This is a key leadership role within the IT and Change function, responsible for overall operation and governance of the IT department and reporting directly to the group IT Director.
You will be responsible for defining policy, process and working practices and for ensuring an effective IT Support service to the Group.
A full-time post, working 37.5 hours per week Monday to Friday. Remote working, but occasional requirement to attend a site office.
Responsibilities include:
IT Service Delivery
Establishing, configuring and providing adoption assurance for service tooling
Oversight and co-ordination of incidents and requests on behalf of engineers within each subsidiary
Build relationships with senior leaderships within Group companies
Providing service reporting to senor leadership within each business
Delivery of Key IT Processes, in line with ISO27001 and ITIL, including:
Incident and Major Incident
Change Control
Access Control
Disaster Recovery Test Scheduling and Reporting
Service Desk Management
Information Security Audit
Capacity management
Vulnerability Management
Asset Management and SAM
Knowledgebase Management
Chairs the Businesses Monthly Governance meetings
Liaises with Group and subsidiary compliance teams to enable ongoing review of controls
Delivers the Group IT Risk Treatment Plan, updated the IT risk Register accordingly
Governance of MS Teams and SharePoint
Manages Vendors and Suppliers in line with the Group Supplier policy
Profile: Skills, experience, education
Skills
Strong technical awareness without being an expert
Excellent verbal, written, organisational communication skills
Strong background in ISO27001 and ITIL
Service leadership
Able to lead and mentor others who are not direct reports
Able to build relationships and engage with senior stakeholders
Customer service oriented
Knowledge of DR techniques and technologies
Strong awareness and experience of implementing IT Service management tools
Experience
5 years (or able to demonstrate excellent experience) of managing an IT Operation / Service Desk
Experience of working in a multi subsidiary business desirable
Experience of working within regulated industries preferred
Qualifications – Essential
Degree or equivalent
ITIL V4 Foundation
Qualifications – Desirable
ITIL V4 Create, Deliver, Support
ISO27001 Auditor
Formal training in people leadership
Role conditional on passing employee vetting process which includes a 5 year employment reference check, 3 year financial probity and basic criminal disclosure check.
We offer an unrivalled benefits package including flexible working arrangements, enhanced maternity & paternity, private medical insurance, medical cash plan, company sick pay, 5% matched pension, up to 27 days paid holiday (subject to length of service increments) plus bank holidays on top and option to top up by 5 days per year through our flexible leave scheme.
Kuro Health actively promotes equality of opportunity for all. We welcome applications from a wide range of candidates with the right mix of talent, skills and potential.
Sep 08, 2023
Full time
This is a key leadership role within the IT and Change function, responsible for overall operation and governance of the IT department and reporting directly to the group IT Director.
You will be responsible for defining policy, process and working practices and for ensuring an effective IT Support service to the Group.
A full-time post, working 37.5 hours per week Monday to Friday. Remote working, but occasional requirement to attend a site office.
Responsibilities include:
IT Service Delivery
Establishing, configuring and providing adoption assurance for service tooling
Oversight and co-ordination of incidents and requests on behalf of engineers within each subsidiary
Build relationships with senior leaderships within Group companies
Providing service reporting to senor leadership within each business
Delivery of Key IT Processes, in line with ISO27001 and ITIL, including:
Incident and Major Incident
Change Control
Access Control
Disaster Recovery Test Scheduling and Reporting
Service Desk Management
Information Security Audit
Capacity management
Vulnerability Management
Asset Management and SAM
Knowledgebase Management
Chairs the Businesses Monthly Governance meetings
Liaises with Group and subsidiary compliance teams to enable ongoing review of controls
Delivers the Group IT Risk Treatment Plan, updated the IT risk Register accordingly
Governance of MS Teams and SharePoint
Manages Vendors and Suppliers in line with the Group Supplier policy
Profile: Skills, experience, education
Skills
Strong technical awareness without being an expert
Excellent verbal, written, organisational communication skills
Strong background in ISO27001 and ITIL
Service leadership
Able to lead and mentor others who are not direct reports
Able to build relationships and engage with senior stakeholders
Customer service oriented
Knowledge of DR techniques and technologies
Strong awareness and experience of implementing IT Service management tools
Experience
5 years (or able to demonstrate excellent experience) of managing an IT Operation / Service Desk
Experience of working in a multi subsidiary business desirable
Experience of working within regulated industries preferred
Qualifications – Essential
Degree or equivalent
ITIL V4 Foundation
Qualifications – Desirable
ITIL V4 Create, Deliver, Support
ISO27001 Auditor
Formal training in people leadership
Role conditional on passing employee vetting process which includes a 5 year employment reference check, 3 year financial probity and basic criminal disclosure check.
We offer an unrivalled benefits package including flexible working arrangements, enhanced maternity & paternity, private medical insurance, medical cash plan, company sick pay, 5% matched pension, up to 27 days paid holiday (subject to length of service increments) plus bank holidays on top and option to top up by 5 days per year through our flexible leave scheme.
Kuro Health actively promotes equality of opportunity for all. We welcome applications from a wide range of candidates with the right mix of talent, skills and potential.
ABOUT THE ROLE
Are you passionate about protecting Cyber Security?
Do you want to make a real difference in the fight against cybercrime in local government?
Are you passionate about making a difference in your community?
If so, we want you to join our team!
We seek a highly motivated and experienced Cyber Security & Networks Manager to join our team. Stevenage Borough Council are a leading local authority in Cyber Security in the UK and pilot cyber security standards for The Department for Levelling Up, Housing and Communities (DLUHC). This is an exciting opportunity to be at the forefront of Cyber Security in the public sector. The ideal candidate will have a strong understanding of cyber security principles and associated technology risk management. They will also have experience in managing and leading a team of IT professionals.
Accountable for Cyber security, you will identify and ensure the security of the council’s IT Applications and Digital Solutions. You will lead in evaluating new and existing projects, software and hardware products, and vendors, including examining vendor contracts and terms of service. You will support teams across the council to develop their understanding of security cyber risks. You will manage a small team of two Senior Network and Security Engineers
You will take the lead on cyber security and network for the Shared IT service, which supports over 1,000 users across Stevenage Borough Council and East Herts District Council and will put in place controls over security systems, such as firewalls, data protection controls, patching, encryption, vulnerability scanning and penetration testing.
You will be responsible for achieving compliance with Cyber Essentials Plus, Cyber Assessment Framework (CAF) and Public Sector Network (PSN) and related government frameworks, including those of the National Cyber Security Centre, the Information Commissioners Office (ICO)
ABOUT YOU
The successful candidate will have
Ability to work in a high-pressure environment and make sound decisions in emergency situations while empathising with customers and responding sympathetically to
Extensive knowledge of all IT security aspects, including audit response, oversight, and scrutiny, ICO responses, Information Governance, Information Assurance, IT Asset Management policies, Quality Assurance, Test Strategies, PSN and PCI and other relevant compliance frameworks, Disaster recovery and Business continuity
Extensive experience working as part of a multidiscipline ICT team in a complex organisation, ideally a local authority.
OUR BENEFITS
Pension Scheme: We offer a career average pension scheme, providing generous benefits upon retirement, as well as a lump sum and pensions for dependants
Flexible working: available upon request, subject to operational requirements
Part-time and job share opportunities - all our full time vacancies are open to job share unless otherwise stated
A variety of different types of paid leave covering emergency and planned leave, maternity, paternity, adoption and parental leave
25 days holiday rising to 31 days (depending on Local Government service)
An extensive range of learning and development opportunities
Employee Assistance Programme – 24/7 Confidential advice and support on personal, work, family, and relationship issues
Discounted health and fitness membership
Trade Unions: For a small fee, all employees have the opportunity to join a Trade Union
HOW TO APPLY
All applications must be made on online - please visit https://bit.ly/45Yo0Ke
For an informal discussion about this role please contact
Name Matt Canterford
Job Title Assistant Director and Chief Technology Officer
Phone Number 07706 349657
Email matt.canterford@stevenage.gov.uk
Closing date for receipt of applications : 26 June 2023
Interviews will be held the week commencing: 3 July 2023
Please note that if we receive a large volume of applications for this role, we reserve the right to close this vacancy ahead of the published closing date
Stevenage Borough Council (SBC) is committed to safeguarding and promoting the welfare of children, young people and vulnerable adults and expects all staff, volunteers and recruitment candidates to share this commitment. SBC shall take all reasonable steps to employ staff who are safe to work with children, young people and vulnerable adults. For posts identified with regular contact with these groups applicants will be required to undertake a Value Based Interview. The council supports the legislative requirements for employing and maintaining safer staff and the guidance specified by Hertfordshire Safeguarding Adults Board
Stevenage Borough Council is committed to Equal Opportunities for All. For further information please click https://www.stevenage.gov.uk/about-the-council/jobs-and-careers/equal-opportunities
Jun 05, 2023
Full time
ABOUT THE ROLE
Are you passionate about protecting Cyber Security?
Do you want to make a real difference in the fight against cybercrime in local government?
Are you passionate about making a difference in your community?
If so, we want you to join our team!
We seek a highly motivated and experienced Cyber Security & Networks Manager to join our team. Stevenage Borough Council are a leading local authority in Cyber Security in the UK and pilot cyber security standards for The Department for Levelling Up, Housing and Communities (DLUHC). This is an exciting opportunity to be at the forefront of Cyber Security in the public sector. The ideal candidate will have a strong understanding of cyber security principles and associated technology risk management. They will also have experience in managing and leading a team of IT professionals.
Accountable for Cyber security, you will identify and ensure the security of the council’s IT Applications and Digital Solutions. You will lead in evaluating new and existing projects, software and hardware products, and vendors, including examining vendor contracts and terms of service. You will support teams across the council to develop their understanding of security cyber risks. You will manage a small team of two Senior Network and Security Engineers
You will take the lead on cyber security and network for the Shared IT service, which supports over 1,000 users across Stevenage Borough Council and East Herts District Council and will put in place controls over security systems, such as firewalls, data protection controls, patching, encryption, vulnerability scanning and penetration testing.
You will be responsible for achieving compliance with Cyber Essentials Plus, Cyber Assessment Framework (CAF) and Public Sector Network (PSN) and related government frameworks, including those of the National Cyber Security Centre, the Information Commissioners Office (ICO)
ABOUT YOU
The successful candidate will have
Ability to work in a high-pressure environment and make sound decisions in emergency situations while empathising with customers and responding sympathetically to
Extensive knowledge of all IT security aspects, including audit response, oversight, and scrutiny, ICO responses, Information Governance, Information Assurance, IT Asset Management policies, Quality Assurance, Test Strategies, PSN and PCI and other relevant compliance frameworks, Disaster recovery and Business continuity
Extensive experience working as part of a multidiscipline ICT team in a complex organisation, ideally a local authority.
OUR BENEFITS
Pension Scheme: We offer a career average pension scheme, providing generous benefits upon retirement, as well as a lump sum and pensions for dependants
Flexible working: available upon request, subject to operational requirements
Part-time and job share opportunities - all our full time vacancies are open to job share unless otherwise stated
A variety of different types of paid leave covering emergency and planned leave, maternity, paternity, adoption and parental leave
25 days holiday rising to 31 days (depending on Local Government service)
An extensive range of learning and development opportunities
Employee Assistance Programme – 24/7 Confidential advice and support on personal, work, family, and relationship issues
Discounted health and fitness membership
Trade Unions: For a small fee, all employees have the opportunity to join a Trade Union
HOW TO APPLY
All applications must be made on online - please visit https://bit.ly/45Yo0Ke
For an informal discussion about this role please contact
Name Matt Canterford
Job Title Assistant Director and Chief Technology Officer
Phone Number 07706 349657
Email matt.canterford@stevenage.gov.uk
Closing date for receipt of applications : 26 June 2023
Interviews will be held the week commencing: 3 July 2023
Please note that if we receive a large volume of applications for this role, we reserve the right to close this vacancy ahead of the published closing date
Stevenage Borough Council (SBC) is committed to safeguarding and promoting the welfare of children, young people and vulnerable adults and expects all staff, volunteers and recruitment candidates to share this commitment. SBC shall take all reasonable steps to employ staff who are safe to work with children, young people and vulnerable adults. For posts identified with regular contact with these groups applicants will be required to undertake a Value Based Interview. The council supports the legislative requirements for employing and maintaining safer staff and the guidance specified by Hertfordshire Safeguarding Adults Board
Stevenage Borough Council is committed to Equal Opportunities for All. For further information please click https://www.stevenage.gov.uk/about-the-council/jobs-and-careers/equal-opportunities
An exciting new opportunity has arisen for an information security manager to join a leading law firm in London. Reporting to the head of information security, the main purpose of this role will be to ensure the appropriate controls, policies and procedures are in place to protect the information of the firm, in-line with internal information security principles. Main day to day responsibilities will include: Managing and facilitating governance meetings. Delivering presentations and engaging with senior leadership. Developing and implementing information security policies. Managing the technology risk strategies that maintain the status of industry compliance. Researching and evaluating emerging security threats. Managing initiatives to deliver on risk goals and policies. Leveraging a solid understanding of industry audit and compliance standards. Acting as a deputy for the head of information security. Managing external threats. Managing the cyber incident management process. Promoting the firm's security policy. Managing security certifications to ensure compliance. Managing post-incident investigations. Main experience and skills required includes: Advanced information security risk management knowledge. Experience of designing and operating industry-standard security control frameworks. Knowledgeable in technical and governance disciplines of information security, risk and compliance. Growing and motivating a team. Confident and clear communication with people at all levels. Well organised and good time management. To be considered for this role, you need to be proactive, hardworking and able to structure your own work. Also required is the ability to use initiative and make suggestions to change processes if required. It is essential that you possess a high level of accuracy and attention to detail. This is a great opportunity to join a successful and ambitious firm in a challenging and very rewarding role. If you are interested in finding out more about this role and believe you are a good fit, please don't hesitate in sending your CV to . Please note that where a level of preferred experience or qualification is indicated, this is a guideline only and does not preclude applications from candidates with more or less experience. Jameson Legal acts as an employment business for temporary recruitment and as an employment agency for fixed term contract and permanent recruitment.
Apr 25, 2024
Full time
An exciting new opportunity has arisen for an information security manager to join a leading law firm in London. Reporting to the head of information security, the main purpose of this role will be to ensure the appropriate controls, policies and procedures are in place to protect the information of the firm, in-line with internal information security principles. Main day to day responsibilities will include: Managing and facilitating governance meetings. Delivering presentations and engaging with senior leadership. Developing and implementing information security policies. Managing the technology risk strategies that maintain the status of industry compliance. Researching and evaluating emerging security threats. Managing initiatives to deliver on risk goals and policies. Leveraging a solid understanding of industry audit and compliance standards. Acting as a deputy for the head of information security. Managing external threats. Managing the cyber incident management process. Promoting the firm's security policy. Managing security certifications to ensure compliance. Managing post-incident investigations. Main experience and skills required includes: Advanced information security risk management knowledge. Experience of designing and operating industry-standard security control frameworks. Knowledgeable in technical and governance disciplines of information security, risk and compliance. Growing and motivating a team. Confident and clear communication with people at all levels. Well organised and good time management. To be considered for this role, you need to be proactive, hardworking and able to structure your own work. Also required is the ability to use initiative and make suggestions to change processes if required. It is essential that you possess a high level of accuracy and attention to detail. This is a great opportunity to join a successful and ambitious firm in a challenging and very rewarding role. If you are interested in finding out more about this role and believe you are a good fit, please don't hesitate in sending your CV to . Please note that where a level of preferred experience or qualification is indicated, this is a guideline only and does not preclude applications from candidates with more or less experience. Jameson Legal acts as an employment business for temporary recruitment and as an employment agency for fixed term contract and permanent recruitment.
