORTUNITIES - CANDIDATES MUST BE AVAILABLE TO WORK AWAY AND, ON OCCASSION, OVER THE WEEKENDS IF REQUIRED.
Cyber Security Engineer - SOC, SIEM, Gateways, Firewalls - Manchester (Hybrid) My client has an urgent requirement for a Cyber Security Engineer to complete a 6-month contract with the following skillset / experience: - Cloud Security (AWS, Azure) - Knowledge of SOC, SIEM, and Threat Management - Email + Web Security Gateways - Firewalls - IPS / IDS - DevOps - Network Security Control - Intrusion Detection - Data Loss Prevention If you believe you would be a good fit for this role, please send over your CV and any other relevant information. For more information about Senitor and the opportunities we have to offer follow Senitor Associates on Linkedin. Senitor Associates Ltd is acting as an Employment Business in relation to this vacancy.
Mar 29, 2024
Full time
Cyber Security Engineer - SOC, SIEM, Gateways, Firewalls - Manchester (Hybrid) My client has an urgent requirement for a Cyber Security Engineer to complete a 6-month contract with the following skillset / experience: - Cloud Security (AWS, Azure) - Knowledge of SOC, SIEM, and Threat Management - Email + Web Security Gateways - Firewalls - IPS / IDS - DevOps - Network Security Control - Intrusion Detection - Data Loss Prevention If you believe you would be a good fit for this role, please send over your CV and any other relevant information. For more information about Senitor and the opportunities we have to offer follow Senitor Associates on Linkedin. Senitor Associates Ltd is acting as an Employment Business in relation to this vacancy.
Harris Global are currently recruiting for a Network & Security Engineer to join our client on a permanent basis in their Epsom office 2 days a week. Key experience: Strong Windows Server, Active Directory, M365, Exchange online skills A very well organized and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines to deliver the desired results. Excellent Networking skills (DNS, DHCP, TCP/IP, Firewalls, switch management) Strong Azure or AWS Cloud computing skills. Working knowledge of voice platforms (eg, Teams, Twilio) Be able to work alone using own initiative and managing support calls to a high standard. Ability to apply ITIL processes to the provision of IT support. The ability to investigate and trouble-shoot a wide range of technical problems, including computer equipment, software, network and server faults. A methodical problem-solver with a desire and aptitude for learning new skills. Proven technical skill set that enables the job holder to investigate the wide range of potential problems that may occur in the supported environment, working independently wherever possible. Contribute to IT department's criteria of SLAs and other support targets. Capacity Building (advancement in knowledge, technology & training) Skills & Qualifications: Microsoft operating system qualification(s) MCP, with a good working knowledge of server & desktop operating systems, CompTIA A-plus/Network-plus or equivalent qualifications covering computer servicing/maintenance and troubleshooting. IT Certification eg, ITIL, MCP, MCSA, VCP, etc. Credible knowledge/experience in Microsoft Windows Servers, Office 365, Exchange Online administration. Knowledge of networking TCP/IP, DHCP, DNS, VPN, Cisco Firewalls, Switches and Wireless Access Points. Experience of supporting Active Directory, Group policies. Working knowledge of cyber security systems including SIEM including web filtering, email filtering and anti-virus/security products. For more information, please apply now!
Mar 28, 2024
Full time
Harris Global are currently recruiting for a Network & Security Engineer to join our client on a permanent basis in their Epsom office 2 days a week. Key experience: Strong Windows Server, Active Directory, M365, Exchange online skills A very well organized and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines to deliver the desired results. Excellent Networking skills (DNS, DHCP, TCP/IP, Firewalls, switch management) Strong Azure or AWS Cloud computing skills. Working knowledge of voice platforms (eg, Teams, Twilio) Be able to work alone using own initiative and managing support calls to a high standard. Ability to apply ITIL processes to the provision of IT support. The ability to investigate and trouble-shoot a wide range of technical problems, including computer equipment, software, network and server faults. A methodical problem-solver with a desire and aptitude for learning new skills. Proven technical skill set that enables the job holder to investigate the wide range of potential problems that may occur in the supported environment, working independently wherever possible. Contribute to IT department's criteria of SLAs and other support targets. Capacity Building (advancement in knowledge, technology & training) Skills & Qualifications: Microsoft operating system qualification(s) MCP, with a good working knowledge of server & desktop operating systems, CompTIA A-plus/Network-plus or equivalent qualifications covering computer servicing/maintenance and troubleshooting. IT Certification eg, ITIL, MCP, MCSA, VCP, etc. Credible knowledge/experience in Microsoft Windows Servers, Office 365, Exchange Online administration. Knowledge of networking TCP/IP, DHCP, DNS, VPN, Cisco Firewalls, Switches and Wireless Access Points. Experience of supporting Active Directory, Group policies. Working knowledge of cyber security systems including SIEM including web filtering, email filtering and anti-virus/security products. For more information, please apply now!
We re Atom The bank that's leading the fintech charge! Tech is at the heart of everything we do here at Atom. We ve rebuilt the bank, from our app to our banking platform, to make sure it s native and cloud-based. Thanks to this approach, we can develop new products and ship updates to customers rapidly. We have very little legacy, but that doesn t stop us looking for ways to improve. Speed and efficiency are always a priority, but we never compromise on security, usability, or reliability getting there. Could you be the next innovator to join us? What will your typical day look like? Different that s for sure Technology is at the heart of the business, and we have a world-leading Technology stack that enables us to offer the most efficient, user-friendly app-based bank. The Technology team has end to end responsibility for all aspects of our Technology, from architecting the future, engineering solutions, and design, implementation of security requirements across internal projects and security operations. As a Security Engineer at Atom bank, you ll play a key part in the next phase of our technology adaptation using Google Tech, you ll design, develop & deliver the security model of Atom bank s cloud environment ensuring that infrastructure, applications, and processes remain inline with various security standards, legal, regulatory, and industry best practice frameworks. The type of person we are looking for is proactive and passionate about making change and will embrace the challenge, whilst using your technical knowledge to guide and advise others in delivering business objectives. This includes collaborating with Engineering and Delivery teams to deliver secure solutions. You will: Identify security requirements and gaps in infrastructure, applications, and processes, and determine and implement appropriate controls Lead and develop processes for security operational tasks and tooling. E.g. SIEM, EDR, Vulnerability Management Scope, conduct and assess complex penetration testing Identifying security threats and converting this to a material impact. Manage and assess Security risk in accordance with regulatory requirements and industry best practice. Acquire and maintain knowledge of threat intelligence, industry trends, and relevant product offerings What do we need from you? Strong Security Engineering experience Security technology design Knowledge of cloud computing security Knowledge of Security Architecture & Security Design Tech would be advantageous Strong understanding of data and voice networks Good project management and consulting skills Excellent interpersonal skills with ability to build, develop and maintain relationships across all levels Strong attention to detail Confident, assertive, and pragmatic approach What you ll get from us? Flexible Hybrid & Remote working 4-day work week Annual Share Option performance-related Incredibly generous company pension scheme (maximum of 13% of Atom input candidate can put in more) All About Me fund: £200 per year to spend on personal development 22.5 days annual leave plus public holidays Private Medical Insurance for you and your full family Health Cash Plan expenses paid on Optical/Dental/other appointments/treatments Life Insurance 4 times annual salary Critical illness cover 1 x lump sum annual salary Electrical Vehicle Scheme
Mar 28, 2024
Full time
We re Atom The bank that's leading the fintech charge! Tech is at the heart of everything we do here at Atom. We ve rebuilt the bank, from our app to our banking platform, to make sure it s native and cloud-based. Thanks to this approach, we can develop new products and ship updates to customers rapidly. We have very little legacy, but that doesn t stop us looking for ways to improve. Speed and efficiency are always a priority, but we never compromise on security, usability, or reliability getting there. Could you be the next innovator to join us? What will your typical day look like? Different that s for sure Technology is at the heart of the business, and we have a world-leading Technology stack that enables us to offer the most efficient, user-friendly app-based bank. The Technology team has end to end responsibility for all aspects of our Technology, from architecting the future, engineering solutions, and design, implementation of security requirements across internal projects and security operations. As a Security Engineer at Atom bank, you ll play a key part in the next phase of our technology adaptation using Google Tech, you ll design, develop & deliver the security model of Atom bank s cloud environment ensuring that infrastructure, applications, and processes remain inline with various security standards, legal, regulatory, and industry best practice frameworks. The type of person we are looking for is proactive and passionate about making change and will embrace the challenge, whilst using your technical knowledge to guide and advise others in delivering business objectives. This includes collaborating with Engineering and Delivery teams to deliver secure solutions. You will: Identify security requirements and gaps in infrastructure, applications, and processes, and determine and implement appropriate controls Lead and develop processes for security operational tasks and tooling. E.g. SIEM, EDR, Vulnerability Management Scope, conduct and assess complex penetration testing Identifying security threats and converting this to a material impact. Manage and assess Security risk in accordance with regulatory requirements and industry best practice. Acquire and maintain knowledge of threat intelligence, industry trends, and relevant product offerings What do we need from you? Strong Security Engineering experience Security technology design Knowledge of cloud computing security Knowledge of Security Architecture & Security Design Tech would be advantageous Strong understanding of data and voice networks Good project management and consulting skills Excellent interpersonal skills with ability to build, develop and maintain relationships across all levels Strong attention to detail Confident, assertive, and pragmatic approach What you ll get from us? Flexible Hybrid & Remote working 4-day work week Annual Share Option performance-related Incredibly generous company pension scheme (maximum of 13% of Atom input candidate can put in more) All About Me fund: £200 per year to spend on personal development 22.5 days annual leave plus public holidays Private Medical Insurance for you and your full family Health Cash Plan expenses paid on Optical/Dental/other appointments/treatments Life Insurance 4 times annual salary Critical illness cover 1 x lump sum annual salary Electrical Vehicle Scheme
A Government Department are seeking a Senior Network and Security Engineer to work in a small team and take responsibility for their network infrastructure design, vendor relationships and network security. The role will be hybrid, 2 days on site in London The Senior Network and Security Engineer leads the design, implementation, maintenance and support of the networking technology fabric that underpins the IT infrastructure (including on-premises, and cloud environments), its unified communications and cyber security. Requirements: Lead the networks workstream on projects and programmes to ensure that the network topology complies with the agreed standards and provide sufficient capacity, availability, and quality of service. Collaborate with infrastructure engineers to ensure systems are practically designed. Plan, direct and coordinate activities, engaging with other stakeholders to manage and implement a programme. Provide guidance and make recommendations to colleagues ensuring that service design and transition plans can be supported by network topologies and network provisions. Research new technologies and make recommendations when changes are needed to IT strategy and architecture. Develop a clear view of the cyber risk exposure, to provide meaningful risk advice and mitigations. Manage remote access and VPN solutions and switching technologies - including Cisco Nexus & Catalyst 9500, 9300 and 3850 series switches Ensure the networking infrastructure meets internal Key Performance Indicators (availability and performance). Ensuring adherence to industry best practice for instance ITIL, and relevant guidance from pan-government sources like NCSC and commercial sources like Cisco, CheckPoint, Palo Alto etc. Experience Required: IT infrastructure. Experience of designing and implementing infrastructure technologies, solutions and services such as: networking, physical infrastructure, software, COTS and open source packages and solutions, and cloud computing, including IaaS, PaaS and SaaS. Core network skills to include, routing (IS-IS, BGP, MPLS, VRF's etc), switching (VLANS, Stacking, etc.) or comparable experience. System integration. Knowledge of moderate to complex service integration, particularly experience of integration with Azure & AWS related networking and typical DMZ architectures and Express Route, with experience of capacity and availability monitoring and analysis using tools such as Solar Winds. Systems design. Experience of designing secure systems characterised by medium levels of risk, impact, and business or technical complexity. Ability to select appropriate design standards, methods and tools and ensure they are applied effectively. Ability to review the systems designs of others to ensure selection of appropriate technology and efficient use of resources. Substantial experience in designing, deploying, and managing of Cisco Wireless / LAN networks, Cisco DNA Centre/SD-Access networks, Cisco ISE. Technical understanding. Deep understanding of the technical concepts required in the role including LAN, WAN, WiFi, data-centre networks, unified comms, network management solutions, network-specific security, remote access technologies and approaches, SIEM and IPS/IDS technologies
Mar 28, 2024
Full time
