ASCENTIAL GROUP LIMITED
We're looking for an Information Security Manager to join our team in London as part of our Technology function. Your team: Reporting to the group CTO, you will be responsible for the group-wide Information Security Function, managing a focused small team to set the Information Security strategy for the organisation. Your Role: Day to day, your team will be addressing key operational aspects such as the secure delivery of business projects, Cloud Security Governance, secure M&A, regular auditing and remediation, evaluating new technology, and End User Cyber Security Awareness. Travel to other Ascential offices may be required from time to time which provides opportunity for international travel. Your team also carries out incident triage and investigation including malware analysis and some digital forensic work. If these are not areas that you are already experienced in, then this is a great opportunity to learn. Key Responsibilities Shape our Information Security strategy to stay abreast of the evolving threat landscape as relevant to Ascential Supporting a wider Cloud Governance project through the setting of Cloud security policy, standards, and auditing and remediation activities. Setting the Information Security strategy for the organisation Reporting to the Board on Cyber Security posture when requested Managing stakeholder relationships across a wide network of supporting functions including technology, development, engineering, legal, finance, procurement, sales, marketing, and HR to ensure consistent engagement. Ensuring the secure delivery and ongoing security of products delivered by engineering teams Managing the security portfolio of technology products including Single Sign On, Data Loss Prevention, AntiVirus, and vulnerability management Keeping a finger on the pulse of current threats from a variety of sources to highlight those that pose a risk to Ascential Understanding the nature of our Cyber threat as it evolves and implementing appropriate defence Ensuring the secure procurement and on-boarding of new suppliers and implementation of third party solutions Ensuring secure M&A activity by security scanning of any products being acquired, understanding any technical debt being assumed, and enrolling new members of staff to the security policies and e-learning programme Responding to customer security questionnaires within required timelines Upskilling a motivated network of Security Champions in tools and processes used by the Information Security team, allowing them to provide effective 24-hour first response Running product evaluations to select new commercial and open source Information Security solutions Creating and delivering engaging cyber security awareness content Running regular internal auditing activity to discover vulnerabilities, threats, and breach of company security policy Shaping and executing our Cyber Incident Response process when necessary Your Experience Minimum three years' experience in an Information Security role Experience of working in an Enterprise IT team or a managed hosting environment / ISP beneficial Demonstrable Cloud (AWS is preferable) expertise both from a policy/standards/delivery perspective and threat analysis and compliance reporting Experience using SumoLogic SIEM or similar SIEM solution Workplace Security experience including Google Workplace, Windows 10 and MacOS Any experience of achieving SOC2 compliance or similar Information Security related certifications such as (CISSP, SSCP or CCSP) Excellent understanding of information security best practices. Ability to provide awareness training Monitoring and identifying suspicious or harmful activities Excellent communication skills and ability to engage with senior stakeholders Ability to document and report control failures and gaps to stakeholders If you don't meet every single requirement, we'd still encourage you to apply. At Ascential , we are committed to creating a diverse, inclusive and authentic workplace, so if you are excited about this role we would still like you to apply. Who are we? Ascential delivers specialist information, analytics and ecommerce optimisation platforms to the world's leading consumer brands and their ecosystems. We help our customers to make smart decisions that improve performance now, and in the future. With more than 3,00 employees across five continents, we combine local expertise with a global footprint for clients in over 120 countries. We are listed on the London Stock Exchange . Why choose us? At Ascential, diversity, equity and inclusion is core to us. We're a company built around our people - and we're committed to supporting each and every one of them to be the best they can be. We love having a diverse team of people who bring new ideas and different strengths and perspectives to Ascential. Our employee-led groups and networks, Ascential Pride, Black in Business and