Are you looking for a Security role within a dynamic, innovative financial technology organisation? If so, we are recruiting for a Cyber Operations Engineer to join our IT Department! Working alongside the Cyber Operations Lead you will help to design, develop, and mature the company's cybersecurity capability, including the selection, implementation, and management of security tools/technologies, focused on detection, prevention, and analysis of security threats. This role offers a great opportunity to help define and shape the security function within a collaborative IT department, ensuring the protection of customer assets. Responsibilities include: Work with technology and business teams to deliver security processes, technologies and controls, acting as the authority on security related queries. Define, design, implement, and maintain security solutions appropriate to the business' needs. Support the definition, execution and continuous improvement of key cybersecurity processes including vulnerability & patch management, security incident response, security monitoring, endpoint security, identity and access management, network security, and cryptography. Assist with developing and maintaining security policies, processes and incident response management plans and playbooks. Prepare and document standard operating procedures and protocols. Provide expertise on security requirements into core technology processes like asset management, change management, third-party management, technology development & acquisition, configuration management, etc. Contribute as a team member in projects and change initiatives aimed at increasing enterprise security capabilities e.g., identity and access management, log aggregation, etc. Required experience: Minimum of 3 years' experience in a Security/Cyber Engineer/Analyst, role focusing on designing and implementing security solutions and managing security infrastructure. Previous experience working within a financial services environment and a working understanding of relevant regulations. Experience and in-depth technical knowledge of deploying, maintaining, and configuring a wide range of security technologies within a large and complex environment (anti-malware/EDR, SIEM solutions, vulnerability scanners, patch management, CASB, DLP, penetration testing tools, etc.) Knowledge of TCP/IP and related network protocols: knowledge of standard network protocols like TCP, ARP, ICMP, DHCP, DNS, HTTP, SNMP, VPN etc., and accompanying protocol/packet analysis/manipulation tools. Understanding of key operating systems and network appliances and the ability to assess their security posture based on their configuration/deployment. Experience of working effectively with a variety of stakeholders from different technology and business teams. Strong verbal and written communication skills. Desirable experience: Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM). Strong knowledge of Operating System security and system hardening concepts such as CIS Benchmarks. Experience in working with information security frameworks and regulatory requirements including ISO27001, NIST, PCI DSS, GDPR, Cyber Essentials. Experience of general IT Audit processes and conducting risk assessments. You will be a proactive self - starter with strong communication skills and comfortable interacting with stakeholders at all levels. You will have the ability to tailor your approach and translate requirements to non-technical members of staff. We offer a competitive remuneration package, including company discretionary bonus, excellent pension contributions, an attractive staff share scheme, BUPA health insurance, buying and selling of annual leave and sponsorship of relevant professional qualifications. The role is based in our central London office, working a minimum of two days a week in the office and three days a week from home. About Us Transact is the leading independent investment wrap platform in the UK. Established in 2000, we have over £54.9 billion of funds under direction (as at Sept 2023) on behalf of over 7,600 advisers and 230,000 investor clients. Our service includes an online platform, owned and built by us, and dedicated regional adviser support to help bring clients' assets and investments together in a smarter, more tax efficient way. We offer access to a wide range of tax wrappers (including ISAs, pensions and life insurance investment bonds) and funds which advisers use to build client investment portfolios. Portfolio valuations, purchases and sales are all supported via Transact Online which is available 24/7. Transact's parent company, IntegraFin Holdings plc, is listed on the London Stock Exchange and is a constituent of the FTSE 250 index. Equal Opportunities We provide a diverse and inclusive workplace and ensure that all of our staff respect and understand individual differences. We are an equal opportunities employer and positively encourage applications from suitably qualified and eligible candidates regardless of age, disability, gender reassignment, marital or civil partner status, pregnancy or maternity, race, religion or belief, sex or sexual orientation.
Apr 25, 2024
Full time
Are you looking for a Security role within a dynamic, innovative financial technology organisation? If so, we are recruiting for a Cyber Operations Engineer to join our IT Department! Working alongside the Cyber Operations Lead you will help to design, develop, and mature the company's cybersecurity capability, including the selection, implementation, and management of security tools/technologies, focused on detection, prevention, and analysis of security threats. This role offers a great opportunity to help define and shape the security function within a collaborative IT department, ensuring the protection of customer assets. Responsibilities include: Work with technology and business teams to deliver security processes, technologies and controls, acting as the authority on security related queries. Define, design, implement, and maintain security solutions appropriate to the business' needs. Support the definition, execution and continuous improvement of key cybersecurity processes including vulnerability & patch management, security incident response, security monitoring, endpoint security, identity and access management, network security, and cryptography. Assist with developing and maintaining security policies, processes and incident response management plans and playbooks. Prepare and document standard operating procedures and protocols. Provide expertise on security requirements into core technology processes like asset management, change management, third-party management, technology development & acquisition, configuration management, etc. Contribute as a team member in projects and change initiatives aimed at increasing enterprise security capabilities e.g., identity and access management, log aggregation, etc. Required experience: Minimum of 3 years' experience in a Security/Cyber Engineer/Analyst, role focusing on designing and implementing security solutions and managing security infrastructure. Previous experience working within a financial services environment and a working understanding of relevant regulations. Experience and in-depth technical knowledge of deploying, maintaining, and configuring a wide range of security technologies within a large and complex environment (anti-malware/EDR, SIEM solutions, vulnerability scanners, patch management, CASB, DLP, penetration testing tools, etc.) Knowledge of TCP/IP and related network protocols: knowledge of standard network protocols like TCP, ARP, ICMP, DHCP, DNS, HTTP, SNMP, VPN etc., and accompanying protocol/packet analysis/manipulation tools. Understanding of key operating systems and network appliances and the ability to assess their security posture based on their configuration/deployment. Experience of working effectively with a variety of stakeholders from different technology and business teams. Strong verbal and written communication skills. Desirable experience: Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM). Strong knowledge of Operating System security and system hardening concepts such as CIS Benchmarks. Experience in working with information security frameworks and regulatory requirements including ISO27001, NIST, PCI DSS, GDPR, Cyber Essentials. Experience of general IT Audit processes and conducting risk assessments. You will be a proactive self - starter with strong communication skills and comfortable interacting with stakeholders at all levels. You will have the ability to tailor your approach and translate requirements to non-technical members of staff. We offer a competitive remuneration package, including company discretionary bonus, excellent pension contributions, an attractive staff share scheme, BUPA health insurance, buying and selling of annual leave and sponsorship of relevant professional qualifications. The role is based in our central London office, working a minimum of two days a week in the office and three days a week from home. About Us Transact is the leading independent investment wrap platform in the UK. Established in 2000, we have over £54.9 billion of funds under direction (as at Sept 2023) on behalf of over 7,600 advisers and 230,000 investor clients. Our service includes an online platform, owned and built by us, and dedicated regional adviser support to help bring clients' assets and investments together in a smarter, more tax efficient way. We offer access to a wide range of tax wrappers (including ISAs, pensions and life insurance investment bonds) and funds which advisers use to build client investment portfolios. Portfolio valuations, purchases and sales are all supported via Transact Online which is available 24/7. Transact's parent company, IntegraFin Holdings plc, is listed on the London Stock Exchange and is a constituent of the FTSE 250 index. Equal Opportunities We provide a diverse and inclusive workplace and ensure that all of our staff respect and understand individual differences. We are an equal opportunities employer and positively encourage applications from suitably qualified and eligible candidates regardless of age, disability, gender reassignment, marital or civil partner status, pregnancy or maternity, race, religion or belief, sex or sexual orientation.
Lead IT Security Manager Permanent Birmingham - 2 Days per week on site 48,900 - 61,140 per annum My client in the Rail industry are looking for a Lead IT Security Manager to join their fast-paced Operations team on a permanent basis. The Lead IT Security Manager is responsible for is the effective management of the Security Operations pillar within the IT Security, Compliance & Identity function. This includes Security technology and Security Operations Centre management. Key focus areas for this role, the ideal candidate will have experience in each of the below; Threat & Vulnerability Management Security Operations Centre - 24/7 Outsourced Web & Content Filtering - ProofPoint, Zscaler, etc. Endpoint Security Infrastructure Security Accountabilities Lead the Security Operations pillar, determining and delivering requirements, methods, and tools to provide value and reduce risk across proactive monitoring, incident response, threat management and vulnerability management (among other activity) . Lead the creation and maintenance of Security Operations policy, standards procedures, and documentation (including playbooks and guidance). Manage the application and compliance of security operations procedures, reviewing actual and potential security breaches, and ensuring their investigation. Lead the Security Operations team's response to incidents, recommending actions and appropriate control improvements. Monitor the external environment to gather intelligence on emerging technologies, documenting impacts, threats, and opportunities to IT. Provide expert advice on threat intelligence activities, identifying which threat categories are most dangerous to the organization and how to defend against them. Manage vulnerability assessment activities within company IT, providing expert advice where necessary in the review of vulnerability assessment tools and techniques. Develop, maintain, and test Security Operations' incident management procedures, investigating escalated incidents and facilitating recovery post-incident resolution. Lead Security Operations risk management activities, leading on the identification of risks and vulnerabilities and assessment of their impacts. Manage and oversee the day-to-day activity of the SOC supplier who will deliver security capabilities, communicating their activity to relevant teams. Manage the design, delivery, maintenance, and continuous improvement of the IT Security Ops capabilities in line with business needs. Manage the Security Operations Centre (SOC) capability, ensuring effective protection, defence, and response to IT security risks. Promote the Security, Compliance & Identity function to develop and enhance the team profile to develop enduring relationships with stakeholders and teams. Implement a multi-year Security roadmap that provides proactive capabilities which enable business objectives. Actively promote and embed Equality Diversity and Inclusion (EDI) in all your work, and support and comply with all organisational initiatives, policies and procedures on EDI. Skills: Relationship Building. Ability to develop and maintain strong relationships with internal and external stakeholders. Security Operations. Ability provide leadership for live security incidents and helping conduct robust investigations in order to identify corrective actions and see them through to completion. Threat Intelligence. Ability to provide guidance on proactive threat identification, analysis, and mitigation. Skilled in actionable intelligence, industry sources, and general awareness of threat landscape. Vulnerability Assessment. Ability to identify and classify security vulnerabilities in networks, systems and applications and mitigating or eliminating their impact. Risk Management. Ability to identify IT security operations risks and the delivery of audit remediation activities. Emerging technology monitoring. Ability to identify and assess new and emerging technologies, products, services, methods and techniques. Knowledge: Knowledge of IT Service Frameworks, methodologies, and best practice such as ITIL v4 and Agile. Knowledge of day-to-day activities and best practice within a SOC. Knowledge of technical security such as firewalls, network security groups, and access controls. Type of Experience: Experience of leading a team through the full IT service lifecycle, enhancing security posture, and evolving capabilities via continual service improvement. Experience of leading live cyber incidents and the remediation actions. Experience of partnering with supplier teams for managed services delivery of improvements. Experience across the full IT security spectrum (software, servers, infrastructure, and networks). Experience designing and implementing secure systems, leading review where necessary of complex security issues. Experience of enabling and informing risk-based decisions. Experience dealing with the security implications of transformation and day-to-day product changes. Experience working with system architectures, displaying a strong understanding of the impact of vulnerabilities on varied systems Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
Apr 24, 2024
Full time
Lead IT Security Manager Permanent Birmingham - 2 Days per week on site 48,900 - 61,140 per annum My client in the Rail industry are looking for a Lead IT Security Manager to join their fast-paced Operations team on a permanent basis. The Lead IT Security Manager is responsible for is the effective management of the Security Operations pillar within the IT Security, Compliance & Identity function. This includes Security technology and Security Operations Centre management. Key focus areas for this role, the ideal candidate will have experience in each of the below; Threat & Vulnerability Management Security Operations Centre - 24/7 Outsourced Web & Content Filtering - ProofPoint, Zscaler, etc. Endpoint Security Infrastructure Security Accountabilities Lead the Security Operations pillar, determining and delivering requirements, methods, and tools to provide value and reduce risk across proactive monitoring, incident response, threat management and vulnerability management (among other activity) . Lead the creation and maintenance of Security Operations policy, standards procedures, and documentation (including playbooks and guidance). Manage the application and compliance of security operations procedures, reviewing actual and potential security breaches, and ensuring their investigation. Lead the Security Operations team's response to incidents, recommending actions and appropriate control improvements. Monitor the external environment to gather intelligence on emerging technologies, documenting impacts, threats, and opportunities to IT. Provide expert advice on threat intelligence activities, identifying which threat categories are most dangerous to the organization and how to defend against them. Manage vulnerability assessment activities within company IT, providing expert advice where necessary in the review of vulnerability assessment tools and techniques. Develop, maintain, and test Security Operations' incident management procedures, investigating escalated incidents and facilitating recovery post-incident resolution. Lead Security Operations risk management activities, leading on the identification of risks and vulnerabilities and assessment of their impacts. Manage and oversee the day-to-day activity of the SOC supplier who will deliver security capabilities, communicating their activity to relevant teams. Manage the design, delivery, maintenance, and continuous improvement of the IT Security Ops capabilities in line with business needs. Manage the Security Operations Centre (SOC) capability, ensuring effective protection, defence, and response to IT security risks. Promote the Security, Compliance & Identity function to develop and enhance the team profile to develop enduring relationships with stakeholders and teams. Implement a multi-year Security roadmap that provides proactive capabilities which enable business objectives. Actively promote and embed Equality Diversity and Inclusion (EDI) in all your work, and support and comply with all organisational initiatives, policies and procedures on EDI. Skills: Relationship Building. Ability to develop and maintain strong relationships with internal and external stakeholders. Security Operations. Ability provide leadership for live security incidents and helping conduct robust investigations in order to identify corrective actions and see them through to completion. Threat Intelligence. Ability to provide guidance on proactive threat identification, analysis, and mitigation. Skilled in actionable intelligence, industry sources, and general awareness of threat landscape. Vulnerability Assessment. Ability to identify and classify security vulnerabilities in networks, systems and applications and mitigating or eliminating their impact. Risk Management. Ability to identify IT security operations risks and the delivery of audit remediation activities. Emerging technology monitoring. Ability to identify and assess new and emerging technologies, products, services, methods and techniques. Knowledge: Knowledge of IT Service Frameworks, methodologies, and best practice such as ITIL v4 and Agile. Knowledge of day-to-day activities and best practice within a SOC. Knowledge of technical security such as firewalls, network security groups, and access controls. Type of Experience: Experience of leading a team through the full IT service lifecycle, enhancing security posture, and evolving capabilities via continual service improvement. Experience of leading live cyber incidents and the remediation actions. Experience of partnering with supplier teams for managed services delivery of improvements. Experience across the full IT security spectrum (software, servers, infrastructure, and networks). Experience designing and implementing secure systems, leading review where necessary of complex security issues. Experience of enabling and informing risk-based decisions. Experience dealing with the security implications of transformation and day-to-day product changes. Experience working with system architectures, displaying a strong understanding of the impact of vulnerabilities on varied systems Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
Lead IT Security Manager We are recruiting for a Lead IT Security Manager on a permanent basis. The Lead IT Security Manager is responsible for the effective management of the Security Operations pillar within the IT Security, Compliance & Identity function. This includes Security technology and Security Operations Centre management. This role is responsible for using and applying knowledge of business goals and security requirements to frame problems and set priorities for internal and external delivery teams. As a Lead IT Security Manager, you will need to have/be: Skills: Relationship Building . Ability to develop and maintain strong relationships with internal and external stakeholders. Security Operations . Ability provide leadership for live security incidents and helping conduct robust investigations in order to identify corrective actions and see them through to completion. Threat Intelligence . Ability to provide guidance on proactive threat identification, analysis, and mitigation. Skilled in actionable intelligence, industry sources, and general awareness of threat landscape. Vulnerability Assessment. Ability to identify and classify security vulnerabilities in networks, systems and applications and mitigating or eliminating their impact. Risk Management . Ability to identify IT security operations risks and the delivery of audit remediation activities. Emerging technology monitoring. Ability to identify and assess new and emerging technologies, products, services, methods and techniques. Knowledge: Knowledge of IT Service Frameworks, methodologies, and best practice such as ITIL v4 and Agile. Knowledge of day-to-day activities and best practice within a SOC. Knowledge of technical security such as firewalls, network security groups, and access controls. Types of experience: Experience of leading a team through the full IT service lifecycle, enhancing security posture, and evolving capabilities via continual service improvement. Experience of leading live cyber incidents and the remediation actions. Experience of partnering with supplier teams for managed services delivery of improvements. Experience across the full IT security spectrum (software, servers, infrastructure, and networks). Experience designing and implementing secure systems, leading review where necessary of complex security issues. Experience of enabling and informing risk-based decisions. Experience dealing with the security implications of transformation and day-to-day product changes. Experience working with system architectures, displaying a strong understanding of the impact of vulnerabilities on varied systems. Details: Salary: 40, 750 - 60, 100 Working Hours : Full time Monday - Friday Location : Birmingham Duration : Permanent Role of Lead IT Security Manager: Lead the Security Operations pillar, determining and delivering requirements, methods, and tools to provide value and reduce risk across proactive monitoring, incident response, threat management and vulnerability management (among other activity) . Lead the creation and maintenance of Security Operations policy, standards procedures, and documentation (including playbooks and guidance). Manage the application and compliance of security operations procedures, reviewing actual and potential security breaches, and ensuring their investigation. Lead the Security Operations team's response to incidents, recommending actions and appropriate control improvements. Monitor the external environment to gather intelligence on emerging technologies, documenting impacts, threats, and opportunities to IT. Provide expert advice on threat intelligence activities, identifying which threat categories are most dangerous and how to defend against them. Manage vulnerability assessment activities within IT, providing expert advice where necessary in the review of vulnerability assessment tools and techniques. Develop, maintain, and test Security Operations' incident management procedures, investigating escalated incidents and facilitating recovery post-incident resolution. Lead Security Operations risk management activities, leading on the identification of risks and vulnerabilities and assessment of their impacts. Manage and oversee the day-to-day activity of the SOC supplier who will deliver security capabilities (on organisations behalf), communicating their activity to relevant teams. Manage the design, delivery, maintenance, and continuous improvement of IT Security Ops capabilities in line with business needs. Benefits of working as a Lead IT Security Manager : a competitive pension scheme, with up to 12 per cent employer contributions a starting salary that reflects your skills and experience a cash allowance in lieu of benefits, which means you can choose which benefits are right for you and your family core company funded benefits such as life assurance, income protection and health cash plan 25 days annual leave plus public holidays access to tax-efficient voluntary benefits scheme & retail, health, leisure, and travel offers access to an Employee Assistance Program
Apr 24, 2024
Full time
Lead IT Security Manager We are recruiting for a Lead IT Security Manager on a permanent basis. The Lead IT Security Manager is responsible for the effective management of the Security Operations pillar within the IT Security, Compliance & Identity function. This includes Security technology and Security Operations Centre management. This role is responsible for using and applying knowledge of business goals and security requirements to frame problems and set priorities for internal and external delivery teams. As a Lead IT Security Manager, you will need to have/be: Skills: Relationship Building . Ability to develop and maintain strong relationships with internal and external stakeholders. Security Operations . Ability provide leadership for live security incidents and helping conduct robust investigations in order to identify corrective actions and see them through to completion. Threat Intelligence . Ability to provide guidance on proactive threat identification, analysis, and mitigation. Skilled in actionable intelligence, industry sources, and general awareness of threat landscape. Vulnerability Assessment. Ability to identify and classify security vulnerabilities in networks, systems and applications and mitigating or eliminating their impact. Risk Management . Ability to identify IT security operations risks and the delivery of audit remediation activities. Emerging technology monitoring. Ability to identify and assess new and emerging technologies, products, services, methods and techniques. Knowledge: Knowledge of IT Service Frameworks, methodologies, and best practice such as ITIL v4 and Agile. Knowledge of day-to-day activities and best practice within a SOC. Knowledge of technical security such as firewalls, network security groups, and access controls. Types of experience: Experience of leading a team through the full IT service lifecycle, enhancing security posture, and evolving capabilities via continual service improvement. Experience of leading live cyber incidents and the remediation actions. Experience of partnering with supplier teams for managed services delivery of improvements. Experience across the full IT security spectrum (software, servers, infrastructure, and networks). Experience designing and implementing secure systems, leading review where necessary of complex security issues. Experience of enabling and informing risk-based decisions. Experience dealing with the security implications of transformation and day-to-day product changes. Experience working with system architectures, displaying a strong understanding of the impact of vulnerabilities on varied systems. Details: Salary: 40, 750 - 60, 100 Working Hours : Full time Monday - Friday Location : Birmingham Duration : Permanent Role of Lead IT Security Manager: Lead the Security Operations pillar, determining and delivering requirements, methods, and tools to provide value and reduce risk across proactive monitoring, incident response, threat management and vulnerability management (among other activity) . Lead the creation and maintenance of Security Operations policy, standards procedures, and documentation (including playbooks and guidance). Manage the application and compliance of security operations procedures, reviewing actual and potential security breaches, and ensuring their investigation. Lead the Security Operations team's response to incidents, recommending actions and appropriate control improvements. Monitor the external environment to gather intelligence on emerging technologies, documenting impacts, threats, and opportunities to IT. Provide expert advice on threat intelligence activities, identifying which threat categories are most dangerous and how to defend against them. Manage vulnerability assessment activities within IT, providing expert advice where necessary in the review of vulnerability assessment tools and techniques. Develop, maintain, and test Security Operations' incident management procedures, investigating escalated incidents and facilitating recovery post-incident resolution. Lead Security Operations risk management activities, leading on the identification of risks and vulnerabilities and assessment of their impacts. Manage and oversee the day-to-day activity of the SOC supplier who will deliver security capabilities (on organisations behalf), communicating their activity to relevant teams. Manage the design, delivery, maintenance, and continuous improvement of IT Security Ops capabilities in line with business needs. Benefits of working as a Lead IT Security Manager : a competitive pension scheme, with up to 12 per cent employer contributions a starting salary that reflects your skills and experience a cash allowance in lieu of benefits, which means you can choose which benefits are right for you and your family core company funded benefits such as life assurance, income protection and health cash plan 25 days annual leave plus public holidays access to tax-efficient voluntary benefits scheme & retail, health, leisure, and travel offers access to an Employee Assistance Program
A career in Information Security, within Internal Firm Services, will provide you with the opportunity to develop and support our internal security technologies and services across the entire global and local PwC network. You'll focus on being the forefront of designing, developing, and implementing information technology including hardware, software, and networks that enhances security of internal information and protect our firms intellectual assets. The Cyber Threat Defence team is a senior team that develops, socializes, and deploys novel mitigations to counter threat activity observed in Incident Response operations and Threat Intelligence. This role is focused on improving the overall Privileged Access Management (PAM) strategy through evaluation, testing, and collaboration, with a focus on security. Highly qualified candidates will excel in business communication and messaging in addition to technical disciplines. Key Responsibilities: Evaluating and enhancing existing PAM solutions, including how access is utilized, controlled, and integrated with various internal system components. Assessing how privileged access may be compromised. Working across multiple teams and pillars to socialize and align PAM requirements to the organization. Working with leadership to shape the overall PAM strategy and roadmap. Collaborating with internal teams to understand current capabilities and requirements around PAM / Identity and Access Management (IAM) solutions. Staying current on security trends and threats and making recommendations to leadership on mitigating strategies. Working with Active Directory (AD), PAM and IAM teams to identify risks and/or gaps and applying controls. Possessing experience architecting, managing, and supporting Privileged Access Management solutions. Developing and auditing the security architecture of PAM systems. Understanding principles of information security engineering, architecture, and application security. Possessing an understanding and practical knowledge of Active Directory, Azure, and Identity concepts. Understanding current adversarial techniques for attacking PAM systems. CyberArk, Microsoft, Google, and Amazon cloud certifications. Leadership and management training.