A Government Department are seeking a Senior Network and Security Engineer to work in a small team and take responsibility for their network infrastructure design, vendor relationships and network security. The role will be hybrid, 2 days on site in London The Senior Network and Security Engineer leads the design, implementation, maintenance and support of the networking technology fabric that underpins the IT infrastructure (including on-premises, and cloud environments), its unified communications and cyber security. Requirements: Lead the networks workstream on projects and programmes to ensure that the network topology complies with the agreed standards and provide sufficient capacity, availability, and quality of service. Collaborate with infrastructure engineers to ensure systems are practically designed. Plan, direct and coordinate activities, engaging with other stakeholders to manage and implement a programme. Provide guidance and make recommendations to colleagues ensuring that service design and transition plans can be supported by network topologies and network provisions. Research new technologies and make recommendations when changes are needed to IT strategy and architecture. Develop a clear view of the cyber risk exposure, to provide meaningful risk advice and mitigations. Manage remote access and VPN solutions and switching technologies - including Cisco Nexus & Catalyst 9500, 9300 and 3850 series switches Ensure the networking infrastructure meets internal Key Performance Indicators (availability and performance). Ensuring adherence to industry best practice for instance ITIL, and relevant guidance from pan-government sources like NCSC and commercial sources like Cisco, CheckPoint, Palo Alto etc. Experience Required: IT infrastructure. Experience of designing and implementing infrastructure technologies, solutions and services such as: networking, physical infrastructure, software, COTS and open source packages and solutions, and cloud computing, including IaaS, PaaS and SaaS. Core network skills to include, routing (IS-IS, BGP, MPLS, VRF's etc), switching (VLANS, Stacking, etc.) or comparable experience. System integration. Knowledge of moderate to complex service integration, particularly experience of integration with Azure & AWS related networking and typical DMZ architectures and Express Route, with experience of capacity and availability monitoring and analysis using tools such as Solar Winds. Systems design. Experience of designing secure systems characterised by medium levels of risk, impact, and business or technical complexity. Ability to select appropriate design standards, methods and tools and ensure they are applied effectively. Ability to review the systems designs of others to ensure selection of appropriate technology and efficient use of resources. Substantial experience in designing, deploying, and managing of Cisco Wireless / LAN networks, Cisco DNA Centre/SD-Access networks, Cisco ISE. Technical understanding. Deep understanding of the technical concepts required in the role including LAN, WAN, WiFi, data-centre networks, unified comms, network management solutions, network-specific security, remote access technologies and approaches, SIEM and IPS/IDS technologies
Description Starling is the UK's first and leading digital bank on a mission to fix banking! Our vision is fast technology, fair service, and honest values. All at the tap of a phone, all the time. We are about giving customers a new way to spend, save and manage their money while taking better care of the planet which has seen us become a multi-award winning bank that now employs over 2800 across five offices in London, Cardiff, Dublin, Southampton, and Manchester. Our journey started in 2014, and since then we have surpassed 3.5 million accounts (and four account types!) with 350,000 business customers. We are a fully licensed UK bank but at the heart, we are a tech first company, enabling our platform to deliver brilliant products. Our technologists are at the very heart of Starling and enjoy working in a fast-paced environment that is all about building things, creating new stuff, and disruptive technology that keeps us on the cutting edge of fintech. We operate a flat structure to empower you to make decisions regardless of what your primary responsibilities may be, innovation and collaboration will be at the core of everything you do. Help is never far away in our open culture, you will find support in your team and from across the business, we are in this together! The way to thrive and shine within Starling is to be a self-driven individual and be able to take full ownership of everything around you: From building things, designing, discovering, to sharing knowledge with your colleagues and making sure all processes are efficient and productive to deliver the best possible results for our customers. Our purpose is underpinned by five Starling values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness. Hybrid Working We have a Hybrid approach to working here at Starling - our preference is that you're located within a commutable distance of one of our offices so that we're able to interact and collaborate in person. We don't like to mandate how much you visit the office and work from home, that's to be agreed upon between you and your manager. Our Engineering Environment Starling engineers are excited about helping us deliver new features, regardless of what their primary tech stack may be. Hear from the team in our latest blogs or our case studies with Women in Tech. We are looking for engineers at all levels to join the team. We value people being engaged and caring about customers, caring about the code they write and the contribution they make to Starling. People with a broad ability to apply themselves to a multitude of problems and challenges, who can work across teams do great things here at Starling, to continue changing banking for good. We have built our entire banking platform in house and mostly in Java. We are looking for people who want to work on building the tooling that is used by our engineers on a daily basis. Responsibilities: Understand, build and develop data integration and warehousing solutions using Google Cloud technologies and data sources Explore ways to monitor and enhance data quality and reliability Identify, design, and implement internal process improvements: automating manual processes, optimising data delivery, etc. Work with cloud-based infrastructure (GCP) for hosting data solutions and applications Work with information security teams to understand and identify effective log management to analytics solutions. Collaborate with architects, data analysts, security operations, and data scientists to help meet the business goals Requirements Proven experience in development and maintenance of a cloud based data warehouse Strong experience with SQL and relational databases Good knowledge of the GCP data engineering stack - Dataflow, Dataproc, BigQuery Knowledge of the Hadoop ecosystem Experience supporting and working with cross-functional teams in a dynamic environment Experience in supporting Information Security Teams with ingestion of log sources into SIEM (Security Information & Event Management) Systems. Good knowledge of Logstash or equivalent data parsing solutions. Experience with adapting log sources to Unified Data Model structures. Interview process Interviewing is a two way process and we want you to have the time and opportunity to get to know us, as much as we are getting to know you! Our interviews are conversational and we want to get the best from you, so come with questions and be curious. In general you can expect the below, following a chat with one of our Talent Team: Stage 1 - 30 mins with Stage 2 - 60 mins technical interview with two team members Stage 3 - 45 min final with an executive and a member of the people team Benefits 25 days holiday (plus take your public holiday allowance whenever works best for you) An extra day's holiday for your birthday Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off 16 hours paid volunteering time a year Salary sacrifice, company enhanced pension scheme Life insurance at 4x your salary Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton Generous family-friendly policies Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing You may be put off applying for a role because you don't tick every box. Forget that! While we can't accommodate every flexible working request, we're always open to discussion. So, if you're excited about working with us, but aren't sure if you're 100% there yet, get in touch anyway. We're on a mission to radically reshape banking - and that starts with our brilliant team. Whatever came before, we're proud to bring together people of all backgrounds and experiences who love working together to solve problems. Starling Bank is an equal opportunity employer, and we're proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Starling Bank are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law. By submitting your application, you agree that Starling Bank may collect your personal data for recruiting and related purposes. Our Privacy Notice explains what personal information we may process, where we may process your personal information, its purposes for processing your personal information, and the rights you can exercise over our use of your personal information.
Mar 28, 2024
Full time
Description Starling is the UK's first and leading digital bank on a mission to fix banking! Our vision is fast technology, fair service, and honest values. All at the tap of a phone, all the time. We are about giving customers a new way to spend, save and manage their money while taking better care of the planet which has seen us become a multi-award winning bank that now employs over 2800 across five offices in London, Cardiff, Dublin, Southampton, and Manchester. Our journey started in 2014, and since then we have surpassed 3.5 million accounts (and four account types!) with 350,000 business customers. We are a fully licensed UK bank but at the heart, we are a tech first company, enabling our platform to deliver brilliant products. Our technologists are at the very heart of Starling and enjoy working in a fast-paced environment that is all about building things, creating new stuff, and disruptive technology that keeps us on the cutting edge of fintech. We operate a flat structure to empower you to make decisions regardless of what your primary responsibilities may be, innovation and collaboration will be at the core of everything you do. Help is never far away in our open culture, you will find support in your team and from across the business, we are in this together! The way to thrive and shine within Starling is to be a self-driven individual and be able to take full ownership of everything around you: From building things, designing, discovering, to sharing knowledge with your colleagues and making sure all processes are efficient and productive to deliver the best possible results for our customers. Our purpose is underpinned by five Starling values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness. Hybrid Working We have a Hybrid approach to working here at Starling - our preference is that you're located within a commutable distance of one of our offices so that we're able to interact and collaborate in person. We don't like to mandate how much you visit the office and work from home, that's to be agreed upon between you and your manager. Our Engineering Environment Starling engineers are excited about helping us deliver new features, regardless of what their primary tech stack may be. Hear from the team in our latest blogs or our case studies with Women in Tech. We are looking for engineers at all levels to join the team. We value people being engaged and caring about customers, caring about the code they write and the contribution they make to Starling. People with a broad ability to apply themselves to a multitude of problems and challenges, who can work across teams do great things here at Starling, to continue changing banking for good. We have built our entire banking platform in house and mostly in Java. We are looking for people who want to work on building the tooling that is used by our engineers on a daily basis. Responsibilities: Understand, build and develop data integration and warehousing solutions using Google Cloud technologies and data sources Explore ways to monitor and enhance data quality and reliability Identify, design, and implement internal process improvements: automating manual processes, optimising data delivery, etc. Work with cloud-based infrastructure (GCP) for hosting data solutions and applications Work with information security teams to understand and identify effective log management to analytics solutions. Collaborate with architects, data analysts, security operations, and data scientists to help meet the business goals Requirements Proven experience in development and maintenance of a cloud based data warehouse Strong experience with SQL and relational databases Good knowledge of the GCP data engineering stack - Dataflow, Dataproc, BigQuery Knowledge of the Hadoop ecosystem Experience supporting and working with cross-functional teams in a dynamic environment Experience in supporting Information Security Teams with ingestion of log sources into SIEM (Security Information & Event Management) Systems. Good knowledge of Logstash or equivalent data parsing solutions. Experience with adapting log sources to Unified Data Model structures. Interview process Interviewing is a two way process and we want you to have the time and opportunity to get to know us, as much as we are getting to know you! Our interviews are conversational and we want to get the best from you, so come with questions and be curious. In general you can expect the below, following a chat with one of our Talent Team: Stage 1 - 30 mins with Stage 2 - 60 mins technical interview with two team members Stage 3 - 45 min final with an executive and a member of the people team Benefits 25 days holiday (plus take your public holiday allowance whenever works best for you) An extra day's holiday for your birthday Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off 16 hours paid volunteering time a year Salary sacrifice, company enhanced pension scheme Life insurance at 4x your salary Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton Generous family-friendly policies Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing You may be put off applying for a role because you don't tick every box. Forget that! While we can't accommodate every flexible working request, we're always open to discussion. So, if you're excited about working with us, but aren't sure if you're 100% there yet, get in touch anyway. We're on a mission to radically reshape banking - and that starts with our brilliant team. Whatever came before, we're proud to bring together people of all backgrounds and experiences who love working together to solve problems. Starling Bank is an equal opportunity employer, and we're proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Starling Bank are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law. By submitting your application, you agree that Starling Bank may collect your personal data for recruiting and related purposes. Our Privacy Notice explains what personal information we may process, where we may process your personal information, its purposes for processing your personal information, and the rights you can exercise over our use of your personal information.