EmPower: An Ascential Women's Initiative, Shalom Ascential and Latinx, help us to create a place where communities and allies can connect and share experiences. We are proud to have been recognised as a best performer in the FTSE Women Leaders Review for six consecutive years, listed in the Bloomberg Gender Equality Index and ranked in the top 1500 companies on Sustainalytics. We are committed to supporting the environment and sustainability, including ensuring our pension plan defaults to sustainable options and striving to be net zero by 2030. Recognising great performance is a key part of our culture. Our Awards schemes recognise and reward the brilliant achievements of our people. We have a truly flexible working environment with a wide range of flexible, hybrid and agile-working arrangements. Conversations about flexible working have always been - and will continue to be - actively encouraged here. Our benefits and wellbeing package offers flexible benefits you can tailor to your own personal needs, including: 25 days of holiday per year - with an option to buy/ sell upto 5 days Pension, Life Assurance and Income Protection Flexible benefits platform with options including Private Medical, Dental Insurance, Critical Illness and the Ascential Shares Scheme Employee assistance programme, season ticket loans and cycle to work scheme Volunteering opportunities and charitable giving options Great learning and development opportunities. We want to ensure everyone has the opportunity to perform their best when interviewing, so if you require any reasonable adjustments that would make you more comfortable during the process, please let us know so that we can do our best to support you. If we inspire you, why not join and inspire us? Find out more on what our People say
We're looking for an Information Security Manager to join our team in London as part of our Technology function. Your team: Reporting to the group CTO, you will be responsible for the group-wide Information Security Function, managing a focused small team to set the Information Security strategy for the organisation. Your Role: Day to day, your team will be addressing key operational aspects such as the secure delivery of business projects, Cloud Security Governance, secure M&A, regular auditing and remediation, evaluating new technology, and End User Cyber Security Awareness. Travel to other Ascential offices may be required from time to time which provides opportunity for international travel. Your team also carries out incident triage and investigation including malware analysis and some digital forensic work. If these are not areas that you are already experienced in, then this is a great opportunity to learn. Key Responsibilities Shape our Information Security strategy to stay abreast of the evolving threat landscape as relevant to Ascential Supporting a wider Cloud Governance project through the setting of Cloud security policy, standards, and auditing and remediation activities. Setting the Information Security strategy for the organisation Reporting to the Board on Cyber Security posture when requested Managing stakeholder relationships across a wide network of supporting functions including technology, development, engineering, legal, finance, procurement, sales, marketing, and HR to ensure consistent engagement. Ensuring the secure delivery and ongoing security of products delivered by engineering teams Managing the security portfolio of technology products including Single Sign On, Data Loss Prevention, AntiVirus, and vulnerability management Keeping a finger on the pulse of current threats from a variety of sources to highlight those that pose a risk to Ascential Understanding the nature of our Cyber threat as it evolves and implementing appropriate defence Ensuring the secure procurement and on-boarding of new suppliers and implementation of third party solutions Ensuring secure M&A activity by security scanning of any products being acquired, understanding any technical debt being assumed, and enrolling new members of staff to the security policies and e-learning programme Responding to customer security questionnaires within required timelines Upskilling a motivated network of Security Champions in tools and processes used by the Information Security team, allowing them to provide effective 24-hour first response Running product evaluations to select new commercial and open source Information Security solutions Creating and delivering engaging cyber security awareness content Running regular internal auditing activity to discover vulnerabilities, threats, and breach of company security policy Shaping and executing our Cyber Incident Response process when necessary Your Experience Minimum three years' experience in an Information Security role Experience of working in an Enterprise IT team or a managed hosting environment / ISP beneficial Demonstrable Cloud (AWS is preferable) expertise