Apr 24, 2024
Full time
A career in Information Security, within Internal Firm Services, will provide you with the opportunity to develop and support our internal security technologies and services across the entire global and local PwC network. You'll focus on being the forefront of designing, developing, and implementing information technology including hardware, software, and networks that enhances security of internal information and protect our firms intellectual assets. The Cyber Threat Defence team is a senior team that develops, socializes, and deploys novel mitigations to counter threat activity observed in Incident Response operations and Threat Intelligence. This role is focused on improving the overall Privileged Access Management (PAM) strategy through evaluation, testing, and collaboration, with a focus on security. Highly qualified candidates will excel in business communication and messaging in addition to technical disciplines. Key Responsibilities: Evaluating and enhancing existing PAM solutions, including how access is utilized, controlled, and integrated with various internal system components. Assessing how privileged access may be compromised. Working across multiple teams and pillars to socialize and align PAM requirements to the organization. Working with leadership to shape the overall PAM strategy and roadmap. Collaborating with internal teams to understand current capabilities and requirements around PAM / Identity and Access Management (IAM) solutions. Staying current on security trends and threats and making recommendations to leadership on mitigating strategies. Working with Active Directory (AD), PAM and IAM teams to identify risks and/or gaps and applying controls. Possessing experience architecting, managing, and supporting Privileged Access Management solutions. Developing and auditing the security architecture of PAM systems. Understanding principles of information security engineering, architecture, and application security. Possessing an understanding and practical knowledge of Active Directory, Azure, and Identity concepts. Understanding current adversarial techniques for attacking PAM systems. CyberArk, Microsoft, Google, and Amazon cloud certifications. Leadership and management training.
Digital Health Project Manager Location: Norwich Parking: Our client cannot offer any parking; however, Park and Ride is free Job Type: Temporary Duration of booking: Expected to last up to the March 2024 and maybe longer Proposed start date: ASAP Sector: Healthcare Base: Healthcare based Band: 7 Pay Rates: All the above rates are dependent on skill and experience. Working Days and Hours: Monday to Friday 9am to 5pm (37.5 hours per week) Remote working option: Remote working / Hybrid is an option (To be discussed at interview stage) Travelling for work purposes: n/a Job Purpose: The post holder will provide support to project and service leads through a benefits and business change management process to support day to day practice, performance management and service development, facilitating, enabling, and managing the successful change elements of specific projects from within national and local digital initiatives Duties Apply a structured project management approach for the delivery of specific projects within the transformation workstreams and across the organisation where appropriate Manage on time, within scope and budget the delivery of products required for achieving the successful implementation of projects. Report progress and raise any change controls to the Sponsor and the Project Board. Lead and guide relevant programme and project boards and/ or User Groups ensuring regular meetings are held, minutes/actions kept, appropriate reports are presented and agreed actions are implemented. Ensure that all key stakeholders Trust wide are engaged and communicated with as the projects move forward and to consider their views, lead on the development of relevant stakeholder, engagement and communication plans and activities. Take responsibility for the implementation of specific projects, including the organisation and allocation of resources and materials, and the effective management of budget where allocated. Maintain all necessary project documentation, including business cases, project initiation documents, risk registers, schedules etc Directly manage project team resources as assigned. Be involved in identifying and recruiting appropriate resources from across the Trust throughout the duration of the project, using persuasion and influencing skills to motivate or re-energise to ensure successful delivery. This may require liaison with the line manager in reporting staff performance. Research and audit compliance of projects to ensure that they are undertaken to the appropriate standards and methodology. Ensure all developed products are fit-for-purpose and meet relevant operational acceptance criteria, including clinical safety standards. Assess and critically appraise new systems and workflows and carry out product evaluations and options appraisals. Liaise with staff engaged on other related projects across the local health community to ensure consistency of policy, standards, and products. Ensure that the scope and deliverables of projects will result in operational benefits and implement means of measuring these. Identify potential benefits and assist in the development of a benefits realisation plan to maximise value and build upon the ideas of patients and other key stakeholders Facilitate the inclusion of Change activity in projects to enable the achievement of agreed goals and expected benefits, connecting with staff at all levels and disciplines to facilitate and prepare them for the transition to new ways of working. Essential Qualifications, Skills, and Experience Relevant, project management and/or change qualifications such as Prince2 Practitioner, AgilePM, APMP, Six Sigma, LeanGood standard of general education (minimum GCSE level or equivalent) Extensive experience at a senior level delivering ICT enabled change projects across a wide area of applications and/or gained through working in an operational management capacity e.g. ward, department or section leader Experience of working across organisational and professional boundaries to achieve common goals. Experience of delivering transformational, sustainable change into operational business units Experience of applying structured project management processes Significant experience and knowledge of the use of project management software tools Previous experience on significant Health Service project within an acute environment Procurement knowledge and experience Previous experience on significant Health Service project within an acute environment Procurement knowledge and experience Knowledge of the application and use of IT in the NHS and its strategic application Ability to plan and implement a project from conception through to completion Ability to analyse complex business process and procedural issues and to provide creative solutions Ability to write and present accurate and concise reports to various groups at all levels and to use them to influence others at decision making levels Ability to identify and resolve resistance and blockages Able to negotiate effectively with others and be persuasive, sometimes in contentious situations, to drive changes and enable achievement of project milestones The post holder will help to formulate long-term strategic plans, manage change control, and initiate exception reports where required for the local health community Experience of Business Analysis techniques Questions Do you have experience working as a Digital Health Project Manager Do you have previous experience on significant Health Service project within an acute environment? Do you have experience at a senior level delivering ICT enabled change projects across a wide area of applications? Do you have EPR experience? Do you meet the criteria above and available to start immediately?
Apr 23, 2024
Full time
Digital Health Project Manager Location: Norwich Parking: Our client cannot offer any parking; however, Park and Ride is free Job Type: Temporary Duration of booking: Expected to last up to the March 2024 and maybe longer Proposed start date: ASAP Sector: Healthcare Base: Healthcare based Band: 7 Pay Rates: All the above rates are dependent on skill and experience. Working Days and Hours: Monday to Friday 9am to 5pm (37.5 hours per week) Remote working option: Remote working / Hybrid is an option (To be discussed at interview stage) Travelling for work purposes: n/a Job Purpose: The post holder will provide support to project and service leads through a benefits and business change management process to support day to day practice, performance management and service development, facilitating, enabling, and managing the successful change elements of specific projects from within national and local digital initiatives Duties Apply a structured project management approach for the delivery of specific projects within the transformation workstreams and across the organisation where appropriate Manage on time, within scope and budget the delivery of products required for achieving the successful implementation of projects. Report progress and raise any change controls to the Sponsor and the Project Board. Lead and guide relevant programme and project boards and/ or User Groups ensuring regular meetings are held, minutes/actions kept, appropriate reports are presented and agreed actions are implemented. Ensure that all key stakeholders Trust wide are engaged and communicated with as the projects move forward and to consider their views, lead on the development of relevant stakeholder, engagement and communication plans and activities. Take responsibility for the implementation of specific projects, including the organisation and allocation of resources and materials, and the effective management of budget where allocated. Maintain all necessary project documentation, including business cases, project initiation documents, risk registers, schedules etc Directly manage project team resources as assigned. Be involved in identifying and recruiting appropriate resources from across the Trust throughout the duration of the project, using persuasion and influencing skills to motivate or re-energise to ensure successful delivery. This may require liaison with the line manager in reporting staff performance. Research and audit compliance of projects to ensure that they are undertaken to the appropriate standards and methodology. Ensure all developed products are fit-for-purpose and meet relevant operational acceptance criteria, including clinical safety standards. Assess and critically appraise new systems and workflows and carry out product evaluations and options appraisals. Liaise with staff engaged on other related projects across the local health community to ensure consistency of policy, standards, and products. Ensure that the scope and deliverables of projects will result in operational benefits and implement means of measuring these. Identify potential benefits and assist in the development of a benefits realisation plan to maximise value and build upon the ideas of patients and other key stakeholders Facilitate the inclusion of Change activity in projects to enable the achievement of agreed goals and expected benefits, connecting with staff at all levels and disciplines to facilitate and prepare them for the transition to new ways of working. Essential Qualifications, Skills, and Experience Relevant, project management and/or change qualifications such as Prince2 Practitioner, AgilePM, APMP, Six Sigma, LeanGood standard of general education (minimum GCSE level or equivalent) Extensive experience at a senior level delivering ICT enabled change projects across a wide area of applications and/or gained through working in an operational management capacity e.g. ward, department or section leader Experience of working across organisational and professional boundaries to achieve common goals. Experience of delivering transformational, sustainable change into operational business units Experience of applying structured project management processes Significant experience and knowledge of the use of project management software tools Previous experience on significant Health Service project within an acute environment Procurement knowledge and experience Previous experience on significant Health Service project within an acute environment Procurement knowledge and experience Knowledge of the application and use of IT in the NHS and its strategic application Ability to plan and implement a project from conception through to completion Ability to analyse complex business process and procedural issues and to provide creative solutions Ability to write and present accurate and concise reports to various groups at all levels and to use them to influence others at decision making levels Ability to identify and resolve resistance and blockages Able to negotiate effectively with others and be persuasive, sometimes in contentious situations, to drive changes and enable achievement of project milestones The post holder will help to formulate long-term strategic plans, manage change control, and initiate exception reports where required for the local health community Experience of Business Analysis techniques Questions Do you have experience working as a Digital Health Project Manager Do you have previous experience on significant Health Service project within an acute environment? Do you have experience at a senior level delivering ICT enabled change projects across a wide area of applications? Do you have EPR experience? Do you meet the criteria above and available to start immediately?