I am currently working on an exciting opportunity based in the Basingstoke area. I will be looking to speak with either current Cyber Security Consultant specialist or aspiring Cyber Security Engineer/architects looking for the opportunity to step into a consultant position. My client offer free inhouse training that align with all the latest technological market trends. Job Title: Cyber Security Consultant Salary: from 75K+ (Depending on skills and experiences) Work Type: Hybrid Location: Basingstoke Start Date: ASAP Job Overview: Engaged with customers throughout the entire solution life cycle. Most of your time will be focused on delivery, where you will have responsibility for designing, building, and implementing solutions either on-site or remotely. The role will require you to have strong technical, troubleshooting and communication skills; you will deliver excellent documentation, such as HLDs, LLDs, Test Plans, Migration Plans, and handover documentation. Responsibilities include but not limited to: Act as the technical delivery lead for projects Be involved in Proof of Concepts Deliver high-quality professional services to our customers, ensuring close attention to detail to minimise any issues or errors Produce excellent technical documentation Provide content and get involved in the creation of videos, blogs, and articles Demonstrable delivery skills in SIEM plus one or more of XDR or SSE. Specific skills include: SIEM Architecture, Deployment & Configuration Chronicle and/or Azure Sentinel. We are also interested to hear from people willing to cross-train from other SIEM vendors. KQL and/or YARA(L) knowledge with the ability to create, translate and propose SIEM use cases aligned to the MITRE ATT&CK Framework. XDR Architecture, Deployment & Configuration CrowdStrike and/or Defender and/or SentinelOne and/or Palo Alto Cortex with familiarity in usage, best-practice configuration, deployment and troubleshooting. SSE Netskope and/or Zscaler and/or Palo Alto Prisma Any additional experience you have across Cloud Security, Security Orchestration (SOAR), and Vulnerability Management would be a bonus. I am working directly with the Hiring Manager and have set up interview slots in the first week of April. If this is of interest and want to find out more, please email me your updated CV with a daytime contact number and I will arrange a call to go over specifics.
Mar 28, 2024
Full time
I am currently working on an exciting opportunity based in the Basingstoke area. I will be looking to speak with either current Cyber Security Consultant specialist or aspiring Cyber Security Engineer/architects looking for the opportunity to step into a consultant position. My client offer free inhouse training that align with all the latest technological market trends. Job Title: Cyber Security Consultant Salary: from 75K+ (Depending on skills and experiences) Work Type: Hybrid Location: Basingstoke Start Date: ASAP Job Overview: Engaged with customers throughout the entire solution life cycle. Most of your time will be focused on delivery, where you will have responsibility for designing, building, and implementing solutions either on-site or remotely. The role will require you to have strong technical, troubleshooting and communication skills; you will deliver excellent documentation, such as HLDs, LLDs, Test Plans, Migration Plans, and handover documentation. Responsibilities include but not limited to: Act as the technical delivery lead for projects Be involved in Proof of Concepts Deliver high-quality professional services to our customers, ensuring close attention to detail to minimise any issues or errors Produce excellent technical documentation Provide content and get involved in the creation of videos, blogs, and articles Demonstrable delivery skills in SIEM plus one or more of XDR or SSE. Specific skills include: SIEM Architecture, Deployment & Configuration Chronicle and/or Azure Sentinel. We are also interested to hear from people willing to cross-train from other SIEM vendors. KQL and/or YARA(L) knowledge with the ability to create, translate and propose SIEM use cases aligned to the MITRE ATT&CK Framework. XDR Architecture, Deployment & Configuration CrowdStrike and/or Defender and/or SentinelOne and/or Palo Alto Cortex with familiarity in usage, best-practice configuration, deployment and troubleshooting. SSE Netskope and/or Zscaler and/or Palo Alto Prisma Any additional experience you have across Cloud Security, Security Orchestration (SOAR), and Vulnerability Management would be a bonus. I am working directly with the Hiring Manager and have set up interview slots in the first week of April. If this is of interest and want to find out more, please email me your updated CV with a daytime contact number and I will arrange a call to go over specifics.
Are you a seasoned Cyber Security professional seeking a leadership opportunity that will elevate your career to new heights? Join a leading global law firm as their Cyber Security Team Lead and take charge of safeguarding their digital infrastructure while nurturing a high-performing team. The role only requires you to be in the office 2 days per week with the rest working from home, giving you a great work/life balance! Responsibilities You will be responsible for the day to day running of the IT Security team, including managing rotas, dealing with escalations, performance reviews and setting tasks. In this exciting position, you will remain hands on technically, managing the security cloud migration process and developing, maintaining and managing the security of the firms' IT services. Skills required: A proven track record in leading/team leading a technical security team A demonstrated history of planning, development and implementation of Azure security-related technologies An excellent understanding of infrastructure and application technologies An excellent understanding of security technologies: SIEM, Firewalls, intrusion detection/prevention systems, anti-virus software, authentication systems, log management, content filtering, etc. An excellent understanding of security approaches: ISMS, risk analysis and assessments, the CIA triad, attack vectors including social engineering, cryptography, confidentiality issues and cyber security incident response best practices, including triage and chain of custody Security certifications are highly advantageous
Mar 28, 2024
Full time
Are you a seasoned Cyber Security professional seeking a leadership opportunity that will elevate your career to new heights? Join a leading global law firm as their Cyber Security Team Lead and take charge of safeguarding their digital infrastructure while nurturing a high-performing team. The role only requires you to be in the office 2 days per week with the rest working from home, giving you a great work/life balance! Responsibilities You will be responsible for the day to day running of the IT Security team, including managing rotas, dealing with escalations, performance reviews and setting tasks. In this exciting position, you will remain hands on technically, managing the security cloud migration process and developing, maintaining and managing the security of the firms' IT services. Skills required: A proven track record in leading/team leading a technical security team A demonstrated history of planning, development and implementation of Azure security-related technologies An excellent understanding of infrastructure and application technologies An excellent understanding of security technologies: SIEM, Firewalls, intrusion detection/prevention systems, anti-virus software, authentication systems, log management, content filtering, etc. An excellent understanding of security approaches: ISMS, risk analysis and assessments, the CIA triad, attack vectors including social engineering, cryptography, confidentiality issues and cyber security incident response best practices, including triage and chain of custody Security certifications are highly advantageous
Nigel Wright Recruitment
Sunderland, Tyne And Wear
The OpportunityAn exciting opportunity exists for an ambitious Cyber Security professional to join an established team in managing escalated incidents as well as implementing improvements to the business's overall security posture.The company operates a hybrid working model, where the person will need to be in the office c. 1-2 days a week.The company doesn't sponsor visas, so applicants will require indefinite leave to remain.The RoleAs part of the team, you will monitor and control all security systems and related infrastructure and raise colleague awareness of cyber security across the business. You will detect and report on security threats and vulnerabilities resolving where necessary, lead all incident response for cyber incidents and help develop and maintain security policies and documentation.Specifically you will: Respond to all system and/or network cyber security breaches, leading incident management where required Monitor and control security systems Support the maintenance and development of polies and procedures Carry out security enhancement and housekeeping tasks Support the delivery of company NIS Directive Improvement Plan through specific project tasks and compliance activities Analyse and interpret alerts and logs from security systems and external SOC, prioritising key vulnerabilities and managing remediation working alongside the Infrastructure team Investigate new vulnerabilities and threats, reporting on threats and vulnerabilities Undertake activity reporting via security consoles and troubleshooting of security problems Participate in the change management process Carry out cyber incident testing and simulated phishing attacks The RequirementsWith at least 2 years' Cyber Security experience, you will be knowledgeable in IT risk, controls, information as well as cyber security. You will have broad skills, working across: Cyber SIEM Tool\Logging Web Proxy Cyber Incident Response Network Security TCP\IP Knowledge EDR Privileged Access Management Windows Essential\Linux Desirable Vulnerability Testing Desirable skills include: CyberArk Sentinel Networking experience around SD WAN and/or Fortinet. Public cloud (AWS/Azure)
Mar 28, 2024
Full time
The OpportunityAn exciting opportunity exists for an ambitious Cyber Security professional to join an established team in managing escalated incidents as well as implementing improvements to the business's overall security posture.The company operates a hybrid working model, where the person will need to be in the office c. 1-2 days a week.The company doesn't sponsor visas, so applicants will require indefinite leave to remain.The RoleAs part of the team, you will monitor and control all security systems and related infrastructure and raise colleague awareness of cyber security across the business. You will detect and report on security threats and vulnerabilities resolving where necessary, lead all incident response for cyber incidents and help develop and maintain security policies and documentation.Specifically you will: Respond to all system and/or network cyber security breaches, leading incident management where required Monitor and control security systems Support the maintenance and development of polies and procedures Carry out security enhancement and housekeeping tasks Support the delivery of company NIS Directive Improvement Plan through specific project tasks and compliance activities Analyse and interpret alerts and logs from security systems and external SOC, prioritising key vulnerabilities and managing remediation working alongside the Infrastructure team Investigate new vulnerabilities and threats, reporting on threats and vulnerabilities Undertake activity reporting via security consoles and troubleshooting of security problems Participate in the change management process Carry out cyber incident testing and simulated phishing attacks The RequirementsWith at least 2 years' Cyber Security experience, you will be knowledgeable in IT risk, controls, information as well as cyber security. You will have broad skills, working across: Cyber SIEM Tool\Logging Web Proxy Cyber Incident Response Network Security TCP\IP Knowledge EDR Privileged Access Management Windows Essential\Linux Desirable Vulnerability Testing Desirable skills include: CyberArk Sentinel Networking experience around SD WAN and/or Fortinet. Public cloud (AWS/Azure)
Senior Security Ops Engineer Day rate: up to 750 Location: Fully remote Length of Contract: 6-12 Months (likely to extend due to size of transformation) Role Purpose: As a Security Operations Engineer, you will be a key figure in the Cyber Security team. Your focus will be on end-to-end management of security technologies across the organisation, as well as being a key person to demonstrate these capabilities, working with internal and external stakeholders, technical teams, project, and product managers to ensure that security objectives are achieved through the effective use of technologies and procedures. Role Responsibilities: You will be responsible for: The implementation, operation, and maintenance of security technologies, configurations, processes, and procedures across private and public cloud environments. Working with senior stakeholders to support a threat led approach to mitigating security risks. Working with third-party suppliers and vendors. Supporting the security design engineering function, day-to-day security operations, and incident response activities. Proposing improvements to existing security technologies, processes, and procedures. Work to achieve DevSecOps initiatives to ensure an integrated approach to security operations. Capture and share knowledge and learning's across the organisation. Key Skills and Experience: Strong understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection and Prevention, vulnerability scanning, etc. Knowledge of Palo Alto firewalls and Prisma Access is desirable. Microsoft Sentinel and a good understanding of KQL and working knowledge of integrating custom connectors with Sentinel using APIs. M365 Threat Protection technologies including Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Defender for Office 365, and Microsoft Defender for Cloud Apps. Azure Security technologies including but not limited to Microsoft Defender for Cloud, Key Vault, Azure DDoS Protection, and other. AWS security technologies including but not limited to Shield, KMS, IAM, and CloudTrail. Microsoft 365 Information Protection technologies including MIP, Information Barriers, and Data Loss Prevention. Microsoft 365 compliance technologies including Advanced eDiscovery, Data Retention, and Insider Risk Management. Strong understanding of Identity and Access Management technologies and protocols, in particular Azure AD, Conditional Access, Identity Governance, SAML, OAUTH 2.0, MFA, and Role Based Access Control (RBAC). Strong understanding of cyber security concepts and systems/solutions such as MDM, IDM, EDR, DLP, SIEM. Strong understanding of operating systems including Windows 10/11, Mac OS, Windows Server, and Linux, along with associated security tooling and methods to further secure each operating system. Good IaaS and PaaS security skills and experience to secure virtual workloads (virtual machines, networks, WAF, DDoS, containers, key vaults, etc) in cloud environments including Microsoft Azure and AWS. DevSecOps experience to facilitate the automation of security operations activities, including the ability to work within an agile security team and be able to use tools such as Git, and integrate operations with CI/CD pipelines. Experience of interacting with APIs as part of security operations automation. Good scripting knowledge and skills, in particular Windows PowerShell, but also other languages such as Python and Bash. Knowledge of Kusto Query Language (KQL) desirable. Experienced and able to work with structured data including but not limited to CSV, JSON, SQL, XML, and YAML. Knowledge and understanding of security frameworks including CIS, ISO 27001, PCI-DSS, and UK Cyber Essentials. Microsoft certifications such as SC-200, SC-300, SC-400, AZ-500, and a willingness to undergo additional Microsoft certifications If the above opportunity looks to be of interest, please apply and I will be in touch asap! E: (url removed) GCS is acting as an Employment Business in relation to this vacancy.