both from a policy/standards/delivery perspective and threat analysis and compliance reporting Experience using SumoLogic SIEM or similar SIEM solution Workplace Security experience including Google Workplace, Windows 10 and MacOS Any experience of achieving SOC2 compliance or similar Information Security related certifications such as (CISSP, SSCP or CCSP) Excellent understanding of information security best practices. Ability to provide awareness training Monitoring and identifying suspicious or harmful activities Excellent communication skills and ability to engage with senior stakeholders Ability to document and report control failures and gaps to stakeholders If you don't meet every single requirement, we'd still encourage you to apply. At Ascential , we are committed to creating a diverse, inclusive and authentic workplace, so if you are excited about this role we would still like you to apply. Who are we? Ascential delivers specialist information, analytics and ecommerce optimisation platforms to the world's leading consumer brands and their ecosystems. We help our customers to make smart decisions that improve performance now, and in the future. With more than 3,00 employees across five continents, we combine local expertise with a global footprint for clients in over 120 countries. We are listed on the London Stock Exchange . Why choose us? At Ascential, diversity, equity and inclusion is core to us. We're a company built around our people - and we're committed to supporting each and every one of them to be the best they can be. We love having a diverse team of people who bring new ideas and different strengths and perspectives to Ascential. Our employee-led groups and networks, Ascential Pride, Black in Business and EmPower: An Ascential Women's Initiative, Shalom Ascential and Latinx, help us to create a place where communities and allies can connect and share experiences. We are proud to have been recognised as a best performer in the FTSE Women Leaders Review for six consecutive years, listed in the Bloomberg Gender Equality Index and ranked in the top 1500 companies on Sustainalytics. We are committed to supporting the environment and sustainability, including ensuring our pension plan defaults to sustainable options and striving to be net zero by 2030. Recognising great performance is a key part of our culture. Our Awards schemes recognise and reward the brilliant achievements of our people. We have a truly flexible working environment with a wide range of flexible, hybrid and agile-working arrangements. Conversations about flexible working have always been - and will continue to be - actively encouraged here. Our benefits and wellbeing package offers flexible benefits you can tailor to your own personal needs, including: 25 days of holiday per year - with an option to buy/ sell upto 5 days Pension, Life Assurance and Income Protection Flexible benefits platform with options including Private Medical, Dental Insurance, Critical Illness and the Ascential Shares Scheme Employee assistance programme, season ticket loans and cycle to work scheme Volunteering opportunities and charitable giving options Great learning and development opportunities. We want to ensure everyone has the opportunity to perform their best when interviewing, so if you require any reasonable adjustments that would make you more comfortable during the process, please let us know so that we can do our best to support you. If we inspire you, why not join and inspire us? Find out more on what our People say
ebay
This position entails a variable shift pattern, subject to fluctuations based on the team's operational requirements. We are in search of individuals who possess the adaptability to modify their schedules in alignment with the changing work hours as necessitated by the workload. At eBay, we're more than a global ecommerce leader - we're changing the way the world shops and sells. Our platform empowers millions of buyers and sellers in more than 190 markets around the world. We're committed to pushing boundaries and leaving our mark as we reinvent the future of ecommerce for enthusiasts. Our customers are our compass, authenticity thrives, bold ideas are welcome, and everyone can bring their unique selves to work - every day. We're in this together, sustaining the future of our customers, our company, and our planet. Join a team of passionate thinkers, innovators, and dreamers - and help us connect people and build communities to create economic opportunity for all. What's in it for you Core Technology (CT) is a global team responsible for the end-to-end eBay technology platform. This platform runs our entire infrastructure and all the services that come together to form Working within eBay's CSIRT you will have the opportunity to build innovative solutions to identify and mitigate information-security threats. You will work closely to creatively solve