Lead IT Security Manager Permanent Birmingham - 2 Days per week on site £48,900 - £61,140 per annum My client in the Rail industry are looking for a Lead IT Security Manager to join their fast-paced Operations team on a permanent basis. The Lead IT Security Manager is responsible for is the effective management of the Security Operations pillar within the IT Security, Compliance & Identity function. This includes Security technology and Security Operations Centre management. Key focus areas for this role, the ideal candidate will have experience in each of the below; Threat & Vulnerability Management Security Operations Centre - 24/7 Outsourced Web & Content Filtering - ProofPoint, Zscaler, etc. Endpoint Security Infrastructure Security Accountabilities * Lead the Security Operations pillar, determining and delivering requirements, methods, and tools to provide value and reduce risk across proactive monitoring, incident response, threat management and vulnerability management (among other activity) . * Lead the creation and maintenance of Security Operations policy, standards procedures, and documentation (including playbooks and guidance). * Manage the application and compliance of security operations procedures, reviewing actual and potential security breaches, and ensuring their investigation. * Lead the Security Operations team's response to incidents, recommending actions and appropriate control improvements. * Monitor the external environment to gather intelligence on emerging technologies, documenting impacts, threats, and opportunities to IT. * Provide expert advice on threat intelligence activities, identifying which threat categories are most dangerous to the organization and how to defend against them. * Manage vulnerability assessment activities within company IT, providing expert advice where necessary in the review of vulnerability assessment tools and techniques. * Develop, maintain, and test Security Operations' incident management procedures, investigating escalated incidents and facilitating recovery post-incident resolution. * Lead Security Operations risk management activities, leading on the identification of risks and vulnerabilities and assessment of their impacts. * Manage and oversee the day-to-day activity of the SOC supplier who will deliver security capabilities, communicating their activity to relevant teams. * Manage the design, delivery, maintenance, and continuous improvement of the IT Security Ops capabilities in line with business needs. * Manage the Security Operations Centre (SOC) capability, ensuring effective protection, defence, and response to IT security risks. * Promote the Security, Compliance & Identity function to develop and enhance the team profile to develop enduring relationships with stakeholders and teams. * Implement a multi-year Security roadmap that provides proactive capabilities which enable business objectives. * Actively promote and embed Equality Diversity and Inclusion (EDI) in all your work, and support and comply with all organisational initiatives, policies and procedures on EDI. Skills: * Relationship Building. Ability to develop and maintain strong relationships with internal and external stakeholders. * Security Operations. Ability provide leadership for live security incidents and helping conduct robust investigations in order to identify corrective actions and see them through to completion. * Threat Intelligence. Ability to provide guidance on proactive threat identification, analysis, and mitigation. Skilled in actionable intelligence, industry sources, and general awareness of threat landscape. * Vulnerability Assessment. Ability to identify and classify security vulnerabilities in networks, systems and applications and mitigating or eliminating their impact. * Risk Management. Ability to identify IT security operations risks and the delivery of audit remediation activities. * Emerging technology monitoring. Ability to identify and assess new and emerging technologies, products, services, methods and techniques. Knowledge: * Knowledge of IT Service Frameworks, methodologies, and best practice such as ITIL v4 and Agile. * Knowledge of day-to-day activities and best practice within a SOC. * Knowledge of technical security such as Firewalls, network security groups, and access controls. Type of Experience: * Experience of leading a team through the full IT service life cycle, enhancing security posture, and evolving capabilities via continual service improvement. * Experience of leading live cyber incidents and the remediation actions. * Experience of partnering with supplier teams for managed services delivery of improvements. * Experience across the full IT security spectrum (software, Servers, infrastructure, and networks). * Experience designing and implementing secure systems, leading review where necessary of complex security issues. * Experience of enabling and informing risk-based decisions. * Experience dealing with the security implications of transformation and day-to-day product changes. * Experience working with system architectures, displaying a strong understanding of the impact of vulnerabilities on varied systems Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
Apr 23, 2024
Full time
Lead IT Security Manager Permanent Birmingham - 2 Days per week on site £48,900 - £61,140 per annum My client in the Rail industry are looking for a Lead IT Security Manager to join their fast-paced Operations team on a permanent basis. The Lead IT Security Manager is responsible for is the effective management of the Security Operations pillar within the IT Security, Compliance & Identity function. This includes Security technology and Security Operations Centre management. Key focus areas for this role, the ideal candidate will have experience in each of the below; Threat & Vulnerability Management Security Operations Centre - 24/7 Outsourced Web & Content Filtering - ProofPoint, Zscaler, etc. Endpoint Security Infrastructure Security Accountabilities * Lead the Security Operations pillar, determining and delivering requirements, methods, and tools to provide value and reduce risk across proactive monitoring, incident response, threat management and vulnerability management (among other activity) . * Lead the creation and maintenance of Security Operations policy, standards procedures, and documentation (including playbooks and guidance). * Manage the application and compliance of security operations procedures, reviewing actual and potential security breaches, and ensuring their investigation. * Lead the Security Operations team's response to incidents, recommending actions and appropriate control improvements. * Monitor the external environment to gather intelligence on emerging technologies, documenting impacts, threats, and opportunities to IT. * Provide expert advice on threat intelligence activities, identifying which threat categories are most dangerous to the organization and how to defend against them. * Manage vulnerability assessment activities within company IT, providing expert advice where necessary in the review of vulnerability assessment tools and techniques. * Develop, maintain, and test Security Operations' incident management procedures, investigating escalated incidents and facilitating recovery post-incident resolution. * Lead Security Operations risk management activities, leading on the identification of risks and vulnerabilities and assessment of their impacts. * Manage and oversee the day-to-day activity of the SOC supplier who will deliver security capabilities, communicating their activity to relevant teams. * Manage the design, delivery, maintenance, and continuous improvement of the IT Security Ops capabilities in line with business needs. * Manage the Security Operations Centre (SOC) capability, ensuring effective protection, defence, and response to IT security risks. * Promote the Security, Compliance & Identity function to develop and enhance the team profile to develop enduring relationships with stakeholders and teams. * Implement a multi-year Security roadmap that provides proactive capabilities which enable business objectives. * Actively promote and embed Equality Diversity and Inclusion (EDI) in all your work, and support and comply with all organisational initiatives, policies and procedures on EDI. Skills: * Relationship Building. Ability to develop and maintain strong relationships with internal and external stakeholders. * Security Operations. Ability provide leadership for live security incidents and helping conduct robust investigations in order to identify corrective actions and see them through to completion. * Threat Intelligence. Ability to provide guidance on proactive threat identification, analysis, and mitigation. Skilled in actionable intelligence, industry sources, and general awareness of threat landscape. * Vulnerability Assessment. Ability to identify and classify security vulnerabilities in networks, systems and applications and mitigating or eliminating their impact. * Risk Management. Ability to identify IT security operations risks and the delivery of audit remediation activities. * Emerging technology monitoring. Ability to identify and assess new and emerging technologies, products, services, methods and techniques. Knowledge: * Knowledge of IT Service Frameworks, methodologies, and best practice such as ITIL v4 and Agile. * Knowledge of day-to-day activities and best practice within a SOC. * Knowledge of technical security such as Firewalls, network security groups, and access controls. Type of Experience: * Experience of leading a team through the full IT service life cycle, enhancing security posture, and evolving capabilities via continual service improvement. * Experience of leading live cyber incidents and the remediation actions. * Experience of partnering with supplier teams for managed services delivery of improvements. * Experience across the full IT security spectrum (software, Servers, infrastructure, and networks). * Experience designing and implementing secure systems, leading review where necessary of complex security issues. * Experience of enabling and informing risk-based decisions. * Experience dealing with the security implications of transformation and day-to-day product changes. * Experience working with system architectures, displaying a strong understanding of the impact of vulnerabilities on varied systems Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
Clarasys is a fast-growing and award-winning consultancy, with a great team. We are over ten years old and 200+ people. We work with some of the world's sector leading companies to solve their greatest challenges. Our clients trust us to deliver better ways of doing things, because of our different way of doing things. Embracing a non-hierarchical culture, we foster collaboration, creativity, and inclusivity. 'Team' rules over 'individual', and development is part of the fabric, not just a training course. Here, you're encouraged to be yourself, every voice is heard, and every idea is valued, propelling us forward into a future where collective empowerment drives our success. Here, doing the right thing for our clients is what matters most. Job Overview: We are seeking a highly skilled and experienced Senior Operations Manager to oversee the operational aspects of our consultancy firm. The ideal candidate will be responsible for optimising day-to-day operations, enhancing processes, and enabling the seamless delivery of services to our people and clients. The Senior Operations Manager will collaborate with various teams within the organisation to drive efficiency, improve productivity, and contribute to the overall growth and success of the company. We're looking for someone with: Proven experience in operations management within a management consultancy or similar professional services firm. Strong leadership and team management skills, with a track record of building and motivating high-performing teams. Ability to thrive in a fast-paced, dynamic and uncertain environment, managing multiple priorities effectively. Excellent critical thinking skills with a passion for problem-solving. Exceptional communication and interpersonal skills. Experience in implementing process improvements and driving operational excellence. Knowledge of industry best practices and trends in operations management. Key Responsibilities: 1. Operational Excellence: Streamline and optimise internal processes to improve efficiency and productivity. Develop and maintain operational policies and procedures to ensure consistency and quality in service delivery. Implement process enhancements and automation to drive operational efficiency and reduce manual effort. Provide leadership, guidance, and mentorship to the wider operations team (4 direct reports). Foster a collaborative and positive work environment, promoting teamwork and open communication. Collaborate with the team to define and implement the long-term initiatives required to support the business' future plans 3. Information Security and Compliance: Develop and enforce information security policies, procedures, and standards to safeguard sensitive data and client information. Collaborate with external IT security teams to ensure the implementation of robust security measures, including access controls, encryption, and regular security audits. Stay updated on industry best practices and regulations related to information security and ensure the organisation's compliance. Collaborate with consulting teams to understand the viability of new tools and technologies, whilst maintaining compliance with InfoSec. Take ownership of the technology infrastructure, including core central cloud-based systems, and ensure their optimal performance. Collaborate with the wider business to implement and maintain scalable and secure technology solutions. Evaluate emerging technologies and assess their potential impact on operations. Act as a liaison between operations and client teams to address client-specific needs, ensuring solutions meet or exceed expectations. 5. Resource Management: Oversee the efficient allocation and management of our people to meet project requirements and deadlines. Monitor resource utilisation and implement strategies to optimise resource allocation, ensuring maximum productivity and cost-effectiveness. Collaborate with the relevant teams to optimise workforce planning and support future client demand. 6. Client Relationship Management: Collaborate with client-facing teams to understand client needs and expectations. Contribute to the timely and accurate delivery of services, meeting or exceeding client expectations. Address client concerns promptly and effectively, striving for high client satisfaction. 7. Facilities Management: Oversee facilities and office space management, ensuring a safe and conducive working environment for employees. Manage relationships with facilities vendors and service providers, negotiating contracts and agreements to maintain high standards. Identify potential risks in operations, information security, resourcing and facilities management. Develop and implement strategies to mitigate risks, maintaining a robust risk management framework across all operational aspects. Work closely with the finance department to manage operational spend and financial forecasts. Identify cost-saving opportunities and implement strategies to optimise operational expenditures. Clarasys is an equal opportunity employer. We encourage applications from candidates of all backgrounds and experiences.
Apr 23, 2024
Full time
Clarasys is a fast-growing and award-winning consultancy, with a great team. We are over ten years old and 200+ people. We work with some of the world's sector leading companies to solve their greatest challenges. Our clients trust us to deliver better ways of doing things, because of our different way of doing things. Embracing a non-hierarchical culture, we foster collaboration, creativity, and inclusivity. 'Team' rules over 'individual', and development is part of the fabric, not just a training course. Here, you're encouraged to be yourself, every voice is heard, and every idea is valued, propelling us forward into a future where collective empowerment drives our success. Here, doing the right thing for our clients is what matters most. Job Overview: We are seeking a highly skilled and experienced Senior Operations Manager to oversee the operational aspects of our consultancy firm. The ideal candidate will be responsible for optimising day-to-day operations, enhancing processes, and enabling the seamless delivery of services to our people and clients. The Senior Operations Manager will collaborate with various teams within the organisation to drive efficiency, improve productivity, and contribute to the overall growth and success of the company. We're looking for someone with: Proven experience in operations management within a management consultancy or similar professional services firm. Strong leadership and team management skills, with a track record of building and motivating high-performing teams. Ability to thrive in a fast-paced, dynamic and uncertain environment, managing multiple priorities effectively. Excellent critical thinking skills with a passion for problem-solving. Exceptional communication and interpersonal skills. Experience in implementing process improvements and driving operational excellence. Knowledge of industry best practices and trends in operations management. Key Responsibilities: 1. Operational Excellence: Streamline and optimise internal processes to improve efficiency and productivity. Develop and maintain operational policies and procedures to ensure consistency and quality in service delivery. Implement process enhancements and automation to drive operational efficiency and reduce manual effort. Provide leadership, guidance, and mentorship to the wider operations team (4 direct reports). Foster a collaborative and positive work environment, promoting teamwork and open communication. Collaborate with the team to define and implement the long-term initiatives required to support the business' future plans 3. Information Security and Compliance: Develop and enforce information security policies, procedures, and standards to safeguard sensitive data and client information. Collaborate with external IT security teams to ensure the implementation of robust security measures, including access controls, encryption, and regular security audits. Stay updated on industry best practices and regulations related to information security and ensure the organisation's compliance. Collaborate with consulting teams to understand the viability of new tools and technologies, whilst maintaining compliance with InfoSec. Take ownership of the technology infrastructure, including core central cloud-based systems, and ensure their optimal performance. Collaborate with the wider business to implement and maintain scalable and secure technology solutions. Evaluate emerging technologies and assess their potential impact on operations. Act as a liaison between operations and client teams to address client-specific needs, ensuring solutions meet or exceed expectations. 5. Resource Management: Oversee the efficient allocation and management of our people to meet project requirements and deadlines. Monitor resource utilisation and implement strategies to optimise resource allocation, ensuring maximum productivity and cost-effectiveness. Collaborate with the relevant teams to optimise workforce planning and support future client demand. 6. Client Relationship Management: Collaborate with client-facing teams to understand client needs and expectations. Contribute to the timely and accurate delivery of services, meeting or exceeding client expectations. Address client concerns promptly and effectively, striving for high client satisfaction. 7. Facilities Management: Oversee facilities and office space management, ensuring a safe and conducive working environment for employees. Manage relationships with facilities vendors and service providers, negotiating contracts and agreements to maintain high standards. Identify potential risks in operations, information security, resourcing and facilities management. Develop and implement strategies to mitigate risks, maintaining a robust risk management framework across all operational aspects. Work closely with the finance department to manage operational spend and financial forecasts. Identify cost-saving opportunities and implement strategies to optimise operational expenditures. Clarasys is an equal opportunity employer. We encourage applications from candidates of all backgrounds and experiences.