Mar 27, 2024
Contractor
Senior Security Ops Engineer Day rate: up to 750 Location: Fully remote Length of Contract: 6-12 Months (likely to extend due to size of transformation) Role Purpose: As a Security Operations Engineer, you will be a key figure in the Cyber Security team. Your focus will be on end-to-end management of security technologies across the organisation, as well as being a key person to demonstrate these capabilities, working with internal and external stakeholders, technical teams, project, and product managers to ensure that security objectives are achieved through the effective use of technologies and procedures. Role Responsibilities: You will be responsible for: The implementation, operation, and maintenance of security technologies, configurations, processes, and procedures across private and public cloud environments. Working with senior stakeholders to support a threat led approach to mitigating security risks. Working with third-party suppliers and vendors. Supporting the security design engineering function, day-to-day security operations, and incident response activities. Proposing improvements to existing security technologies, processes, and procedures. Work to achieve DevSecOps initiatives to ensure an integrated approach to security operations. Capture and share knowledge and learning's across the organisation. Key Skills and Experience: Strong understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection and Prevention, vulnerability scanning, etc. Knowledge of Palo Alto firewalls and Prisma Access is desirable. Microsoft Sentinel and a good understanding of KQL and working knowledge of integrating custom connectors with Sentinel using APIs. M365 Threat Protection technologies including Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Defender for Office 365, and Microsoft Defender for Cloud Apps. Azure Security technologies including but not limited to Microsoft Defender for Cloud, Key Vault, Azure DDoS Protection, and other. AWS security technologies including but not limited to Shield, KMS, IAM, and CloudTrail. Microsoft 365 Information Protection technologies including MIP, Information Barriers, and Data Loss Prevention. Microsoft 365 compliance technologies including Advanced eDiscovery, Data Retention, and Insider Risk Management. Strong understanding of Identity and Access Management technologies and protocols, in particular Azure AD, Conditional Access, Identity Governance, SAML, OAUTH 2.0, MFA, and Role Based Access Control (RBAC). Strong understanding of cyber security concepts and systems/solutions such as MDM, IDM, EDR, DLP, SIEM. Strong understanding of operating systems including Windows 10/11, Mac OS, Windows Server, and Linux, along with associated security tooling and methods to further secure each operating system. Good IaaS and PaaS security skills and experience to secure virtual workloads (virtual machines, networks, WAF, DDoS, containers, key vaults, etc) in cloud environments including Microsoft Azure and AWS. DevSecOps experience to facilitate the automation of security operations activities, including the ability to work within an agile security team and be able to use tools such as Git, and integrate operations with CI/CD pipelines. Experience of interacting with APIs as part of security operations automation. Good scripting knowledge and skills, in particular Windows PowerShell, but also other languages such as Python and Bash. Knowledge of Kusto Query Language (KQL) desirable. Experienced and able to work with structured data including but not limited to CSV, JSON, SQL, XML, and YAML. Knowledge and understanding of security frameworks including CIS, ISO 27001, PCI-DSS, and UK Cyber Essentials. Microsoft certifications such as SC-200, SC-300, SC-400, AZ-500, and a willingness to undergo additional Microsoft certifications If the above opportunity looks to be of interest, please apply and I will be in touch asap! E: (url removed) GCS is acting as an Employment Business in relation to this vacancy.
Information Security Manager Location - London (Hybrid) An exciting opportunity has arisen to join this banking startup that are currently on a journey building a bank to bring better engagement between Africa and the UK, bringing customers and businesses the cross-border experience they deserve. Backed by one of the top reinsurers in the world, this new bank applicant requires an Information Security Manager to join the growing team and implement the security strategy including identifying any risks to the business, whilst designing, implementing, and maintaining the security strategy for the bank. Accountabilities Develop and implement a comprehensive information security strategy aligned with business objectives. Create and maintain an information security roadmap to address current and future security needs. You will implement and manage technical solutions to counter cyber security risks. Establish, review, and enforce information security policies and procedures. Ensure compliance with relevant laws, regulations, and industry standards. Conduct regular security audits and risk assessments. Provide training to staff on security policies, procedures, and best practices. Develop and maintain an incident response plan for handling security incidents. Collaborate with IT teams to implement and maintain security solutions. Monitor emerging threats and assess their potential impact on the Bank. Regularly update risk assessments based on changes in the threat landscape. Prepare and present regular reports on the status of information security to executive leadership. Research, design and test processes and technical solutions to counter cyber security risks. Manage the implementation of countermeasures to cyber-attacks that exploit identity and privileged escalation attacks occur particularly in Active Directory and Azure-based environments. Develop, implement, and manage comprehensive security assurance measures for generative AI usage across the company. Skills & Experience Experience with Money Transmitter License (MTL) regulatory standards and audits and ITGC Control audits 5+ years' experience in IT Security and/or IT within a financial services organisation Must have fundamental programming/scripting capabilities (e.g. python, powershell, bash, etc.) Experience in DevSecOps Experience in Cloud Security is a must. AWS preferred. Management of at least 10 people Degree/diploma/certifications in a technology-related field and/or relevant working experience such as PenTest+, Security+, OSCP, CCSP, CEH, GCIH, GMON Technical Endpoint security concepts, controls, and best practices for Servers (e.g. Windows and Apple OS) General IT networking concepts, protocols, standards and network security concepts, controls, and best practices Cryptography fundamentals and data security controls and best practices Experience with Mobile App Security Forensic investigation techniques Prior experience deploying, configuring, managing, and/or operating security technologies is preferred, such as endpoint security (e.g. AV/EPP/EDR), SIEM, DLP, SWG, CASB, UEBA, IDS, IPS, firewalls, IAM/PIM/PAM, vulnerability management, MDM, etc. Deep knowledge of GDPR, FOI, PCI-DSS Deep knowledge of cloud security Knowledge of Microsoft Security Centre and Microsoft Sentinel Deep Understanding of ISO27001:22, NIST, Cloud Security Secure software development guidelines Demonstrated experience with cyber engineering and operations, which could include DevSecOps. Experience with microservices Behaviours Excellent written and verbal communication skills. Excellent stakeholder management skills, with the confidence to challenge supportively and effectively where appropriate. Excellent time management and delegation skills with proven ability to manage multiple projects effectively. Strong leadership skills with the ability to inspire and motivate staff from a variety of backgrounds and experience levels and gain the respect of colleagues at all levels of the business. Builder of positive relationships with a collaborative style used to achieve organisational goals. Able to create an open environment and inspire others to contribute. An outstanding opportunity for an Information Security Manager awaits, apply now!
Mar 27, 2024
Full time
Information Security Manager Location - London (Hybrid) An exciting opportunity has arisen to join this banking startup that are currently on a journey building a bank to bring better engagement between Africa and the UK, bringing customers and businesses the cross-border experience they deserve. Backed by one of the top reinsurers in the world, this new bank applicant requires an Information Security Manager to join the growing team and implement the security strategy including identifying any risks to the business, whilst designing, implementing, and maintaining the security strategy for the bank. Accountabilities Develop and implement a comprehensive information security strategy aligned with business objectives. Create and maintain an information security roadmap to address current and future security needs. You will implement and manage technical solutions to counter cyber security risks. Establish, review, and enforce information security policies and procedures. Ensure compliance with relevant laws, regulations, and industry standards. Conduct regular security audits and risk assessments. Provide training to staff on security policies, procedures, and best practices. Develop and maintain an incident response plan for handling security incidents. Collaborate with IT teams to implement and maintain security solutions. Monitor emerging threats and assess their potential impact on the Bank. Regularly update risk assessments based on changes in the threat landscape. Prepare and present regular reports on the status of information security to executive leadership. Research, design and test processes and technical solutions to counter cyber security risks. Manage the implementation of countermeasures to cyber-attacks that exploit identity and privileged escalation attacks occur particularly in Active Directory and Azure-based environments. Develop, implement, and manage comprehensive security assurance measures for generative AI usage across the company. Skills & Experience Experience with Money Transmitter License (MTL) regulatory standards and audits and ITGC Control audits 5+ years' experience in IT Security and/or IT within a financial services organisation Must have fundamental programming/scripting capabilities (e.g. python, powershell, bash, etc.) Experience in DevSecOps Experience in Cloud Security is a must. AWS preferred. Management of at least 10 people Degree/diploma/certifications in a technology-related field and/or relevant working experience such as PenTest+, Security+, OSCP, CCSP, CEH, GCIH, GMON Technical Endpoint security concepts, controls, and best practices for Servers (e.g. Windows and Apple OS) General IT networking concepts, protocols, standards and network security concepts, controls, and best practices Cryptography fundamentals and data security controls and best practices Experience with Mobile App Security Forensic investigation techniques Prior experience deploying, configuring, managing, and/or operating security technologies is preferred, such as endpoint security (e.g. AV/EPP/EDR), SIEM, DLP, SWG, CASB, UEBA, IDS, IPS, firewalls, IAM/PIM/PAM, vulnerability management, MDM, etc. Deep knowledge of GDPR, FOI, PCI-DSS Deep knowledge of cloud security Knowledge of Microsoft Security Centre and Microsoft Sentinel Deep Understanding of ISO27001:22, NIST, Cloud Security Secure software development guidelines Demonstrated experience with cyber engineering and operations, which could include DevSecOps. Experience with microservices Behaviours Excellent written and verbal communication skills. Excellent stakeholder management skills, with the confidence to challenge supportively and effectively where appropriate. Excellent time management and delegation skills with proven ability to manage multiple projects effectively. Strong leadership skills with the ability to inspire and motivate staff from a variety of backgrounds and experience levels and gain the respect of colleagues at all levels of the business. Builder of positive relationships with a collaborative style used to achieve organisational goals. Able to create an open environment and inspire others to contribute. An outstanding opportunity for an Information Security Manager awaits, apply now!
Job Title : Cyber Security Engineer L1/L2 and Team Lead Location : Ashford Salary : £20,000 - £38,000 (DOE)We are working with a leading cyber security service provider a leading provider of innovative security solutions dedicated to safeguarding digital assets and protecting businesses from evolving cyber threats. With a commitment to excellence and a passion for staying ahead of the curve, we are seeking a talented Cyber Security Analyst to join our dynamic team.We are on the lookout for L1/L2 and Team Lead engineers as the company is growing and are on the lookout for 3 new engineers! If you're passionate about cybersecurity and thrive in a fast-paced environment, we want to hear from you! Responsibilities: Monitor and analyse security events and incidents using SIEM tools to identify potential threats and vulnerabilities. Conduct in-depth investigations into security incidents, including malware analysis, network forensics, and log analysis. Develop and maintain security policies, procedures, and standards to ensure compliance with industry regulations and best practices. Collaborate with cross-functional teams to implement security controls and measures to protect against emerging threats. Perform regular security assessments and penetration tests to identify and remediate vulnerabilities in the organization's systems and applications. Stay abreast of the latest cybersecurity trends, threats, and technologies to continuously improve the organization's security posture. Provide guidance and support to internal stakeholders on cybersecurity best practices and incident response procedures. Participate in security awareness training and education programs for employees to promote a culture of security awareness and compliance. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field. Experience in a cybersecurity role, preferably as a Security Analyst or Incident Responder. Strong knowledge of cybersecurity principles, practices, and technologies, including SIEM, IDS/IPS, firewalls, antivirus, and endpoint protection. Hands-on experience with security tools such as Splunk, Wireshark, Nessus, and Metasploit. Experience with threat hunting, malware analysis, and forensic investigation techniques. Understanding of common cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Excellent analytical and problem-solving skills with a keen attention to detail. Strong communication and interpersonal skills, with the ability to effectively communicate technical information to non-technical stakeholders. Relevant certifications such as CISSP, CEH, or GIAC are a plus. If you are looking for your next challenge in a cybersecurity focused environment than look no further. Please apply with an up-to-date CV to be considered, like mentioned above, we are on the lookout for 3 new engineers. In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy. In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy.