complex security problems in a heterogeneous environment. Your skills, vision, tenacity, and passion will help us defend and respond daily to keep eBay's' critical information assets safe from threats. Core job functions include: Investigations - Responding to events from a variety security tools to conduct compromise assessments, tune alert logic, and improve processes. Propose controls and countermeasures to prevent internal or external attacks or attempts to infiltrate company systems. We utilize a variety of security tooling that supports our defensive posture so familiarity with the fundamentals of defence in depth is required to use them effectively. Research - Always learning and adapting, researching attempted or successful efforts to compromise systems security and then designing countermeasures. Digital Forensics - As it relates to information systems, performs technical investigations in a forensically sound manner. Consults with HR and legal subject matter experts to adhere to local country law Coverage - Must be willing to work shift work, weekends, and holidays as well as participate in our shift lead on-call rotation. Communications - Provides information and updates to management regarding the impact on the business caused by loss, destruction, alteration, or denial of access to information and systems. To be successful in this position, you should be familiar with: Incident Response - Getting people to do the right thing in the middle of an investigation. Offensive Techniques - Penetration testing, IOCs, and exploits at all layers of the stack. Logs - you should be comfortable with a SEIM and database to be able to gather and analyse logs to recreate incidents and hunt for threats. System Forensics - Basic understanding of image acquisition techniques, memory forensics and key artifacts. Networking Fundamentals - TCP/IP Protocols (HTTP, DNS, FTP, DHCP, ARP, etc.) Scripting - Should be familiar in scripting in at least one of the following: python, perl or a similar language. Risk Analysis - Taking a vulnerability in a particular environment and understanding the practical associated risk. Privacy Analysis - Understanding different customer and employee data elements and their associated regulatory frameworks. Regulatory Frameworks such as PCI-DSS, SOX, GDPR, DORA etc. Qualifications : Bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field. Minimum five 3 years of professional experience in incident detection and response, malware analysis, or digital forensics. Ideally holding at least one of the following certifications: SANS GIAC: GCED, GCIA, GCFA, GPEN, GWAPT, GCFE, GSNA, GPPA, GAWN, GWEB, GNFA, GREM, GXPN, GMON or GCIH ISC2: CCFP, CCSP, CISSP EC Council: CEH, ENSA, CNDA, ECSS, ECSP, ECES, CHFI, LPT, ECSA, or ECIH Offensive Security: OSCP, OSCE, OSWP and OSEE In addition, a minimum of three (3) years of specialised experience in one or more of the following areas: Security Assessment or Offensive Security Application Security Security Incident Response Threat Hunting Benefits are an essential part of your total compensation for the work you do every day. Whether you're single, in a growing family, or nearing retirement, eBay offers a variety of comprehensive and competitive benefit programs to meet your needs. Including maternal & paternal leave, paid sabbatical, and plans to help ensure your financial security today and in the years ahead because we know feeling financially secure during your working years and through retirement is important. Here at eBay, we love creating opportunities for others by connecting people from widely diverse backgrounds, perspectives, and geographies. So, being diverse and inclusive isn't just something we strive for, it is who we are, and part of what we do each and every single day. We want to ensure that as an employee, you feel eBay is a place where, no matter who you are, you feel safe, included, and that you have the opportunity to bring your unique self to work. To learn about eBay's Diversity & Inclusion click here: Please see the Talent Privacy Notice for information regarding how eBay handles your personal data collected when you use the eBay Careers website or apply for a job with eBay. eBay is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, veteran status, and disability, or other legally protected status. If you have a need that requires accommodation, please contact us at . We will make every effort to respond to your request for accommodation as soon as possible. View our accessibility statement to learn more about eBay's commitment to ensuring digital accessibility for people with disabilities. Jobs posted with location as "Remote - United States (Excludes: HI, NM)" excludes residents of Hawaii and New Mexico. This website uses cookies to enhance your experience. By continuing to browse the site, you agree to our use of cookies. Visit our Privacy Center for more information.