About BigHand BigHand offers technology solutions for busy legal professionals that provide data and insights to increase value and profits. Through technology, insight and experience, we deliver success for our clients future. We enable our clients to give their customers a better experience while empowering their people to be their best. We make big happen for our customers. We are a business driven by our values and have these at the centre of everything we do. Our BigHanders are dedicated to building a culture where we win together, we learn, we give back, we believe in each other and we find the fun. We are proud to have ranked in Great Places to Work top 50 "UK's Best Workplaces" list for 6 years. About the role BigHand is a leading software technology company with a big difference. It's not just what we do, but how we do it. We specialise in speech, task delegation, document creation and process improvement solutions that help our customers achieve more in less time. Our vision is to be the industry's preferred, most supportive, and helpful technology partner. We aim to achieve this by harnessing our genuine enthusiasm and skill for helping busy people be more effective. BigHand is on a journey of Cloud Native transition. This is a company level strategy to modernise the applications and infrastructure to better deliver secure BigHand SaaS products to be available where, when and on whatever device the customer desires. BigHand is a champion of Cloud Security and is now taking the next step to mature its DevSecOps practices. This strategy is driven by the need for fast delivery of new features and secure and cost-effective use of Azure services. What you'll do: As a DevSecOps Engineer, you will be working with a team of great engineers, delivery managers and architects on several topics i.e., Security Testing, Security (Test) Automation, Risk Analysis, Threat modelling, Security Research, and many others. You will help reduce the risk for the organisation by helping DevOps, Platform Engineering, Platform Operations, Architecture and Software Engineering teams to deliver secure products and cloud platforms and support companywide security initiatives including information security standards such as ISO27001 and SOC 2. You will help to create new strategic plans to be more efficient and work together with BigHand security and compliance departments. You will also coach your team members and improve their security knowledge You will contribute to the security research and bring new knowledge inside the company. You will act as a bridge from Security to other functions. You also will assist with the continuous improvement of the processes critical to the success of the team. You will align with other stakeholders in other domains. Actively promoting DevSecOps ways of working and best practices within the teams and company at large. Support the delivery of the Platform Security roadmap. Demonstrate excellent judgement in prioritising security efforts to mitigate the appropriate risks. Be a strong communicator and can translate security objectives to tech teams. Managing several security related items: Security requirements, Threat Modelling, Design Reviews, Secure Code Review, Penetration Tests, Security Trainings, Automated Test Security, Security Monitoring, Kubernetes Security. Work with DevOps/Platform Engineers, Software Developers, Architecture to plan, design, implement and deploy secure product and platforms according to the needs of the business. Working with other DevOps/Platform Engineers in providing templates and knowledge that facilitates smooth automation process through out a project lifecycle with security embedded in all phases. Continuously drive improvements in processes, tooling, and security architecture of the underlying infrastructure and capabilities. Work on everything from transitioning on-prem services into Azure cloud (PaaS and IaaS services), helping move to and maintain orchestrated container-based service architecture (Azure Kubernetes and Docker). Improve and secure modules in our Terraform & PowerShell module library. Create and maintain an enterprise grade security monitoring and alerting solutions of applications, networks, data and infrastructure services. Assist in the creation of reports/dashboards for usage and up-time. Manage and monitor security health of platforms to ensure that issues and risk are quickly identified and resolved. Collaborate with the IT operations and development teams to plan and execute system changes e.g., security and audit controls as required by the business or compliance requirements. Automate build and release manual activities using DevSecOps best practices. Create security guides and documentation for the development team to securely operate and maintain products. Participate in incident management. Prioritise incidents to help deliver within SLAs. Carry out strong diagnosis to discover root cause and resolutions. Provide out of hours support on a rota basis throughout the year. What we're looking for: BSc. in Computer Science or Engineering or significant job experience with a minimum 2-year Security Engineering or DevOps experience, with experience on APIs. Experienced in working in complex environments including on-prem and cloud. Analytic skills and ability to solve highly complex problems. Experience with OWASP testing Guide / Open-Source Security Testing Methodology. Experience implementing controls for ISO27001 and SOC 2 Experience with cryptography, X509 certificates, signatures, securing TLS/SSL parameters, and certificates. Familiarity with Secure Development Lifecycle practices and Agile development with Continuous Delivery / Integration combined with good experience of cloud security, SAST, DAST, IAST or RASP Excellent communication skills and organisational savvy, to steer peers toward solutions that carefully balance business, velocity, risk, compliance, and engineering concerns. Eagerness to challenge the status quo, balanced with a reasonable and methodical approach to effecting change. A growth mindset, continuous learner with a fun and positive attitude. Excellent understanding of information security principles, cloud security and best practices. Hands-on working experience implementing SIEM & SOAR Tools. Hands-on experience implementing WAF solutions. Hands-on working experience in privileged access management, vulnerability management, secure remote access, secrets management and access control. Hands-on experience in designing, implementing, testing, and securing APIs. Hands-on experience implementing security controls across data, infrastructure, and applications primarily in Azure. Hands-on working experience with Microsoft Azure Cloud services (IaaS, PaaS and SaaS), Security, Networking and Azure DevOps Pipelines. Excellent working knowledge implementing security controls across all infrastructure, platforms, and applications. Excellent working knowledge of security scanning tools (Static Code Analysis, Dynamics Security Testing, Opensource and Container Scanning tools). Excellent working knowledge with Secure Software Development Lifecycle (SSDLC) in an Azure world. Hands-on working knowledge of Infrastructure as Code using Terraform and programming and/or scripting language such as PowerShell, Bash, SQL, KQL. Hands-on knowledge on the usage of CI/CD processes including the integration of security & code quality tools. Hands-on knowledge in security logging, monitoring, and alerting tools. Hands-on knowledge in setup, maintaining and supporting Kubernetes environments using cloud providers specifically Azure. Hands-on experience of implementing BCP and Disaster Recovery solutions for services deployed on-prem or Azure Cloud. Excellent analytical and problem-solving skills, combined with the ability to provide quick resolution to problems. Excellent knowledge of relevant Operations services and Agile methodologies Good working knowledge of Azure DevOps Boards. Good understanding of engineering and automation of container orchestration with Kubernetes and Docker. Good working knowledge in building solutions on and developing integrations using Azure services. Ability to lead and manage complex project end-to-end from requirements, design, implementation, testing and supporting the solution. What we offer 25 days holiday (exc. bank holidays) + 3 BigHand days off between Christmas & New Year Various wellbeing benefits including private medical, vision, Employee Assistance Program (EAP) and Employee Resource Groups (ERG) Company-wide Wellness day, for our teams all across the globe to switch off and spend the day doing something to nourish their mental health Opportunities to give back with company volunteer events and individual volunteer days Career growth opportunities and study leave allowance Family benefits including enhanced parental leave, secondary caregiver leave and fertility support Financial benefits including pension scheme, life assurance, and salary sacrificing Cycle to Work Scheme and Tech Scheme Growing business with a global presence, flexible working, modern offices, and remote work options Our DEI Commitment . click apply for full job details
Apr 23, 2024
Full time
About BigHand BigHand offers technology solutions for busy legal professionals that provide data and insights to increase value and profits. Through technology, insight and experience, we deliver success for our clients future. We enable our clients to give their customers a better experience while empowering their people to be their best. We make big happen for our customers. We are a business driven by our values and have these at the centre of everything we do. Our BigHanders are dedicated to building a culture where we win together, we learn, we give back, we believe in each other and we find the fun. We are proud to have ranked in Great Places to Work top 50 "UK's Best Workplaces" list for 6 years. About the role BigHand is a leading software technology company with a big difference. It's not just what we do, but how we do it. We specialise in speech, task delegation, document creation and process improvement solutions that help our customers achieve more in less time. Our vision is to be the industry's preferred, most supportive, and helpful technology partner. We aim to achieve this by harnessing our genuine enthusiasm and skill for helping busy people be more effective. BigHand is on a journey of Cloud Native transition. This is a company level strategy to modernise the applications and infrastructure to better deliver secure BigHand SaaS products to be available where, when and on whatever device the customer desires. BigHand is a champion of Cloud Security and is now taking the next step to mature its DevSecOps practices. This strategy is driven by the need for fast delivery of new features and secure and cost-effective use of Azure services. What you'll do: As a DevSecOps Engineer, you will be working with a team of great engineers, delivery managers and architects on several topics i.e., Security Testing, Security (Test) Automation, Risk Analysis, Threat modelling, Security Research, and many others. You will help reduce the risk for the organisation by helping DevOps, Platform Engineering, Platform Operations, Architecture and Software Engineering teams to deliver secure products and cloud platforms and support companywide security initiatives including information security standards such as ISO27001 and SOC 2. You will help to create new strategic plans to be more efficient and work together with BigHand security and compliance departments. You will also coach your team members and improve their security knowledge You will contribute to the security research and bring new knowledge inside the company. You will act as a bridge from Security to other functions. You also will assist with the continuous improvement of the processes critical to the success of the team. You will align with other stakeholders in other domains. Actively promoting DevSecOps ways of working and best practices within the teams and company at large. Support the delivery of the Platform Security roadmap. Demonstrate excellent judgement in prioritising security efforts to mitigate the appropriate risks. Be a strong communicator and can translate security objectives to tech teams. Managing several security related items: Security requirements, Threat Modelling, Design Reviews, Secure Code Review, Penetration Tests, Security Trainings, Automated Test Security, Security Monitoring, Kubernetes Security. Work with DevOps/Platform Engineers, Software Developers, Architecture to plan, design, implement and deploy secure product and platforms according to the needs of the business. Working with other DevOps/Platform Engineers in providing templates and knowledge that facilitates smooth automation process through out a project lifecycle with security embedded in all phases. Continuously drive improvements in processes, tooling, and security architecture of the underlying infrastructure and capabilities. Work on everything from transitioning on-prem services into Azure cloud (PaaS and IaaS services), helping move to and maintain orchestrated container-based service architecture (Azure Kubernetes and Docker). Improve and secure modules in our Terraform & PowerShell module library. Create and maintain an enterprise grade security monitoring and alerting solutions of applications, networks, data and infrastructure services. Assist in the creation of reports/dashboards for usage and up-time. Manage and monitor security health of platforms to ensure that issues and risk are quickly identified and resolved. Collaborate with the IT operations and development teams to plan and execute system changes e.g., security and audit controls as required by the business or compliance requirements. Automate build and release manual activities using DevSecOps best practices. Create security guides and documentation for the development team to securely operate and maintain products. Participate in incident management. Prioritise incidents to help deliver within SLAs. Carry out strong diagnosis to discover root cause and resolutions. Provide out of hours support on a rota basis throughout the year. What we're looking for: BSc. in Computer Science or Engineering or significant job experience with a minimum 2-year Security Engineering or DevOps experience, with experience on APIs. Experienced in working in complex environments including on-prem and cloud. Analytic skills and ability to solve highly complex problems. Experience with OWASP testing Guide / Open-Source Security Testing Methodology. Experience implementing controls for ISO27001 and SOC 2 Experience with cryptography, X509 certificates, signatures, securing TLS/SSL parameters, and certificates. Familiarity with Secure Development Lifecycle practices and Agile development with Continuous Delivery / Integration combined with good experience of cloud security, SAST, DAST, IAST or RASP Excellent communication skills and organisational savvy, to steer peers toward solutions that carefully balance business, velocity, risk, compliance, and engineering concerns. Eagerness to challenge the status quo, balanced with a reasonable and methodical approach to effecting change. A growth mindset, continuous learner with a fun and positive attitude. Excellent understanding of information security principles, cloud security and best practices. Hands-on working experience implementing SIEM & SOAR Tools. Hands-on experience implementing WAF solutions. Hands-on working experience in privileged access management, vulnerability management, secure remote access, secrets management and access control. Hands-on experience in designing, implementing, testing, and securing APIs. Hands-on experience implementing security controls across data, infrastructure, and applications primarily in Azure. Hands-on working experience with Microsoft Azure Cloud services (IaaS, PaaS and SaaS), Security, Networking and Azure DevOps Pipelines. Excellent working knowledge implementing security controls across all infrastructure, platforms, and applications. Excellent working knowledge of security scanning tools (Static Code Analysis, Dynamics Security Testing, Opensource and Container Scanning tools). Excellent working knowledge with Secure Software Development Lifecycle (SSDLC) in an Azure world. Hands-on working knowledge of Infrastructure as Code using Terraform and programming and/or scripting language such as PowerShell, Bash, SQL, KQL. Hands-on knowledge on the usage of CI/CD processes including the integration of security & code quality tools. Hands-on knowledge in security logging, monitoring, and alerting tools. Hands-on knowledge in setup, maintaining and supporting Kubernetes environments using cloud providers specifically Azure. Hands-on experience of implementing BCP and Disaster Recovery solutions for services deployed on-prem or Azure Cloud. Excellent analytical and problem-solving skills, combined with the ability to provide quick resolution to problems. Excellent knowledge of relevant Operations services and Agile methodologies Good working knowledge of Azure DevOps Boards. Good understanding of engineering and automation of container orchestration with Kubernetes and Docker. Good working knowledge in building solutions on and developing integrations using Azure services. Ability to lead and manage complex project end-to-end from requirements, design, implementation, testing and supporting the solution. What we offer 25 days holiday (exc. bank holidays) + 3 BigHand days off between Christmas & New Year Various wellbeing benefits including private medical, vision, Employee Assistance Program (EAP) and Employee Resource Groups (ERG) Company-wide Wellness day, for our teams all across the globe to switch off and spend the day doing something to nourish their mental health Opportunities to give back with company volunteer events and individual volunteer days Career growth opportunities and study leave allowance Family benefits including enhanced parental leave, secondary caregiver leave and fertility support Financial benefits including pension scheme, life assurance, and salary sacrificing Cycle to Work Scheme and Tech Scheme Growing business with a global presence, flexible working, modern offices, and remote work options Our DEI Commitment . click apply for full job details
Position: Information Security Lead Salary: £59k Location: Oxford ( Hybrid ) Responsibilities: Develop and maintain an Information Security improvement plan for the group. Work with IT staff within the group to build on an existing information security program and ongoing security projects that address information security risks and compliance requirements. Recommend, coordinate and where appropriate, implement agreed technical controls. Be responsible for decisions regarding operational activities in relation to Information Security improvement within the group. Work with the Head of IT and College governance structures to create and maintain security policies. Monitor and report on compliance with security policies, as well as the enforcement of policies. Plan and prioritise own work ensuring effective support to the group and delivery of key Cyber Security improvement objectives. Research, evaluate, design, test, recommend and plan the implementation of new or updated information security hardware or software, and analyse its impact on the existing environment; provide technical and managerial expertise for the administration of security tools. Develop strong working relationships with the Head of IT, Technical Services Manager, and IT Managers to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements. Ensure all IT staff have access to IT systems limited by need and role. Research/evaluate emerging information security threats and ways to manage them. Assist Colleges with maintaining suitable TPSA templates and maintaining a list of assessed third parties. Monitor and test vulnerabilities in technological infrastructure, managed services, and devices. Use influencing skills to ensure collaborative working to engender a level of quality improvement across the group. Consult with IT colleagues to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications, and software as part of Privacy by Design and Default. Manage and coordinate operational components of security incident management, including detection response and reporting. Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans, and communicate information about residual risk. Manage security projects, provide expert guidance on security matters for other IT projects and work with suppliers to obtain best value. Evaluate requests for exceptions to policies, ensuring sufficient mitigating controls are in place. Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are following policies and audit requirements. Review, escalate and action any unusual event behaviour identified through the groups information security systems. Create standards in system hardening, change management, documentation. Perform periodic firewall Ensure disaster recovery and data restoration processes work. Ensure appropriate Corrective and Preventative Actions are implemented in line with best practice guidance. Essential: A record of accomplishment in and experience of introducing Information Security Improvement through successfully designing, implementing, and improving IT security architecture and controls. Working technical knowledge in broad domains of IT infrastructure such as data networks, server and desktop hardware and operating systems, storage and backups, and related monitoring and management systems. Demonstrable experience of applying security controls in one or more of the following areas: Unix/Linux Servers, Windows servers, firewalls, IDS/IPS, vulnerability management, WAF, Wi-Fi, mobile security, Data Loss Prevention, digital certificates, encryption and authentication techniques, forensics, and LAN / WANs. Solid understanding of security protocols, cryptography, authentication, authorisation, and security. Able to manage own workload, resolve competing demands, and cope with changing priorities in a flexible and proactive way. High level of personal integrity, as well as the ability to handle confidential matters and show an appropriate level of judgment and maturity. Excellent written and oral communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and non-technical audiences. INDIT Planet Recruitment acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. Planet Recruitment is an Equal Opportunities Employer.By applying for this role your details will be submitted to Planet Recruitment. Our Candidate Privacy Information Statement explains how we will use your information. Only candidates with the relevant skills and experience will be contacted after application, if you do not hear back from us within 7 days you have unfortunately been unsuccessful in your application. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and abilities to perform the duties of the position.
Apr 18, 2024
Full time
Position: Information Security Lead Salary: £59k Location: Oxford ( Hybrid ) Responsibilities: Develop and maintain an Information Security improvement plan for the group. Work with IT staff within the group to build on an existing information security program and ongoing security projects that address information security risks and compliance requirements. Recommend, coordinate and where appropriate, implement agreed technical controls. Be responsible for decisions regarding operational activities in relation to Information Security improvement within the group. Work with the Head of IT and College governance structures to create and maintain security policies. Monitor and report on compliance with security policies, as well as the enforcement of policies. Plan and prioritise own work ensuring effective support to the group and delivery of key Cyber Security improvement objectives. Research, evaluate, design, test, recommend and plan the implementation of new or updated information security hardware or software, and analyse its impact on the existing environment; provide technical and managerial expertise for the administration of security tools. Develop strong working relationships with the Head of IT, Technical Services Manager, and IT Managers to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements. Ensure all IT staff have access to IT systems limited by need and role. Research/evaluate emerging information security threats and ways to manage them. Assist Colleges with maintaining suitable TPSA templates and maintaining a list of assessed third parties. Monitor and test vulnerabilities in technological infrastructure, managed services, and devices. Use influencing skills to ensure collaborative working to engender a level of quality improvement across the group. Consult with IT colleagues to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications, and software as part of Privacy by Design and Default. Manage and coordinate operational components of security incident management, including detection response and reporting. Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans, and communicate information about residual risk. Manage security projects, provide expert guidance on security matters for other IT projects and work with suppliers to obtain best value. Evaluate requests for exceptions to policies, ensuring sufficient mitigating controls are in place. Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are following policies and audit requirements. Review, escalate and action any unusual event behaviour identified through the groups information security systems. Create standards in system hardening, change management, documentation. Perform periodic firewall Ensure disaster recovery and data restoration processes work. Ensure appropriate Corrective and Preventative Actions are implemented in line with best practice guidance. Essential: A record of accomplishment in and experience of introducing Information Security Improvement through successfully designing, implementing, and improving IT security architecture and controls. Working technical knowledge in broad domains of IT infrastructure such as data networks, server and desktop hardware and operating systems, storage and backups, and related monitoring and management systems. Demonstrable experience of applying security controls in one or more of the following areas: Unix/Linux Servers, Windows servers, firewalls, IDS/IPS, vulnerability management, WAF, Wi-Fi, mobile security, Data Loss Prevention, digital certificates, encryption and authentication techniques, forensics, and LAN / WANs. Solid understanding of security protocols, cryptography, authentication, authorisation, and security. Able to manage own workload, resolve competing demands, and cope with changing priorities in a flexible and proactive way. High level of personal integrity, as well as the ability to handle confidential matters and show an appropriate level of judgment and maturity. Excellent written and oral communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and non-technical audiences. INDIT Planet Recruitment acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. Planet Recruitment is an Equal Opportunities Employer.By applying for this role your details will be submitted to Planet Recruitment. Our Candidate Privacy Information Statement explains how we will use your information. Only candidates with the relevant skills and experience will be contacted after application, if you do not hear back from us within 7 days you have unfortunately been unsuccessful in your application. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and abilities to perform the duties of the position.
Role overview
Job Title : Security and Compliance Architect Department : Technology Reports to : Head of Architecture and Planning Job Level : Guide Location : Twickenham / Hybrid Duration : Permanent
Nature and scope:
The RFU is at the start of a strategic programme of work to transform the digital experience of volunteers, players, fans and attendees. A major part of the programme is to identify and deliver the appropriate technology platforms required to deliver the transformation.
The Security and Compliance Architect will support the design, development, procurement, and assurance of the Digital and Data solutions created by the RFU. The role will provide expertise and be the subject matter expert on the required security and controls and processes required both through project lifecycles, and in Business as Usual.
Accountabilities:
Analyse existing and proposed technical architectures for security risk
Advise on appropriate security controls to mitigate security architecture risks
Provide expert technical advice to support the design and development of secure architectures
Apply secure architecture principles and practices to assure technical architectures
Develop security architecture frameworks/processes at programme level
Develop audit and compliance processes to assure technical security controls
Advise on technical management of secure environments
Actively collaborate with colleagues to contribute to the development and delivery of the current strategic, business, and operational plans
Act as an ambassador for, and promote the best interests of the RFU, including the promotion of the RFU core values and BACK culture.
Undertake such other duties as may be required from time to time as are consistent with the responsibilities of the post and the needs of the organisation
Candidate overview
The skills and attributes outlined in this description are not exhaustive and we welcome candidates who can bring different relevant experiences to the role
Qualifications, skills & experience:
Strong and demonstrable knowledge of Cyber Security technologies
Some experience and knowledge in designing or deploying Cyber Security solutions across either private, hybrid, or public cloud environments
Understanding of key trends relating to securing SAAS applications
Experience or interested in gaining experience in Secure DevOps
Experience doing threat-modelling of complex systems
Experience creating technical documentation, product documentation, technology, software and systems architecture
Working experience with the following concepts: SSL Crypto Solutions, Data Protection and Security, Software Development Methodologies (e.g. Agile), API Gateways, Data Analytics
Experience with open-source security technologies
Solid understanding of and ability to speak to security principles in areas such as application security, virtualization, cloud technologies, access control.