Mar 27, 2024
Full time
Job Title : Cyber Security Engineer L1/L2 and Team Lead Location : Ashford Salary : £20,000 - £38,000 (DOE)We are working with a leading cyber security service provider a leading provider of innovative security solutions dedicated to safeguarding digital assets and protecting businesses from evolving cyber threats. With a commitment to excellence and a passion for staying ahead of the curve, we are seeking a talented Cyber Security Analyst to join our dynamic team.We are on the lookout for L1/L2 and Team Lead engineers as the company is growing and are on the lookout for 3 new engineers! If you're passionate about cybersecurity and thrive in a fast-paced environment, we want to hear from you! Responsibilities: Monitor and analyse security events and incidents using SIEM tools to identify potential threats and vulnerabilities. Conduct in-depth investigations into security incidents, including malware analysis, network forensics, and log analysis. Develop and maintain security policies, procedures, and standards to ensure compliance with industry regulations and best practices. Collaborate with cross-functional teams to implement security controls and measures to protect against emerging threats. Perform regular security assessments and penetration tests to identify and remediate vulnerabilities in the organization's systems and applications. Stay abreast of the latest cybersecurity trends, threats, and technologies to continuously improve the organization's security posture. Provide guidance and support to internal stakeholders on cybersecurity best practices and incident response procedures. Participate in security awareness training and education programs for employees to promote a culture of security awareness and compliance. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field. Experience in a cybersecurity role, preferably as a Security Analyst or Incident Responder. Strong knowledge of cybersecurity principles, practices, and technologies, including SIEM, IDS/IPS, firewalls, antivirus, and endpoint protection. Hands-on experience with security tools such as Splunk, Wireshark, Nessus, and Metasploit. Experience with threat hunting, malware analysis, and forensic investigation techniques. Understanding of common cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Excellent analytical and problem-solving skills with a keen attention to detail. Strong communication and interpersonal skills, with the ability to effectively communicate technical information to non-technical stakeholders. Relevant certifications such as CISSP, CEH, or GIAC are a plus. If you are looking for your next challenge in a cybersecurity focused environment than look no further. Please apply with an up-to-date CV to be considered, like mentioned above, we are on the lookout for 3 new engineers. In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy. In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy.
I am working with a client based in the South of England who specialise in cyber security. This is a fantastic opportunity for the right candidates to join an organisation who are pioneers of cyber risk management, working with a range of customers in both private and public sectors. The Role PLEASE NOTE THIS OPPORTUNITY INVOLVES ON-SITE SHIFT WORK SO PLEASE ONLY APPLY IF YOU ARE HAPPY TO WORK BOTH DAY AND NIGHT SHIFTS AND LIVE WITHIN COMMUTING DISTANCE OF POOLE. Due to expansion, my client is looking to increase the capeability of their 24/7 SOC team. A 24/7 Security Operations Centre (SOC) Analyst is responsible for monitoring and defending customers against potential security threats. This critical role will identify, analyse and respond to security incidents to ensure the confidentiality, integrity and availability of sensitive data and systems. You will need to work closely with other cyber security team members to ensure a strong security posture and prevent or mitigate potential cyber attacks. This role will also offer hands on support to the infrastructure engineering field team in responding to incidents so previous infrastructure experience or experience within a 2nd line support environment is essential. Security Monitoring And Incident Detection Based at their modern and recently refurbished offices near Poole Quay, you will work a four day operational rota including both day shifts (7am - 7pm) and nights shifts (7pm - 7am). The 24/7 SOC analysts work closely with other Digital Forensic and Incident response teams and will perform a multitude of tasks managing and maintaining customers. Duties include: Monitor security information and event management (SIEM) tools and other security monitoring systems to identify potential security incidents and anomalies. Analyse alerts and log data to assess the severity and impact of potential threats. Incident Response And Analysis Investigate and respond to security incidents promptly and effectively. Perform in-depth analysis of security events to understand the scope, impact, and root cause of incidents. Threat Hunting Proactively search for hidden threats and potential security weaknesses in the organization's network and systems. Utilize various security tools and methodologies to identify and address potential vulnerabilities before they are exploited. Vulnerability Management Assist in vulnerability assessments and penetration testing activities. Evaluate and prioritize identified vulnerabilities for remediation by collaborating with IT and system administrators. Security Reporting And Documentation Create detailed reports on security incidents, response actions taken, and recommendations for improvement. Maintain accurate records of incidents, investigations, and security-related activities. Security Tools Management Configure, update, and maintain security tools, including firewalls, intrusion detection/prevention systems, endpoint protection, and SIEM solutions. Who? I would be interested in speaking with both candidates with experience in cyber secruity in a similar role or who have other technical IT infrastructure or support experience and are looking to move to a career in cyber security. You will be given a substantial development plan. A passion for technology and learning new skills is a key sucess factor for this role and, although full training and real world expeprience will be provided, you will need to have the ambition to develop. My client prides itself on providing an excellent service to their customers so the sucessful candidates will need to have strong communication skills and a service-based mindset. Successful Candidates Will Be Enrolled On a Full Training & Certification Program Across The Service Portfolio; however, the following certifications and experience will be beneficial to applicants: Certification in Computer Science, Information Security, or related field (or equivalent work experience). Cybersecurity certifications such as CompTIA Security+, Certified Ethical Hacker (CEH) or Microsoft M365/Azure Understanding of cybersecurity principles, networking concepts, and various operating systems. Knowledge of common security threats, attack vectors, and mitigation strategies. Excellent communication skills to convey technical information to both technical and non-technical audiences. Experience in an IT Support/MSP support role Experience within a IT infrastructure role Strong attention to detail and ability to work under pressure in a fast-paced environment. Alongside a competitve salary, you will also have access to excellent training and career progression as well as a god benefits package.
Mar 27, 2024
Full time
I am working with a client based in the South of England who specialise in cyber security. This is a fantastic opportunity for the right candidates to join an organisation who are pioneers of cyber risk management, working with a range of customers in both private and public sectors. The Role PLEASE NOTE THIS OPPORTUNITY INVOLVES ON-SITE SHIFT WORK SO PLEASE ONLY APPLY IF YOU ARE HAPPY TO WORK BOTH DAY AND NIGHT SHIFTS AND LIVE WITHIN COMMUTING DISTANCE OF POOLE. Due to expansion, my client is looking to increase the capeability of their 24/7 SOC team. A 24/7 Security Operations Centre (SOC) Analyst is responsible for monitoring and defending customers against potential security threats. This critical role will identify, analyse and respond to security incidents to ensure the confidentiality, integrity and availability of sensitive data and systems. You will need to work closely with other cyber security team members to ensure a strong security posture and prevent or mitigate potential cyber attacks. This role will also offer hands on support to the infrastructure engineering field team in responding to incidents so previous infrastructure experience or experience within a 2nd line support environment is essential. Security Monitoring And Incident Detection Based at their modern and recently refurbished offices near Poole Quay, you will work a four day operational rota including both day shifts (7am - 7pm) and nights shifts (7pm - 7am). The 24/7 SOC analysts work closely with other Digital Forensic and Incident response teams and will perform a multitude of tasks managing and maintaining customers. Duties include: Monitor security information and event management (SIEM) tools and other security monitoring systems to identify potential security incidents and anomalies. Analyse alerts and log data to assess the severity and impact of potential threats. Incident Response And Analysis Investigate and respond to security incidents promptly and effectively. Perform in-depth analysis of security events to understand the scope, impact, and root cause of incidents. Threat Hunting Proactively search for hidden threats and potential security weaknesses in the organization's network and systems. Utilize various security tools and methodologies to identify and address potential vulnerabilities before they are exploited. Vulnerability Management Assist in vulnerability assessments and penetration testing activities. Evaluate and prioritize identified vulnerabilities for remediation by collaborating with IT and system administrators. Security Reporting And Documentation Create detailed reports on security incidents, response actions taken, and recommendations for improvement. Maintain accurate records of incidents, investigations, and security-related activities. Security Tools Management Configure, update, and maintain security tools, including firewalls, intrusion detection/prevention systems, endpoint protection, and SIEM solutions. Who? I would be interested in speaking with both candidates with experience in cyber secruity in a similar role or who have other technical IT infrastructure or support experience and are looking to move to a career in cyber security. You will be given a substantial development plan. A passion for technology and learning new skills is a key sucess factor for this role and, although full training and real world expeprience will be provided, you will need to have the ambition to develop. My client prides itself on providing an excellent service to their customers so the sucessful candidates will need to have strong communication skills and a service-based mindset. Successful Candidates Will Be Enrolled On a Full Training & Certification Program Across The Service Portfolio; however, the following certifications and experience will be beneficial to applicants: Certification in Computer Science, Information Security, or related field (or equivalent work experience). Cybersecurity certifications such as CompTIA Security+, Certified Ethical Hacker (CEH) or Microsoft M365/Azure Understanding of cybersecurity principles, networking concepts, and various operating systems. Knowledge of common security threats, attack vectors, and mitigation strategies. Excellent communication skills to convey technical information to both technical and non-technical audiences. Experience in an IT Support/MSP support role Experience within a IT infrastructure role Strong attention to detail and ability to work under pressure in a fast-paced environment. Alongside a competitve salary, you will also have access to excellent training and career progression as well as a god benefits package.
Job Title : Cyber Security Engineer L1/L2 and Team Lead Location : Ashford Salary : 20,000 - 38,000 (DOE) We are working with a leading cyber security service provider a leading provider of innovative security solutions dedicated to safeguarding digital assets and protecting businesses from evolving cyber threats. With a commitment to excellence and a passion for staying ahead of the curve, we are seeking a talented Cyber Security Analyst to join our dynamic team. We are on the lookout for L1/L2 and Team Lead engineers as the company is growing and are on the lookout for 3 new engineers! If you're passionate about cybersecurity and thrive in a fast-paced environment, we want to hear from you! Responsibilities: Monitor and analyse security events and incidents using SIEM tools to identify potential threats and vulnerabilities. Conduct in-depth investigations into security incidents, including malware analysis, network forensics, and log analysis. Develop and maintain security policies, procedures, and standards to ensure compliance with industry regulations and best practices. Collaborate with cross-functional teams to implement security controls and measures to protect against emerging threats. Perform regular security assessments and penetration tests to identify and remediate vulnerabilities in the organization's systems and applications. Stay abreast of the latest cybersecurity trends, threats, and technologies to continuously improve the organization's security posture. Provide guidance and support to internal stakeholders on cybersecurity best practices and incident response procedures. Participate in security awareness training and education programs for employees to promote a culture of security awareness and compliance. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field. Experience in a cybersecurity role, preferably as a Security Analyst or Incident Responder. Strong knowledge of cybersecurity principles, practices, and technologies, including SIEM, IDS/IPS, firewalls, antivirus, and endpoint protection. Hands-on experience with security tools such as Splunk, Wireshark, Nessus, and Metasploit. Experience with threat hunting, malware analysis, and forensic investigation techniques. Understanding of common cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Excellent analytical and problem-solving skills with a keen attention to detail. Strong communication and interpersonal skills, with the ability to effectively communicate technical information to non-technical stakeholders. Relevant certifications such as CISSP, CEH, or GIAC are a plus. If you are looking for your next challenge in a cybersecurity focused environment than look no further. Please apply with an up-to-date CV to be considered, like mentioned above, we are on the lookout for 3 new engineers. In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy. In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy.