This position entails a variable shift pattern, subject to fluctuations based on the team's operational requirements. We are in search of individuals who possess the adaptability to modify their schedules in alignment with the changing work hours as necessitated by the workload. At eBay, we're more than a global ecommerce leader - we're changing the way the world shops and sells. Our platform empowers millions of buyers and sellers in more than 190 markets around the world. We're committed to pushing boundaries and leaving our mark as we reinvent the future of ecommerce for enthusiasts. Our customers are our compass, authenticity thrives, bold ideas are welcome, and everyone can bring their unique selves to work - every day. We're in this together, sustaining the future of our customers, our company, and our planet. Join a team of passionate thinkers, innovators, and dreamers - and help us connect people and build communities to create economic opportunity for all. What's in it for you Core Technology (CT) is a global team responsible for the end-to-end eBay technology platform. This platform runs our entire infrastructure and all the services that come together to form Working within eBay's CSIRT you will have the opportunity to build innovative solutions to identify and mitigate information-security threats. You will work closely to creatively solve complex security problems in a heterogeneous environment. Your skills, vision, tenacity, and passion will help us defend and respond daily to keep eBay's' critical information assets safe from threats. Core job functions include: Investigations - Responding to events from a variety security tools to conduct compromise assessments, tune alert logic, and improve processes. Propose controls and countermeasures to prevent internal or external attacks or attempts to infiltrate company systems. We utilize a variety of security tooling that supports our defensive posture so familiarity with the fundamentals of defence in depth is required to use them effectively. Research - Always learning and adapting, researching attempted or successful efforts to compromise systems security and then designing countermeasures. Digital Forensics - As it relates to information systems, performs technical investigations in a forensically sound manner. Consults with HR and legal subject matter experts to adhere to local country law Coverage - Must be willing to work shift work, weekends, and holidays as well as participate in our shift lead on-call rotation. Communications - Provides information and updates to management regarding the impact on the business caused by loss, destruction, alteration, or denial of access to information and systems. To be successful in this position, you should be familiar with: Incident Response - Getting people to do the right thing in the middle of an investigation. Offensive Techniques - Penetration testing, IOCs, and exploits at all layers of the stack. Logs - you should be comfortable with a SEIM and database to be able to gather and analyse logs to recreate incidents and hunt for threats. System Forensics - Basic understanding of image acquisition techniques, memory forensics and key artifacts. Networking Fundamentals - TCP/IP Protocols (HTTP, DNS, FTP, DHCP, ARP, etc.) Scripting - Should be familiar in scripting in at least one of the following: python, perl or a similar language. Risk Analysis - Taking a vulnerability in a particular environment and understanding the practical associated risk. Privacy Analysis - Understanding different customer and employee data elements and their associated regulatory frameworks. Regulatory Frameworks such as PCI-DSS, SOX, GDPR, DORA etc. Qualifications : Bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field. Minimum five 3 years of professional experience in incident detection and response, malware analysis, or digital forensics. Ideally holding at least one of the following certifications: SANS GIAC: GCED, GCIA, GCFA, GPEN, GWAPT, GCFE, GSNA, GPPA, GAWN, GWEB, GNFA, GREM, GXPN, GMON or GCIH ISC2: CCFP, CCSP, CISSP EC Council: CEH, ENSA, CNDA, ECSS, ECSP, ECES, CHFI, LPT, ECSA, or ECIH Offensive Security: OSCP, OSCE, OSWP and OSEE In addition, a minimum of three (3) years of specialised experience in one or more of the following areas: Security Assessment or Offensive Security Application Security Security Incident Response Threat Hunting Benefits are an essential part of your total compensation for the work you do every day. Whether you're single, in a growing family, or nearing retirement, eBay offers a variety of comprehensive and competitive benefit programs to meet your needs. Including maternal & paternal leave, paid sabbatical, and plans to help ensure your financial security today and in the years ahead because we know feeling financially secure during your working years and through retirement is important. Here at eBay, we love creating opportunities for others by connecting people from widely diverse backgrounds, perspectives, and geographies. So, being diverse and inclusive isn't just something we strive for, it is who we are, and part of what we do each and every single day. We want to ensure that as an employee, you feel eBay is a place where, no matter who you are, you feel safe, included, and that you have the opportunity to bring your unique self to work. To learn about eBay's Diversity & Inclusion click here: Please see the Talent Privacy Notice for information regarding how eBay handles your personal data collected when you use the eBay Careers website or apply for a job with eBay. eBay is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, veteran status, and disability, or other legally protected status. If you have a need that requires accommodation, please contact us at . We will make every effort to respond to your request for accommodation as soon as possible. View our accessibility statement to learn more about eBay's commitment to ensuring digital accessibility for people with disabilities. Jobs posted with location as "Remote - United States (Excludes: HI, NM)" excludes residents of Hawaii and New Mexico. This website uses cookies to enhance your experience. By continuing to browse the site, you agree to our use of cookies. Visit our Privacy Center for more information.