Knowledge of SIEM solutions as well as Vulnerability Management and the role they play in security architecture
Relevant industry certification in the security domain
Comprehensive understanding of GDPR, specifically UK GDPR
Committed to actively contributing and building an inclusive BACK culture in your role
Additional Information:
All role holders must maintain an appropriate standard of confidentiality. Any disclosures of confidential information (including personal information kept on computer or other media) made unlawfully outside the proper course of duty will be treated as a serious disciplinary offence
The role description, person specification, job level and job title may be subject to change at the discretion of the RFU and under business developments. Any changes will be communicated to the role holder as appropriate
If you are a trans candidate applying for a job that requires a DBS check, please reach out to recruitment@rfu.com or directly to our safeguarding team ( safeguarding@rfu.com ) to use the confidential sensitive application route. This will provide applicants with the choice not to have any gender or name information disclosed on their DBS certificate.
During your application, we will ask questions about your identity. This information is considered highly confidential and will not be seen by hiring managers. You can find out more about why we ask these questions here .
Please submit an anonymised CV with your application for this role.
About England Rugby England Rugby or Rugby Football Union (RFU) is the national governing body for rugby in England. We deliver three core activities, and our purpose is to enrich lives, introduce more people to rugby union and develop the sport for future generations. Our core activities are:
Rugby – supporting rugby from grassroots to performance level
Commercial – building partnerships and hosting matches and events
Running the business - ensuring our organization and people can thrive
Our Culture At England Rugby, one of our core objectives is to drive rugby union to better reflect the diversity of society. We are aware that rugby, and sports in general, has not always been as welcoming an environment for everyone as we would like, and we are working hard to make rugby a more inclusive space for all identities. We believe hiring people from underrepresented groups into positions at all levels is vital to creating spaces and initiatives that better support those identities. We would love to see applications from disabled people, LGBTQ+ people, people from ethnically diverse communities, people of faith, people from lower socio-economic backgrounds, and women and non-binary people. We know that representation is more than just getting people through the door, it’s about keeping people by responding to structural barriers relating to identities and valuing the insights that different lived experiences bring. We have network groups that provide peer-to-peer support and drive forward change internally. We support colleagues to develop, and each colleague has access to a personal coaching platform that can provide same-day one-to-one coaching. We are pushing ourselves to create a more inclusive culture every day through role modelling our BACK behaviours which stand for Brave, Accountable, Collaborative and Keep improving. We know that flexible working is important to our colleagues, so our guiding principles are designed to support everyone to work in the way that suits them, their teams, and the organization in the best way. We want you to have every opportunity to demonstrate your skills, ability and potential. If there is anything we could do to support you through your application or to provide the best environment for your interviews, including assistance or adjustment, please reach out to recruitment@rfu.com . What we can offer you We are proud of the range of benefits we can provide:
Retail discounts include 30% off Adidas, 20% off Optimum Nutrition, 25% off 02 and many more
Priority access to purchase match tickets
25% discount in Rugby Store and EnglandRugby.com
25 days of annual leave and your birthday day off
Free dental care and free access to the stadium gym
Life assurance of 4x your basic salary, income protection scheme and Employee Assistance Programme that offers anonymous and confidential, emotional and practical support 24/7
After 3 months, you will be enrolled in our Aviva pension scheme and we will match and double your contribution up to 10%
Ride-to-work scheme, eyecare vouchers and season ticket loans
About Our Team At England Rugby, we want to hear our employees’ thoughts, ideas and feedback on our strategies, new initiatives and our work environment. That’s why we have quarterly meetings called ‘the Voice’ where various topics are discussed, in addition to regular surveys, including our annual D&I survey. We are always striving to create the best environment for our colleagues, and we are proud to present some of our most recent feedback from Feb 2022:
85% feel motivated to perform their role to the best of their ability
83% feel supported by their Manager
90% agree or strongly agree that their Manager empowers and trusts them to deliver while working from home
83% feel informed and connected with the organisation
If you would like to find out more about our diversity and inclusion work or the culture at England Rugby, please visit our website here: https://www.englandrugby.com/about-rfu/rfu-policies/diversity-and-inclusion/our-approach
Nov 30, 2022
Full time
Role overview
Job Title : Security and Compliance Architect Department : Technology Reports to : Head of Architecture and Planning Job Level : Guide Location : Twickenham / Hybrid Duration : Permanent
Nature and scope:
The RFU is at the start of a strategic programme of work to transform the digital experience of volunteers, players, fans and attendees. A major part of the programme is to identify and deliver the appropriate technology platforms required to deliver the transformation.
The Security and Compliance Architect will support the design, development, procurement, and assurance of the Digital and Data solutions created by the RFU. The role will provide expertise and be the subject matter expert on the required security and controls and processes required both through project lifecycles, and in Business as Usual.
Accountabilities:
Analyse existing and proposed technical architectures for security risk
Advise on appropriate security controls to mitigate security architecture risks
Provide expert technical advice to support the design and development of secure architectures
Apply secure architecture principles and practices to assure technical architectures
Develop security architecture frameworks/processes at programme level
Develop audit and compliance processes to assure technical security controls
Advise on technical management of secure environments
Actively collaborate with colleagues to contribute to the development and delivery of the current strategic, business, and operational plans
Act as an ambassador for, and promote the best interests of the RFU, including the promotion of the RFU core values and BACK culture.
Undertake such other duties as may be required from time to time as are consistent with the responsibilities of the post and the needs of the organisation
Candidate overview
The skills and attributes outlined in this description are not exhaustive and we welcome candidates who can bring different relevant experiences to the role
Qualifications, skills & experience:
Strong and demonstrable knowledge of Cyber Security technologies
Some experience and knowledge in designing or deploying Cyber Security solutions across either private, hybrid, or public cloud environments
Understanding of key trends relating to securing SAAS applications
Experience or interested in gaining experience in Secure DevOps
Experience doing threat-modelling of complex systems
Experience creating technical documentation, product documentation, technology, software and systems architecture
Working experience with the following concepts: SSL Crypto Solutions, Data Protection and Security, Software Development Methodologies (e.g. Agile), API Gateways, Data Analytics
Experience with open-source security technologies
Solid understanding of and ability to speak to security principles in areas such as application security, virtualization, cloud technologies, access control.
Knowledge of SIEM solutions as well as Vulnerability Management and the role they play in security architecture
Relevant industry certification in the security domain
Comprehensive understanding of GDPR, specifically UK GDPR
Committed to actively contributing and building an inclusive BACK culture in your role
Additional Information:
All role holders must maintain an appropriate standard of confidentiality. Any disclosures of confidential information (including personal information kept on computer or other media) made unlawfully outside the proper course of duty will be treated as a serious disciplinary offence
The role description, person specification, job level and job title may be subject to change at the discretion of the RFU and under business developments. Any changes will be communicated to the role holder as appropriate
If you are a trans candidate applying for a job that requires a DBS check, please reach out to recruitment@rfu.com or directly to our safeguarding team ( safeguarding@rfu.com ) to use the confidential sensitive application route. This will provide applicants with the choice not to have any gender or name information disclosed on their DBS certificate.
During your application, we will ask questions about your identity. This information is considered highly confidential and will not be seen by hiring managers. You can find out more about why we ask these questions here .
Please submit an anonymised CV with your application for this role.
About England Rugby England Rugby or Rugby Football Union (RFU) is the national governing body for rugby in England. We deliver three core activities, and our purpose is to enrich lives, introduce more people to rugby union and develop the sport for future generations. Our core activities are:
Rugby – supporting rugby from grassroots to performance level
Commercial – building partnerships and hosting matches and events
Running the business - ensuring our organization and people can thrive
Our Culture At England Rugby, one of our core objectives is to drive rugby union to better reflect the diversity of society. We are aware that rugby, and sports in general, has not always been as welcoming an environment for everyone as we would like, and we are working hard to make rugby a more inclusive space for all identities. We believe hiring people from underrepresented groups into positions at all levels is vital to creating spaces and initiatives that better support those identities. We would love to see applications from disabled people, LGBTQ+ people, people from ethnically diverse communities, people of faith, people from lower socio-economic backgrounds, and women and non-binary people. We know that representation is more than just getting people through the door, it’s about keeping people by responding to structural barriers relating to identities and valuing the insights that different lived experiences bring. We have network groups that provide peer-to-peer support and drive forward change internally. We support colleagues to develop, and each colleague has access to a personal coaching platform that can provide same-day one-to-one coaching. We are pushing ourselves to create a more inclusive culture every day through role modelling our BACK behaviours which stand for Brave, Accountable, Collaborative and Keep improving. We know that flexible working is important to our colleagues, so our guiding principles are designed to support everyone to work in the way that suits them, their teams, and the organization in the best way. We want you to have every opportunity to demonstrate your skills, ability and potential. If there is anything we could do to support you through your application or to provide the best environment for your interviews, including assistance or adjustment, please reach out to recruitment@rfu.com . What we can offer you We are proud of the range of benefits we can provide:
Retail discounts include 30% off Adidas, 20% off Optimum Nutrition, 25% off 02 and many more
Priority access to purchase match tickets
25% discount in Rugby Store and EnglandRugby.com
25 days of annual leave and your birthday day off
Free dental care and free access to the stadium gym
Life assurance of 4x your basic salary, income protection scheme and Employee Assistance Programme that offers anonymous and confidential, emotional and practical support 24/7
After 3 months, you will be enrolled in our Aviva pension scheme and we will match and double your contribution up to 10%
Ride-to-work scheme, eyecare vouchers and season ticket loans
About Our Team At England Rugby, we want to hear our employees’ thoughts, ideas and feedback on our strategies, new initiatives and our work environment. That’s why we have quarterly meetings called ‘the Voice’ where various topics are discussed, in addition to regular surveys, including our annual D&I survey. We are always striving to create the best environment for our colleagues, and we are proud to present some of our most recent feedback from Feb 2022:
85% feel motivated to perform their role to the best of their ability
83% feel supported by their Manager
90% agree or strongly agree that their Manager empowers and trusts them to deliver while working from home
83% feel informed and connected with the organisation
If you would like to find out more about our diversity and inclusion work or the culture at England Rugby, please visit our website here: https://www.englandrugby.com/about-rfu/rfu-policies/diversity-and-inclusion/our-approach
MBDA Missile Systems - Together. For the future of defence. Salary: Up to £62,000 dependent on experience + bonus + benefits Hybrid working pattern: Where possible, we will seek to accommodate a blended approach to on-site and remote working. The opportunity: An opportunity has arisen for a role in the MBDA Security Operations and CERT. Reporting to the UK SOC manager, you will support the Cyber Security Operations team to defend against cyber threats and vulnerabilities by ensuring the Information Management (IM) environment is following the correct processes and remains compliant by proactively managing identified vulnerabilities that could be exploited. You will provide remediation action through compliance to relevant security standards and confirm that remediation is completed in accordance with the identified risk categorisation. You will be joining a diverse and hard-working team of cyber security specialists responsible for the protection, security and safety of MBDA UK networks and IM/IS environments. This is a traversal function that covers all areas of IM and will require Group collaboration. The team are working towards growing our current capabilities and supporting the business as it securely evolves to a "new way of working" in response to the pandemic and establishing international CERTs. The Role Report and track remediation activities affecting all Infrastructure and applications within the IM estate. First line management of vulnerability analysts. Support compliance and due diligence led activities and audits, including regulatory updates. Collaborate with teams and business partners to create both tactical and strategic plans as it relates to vulnerability management. Also providing security advice at a technical level. Champion security best practice within technology and be regarded as the 'go-to' individual for security vulnerability management. Advise technical and non-technical audiences on appropriate prioritisation of patch deployment. Manage vulnerability remediation by suppliers and teams through re-test & closure. Help drive security maturity in vulnerability management and security in general across the business, through positive engagement and teaching. Maintain and further improve the scanning scope and capability of the vulnerability scanning service, through automation and tooling. Manage the remediation plan of vulnerabilities discovered during penetration tests and health checks. Provide vulnerability assessment scan guidance and process oversight. What we're looking for from you: Familiarity with Infrastructure and web application scanning tools (e.g. Qualys, Nessus) and relevant remediation management/risk tools supported in the Security Operations Centre (SOC) Managing vulnerabilities 2+ years (planning and remediation) 2+ years of first line management A demonstrable knowledge of Vulnerability lifecycle management (MITRE) and IT/ OT/ IoT vulnerability remediation plans Experience or knowledge of risk management frameworks (e.g CIS, NIST) Sound understanding of network/infrastructure and web/mobile application weakness and anti-patterns (CWE, OWASP). An in depth understanding of cyber security technologies and applicable security controls A good understanding of information security principles and best-practices Ability to carry out risk assessments Supplier engagement and collaboration What to expect: We offer opportunities for career progression, paid overtime (subject to level), bonus scheme, comprehensive pension package, annual salary review, collaborative working environment and excellent on-site facilities. We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process. We also welcome applicants who are looking for flexible working arrangements. Follow us on LinkedIn (MBDA), Twitter Instagram (lifeatMBDA_UK) and Glassdoor or visit our MBDA Careers website for more information. Please Note: MBDA UK requires all employees to achieve appropriate clearances.
Sep 24, 2022
Full time
MBDA Missile Systems - Together. For the future of defence. Salary: Up to £62,000 dependent on experience + bonus + benefits Hybrid working pattern: Where possible, we will seek to accommodate a blended approach to on-site and remote working. The opportunity: An opportunity has arisen for a role in the MBDA Security Operations and CERT. Reporting to the UK SOC manager, you will support the Cyber Security Operations team to defend against cyber threats and vulnerabilities by ensuring the Information Management (IM) environment is following the correct processes and remains compliant by proactively managing identified vulnerabilities that could be exploited. You will provide remediation action through compliance to relevant security standards and confirm that remediation is completed in accordance with the identified risk categorisation. You will be joining a diverse and hard-working team of cyber security specialists responsible for the protection, security and safety of MBDA UK networks and IM/IS environments. This is a traversal function that covers all areas of IM and will require Group collaboration. The team are working towards growing our current capabilities and supporting the business as it securely evolves to a "new way of working" in response to the pandemic and establishing international CERTs. The Role Report and track remediation activities affecting all Infrastructure and applications within the IM estate. First line management of vulnerability analysts. Support compliance and due diligence led activities and audits, including regulatory updates. Collaborate with teams and business partners to create both tactical and strategic plans as it relates to vulnerability management. Also providing security advice at a technical level. Champion security best practice within technology and be regarded as the 'go-to' individual for security vulnerability management. Advise technical and non-technical audiences on appropriate prioritisation of patch deployment. Manage vulnerability remediation by suppliers and teams through re-test & closure. Help drive security maturity in vulnerability management and security in general across the business, through positive engagement and teaching. Maintain and further improve the scanning scope and capability of the vulnerability scanning service, through automation and tooling. Manage the remediation plan of vulnerabilities discovered during penetration tests and health checks. Provide vulnerability assessment scan guidance and process oversight. What we're looking for from you: Familiarity with Infrastructure and web application scanning tools (e.g. Qualys, Nessus) and relevant remediation management/risk tools supported in the Security Operations Centre (SOC) Managing vulnerabilities 2+ years (planning and remediation) 2+ years of first line management A demonstrable knowledge of Vulnerability lifecycle management (MITRE) and IT/ OT/ IoT vulnerability remediation plans Experience or knowledge of risk management frameworks (e.g CIS, NIST) Sound understanding of network/infrastructure and web/mobile application weakness and anti-patterns (CWE, OWASP). An in depth understanding of cyber security technologies and applicable security controls A good understanding of information security principles and best-practices Ability to carry out risk assessments Supplier engagement and collaboration What to expect: We offer opportunities for career progression, paid overtime (subject to level), bonus scheme, comprehensive pension package, annual salary review, collaborative working environment and excellent on-site facilities. We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process. We also welcome applicants who are looking for flexible working arrangements. Follow us on LinkedIn (MBDA), Twitter Instagram (lifeatMBDA_UK) and Glassdoor or visit our MBDA Careers website for more information. Please Note: MBDA UK requires all employees to achieve appropriate clearances.