Mar 27, 2024
Full time
Job Title : Cyber Security Engineer L1/L2 and Team Lead Location : Ashford Salary : 20,000 - 38,000 (DOE) We are working with a leading cyber security service provider a leading provider of innovative security solutions dedicated to safeguarding digital assets and protecting businesses from evolving cyber threats. With a commitment to excellence and a passion for staying ahead of the curve, we are seeking a talented Cyber Security Analyst to join our dynamic team. We are on the lookout for L1/L2 and Team Lead engineers as the company is growing and are on the lookout for 3 new engineers! If you're passionate about cybersecurity and thrive in a fast-paced environment, we want to hear from you! Responsibilities: Monitor and analyse security events and incidents using SIEM tools to identify potential threats and vulnerabilities. Conduct in-depth investigations into security incidents, including malware analysis, network forensics, and log analysis. Develop and maintain security policies, procedures, and standards to ensure compliance with industry regulations and best practices. Collaborate with cross-functional teams to implement security controls and measures to protect against emerging threats. Perform regular security assessments and penetration tests to identify and remediate vulnerabilities in the organization's systems and applications. Stay abreast of the latest cybersecurity trends, threats, and technologies to continuously improve the organization's security posture. Provide guidance and support to internal stakeholders on cybersecurity best practices and incident response procedures. Participate in security awareness training and education programs for employees to promote a culture of security awareness and compliance. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field. Experience in a cybersecurity role, preferably as a Security Analyst or Incident Responder. Strong knowledge of cybersecurity principles, practices, and technologies, including SIEM, IDS/IPS, firewalls, antivirus, and endpoint protection. Hands-on experience with security tools such as Splunk, Wireshark, Nessus, and Metasploit. Experience with threat hunting, malware analysis, and forensic investigation techniques. Understanding of common cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Excellent analytical and problem-solving skills with a keen attention to detail. Strong communication and interpersonal skills, with the ability to effectively communicate technical information to non-technical stakeholders. Relevant certifications such as CISSP, CEH, or GIAC are a plus. If you are looking for your next challenge in a cybersecurity focused environment than look no further. Please apply with an up-to-date CV to be considered, like mentioned above, we are on the lookout for 3 new engineers. In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy. In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy.
Security Operations Engineer A global advisory and solutions firm, who have a strong security function are working on a number of exciting projects as part of their on-going growth and as a result, they re recruiting for an experienced Cybersecurity Operations Engineer to join them. As a Security Operations Engineer, you will work as part of a collaborative and innovative team where you will be hands-on with various Security & Infrastructure products including Azure, WAF, Internet protection, Vulnerability management, SIEM, Firewalls, CASB and EDR. Within this role, you will work with the team to engage and technically support in driving performance in third parties, support and improve enterprise security solutions, configure and secure Cloud, SaaS, Endpoint and on-prem solutions as necessary. The business are renowned for providing career growth & trajectory at pace and are looking for someone who wants to make an impact . Sound like you? Experience and skills required: Experience within a Security Operations/Cybersecurity Engineer Experience with Azure (or another Cloud vendor), WAF and one or more of SIEM, Firewalls, CASB, EDR etc Handson experience in implementing, customizing and supporting third-party systems Exposure within a professional/managed services environment Desirable For full details and immediate consideration, please get in touch.
Mar 27, 2024
Full time
Security Operations Engineer A global advisory and solutions firm, who have a strong security function are working on a number of exciting projects as part of their on-going growth and as a result, they re recruiting for an experienced Cybersecurity Operations Engineer to join them. As a Security Operations Engineer, you will work as part of a collaborative and innovative team where you will be hands-on with various Security & Infrastructure products including Azure, WAF, Internet protection, Vulnerability management, SIEM, Firewalls, CASB and EDR. Within this role, you will work with the team to engage and technically support in driving performance in third parties, support and improve enterprise security solutions, configure and secure Cloud, SaaS, Endpoint and on-prem solutions as necessary. The business are renowned for providing career growth & trajectory at pace and are looking for someone who wants to make an impact . Sound like you? Experience and skills required: Experience within a Security Operations/Cybersecurity Engineer Experience with Azure (or another Cloud vendor), WAF and one or more of SIEM, Firewalls, CASB, EDR etc Handson experience in implementing, customizing and supporting third-party systems Exposure within a professional/managed services environment Desirable For full details and immediate consideration, please get in touch.
We're looking for a Senior Security Engineer to lead our Security Operations function here at the National Trust, playing a crucial role in shaping our security strategy and leading a team of dedicated security analysts. You'll provide strategic guidance, establish best practices, and ensure the efficient operation of our security monitoring and incident response activities. Your expertise in security operations and strong leadership skills will be instrumental in maintaining a robust security posture. A willingness to continually learn and share knowledge is a must, as the world of cyber security is a forever changing landscape. What it's like to work here You will be joining a team of keen, dedicated, security minded, IT professionals who really want to drive forward the cybersecurity needs of the Trust. The IT teams are very keen to assist employees to gain certifications or experience in areas they are interested in as this has a huge benefit to the organisation. As the knowledge of employees improves so does the organisation. Your contractual location will be our head office in Swindon and there will be an expectation for you to attend the office. However, there is flexibility on where you are based at other times. You will be required to work at a National Trust location for 40-60% of your working week. This will be discussed in more detail at interview. What you'll be doing You will be part of the Security Operation Team who are part of the larger IT team. As the Senior Security Engineer, you will lead and manage the Security Operations team, collaborating with the Technical Services Manager to implement security strategies, identify process improvements, and automate tasks to enhance efficiency. Your role involves overseeing daily security operations to ensure prompt resolution of security incidents and supporting various security projects. Staying updated on evolving threats is essential, and you'll foster a security-aware culture across the organization while building strong relationships internally and externally, particularly with in-house Information Security and Data Protection teams, to safeguard National Trust data, systems, and personnel. Who we're looking for You can view the full role profile for this role in the document attached on our website, this is just to provide a full picture of what is possible in this role, we'd love to hear from you if you have: Proven experience in leading and managing a team of security analysts, with excellent interpersonal and communication skills with the ability to inspire and motivate a team. Knowledge of industry-standard security tools and technologies, such as SIEM, IDS/IPS, SOAR, and endpoint protection systems. In-depth knowledge of intrusion analysis, incident response, and vulnerability management. The ability to analyse complex security incidents, provide guidance, and implement effective mitigation strategies. A good understanding of technical security controls across endpoints, networks and infrastructure. Excellent problem-solving and decision-making skills, with the ability to prioritise and manage multiple tasks in a fast-paced environment. The package The National Trust has the motto 'For everyone, for ever' at its heart. We're working hard to create an inclusive culture, where everyone feels they belong. It's important that our people reflect and represent the diversity of the communities and audiences we serve. We welcome and value difference, so when we say we're for everyone, we want everyone to be welcome in our teams too. Substantial pension scheme of up to 10% basic salary Free entry to National Trust places for you, a guest and your children (under 18) Tax-free childcare scheme Rental deposit loan scheme Season ticket loan Perks at work discounts such as gym memberships, shopping discount codes, cinema discounts Holiday allowance up to 32 days relating to length of service, plus holiday purchase scheme, subject to meeting minimum criteria. Flexible working whenever possible Employee assistance programme Free parking at most Trust places Independent financial advice
Mar 27, 2024
Full time
We're looking for a Senior Security Engineer to lead our Security Operations function here at the National Trust, playing a crucial role in shaping our security strategy and leading a team of dedicated security analysts. You'll provide strategic guidance, establish best practices, and ensure the efficient operation of our security monitoring and incident response activities. Your expertise in security operations and strong leadership skills will be instrumental in maintaining a robust security posture. A willingness to continually learn and share knowledge is a must, as the world of cyber security is a forever changing landscape. What it's like to work here You will be joining a team of keen, dedicated, security minded, IT professionals who really want to drive forward the cybersecurity needs of the Trust. The IT teams are very keen to assist employees to gain certifications or experience in areas they are interested in as this has a huge benefit to the organisation. As the knowledge of employees improves so does the organisation. Your contractual location will be our head office in Swindon and there will be an expectation for you to attend the office. However, there is flexibility on where you are based at other times. You will be required to work at a National Trust location for 40-60% of your working week. This will be discussed in more detail at interview. What you'll be doing You will be part of the Security Operation Team who are part of the larger IT team. As the Senior Security Engineer, you will lead and manage the Security Operations team, collaborating with the Technical Services Manager to implement security strategies, identify process improvements, and automate tasks to enhance efficiency. Your role involves overseeing daily security operations to ensure prompt resolution of security incidents and supporting various security projects. Staying updated on evolving threats is essential, and you'll foster a security-aware culture across the organization while building strong relationships internally and externally, particularly with in-house Information Security and Data Protection teams, to safeguard National Trust data, systems, and personnel. Who we're looking for You can view the full role profile for this role in the document attached on our website, this is just to provide a full picture of what is possible in this role, we'd love to hear from you if you have: Proven experience in leading and managing a team of security analysts, with excellent interpersonal and communication skills with the ability to inspire and motivate a team. Knowledge of industry-standard security tools and technologies, such as SIEM, IDS/IPS, SOAR, and endpoint protection systems. In-depth knowledge of intrusion analysis, incident response, and vulnerability management. The ability to analyse complex security incidents, provide guidance, and implement effective mitigation strategies. A good understanding of technical security controls across endpoints, networks and infrastructure. Excellent problem-solving and decision-making skills, with the ability to prioritise and manage multiple tasks in a fast-paced environment. The package The National Trust has the motto 'For everyone, for ever' at its heart. We're working hard to create an inclusive culture, where everyone feels they belong. It's important that our people reflect and represent the diversity of the communities and audiences we serve. We welcome and value difference, so when we say we're for everyone, we want everyone to be welcome in our teams too. Substantial pension scheme of up to 10% basic salary Free entry to National Trust places for you, a guest and your children (under 18) Tax-free childcare scheme Rental deposit loan scheme Season ticket loan Perks at work discounts such as gym memberships, shopping discount codes, cinema discounts Holiday allowance up to 32 days relating to length of service, plus holiday purchase scheme, subject to meeting minimum criteria. Flexible working whenever possible Employee assistance programme Free parking at most Trust places Independent financial advice
Security Operations Engineer A global advisory and solutions firm, who have a strong security function are working on a number of exciting projects as part of their on-going growth and as a result, they're recruiting for an experienced Cybersecurity Operations Engineer to join them. As a Security Operations Engineer, you will work as part of a collaborative and innovative team where you will be hands-on with various Security & Infrastructure products including Azure, WAF, Internet protection, Vulnerability management, SIEM, Firewalls, CASB and EDR. Within this role, you will work with the team to engage and technically support in driving performance in third parties, support and improve enterprise security solutions, configure and secure Cloud, SaaS, Endpoint and on-prem solutions as necessary. The business are renowned for providing career growth & trajectory at pace and are looking for someone who wants to make an impact . Sound like you? Experience and skills required: - Experience within a Security Operations/Cybersecurity Engineer - Experience with Azure (or another Cloud vendor), WAF and one or more of SIEM, Firewalls, CASB, EDR etc - Hands-on experience in implementing, customizing and supporting third-party systems - Exposure within a professional/managed services environment - Desirable For full details and immediate consideration, please get in touch.
Mar 27, 2024
Full time
Security Operations Engineer A global advisory and solutions firm, who have a strong security function are working on a number of exciting projects as part of their on-going growth and as a result, they're recruiting for an experienced Cybersecurity Operations Engineer to join them. As a Security Operations Engineer, you will work as part of a collaborative and innovative team where you will be hands-on with various Security & Infrastructure products including Azure, WAF, Internet protection, Vulnerability management, SIEM, Firewalls, CASB and EDR. Within this role, you will work with the team to engage and technically support in driving performance in third parties, support and improve enterprise security solutions, configure and secure Cloud, SaaS, Endpoint and on-prem solutions as necessary. The business are renowned for providing career growth & trajectory at pace and are looking for someone who wants to make an impact . Sound like you? Experience and skills required: - Experience within a Security Operations/Cybersecurity Engineer - Experience with Azure (or another Cloud vendor), WAF and one or more of SIEM, Firewalls, CASB, EDR etc - Hands-on experience in implementing, customizing and supporting third-party systems - Exposure within a professional/managed services environment - Desirable For full details and immediate consideration, please get in touch.
Position: OT/IT Cybersecurity Engineer (Contract - 6 months, Inside IR35) Location: Somerset, UK (1/2 days onsite weekly) Overview: We're searching for a skilled Cybersecurity Engineer for a 6-month contract role based in Somerset, UK. This position requires expertise in defining, configuring, and implementing security controls and services, along with managing Cybersecurity tools and technologies. Key Responsibilities: - Lead in defining and implementing security controls and services. - Manage Cybersecurity tools like anti-virus products, SIEM, EDR, XDR, and CMDBs. - Develop secure system profiles and ensure compliance. - Support Threat Hunting tasks and compliance activities. Requirements: - Hands-on experience with security technologies and tools. - Relevant industry qualifications preferred. - Familiarity with cybersecurity standards and frameworks. - Experience securing infrastructure and OT/ICS systems. - Knowledge of identity management and cyber threats. - Understanding of Tactics, Techniques, and Procedures. - Proficiency in Cloud security principles. Please apply with your up to date CV if you are interested.
Mar 26, 2024
Contractor
Position: OT/IT Cybersecurity Engineer (Contract - 6 months, Inside IR35) Location: Somerset, UK (1/2 days onsite weekly) Overview: We're searching for a skilled Cybersecurity Engineer for a 6-month contract role based in Somerset, UK. This position requires expertise in defining, configuring, and implementing security controls and services, along with managing Cybersecurity tools and technologies. Key Responsibilities: - Lead in defining and implementing security controls and services. - Manage Cybersecurity tools like anti-virus products, SIEM, EDR, XDR, and CMDBs. - Develop secure system profiles and ensure compliance. - Support Threat Hunting tasks and compliance activities. Requirements: - Hands-on experience with security technologies and tools. - Relevant industry qualifications preferred. - Familiarity with cybersecurity standards and frameworks. - Experience securing infrastructure and OT/ICS systems. - Knowledge of identity management and cyber threats. - Understanding of Tactics, Techniques, and Procedures. - Proficiency in Cloud security principles. Please apply with your up to date CV if you are interested.
We are looking for people to join our fantastic team at Somerset House Trust. As the home of cultural innovators, the Trust connects creativity and the arts with the broader society. Somerset House pursues a ‘Step Inside, Think Outside’ spirit and is born from the creative community we nurture - the experience and perspectives we host across background, age, race, and stage, and the intersections and crossovers we encourage. About the role: The Support Analyst is a critical part of the diverse and exciting technology operations at Somerset House. Working within the IT Department’s helpdesk function, the post holder will be a primary contact for 1st, 2nd and 3rd line IT and network support. You will help to ensure our IT services to our residents, members, and the Trust staff, are of the highest quality. You will work across a range of technologies and systems, from desktops to SaaS, maintaining ownership of cases from start to finish. Additionally, the role will have the opportunity to participate in the implementation of various IT solutions and projects as we work to improve our digital capabilities. Please note that this is an onsite role, based at Somerset House in central London, running Monday - Friday.
Responsibilities:
To be the primary point of contact for residents, members, event partners, and Trust IT support issues and requests. This includes 1st, 2nd, and 3rd line support.
Resolve all reported IT issues in a professional and timely manner, documenting all activity on the helpdesk ticketing system, conforming to SLA’s and adjusting priorities to deal with urgent issues and requests.
Monitor and manage ticket queues, alerts, automated tickets, and perform daily checks on various systems.
Proactively research and identify solutions that may benefit the team and the Trust.
Where appropriate, escalate issues to external vendors as required and monitor the escalation to ensure satisfactory resolution.
Assist in the delivery of IT services across all events and event spaces, including wired connections, wireless connections, AV components, and VoIP telephony.
Assist with the configuration of resident office moves, liaising closely with the property team, and the IT Solutions Lead.
As required, to assist in the testing and implementing of new solutions and adaptations/upgrades to IT services.
Undertake the training of Trust staff members as required.
Where occasionally required by key live events, exhibitions, and regular system maintenance taking place at Somerset House, to be able to shift working hours and days to provide support coverage.
Create and update IT and related documentation to allow retention and sharing of knowledge within the team and the Trust.
Participate as a team player in the support of colleagues within the department and across the Trust’s operations.
Undertake other duties that may be asked of you from time to time.
Skills, knowledge & expertise required for the role:
Experience :
Demonstrable technical knowledge of working in an IT service desk or team.
Demonstrable knowledge supporting and installing operating systems (Windows 10/11 primarily, some Windows Server 2012/2016/2019, some Mac OS) and standard productivity applications (Office 365, Teams, OneDrive, Adobe, AutoCAD, etc.).
Demonstrable knowledge supporting desktop hardware (primarily Dell laptops) and mobile devices (iOS and Android mobile phones and tablets).
Supporting of Active Directory, Office 365 (including Exchange), and Azure users, including password resets, account creation, and group policies.
Demonstrable knowledge of cyber security concepts and best practice, including Multi Factor Authentication, phishing, ransomware, passwords, firewalls, social engineering.
ITIL Foundation certification and technical Microsoft qualifications are desirable.
Skills :
A good knowledge of network infrastructure, both wired and wireless.
A good knowledge of logical network concepts, including VLANs, IPs, DNS and DHCP.
Strong communication skills with the flexibility to deal with a varied customer base.
Coaching or training end users in technical expertise.
Knowledge of VoIP telephony.
Knowledge of system backups, for example, Microsoft Azure Backup Service.
Skills in supporting a range of specific solutions are desirable, including hypervisors (Hyper-V), Cisco Meraki, Mimecast, Bitdefender, AlienVault SIEM, PaperCut, PRTG, Jira, EPOS systems, PDQ Deploy, Access Finance, Nexudus, Priava or similar events management software, and Tessitura.
As part of the recruitment process, there will be a practical task to help us assess hands-on technical skills.
Benefits to working at Somerset House:
Mental Health & Wellbeing - Access to our external Employee Assistance Programme (CiC) for free 24/7 confidential advice and support, including up to 6 free counselling sessions per year where needed- Mental health support and guidance from our in-house trained Mental Health First Aiders - Hybrid working based on having 3 days in the office per week (pro rata if part-time) - Contribution towards eye tests and glasses - Trust life insurance scheme Holiday - Enhanced annual leave – 25 days plus bank holidays - Birthday leave - additional day leave on or within a week of your birthday- Festive day - additional discretionary day off around the Christmas period Other Leave - Sick leave – 20 days full pay, followed by 20 days half pay - Emergency dependent care – option to use 25% of paid sick leave for emergency care of a dependent- Enhanced maternity pay Pension - 8% employer pension contributions- No minimum requirement for employee contributions- Option for salary exchange- Interest-free loans- Season ticket loan- Cycle to Work scheme Discounts, offers and free stuff - The list is endless and includes tickets to Somerset House events and entrance to other London Heritage sites - Discounts in Somerset House cafes and restaurants - Discounts with various high street retailers and restaurants - Discount to local leisure centres
About Somerset House Trust
Somerset House hosts the UK’s largest and most exciting creative community right in the heart of London, and are always looking for new talent to join our team. We welcome 3 million annual visitors to share our unique combination of cultural events, the creative industries and history. This mix informs and powers our programme and organisational culture, making us a singular, compelling and inclusive place to visit and work.
The Trust reserves the right to close a job before its application deadline. Our Commitment to Anti-Racism, Diversity and Inclusion:
Somerset House is open to all and we value the unique skills of everyone. Somerset House Trust is an equal opportunities employer and is committed to championing equality, diversity and inclusion in our workplace, so if you’re a suitably qualified applicant, we encourage your application whatever your age, disability, gender, gender identity, race, religion or belief, sexual orientation or socio-economic background. Somerset House is actively anti-racist, you can read about our Anti-Racism Pledge and the action we’re taking here . We are working hard to ensure our people, our onsite community and our sector reflect, represent and include all of society. With some recruitment stages, where candidates are equally qualified, we will seek to prioritise diversity to help us to increase representation across the creative economy and the Trust.We anonymise all job applications to help avoid discrimination in the initial screening stage of our recruitment process and reinforces our commitment to focus on skills and qualifications of all applications from the start. Please get in touch if you have any questions or require any adjustments to be made during the recruitment process.
Mar 26, 2024
Full time
We are looking for people to join our fantastic team at Somerset House Trust. As the home of cultural innovators, the Trust connects creativity and the arts with the broader society. Somerset House pursues a ‘Step Inside, Think Outside’ spirit and is born from the creative community we nurture - the experience and perspectives we host across background, age, race, and stage, and the intersections and crossovers we encourage. About the role: The Support Analyst is a critical part of the diverse and exciting technology operations at Somerset House. Working within the IT Department’s helpdesk function, the post holder will be a primary contact for 1st, 2nd and 3rd line IT and network support. You will help to ensure our IT services to our residents, members, and the Trust staff, are of the highest quality. You will work across a range of technologies and systems, from desktops to SaaS, maintaining ownership of cases from start to finish. Additionally, the role will have the opportunity to participate in the implementation of various IT solutions and projects as we work to improve our digital capabilities. Please note that this is an onsite role, based at Somerset House in central London, running Monday - Friday.
Responsibilities:
To be the primary point of contact for residents, members, event partners, and Trust IT support issues and requests. This includes 1st, 2nd, and 3rd line support.
Resolve all reported IT issues in a professional and timely manner, documenting all activity on the helpdesk ticketing system, conforming to SLA’s and adjusting priorities to deal with urgent issues and requests.
Monitor and manage ticket queues, alerts, automated tickets, and perform daily checks on various systems.
Proactively research and identify solutions that may benefit the team and the Trust.
Where appropriate, escalate issues to external vendors as required and monitor the escalation to ensure satisfactory resolution.
Assist in the delivery of IT services across all events and event spaces, including wired connections, wireless connections, AV components, and VoIP telephony.
Assist with the configuration of resident office moves, liaising closely with the property team, and the IT Solutions Lead.
As required, to assist in the testing and implementing of new solutions and adaptations/upgrades to IT services.
Undertake the training of Trust staff members as required.
Where occasionally required by key live events, exhibitions, and regular system maintenance taking place at Somerset House, to be able to shift working hours and days to provide support coverage.
Create and update IT and related documentation to allow retention and sharing of knowledge within the team and the Trust.
Participate as a team player in the support of colleagues within the department and across the Trust’s operations.
Undertake other duties that may be asked of you from time to time.
Skills, knowledge & expertise required for the role:
Experience :
Demonstrable technical knowledge of working in an IT service desk or team.
Demonstrable knowledge supporting and installing operating systems (Windows 10/11 primarily, some Windows Server 2012/2016/2019, some Mac OS) and standard productivity applications (Office 365, Teams, OneDrive, Adobe, AutoCAD, etc.).
Demonstrable knowledge supporting desktop hardware (primarily Dell laptops) and mobile devices (iOS and Android mobile phones and tablets).
Supporting of Active Directory, Office 365 (including Exchange), and Azure users, including password resets, account creation, and group policies.
Demonstrable knowledge of cyber security concepts and best practice, including Multi Factor Authentication, phishing, ransomware, passwords, firewalls, social engineering.
ITIL Foundation certification and technical Microsoft qualifications are desirable.
Skills :
A good knowledge of network infrastructure, both wired and wireless.
A good knowledge of logical network concepts, including VLANs, IPs, DNS and DHCP.
Strong communication skills with the flexibility to deal with a varied customer base.
Coaching or training end users in technical expertise.
Knowledge of VoIP telephony.
Knowledge of system backups, for example, Microsoft Azure Backup Service.
Skills in supporting a range of specific solutions are desirable, including hypervisors (Hyper-V), Cisco Meraki, Mimecast, Bitdefender, AlienVault SIEM, PaperCut, PRTG, Jira, EPOS systems, PDQ Deploy, Access Finance, Nexudus, Priava or similar events management software, and Tessitura.
As part of the recruitment process, there will be a practical task to help us assess hands-on technical skills.