Job Description Role overview Job Title : Security and Compliance Architect Department : Technology Reports to : Head of Architecture and Planning Salary Banding : Circa £60,000 Job Level : Guide Location : Twickenham / Hybrid Duration : Permanent Nature and scope: The RFU is at the start of a strategic programme of work to transform the digital experience of volunteers, players, fans and attendees. A major part of the programme is to identify and deliver the appropriate technology platforms required to deliver the transformation. The Security and Compliance Architect will support the design, development, procurement, and assurance of the Digital and Data solutions created by the RFU. The role will provide expertise and be the subject matter expert on the required security and controls and processes required both through project lifecycles, and in Business as Usual. Accountabilities: Analyse existing and proposed technical architectures for security risk Advise on appropriate security controls to mitigate security architecture risks Provide expert technical advice to support the design and development of secure architectures Apply secure architecture principles and practices to assure technical architectures Develop security architecture frameworks/processes at programme level Develop audit and compliance processes to assure technical security controls Advise on technical management of secure environments Actively collaborate with colleagues to contribute to the development and delivery of the current strategic, business, and operational plans Act as an ambassador for, and promote the best interests of the RFU, including the promotion of the RFU core values and BACK culture. Undertake such other duties as may be required from time to time as are consistent with the responsibilities of the post and the needs of the organisation Candidate overview The skills and attributes outlined in this description are not exhaustive and we welcome candidates who can bring different relevant experiences to the role Qualifications, skills & experience: Strong and demonstrable knowledge of Cyber Security technologies Some experience and knowledge in designing or deploying Cyber Security solutions across either private, hybrid, or public cloud environments Understanding of key trends relating to securing SAAS applications Experience or interested in gaining experience in Secure DevOps Experience doing threat-modelling of complex systems Experience creating technical documentation, product documentation, technology, software and systems architecture Working experience with the following concepts: SSL Crypto Solutions, Data Protection and Security, Software Development Methodologies (e.g. Agile), API Gateways, Data Analytics Experience with open-source security technologies Solid understanding of and ability to speak to security principles in areas such as application security, virtualization, cloud technologies, access control. Knowledge of SIEM solutions as well as Vulnerability Management and the role they play in security architecture Relevant industry certification in the security domain Comprehensive understanding of GDPR, specifically UK GDPR Committed to actively contributing and building an inclusive BACK culture in your role Additional Information: All role holders must maintain an appropriate standard of confidentiality. Any disclosures of confidential information (including personal information kept on computer or other media) made unlawfully outside the proper course of duty will be treated as a serious disciplinary offence The role description, person specification, job level and job title may be subject to change at the discretion of the RFU and under business developments. Any changes will be communicated to the role holder as appropriate If you are a trans candidate applying for a job that requires a DBS check, please reach out to or directly to our safeguarding team ( ) to use the confidential sensitive application route. This will provide applicants with the choice not to have any gender or name information disclosed on their DBS certificate. What we can offer you We are proud of the range of benefits we can provide: Retail discounts include 30% off Adidas, 20% off Optimum Nutrition, 25% off 02 and many more. Priority access to purchase match tickets 25% discount in Rugby Store and 25 days of annual leave and your birthday day off Free dental care and free access to the stadium gym Life assurance of 4x your basic salary, income protection scheme and Employee Assistance Programme that offers anonymous and confidential, emotional and practical support 24/7. After 3 months, you will be enrolled in our Aviva pension scheme and we will match and double your contribution up to 10% Ride-to-work scheme, eyecare vouchers and season ticket loans About our team At England Rugby, we want to hear our employees' thoughts, ideas and feedback on our strategies, new initiatives and our work environment. That's why we have quarterly meetings called 'the Voice' where various topics are discussed, in addition to regular surveys, including our annual D&I survey. We are always striving to create the best environment for our colleagues, and we are proud to present some of our most recent feedback from Feb 2022: 85% feel motivated to perform their role to the best of their ability 83% feel supported by their Manager 90% agree or strongly agree that their Manager empowers and trusts them to deliver while working from home 83% feel informed and connected with the organisation If you would like to find out more about our diversity and inclusion work or the culture at England Rugby, please visit our website here: Please submit a CV and covering letter with your application for this role. Please note the instructions around submitting these documents when you get to that stage of your application as we're working hard to make our recruitment processes as inclusive as possible and reducing our potential unconscious bias. About Us About England Rugby England Rugby or Rugby Football Union (RFU) is the national governing body for rugby in England. We deliver three core activities, and our purpose is to enrich lives, introduce more people to rugby union and develop the sport for future generations. Our core activities are: Rugby - supporting rugby from grassroots to performance level Commercial - building partnerships and hosting matches and events Running the business - ensuring our organization and people can thrive Our Culture At England Rugby, one of our core objectives is to drive rugby union to better reflect the diversity of society. We are aware that rugby, and sports in general, has not always been as welcoming an environment for everyone as we would like, and we are working hard to make rugby a more inclusive space for all identities. We believe hiring people from underrepresented groups into positions at all levels is vital to creating spaces and initiatives that better support those identities. We would love to see applications from disabled people, LGBTQ+ people, people from ethnically diverse communities, people of faith, people from lower socio-economic backgrounds, and women and non-binary people. We know that representation is more than just getting people through the door, it's about keeping people by responding to structural barriers relating to identities and valuing the insights that different lived experiences bring. We have network groups that provide peer-to-peer support and drive forward change internally. We support colleagues to develop, and each colleague has access to a personal coaching platform that can provide same-day one-to-one coaching. We are pushing ourselves to create a more inclusive culture every day through role modelling our BACK behaviours which stand for Brave, Accountable, Collaborative and Keep improving. We know that flexible working is important to our colleagues, so our guiding principles are designed to support everyone to work in the way that suits them, their teams, and the organization in the best way. We want you to have every opportunity to demonstrate your skills, ability and potential. If there is anything we could do to support you through your application or to provide the best environment for your interviews, including assistance or adjustment, please reach out to . What we can offer you We are proud of the range of benefits we can provide: Retail discounts include 30% off Adidas, 20% off Optimum Nutrition, 25% off 02 and many more Priority access to purchase match tickets 25% discount in Rugby Store and 25 days of annual leave and your birthday day off Free dental care and free access to the stadium gym Life assurance of 4x your basic salary, income protection scheme and Employee Assistance Programme that offers anonymous and confidential, emotional and practical support 24/7..... click apply for full job details
Sep 24, 2022
Full time
Job Description Role overview Job Title : Security and Compliance Architect Department : Technology Reports to : Head of Architecture and Planning Salary Banding : Circa £60,000 Job Level : Guide Location : Twickenham / Hybrid Duration : Permanent Nature and scope: The RFU is at the start of a strategic programme of work to transform the digital experience of volunteers, players, fans and attendees. A major part of the programme is to identify and deliver the appropriate technology platforms required to deliver the transformation. The Security and Compliance Architect will support the design, development, procurement, and assurance of the Digital and Data solutions created by the RFU. The role will provide expertise and be the subject matter expert on the required security and controls and processes required both through project lifecycles, and in Business as Usual. Accountabilities: Analyse existing and proposed technical architectures for security risk Advise on appropriate security controls to mitigate security architecture risks Provide expert technical advice to support the design and development of secure architectures Apply secure architecture principles and practices to assure technical architectures Develop security architecture frameworks/processes at programme level Develop audit and compliance processes to assure technical security controls Advise on technical management of secure environments Actively collaborate with colleagues to contribute to the development and delivery of the current strategic, business, and operational plans Act as an ambassador for, and promote the best interests of the RFU, including the promotion of the RFU core values and BACK culture. Undertake such other duties as may be required from time to time as are consistent with the responsibilities of the post and the needs of the organisation Candidate overview The skills and attributes outlined in this description are not exhaustive and we welcome candidates who can bring different relevant experiences to the role Qualifications, skills & experience: Strong and demonstrable knowledge of Cyber Security technologies Some experience and knowledge in designing or deploying Cyber Security solutions across either private, hybrid, or public cloud environments Understanding of key trends relating to securing SAAS applications Experience or interested in gaining experience in Secure DevOps Experience doing threat-modelling of complex systems Experience creating technical documentation, product documentation, technology, software and systems architecture Working experience with the following concepts: SSL Crypto Solutions, Data Protection and Security, Software Development Methodologies (e.g. Agile), API Gateways, Data Analytics Experience with open-source security technologies Solid understanding of and ability to speak to security principles in areas such as application security, virtualization, cloud technologies, access control. Knowledge of SIEM solutions as well as Vulnerability Management and the role they play in security architecture Relevant industry certification in the security domain Comprehensive understanding of GDPR, specifically UK GDPR Committed to actively contributing and building an inclusive BACK culture in your role Additional Information: All role holders must maintain an appropriate standard of confidentiality. Any disclosures of confidential information (including personal information kept on computer or other media) made unlawfully outside the proper course of duty will be treated as a serious disciplinary offence The role description, person specification, job level and job title may be subject to change at the discretion of the RFU and under business developments. Any changes will be communicated to the role holder as appropriate If you are a trans candidate applying for a job that requires a DBS check, please reach out to or directly to our safeguarding team ( ) to use the confidential sensitive application route. This will provide applicants with the choice not to have any gender or name information disclosed on their DBS certificate. What we can offer you We are proud of the range of benefits we can provide: Retail discounts include 30% off Adidas, 20% off Optimum Nutrition, 25% off 02 and many more. Priority access to purchase match tickets 25% discount in Rugby Store and 25 days of annual leave and your birthday day off Free dental care and free access to the stadium gym Life assurance of 4x your basic salary, income protection scheme and Employee Assistance Programme that offers anonymous and confidential, emotional and practical support 24/7. After 3 months, you will be enrolled in our Aviva pension scheme and we will match and double your contribution up to 10% Ride-to-work scheme, eyecare vouchers and season ticket loans About our team At England Rugby, we want to hear our employees' thoughts, ideas and feedback on our strategies, new initiatives and our work environment. That's why we have quarterly meetings called 'the Voice' where various topics are discussed, in addition to regular surveys, including our annual D&I survey. We are always striving to create the best environment for our colleagues, and we are proud to present some of our most recent feedback from Feb 2022: 85% feel motivated to perform their role to the best of their ability 83% feel supported by their Manager 90% agree or strongly agree that their Manager empowers and trusts them to deliver while working from home 83% feel informed and connected with the organisation If you would like to find out more about our diversity and inclusion work or the culture at England Rugby, please visit our website here: Please submit a CV and covering letter with your application for this role. Please note the instructions around submitting these documents when you get to that stage of your application as we're working hard to make our recruitment processes as inclusive as possible and reducing our potential unconscious bias. About Us About England Rugby England Rugby or Rugby Football Union (RFU) is the national governing body for rugby in England. We deliver three core activities, and our purpose is to enrich lives, introduce more people to rugby union and develop the sport for future generations. Our core activities are: Rugby - supporting rugby from grassroots to performance level Commercial - building partnerships and hosting matches and events Running the business - ensuring our organization and people can thrive Our Culture At England Rugby, one of our core objectives is to drive rugby union to better reflect the diversity of society. We are aware that rugby, and sports in general, has not always been as welcoming an environment for everyone as we would like, and we are working hard to make rugby a more inclusive space for all identities. We believe hiring people from underrepresented groups into positions at all levels is vital to creating spaces and initiatives that better support those identities. We would love to see applications from disabled people, LGBTQ+ people, people from ethnically diverse communities, people of faith, people from lower socio-economic backgrounds, and women and non-binary people. We know that representation is more than just getting people through the door, it's about keeping people by responding to structural barriers relating to identities and valuing the insights that different lived experiences bring. We have network groups that provide peer-to-peer support and drive forward change internally. We support colleagues to develop, and each colleague has access to a personal coaching platform that can provide same-day one-to-one coaching. We are pushing ourselves to create a more inclusive culture every day through role modelling our BACK behaviours which stand for Brave, Accountable, Collaborative and Keep improving. We know that flexible working is important to our colleagues, so our guiding principles are designed to support everyone to work in the way that suits them, their teams, and the organization in the best way. We want you to have every opportunity to demonstrate your skills, ability and potential. If there is anything we could do to support you through your application or to provide the best environment for your interviews, including assistance or adjustment, please reach out to . What we can offer you We are proud of the range of benefits we can provide: Retail discounts include 30% off Adidas, 20% off Optimum Nutrition, 25% off 02 and many more Priority access to purchase match tickets 25% discount in Rugby Store and 25 days of annual leave and your birthday day off Free dental care and free access to the stadium gym Life assurance of 4x your basic salary, income protection scheme and Employee Assistance Programme that offers anonymous and confidential, emotional and practical support 24/7..... click apply for full job details
IT Manager Aon needs to ensure that all its systems are compliant with SOX, PCI, HIPAA, GDPR, SOC1 and SOC2 regulations. It needs resources to facilitate the auditing of controls in place for compliance with those regulations, ensure that the technical teams have the evidence to prove their controls are in place, and if they are not, they need to work with the stakeholders and the technical teams to get them in place. This will be a Virtual role where office visits will be limited The business of better decisions At Aon, we shape decisions for the better to protect and enrich the lives of people around the world. As an organisation, we are united through trust as one inclusive, diverse team, and we are passionate about helping our colleagues and clients succeed. What the day will look like Lead and oversee a varied and sophisticated regulatory compliance program covering multiple domains and disciplines. Lead and effectively manage compliance audits and coordinate with stakeholder IT Platform Services and Global Security Services team in delivering ITGC mandates. Maintain, manage and monitor regional and local compliance to the internal control frameworks such as the IT Risk Standards, Internal Controls Framework, SOX, HIPAA, PCI, GDPR, SOC1 and SOC2 regulatory / legal and other obligations / requirements. Appropriately analyse ITGC findings and participate in remediation of issues with control owner /assurance partners. Provide support in using Evidence Repository to control owners (i.e. Archer). Provide support of policy/standards exceptions, report status to regional and local management, and advice on corrective actions. Skills and experience that will lead to success Compliance or auditing experience for minimum of two regulations - SOX, HIPAA, PCI, GDPR, SOC1 and SOC2 Detailed knowledge of ITGC, Auditing principles. Knowledge of controls manifestation in large global corporations with regional and local presence is required Ability to investigate, question and interpret internal and external IT audit and compliance issue is required. Prior experience in audit, risk management, governance, IT security and compliance functions. How we support our colleagues In addition to our comprehensive benefits package, we encourage a diverse workforce. Plus, our agile, inclusive environment allows you to manage your wellbeing and work/life balance, ensuring you can be your best self at Aon. Furthermore, all colleagues enjoy two "Global Wellbeing Days" each year, encouraging you to take time to focus on yourself. We offer a variety of working style solutions, but we also recognise that flexibility goes beyond just the place of work... and we are all for it. We call this Smart Working! Our continuous learning culture encourages and equips you to learn, share and grow, helping you achieve your fullest potential. As a result, at Aon, you are more connected, more relevant, and more valued. We provide individuals with disabilities reasonable accommodations to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment in accordance with applicable law. Please contact us to request an accommodation on Aon values an innovative, diverse workplace where all colleagues feel empowered to be their authentic selves. Aon is proud to be an equal opportunity workplace.
Sep 23, 2022
Full time
IT Manager Aon needs to ensure that all its systems are compliant with SOX, PCI, HIPAA, GDPR, SOC1 and SOC2 regulations. It needs resources to facilitate the auditing of controls in place for compliance with those regulations, ensure that the technical teams have the evidence to prove their controls are in place, and if they are not, they need to work with the stakeholders and the technical teams to get them in place. This will be a Virtual role where office visits will be limited The business of better decisions At Aon, we shape decisions for the better to protect and enrich the lives of people around the world. As an organisation, we are united through trust as one inclusive, diverse team, and we are passionate about helping our colleagues and clients succeed. What the day will look like Lead and oversee a varied and sophisticated regulatory compliance program covering multiple domains and disciplines. Lead and effectively manage compliance audits and coordinate with stakeholder IT Platform Services and Global Security Services team in delivering ITGC mandates. Maintain, manage and monitor regional and local compliance to the internal control frameworks such as the IT Risk Standards, Internal Controls Framework, SOX, HIPAA, PCI, GDPR, SOC1 and SOC2 regulatory / legal and other obligations / requirements. Appropriately analyse ITGC findings and participate in remediation of issues with control owner /assurance partners. Provide support in using Evidence Repository to control owners (i.e. Archer). Provide support of policy/standards exceptions, report status to regional and local management, and advice on corrective actions. Skills and experience that will lead to success Compliance or auditing experience for minimum of two regulations - SOX, HIPAA, PCI, GDPR, SOC1 and SOC2 Detailed knowledge of ITGC, Auditing principles. Knowledge of controls manifestation in large global corporations with regional and local presence is required Ability to investigate, question and interpret internal and external IT audit and compliance issue is required. Prior experience in audit, risk management, governance, IT security and compliance functions. How we support our colleagues In addition to our comprehensive benefits package, we encourage a diverse workforce. Plus, our agile, inclusive environment allows you to manage your wellbeing and work/life balance, ensuring you can be your best self at Aon. Furthermore, all colleagues enjoy two "Global Wellbeing Days" each year, encouraging you to take time to focus on yourself. We offer a variety of working style solutions, but we also recognise that flexibility goes beyond just the place of work... and we are all for it. We call this Smart Working! Our continuous learning culture encourages and equips you to learn, share and grow, helping you achieve your fullest potential. As a result, at Aon, you are more connected, more relevant, and more valued. We provide individuals with disabilities reasonable accommodations to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment in accordance with applicable law. Please contact us to request an accommodation on Aon values an innovative, diverse workplace where all colleagues feel empowered to be their authentic selves. Aon is proud to be an equal opportunity workplace.
Finance Analyst, Return-to-WorkJob ID: Amazon UK Services Ltd. Are you ready to relaunch your Finance career? Have you been out of the workforce for an extended time? Or have you been working in a different field and want to return to a career in Finance? Would you like to restart your career in a fully paid Returnship Programme at Amazon with the potential to progress to a permanent full-time position About the Returnship Programme This 16-week paid employment opportunity is available to you if you are looking to resume your professional career after experiencing a period of under-employment and/or unemployment This program offers you a chance to revamp your skills, update your resume with new experience, and make connections with other professionals who are returning to their careers. Benefits included in the Program:Paid, 16 week, Fixed Term ContractGreat benefits - access to Amazon's benefits. See more here.Work from home for the duration of the Returnship if you preferFlexibility - Your manager will work with you to establish the best and most productive use of your on real-life projects as well as the typical day-to-day responsibilities of your role Extensive support and mentorship to get you back up to speed Upon successful completion of the Programme, there is the potential of an offer for full-time employment which will be based in the Amazon office in London. Who can apply? For this opportunity, the Amazon Returnship Programme welcomes Returners with previous experience in a Finance or similar Analytical role to apply. If you have a gap in your employment, for whatever reason, then we would like to hear from you. If you are currently under-employed or employed in a different field, and want to return to Finance, then we would like to hear from you. You must be living in, and have the right to work full time in, United Kingdom to apply. You must be available to start working fulltime in the Returnship Programme if your application is successful. About the Finance Analyst Role Responsibilities: Ensure that financial controls and processes are in place and respected through continuous audit, reporting, and systems implementation Lead continuous cost improvements, and track savings. Present, defend, and gain support for these initiatives from senior management. Establish and maintain operating and business metrics, and improve accuracy and pace of the decision based on metrics. Enhance and scale existing tools, develop agile processes, design and implement new solutions Integrate data improvements and increase visibility into financial reporting and planning processes BASIC QUALIFICATIONS Bachelor's degree Not currently enrolled in a Bachelor's or Master's degree program 3 or more years relevant experience within a highly analytical role PREFERRED QUALIFICATIONS Advanced computer literacy (MS Excel, SQL) Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice to know more about how we collect, use and transfer the personal data of our candidates.