Benefits to working at Somerset House:
Mental Health & Wellbeing - Access to our external Employee Assistance Programme (CiC) for free 24/7 confidential advice and support, including up to 6 free counselling sessions per year where needed- Mental health support and guidance from our in-house trained Mental Health First Aiders - Hybrid working based on having 3 days in the office per week (pro rata if part-time) - Contribution towards eye tests and glasses - Trust life insurance scheme Holiday - Enhanced annual leave – 25 days plus bank holidays - Birthday leave - additional day leave on or within a week of your birthday- Festive day - additional discretionary day off around the Christmas period Other Leave - Sick leave – 20 days full pay, followed by 20 days half pay - Emergency dependent care – option to use 25% of paid sick leave for emergency care of a dependent- Enhanced maternity pay Pension - 8% employer pension contributions- No minimum requirement for employee contributions- Option for salary exchange- Interest-free loans- Season ticket loan- Cycle to Work scheme Discounts, offers and free stuff - The list is endless and includes tickets to Somerset House events and entrance to other London Heritage sites - Discounts in Somerset House cafes and restaurants - Discounts with various high street retailers and restaurants - Discount to local leisure centres
About Somerset House Trust
Somerset House hosts the UK’s largest and most exciting creative community right in the heart of London, and are always looking for new talent to join our team. We welcome 3 million annual visitors to share our unique combination of cultural events, the creative industries and history. This mix informs and powers our programme and organisational culture, making us a singular, compelling and inclusive place to visit and work.
The Trust reserves the right to close a job before its application deadline. Our Commitment to Anti-Racism, Diversity and Inclusion:
Somerset House is open to all and we value the unique skills of everyone. Somerset House Trust is an equal opportunities employer and is committed to championing equality, diversity and inclusion in our workplace, so if you’re a suitably qualified applicant, we encourage your application whatever your age, disability, gender, gender identity, race, religion or belief, sexual orientation or socio-economic background. Somerset House is actively anti-racist, you can read about our Anti-Racism Pledge and the action we’re taking here . We are working hard to ensure our people, our onsite community and our sector reflect, represent and include all of society. With some recruitment stages, where candidates are equally qualified, we will seek to prioritise diversity to help us to increase representation across the creative economy and the Trust.We anonymise all job applications to help avoid discrimination in the initial screening stage of our recruitment process and reinforces our commitment to focus on skills and qualifications of all applications from the start. Please get in touch if you have any questions or require any adjustments to be made during the recruitment process.
We're looking for an Information Security Manager to join our team in London as part of our Technology function. Your team: Reporting to the group CTO, you will be responsible for the group-wide Information Security Function, managing a focused small team to set the Information Security strategy for the organisation. Your Role: Day to day, your team will be addressing key operational aspects such as the secure delivery of business projects, Cloud Security Governance, secure M&A, regular auditing and remediation, evaluating new technology, and End User Cyber Security Awareness. Travel to other Ascential offices may be required from time to time which provides opportunity for international travel. Your team also carries out incident triage and investigation including malware analysis and some digital forensic work. If these are not areas that you are already experienced in, then this is a great opportunity to learn. Key Responsibilities Shape our Information Security strategy to stay abreast of the evolving threat landscape as relevant to Ascential Supporting a wider Cloud Governance project through the setting of Cloud security policy, standards, and auditing and remediation activities. Setting the Information Security strategy for the organisation Reporting to the Board on Cyber Security posture when requested Managing stakeholder relationships across a wide network of supporting functions including technology, development, engineering, legal, finance, procurement, sales, marketing, and HR to ensure consistent engagement. Ensuring the secure delivery and ongoing security of products delivered by engineering teams Managing the security portfolio of technology products including Single Sign On, Data Loss Prevention, AntiVirus, and vulnerability management Keeping a finger on the pulse of current threats from a variety of sources to highlight those that pose a risk to Ascential Understanding the nature of our Cyber threat as it evolves and implementing appropriate defence Ensuring the secure procurement and on-boarding of new suppliers and implementation of third party solutions Ensuring secure M&A activity by security scanning of any products being acquired, understanding any technical debt being assumed, and enrolling new members of staff to the security policies and e-learning programme Responding to customer security questionnaires within required timelines Upskilling a motivated network of Security Champions in tools and processes used by the Information Security team, allowing them to provide effective 24-hour first response Running product evaluations to select new commercial and open source Information Security solutions Creating and delivering engaging cyber security awareness content Running regular internal auditing activity to discover vulnerabilities, threats, and breach of company security policy Shaping and executing our Cyber Incident Response process when necessary Your Experience Minimum three years' experience in an Information Security role Experience of working in an Enterprise IT team or a managed hosting environment / ISP beneficial Demonstrable Cloud (AWS is preferable) expertise both from a policy/standards/delivery perspective and threat analysis and compliance reporting Experience using SumoLogic SIEM or similar SIEM solution Workplace Security experience including Google Workplace, Windows 10 and MacOS Any experience of achieving SOC2 compliance or similar Information Security related certifications such as (CISSP, SSCP or CCSP) Excellent understanding of information security best practices. Ability to provide awareness training Monitoring and identifying suspicious or harmful activities Excellent communication skills and ability to engage with senior stakeholders Ability to document and report control failures and gaps to stakeholders If you don't meet every single requirement, we'd still encourage you to apply. At Ascential , we are committed to creating a diverse, inclusive and authentic workplace, so if you are excited about this role we would still like you to apply. Who are we? Ascential delivers specialist information, analytics and ecommerce optimisation platforms to the world's leading consumer brands and their ecosystems. We help our customers to make smart decisions that improve performance now, and in the future. With more than 3,00 employees across five continents, we combine local expertise with a global footprint for clients in over 120 countries. We are listed on the London Stock Exchange . Why choose us? At Ascential, diversity, equity and inclusion is core to us. We're a company built around our people - and we're committed to supporting each and every one of them to be the best they can be. We love having a diverse team of people who bring new ideas and different strengths and perspectives to Ascential. Our employee-led groups and networks, Ascential Pride, Black in Business and EmPower: An Ascential Women's Initiative, Shalom Ascential and Latinx, help us to create a place where communities and allies can connect and share experiences. We are proud to have been recognised as a best performer in the FTSE Women Leaders Review for six consecutive years, listed in the Bloomberg Gender Equality Index and ranked in the top 1500 companies on Sustainalytics. We are committed to supporting the environment and sustainability, including ensuring our pension plan defaults to sustainable options and striving to be net zero by 2030. Recognising great performance is a key part of our culture. Our Awards schemes recognise and reward the brilliant achievements of our people. We have a truly flexible working environment with a wide range of flexible, hybrid and agile-working arrangements. Conversations about flexible working have always been - and will continue to be - actively encouraged here. Our benefits and wellbeing package offers flexible benefits you can tailor to your own personal needs, including: 25 days of holiday per year - with an option to buy/ sell upto 5 days Pension, Life Assurance and Income Protection Flexible benefits platform with options including Private Medical, Dental Insurance, Critical Illness and the Ascential Shares Scheme Employee assistance programme, season ticket loans and cycle to work scheme Volunteering opportunities and charitable giving options Great learning and development opportunities. We want to ensure everyone has the opportunity to perform their best when interviewing, so if you require any reasonable adjustments that would make you more comfortable during the process, please let us know so that we can do our best to support you. If we inspire you, why not join and inspire us? Find out more on what our People say
Mar 25, 2024
Full time
We're looking for an Information Security Manager to join our team in London as part of our Technology function. Your team: Reporting to the group CTO, you will be responsible for the group-wide Information Security Function, managing a focused small team to set the Information Security strategy for the organisation. Your Role: Day to day, your team will be addressing key operational aspects such as the secure delivery of business projects, Cloud Security Governance, secure M&A, regular auditing and remediation, evaluating new technology, and End User Cyber Security Awareness. Travel to other Ascential offices may be required from time to time which provides opportunity for international travel. Your team also carries out incident triage and investigation including malware analysis and some digital forensic work. If these are not areas that you are already experienced in, then this is a great opportunity to learn. Key Responsibilities Shape our Information Security strategy to stay abreast of the evolving threat landscape as relevant to Ascential Supporting a wider Cloud Governance project through the setting of Cloud security policy, standards, and auditing and remediation activities. Setting the Information Security strategy for the organisation Reporting to the Board on Cyber Security posture when requested Managing stakeholder relationships across a wide network of supporting functions including technology, development, engineering, legal, finance, procurement, sales, marketing, and HR to ensure consistent engagement. Ensuring the secure delivery and ongoing security of products delivered by engineering teams Managing the security portfolio of technology products including Single Sign On, Data Loss Prevention, AntiVirus, and vulnerability management Keeping a finger on the pulse of current threats from a variety of sources to highlight those that pose a risk to Ascential Understanding the nature of our Cyber threat as it evolves and implementing appropriate defence Ensuring the secure procurement and on-boarding of new suppliers and implementation of third party solutions Ensuring secure M&A activity by security scanning of any products being acquired, understanding any technical debt being assumed, and enrolling new members of staff to the security policies and e-learning programme Responding to customer security questionnaires within required timelines Upskilling a motivated network of Security Champions in tools and processes used by the Information Security team, allowing them to provide effective 24-hour first response Running product evaluations to select new commercial and open source Information Security solutions Creating and delivering engaging cyber security awareness content Running regular internal auditing activity to discover vulnerabilities, threats, and breach of company security policy Shaping and executing our Cyber Incident Response process when necessary Your Experience Minimum three years' experience in an Information Security role Experience of working in an Enterprise IT team or a managed hosting environment / ISP beneficial Demonstrable Cloud (AWS is preferable) expertise both from a policy/standards/delivery perspective and threat analysis and compliance reporting Experience using SumoLogic SIEM or similar SIEM solution Workplace Security experience including Google Workplace, Windows 10 and MacOS Any experience of achieving SOC2 compliance or similar Information Security related certifications such as (CISSP, SSCP or CCSP) Excellent understanding of information security best practices. Ability to provide awareness training Monitoring and identifying suspicious or harmful activities Excellent communication skills and ability to engage with senior stakeholders Ability to document and report control failures and gaps to stakeholders If you don't meet every single requirement, we'd still encourage you to apply. At Ascential , we are committed to creating a diverse, inclusive and authentic workplace, so if you are excited about this role we would still like you to apply. Who are we? Ascential delivers specialist information, analytics and ecommerce optimisation platforms to the world's leading consumer brands and their ecosystems. We help our customers to make smart decisions that improve performance now, and in the future. With more than 3,00 employees across five continents, we combine local expertise with a global footprint for clients in over 120 countries. We are listed on the London Stock Exchange . Why choose us? At Ascential, diversity, equity and inclusion is core to us. We're a company built around our people - and we're committed to supporting each and every one of them to be the best they can be. We love having a diverse team of people who bring new ideas and different strengths and perspectives to Ascential. Our employee-led groups and networks, Ascential Pride, Black in Business and EmPower: An Ascential Women's Initiative, Shalom Ascential and Latinx, help us to create a place where communities and allies can connect and share experiences. We are proud to have been recognised as a best performer in the FTSE Women Leaders Review for six consecutive years, listed in the Bloomberg Gender Equality Index and ranked in the top 1500 companies on Sustainalytics. We are committed to supporting the environment and sustainability, including ensuring our pension plan defaults to sustainable options and striving to be net zero by 2030. Recognising great performance is a key part of our culture. Our Awards schemes recognise and reward the brilliant achievements of our people. We have a truly flexible working environment with a wide range of flexible, hybrid and agile-working arrangements. Conversations about flexible working have always been - and will continue to be - actively encouraged here. Our benefits and wellbeing package offers flexible benefits you can tailor to your own personal needs, including: 25 days of holiday per year - with an option to buy/ sell upto 5 days Pension, Life Assurance and Income Protection Flexible benefits platform with options including Private Medical, Dental Insurance, Critical Illness and the Ascential Shares Scheme Employee assistance programme, season ticket loans and cycle to work scheme Volunteering opportunities and charitable giving options Great learning and development opportunities. We want to ensure everyone has the opportunity to perform their best when interviewing, so if you require any reasonable adjustments that would make you more comfortable during the process, please let us know so that we can do our best to support you. If we inspire you, why not join and inspire us? Find out more on what our People say