Sep 23, 2022
Full time
Finance Analyst, Return-to-WorkJob ID: Amazon UK Services Ltd. Are you ready to relaunch your Finance career? Have you been out of the workforce for an extended time? Or have you been working in a different field and want to return to a career in Finance? Would you like to restart your career in a fully paid Returnship Programme at Amazon with the potential to progress to a permanent full-time position About the Returnship Programme This 16-week paid employment opportunity is available to you if you are looking to resume your professional career after experiencing a period of under-employment and/or unemployment This program offers you a chance to revamp your skills, update your resume with new experience, and make connections with other professionals who are returning to their careers. Benefits included in the Program:Paid, 16 week, Fixed Term ContractGreat benefits - access to Amazon's benefits. See more here.Work from home for the duration of the Returnship if you preferFlexibility - Your manager will work with you to establish the best and most productive use of your on real-life projects as well as the typical day-to-day responsibilities of your role Extensive support and mentorship to get you back up to speed Upon successful completion of the Programme, there is the potential of an offer for full-time employment which will be based in the Amazon office in London. Who can apply? For this opportunity, the Amazon Returnship Programme welcomes Returners with previous experience in a Finance or similar Analytical role to apply. If you have a gap in your employment, for whatever reason, then we would like to hear from you. If you are currently under-employed or employed in a different field, and want to return to Finance, then we would like to hear from you. You must be living in, and have the right to work full time in, United Kingdom to apply. You must be available to start working fulltime in the Returnship Programme if your application is successful. About the Finance Analyst Role Responsibilities: Ensure that financial controls and processes are in place and respected through continuous audit, reporting, and systems implementation Lead continuous cost improvements, and track savings. Present, defend, and gain support for these initiatives from senior management. Establish and maintain operating and business metrics, and improve accuracy and pace of the decision based on metrics. Enhance and scale existing tools, develop agile processes, design and implement new solutions Integrate data improvements and increase visibility into financial reporting and planning processes BASIC QUALIFICATIONS Bachelor's degree Not currently enrolled in a Bachelor's or Master's degree program 3 or more years relevant experience within a highly analytical role PREFERRED QUALIFICATIONS Advanced computer literacy (MS Excel, SQL) Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice to know more about how we collect, use and transfer the personal data of our candidates.
Finance Business Partner, Return-to-workJob ID: Amazon UK Services Ltd.Job summary Are you ready to relaunch your Finance career? Have you been out of the workforce for an extended time? Or have you been working in a different field and want to return to a career in Finance? Restart your career in a fully paid Returnship Programme at Amazon with the potential to progress to a permanent full-time position. About the Returnship Programme This 16-week paid employment opportunity is available to you if you are looking to resume your professional career after experiencing a period of under-employment and/or unemployment. This program offers you a chance to revamp your skills, update your resume with new experience, and make connections with other professionals who are returning to their careers. Benefits included in the Program: Paid, 16 week, Fixed Term Contract Access to Amazon's Great Benefits . See more here. ( ) Opportunity to Work from home for the duration of the Returnship Flexibility - Your manager will work with you to establish the best and most productive use of your time. Work on real-life projects Extensive support and mentorship to get you back up to speed Upon successful completion of the Programme, there is the potential of an offer for full-time employment which will be based in the Amazon office in London. Who can apply? For this opportunity, the Amazon Returnship Programme welcomes Returners with previous experience in Finance or a similar Analytical role to apply. If you have a gap in your employment, for whatever reason, or if you are currently under-employed or employed in a different field, and want to return to Finance, then we would like to hear from you. To apply you must be living in, and have the right to work full time in, the United Kingdom and be available to start working fulltime in the Returnship Programme if your application is successful. Key job responsibilities Provide data driven insights the empower your stakeholders to make business decisions that improve performance Ensure that financial controls and processes are in place and respected through continuous audit, reporting, and systems implementation Lead continuous cost improvements, and track savings. Present, defend, and gain support for these initiatives from senior management. Establish and maintain operating and business metrics, and improve accuracy and pace of the decision based on metrics. Enhance and scale existing tools, develop agile processes, design and implement new solutions Integrate data improvements and increase visibility into financial reporting and planning processes If you transition to a permanent position after the programme you will need to live within commuting distance of the Amazon London office.BASIC QUALIFICATIONS Bachelor's degree Not currently enrolled in a Bachelor's or Master's degree program 3 or more years of relevant experience within a highly analytical role PREFERRED QUALIFICATIONS Advanced computer literacy (MS Excel, SQL) Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates. Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need an adjustment during the application and hiring process, including support for the interview or onboarding process, please contact the Applicant-Candidate Accommodation Team (ACAT), Monday through Friday from 7:00 am GMT - 4:00 pm GMT. If calling directly from the United Kingdom, please dial (tel: ). If calling from Ireland, please dial (tel: ).
Sep 23, 2022
Full time
Finance Business Partner, Return-to-workJob ID: Amazon UK Services Ltd.Job summary Are you ready to relaunch your Finance career? Have you been out of the workforce for an extended time? Or have you been working in a different field and want to return to a career in Finance? Restart your career in a fully paid Returnship Programme at Amazon with the potential to progress to a permanent full-time position. About the Returnship Programme This 16-week paid employment opportunity is available to you if you are looking to resume your professional career after experiencing a period of under-employment and/or unemployment. This program offers you a chance to revamp your skills, update your resume with new experience, and make connections with other professionals who are returning to their careers. Benefits included in the Program: Paid, 16 week, Fixed Term Contract Access to Amazon's Great Benefits . See more here. ( ) Opportunity to Work from home for the duration of the Returnship Flexibility - Your manager will work with you to establish the best and most productive use of your time. Work on real-life projects Extensive support and mentorship to get you back up to speed Upon successful completion of the Programme, there is the potential of an offer for full-time employment which will be based in the Amazon office in London. Who can apply? For this opportunity, the Amazon Returnship Programme welcomes Returners with previous experience in Finance or a similar Analytical role to apply. If you have a gap in your employment, for whatever reason, or if you are currently under-employed or employed in a different field, and want to return to Finance, then we would like to hear from you. To apply you must be living in, and have the right to work full time in, the United Kingdom and be available to start working fulltime in the Returnship Programme if your application is successful. Key job responsibilities Provide data driven insights the empower your stakeholders to make business decisions that improve performance Ensure that financial controls and processes are in place and respected through continuous audit, reporting, and systems implementation Lead continuous cost improvements, and track savings. Present, defend, and gain support for these initiatives from senior management. Establish and maintain operating and business metrics, and improve accuracy and pace of the decision based on metrics. Enhance and scale existing tools, develop agile processes, design and implement new solutions Integrate data improvements and increase visibility into financial reporting and planning processes If you transition to a permanent position after the programme you will need to live within commuting distance of the Amazon London office.BASIC QUALIFICATIONS Bachelor's degree Not currently enrolled in a Bachelor's or Master's degree program 3 or more years of relevant experience within a highly analytical role PREFERRED QUALIFICATIONS Advanced computer literacy (MS Excel, SQL) Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates. Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need an adjustment during the application and hiring process, including support for the interview or onboarding process, please contact the Applicant-Candidate Accommodation Team (ACAT), Monday through Friday from 7:00 am GMT - 4:00 pm GMT. If calling directly from the United Kingdom, please dial (tel: ). If calling from Ireland, please dial (tel: ).
Senior Finance Business Partner, Return-To-WorkJob ID: Amazon UK Services Ltd.Job summary Are you ready to relaunch your Finance career? Have you been out of the workforce for an extended time? Or have you been working in a different field and want to return to a career in Finance? Restart your career in a fully paid Returnship Programme at Amazon with the potential to progress to a permanent full-time position. About the Returnship Programme This 16-week paid employment opportunity is available to you if you are looking to resume your professional career after experiencing a period of under-employment and/or unemployment This program offers you a chance to revamp your skills, update your resume with new experience, and make connections with other professionals who are returning to their careers. Benefits included in the Program: Paid, 16 week, Fixed Term Contract Opportunity to Work from home for the duration of the Returnship Flexibility - Your manager will work with you to establish the best and most productive use of your time. Work on real-life projects Extensive support and mentorship to get you back up to speed The possibility of full-time employment at the end of the programme and incountry relocation assistance for moving to the hiring location Upon successful completion of the Programme, there is the potential of an offer for full-time employment which will be based in the Amazon office in London. Who can apply? For this opportunity, the Amazon Returnship Programme welcomes Returners with previous experience in Finance or a similar Analytical role to apply. If you have a gap in your employment, for whatever reason, or if you are currently under-employed or employed in a different field, and want to return to Finance, then we would like to hear from you. To apply you must be living in, and have the right to work full time in, the United Kingdom and be available to start working fulltime in the Returnship Programme if your application is successful. Key job responsibilities Provide data driven insights the empower your stakeholders to make business decisions that improve performance Ensure that financial controls and processes are in place and respected through continuous audit, reporting, and systems implementation Lead continuous cost improvements, and track savings. Present, defend, and gain support for these initiatives from senior management. Establish and maintain operating and business metrics, and improve accuracy and pace of the decision based on metrics. Enhance and scale existing tools, develop agile processes, design and implement new solutions Integrate data improvements and increase visibility into financial reporting and planning processes If you transition to a permanent position after the programme you will need to live within commuting distance of the Amazon London office.BASIC QUALIFICATIONS Bachelor's degree Not currently enrolled in a Bachelor's or Master's degree program 6 or more years of relevant experience within a relevant highly analytical role PREFERRED QUALIFICATIONS Advanced computer literacy (MS Excel, SQL) Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates. Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need an adjustment during the application and hiring process, including support for the interview or onboarding process, please contact the Applicant-Candidate Accommodation Team (ACAT), Monday through Friday from 7:00 am GMT - 4:00 pm GMT. If calling directly from the United Kingdom, please dial (tel: ). If calling from Ireland, please dial (tel: ).
Sep 23, 2022
Full time
Senior Finance Business Partner, Return-To-WorkJob ID: Amazon UK Services Ltd.Job summary Are you ready to relaunch your Finance career? Have you been out of the workforce for an extended time? Or have you been working in a different field and want to return to a career in Finance? Restart your career in a fully paid Returnship Programme at Amazon with the potential to progress to a permanent full-time position. About the Returnship Programme This 16-week paid employment opportunity is available to you if you are looking to resume your professional career after experiencing a period of under-employment and/or unemployment This program offers you a chance to revamp your skills, update your resume with new experience, and make connections with other professionals who are returning to their careers. Benefits included in the Program: Paid, 16 week, Fixed Term Contract Opportunity to Work from home for the duration of the Returnship Flexibility - Your manager will work with you to establish the best and most productive use of your time. Work on real-life projects Extensive support and mentorship to get you back up to speed The possibility of full-time employment at the end of the programme and incountry relocation assistance for moving to the hiring location Upon successful completion of the Programme, there is the potential of an offer for full-time employment which will be based in the Amazon office in London. Who can apply? For this opportunity, the Amazon Returnship Programme welcomes Returners with previous experience in Finance or a similar Analytical role to apply. If you have a gap in your employment, for whatever reason, or if you are currently under-employed or employed in a different field, and want to return to Finance, then we would like to hear from you. To apply you must be living in, and have the right to work full time in, the United Kingdom and be available to start working fulltime in the Returnship Programme if your application is successful. Key job responsibilities Provide data driven insights the empower your stakeholders to make business decisions that improve performance Ensure that financial controls and processes are in place and respected through continuous audit, reporting, and systems implementation Lead continuous cost improvements, and track savings. Present, defend, and gain support for these initiatives from senior management. Establish and maintain operating and business metrics, and improve accuracy and pace of the decision based on metrics. Enhance and scale existing tools, develop agile processes, design and implement new solutions Integrate data improvements and increase visibility into financial reporting and planning processes If you transition to a permanent position after the programme you will need to live within commuting distance of the Amazon London office.BASIC QUALIFICATIONS Bachelor's degree Not currently enrolled in a Bachelor's or Master's degree program 6 or more years of relevant experience within a relevant highly analytical role PREFERRED QUALIFICATIONS Advanced computer literacy (MS Excel, SQL) Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates. Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need an adjustment during the application and hiring process, including support for the interview or onboarding process, please contact the Applicant-Candidate Accommodation Team (ACAT), Monday through Friday from 7:00 am GMT - 4:00 pm GMT. If calling directly from the United Kingdom, please dial (tel: ). If calling from Ireland, please dial (tel: ).
We are the world's largest university press. We have both a worldwide reach and a personal understanding of local needs, partnering on the ground to adapt publications and resources to meet the individual needs of communities, societies, and countries. We partner with researchers, educators, and technology partners to stay ahead of the changing ways people around the world are accessing and sharing knowledge. With a presence in more than 50 countries and millions of customers around the world, an idea launched at OUP can have global impact. About the Role Working alongside a group of supportive global colleagues you'll work closely with the Group Accounting and Consolidation Manager during key times such as planning cycles, month end and year end. You'll also be encouraged to help with finance change projects alongside playing a role in continuous improvement within the team. Responsibilities include: Process all Group consolidations using the consolidation tool (Tagetik). This includes loading entity files, exchange rates and consolidation adjustments Investigate differences in inter-group reconciliations and resolve any issues, liaising with UK Finance and other OUP branches to recommend changes Record all the consolidation adjustments made and maintain appropriate back-up and audit trail Work independently to develop ad hoc reports required Maintain documentation and procedures manual, look for ways to improve procedures and controls Maintain a log of all returns/remittances into the Group Finance mailbox, keep track of any outstanding or late remittances Coordinate and monitor the review and approval of group subsidiary statutory accounts ensuring compliance with filing deadlines. We operate a hybrid working policy and expect this role to require approximately 2 days per week in the Oxford office with some flexibility to come in for certain days at key times e.g month end. About You You'll be an analytically minded individual who is committed to continuous improvement. To be considered for this role you will also have: Essential: Excellent organisation skills with the ability to work to multiple deadline Financial and/or analytical experience The ability to communicate with a variety of people Comfortable with data and reporting with good Microsoft Excel knowledge. Knowledge of accounting and double entry principles. Desirable: Experience of working with an ERP such as SAP or Oracle Experience of using a consolidation tool such as Hyperion. Benefits We care about work/life balance here at OUP. With this in mind we offer 25 days' holiday that rises with service, plus bank holidays and Christmas closure (3-days) and a 35-hour working week. We are open to discussing flexibility in respect of working hours and the use of technology to support regular remote working, dependent on role. We also have a great variety of active employee networks and societies. We help make your money go further by contributing to your pension up to 12%, offering loans and savings schemes through our partnership with Salary Finance, in addition to travel to work schemes and access to a wide range of local discounts. Please see our Rewards and Recognition page for more information. Queries Please contact with any queries relating to this role. We are committed to supporting diversity in our workforce, and ensuring an inclusive environment where all individuals can thrive. We seek to employ a workforce representative of the markets that we serve and encourage applications from all.
Sep 19, 2022
Full time
We are the world's largest university press. We have both a worldwide reach and a personal understanding of local needs, partnering on the ground to adapt publications and resources to meet the individual needs of communities, societies, and countries. We partner with researchers, educators, and technology partners to stay ahead of the changing ways people around the world are accessing and sharing knowledge. With a presence in more than 50 countries and millions of customers around the world, an idea launched at OUP can have global impact. About the Role Working alongside a group of supportive global colleagues you'll work closely with the Group Accounting and Consolidation Manager during key times such as planning cycles, month end and year end. You'll also be encouraged to help with finance change projects alongside playing a role in continuous improvement within the team. Responsibilities include: Process all Group consolidations using the consolidation tool (Tagetik). This includes loading entity files, exchange rates and consolidation adjustments Investigate differences in inter-group reconciliations and resolve any issues, liaising with UK Finance and other OUP branches to recommend changes Record all the consolidation adjustments made and maintain appropriate back-up and audit trail Work independently to develop ad hoc reports required Maintain documentation and procedures manual, look for ways to improve procedures and controls Maintain a log of all returns/remittances into the Group Finance mailbox, keep track of any outstanding or late remittances Coordinate and monitor the review and approval of group subsidiary statutory accounts ensuring compliance with filing deadlines. We operate a hybrid working policy and expect this role to require approximately 2 days per week in the Oxford office with some flexibility to come in for certain days at key times e.g month end. About You You'll be an analytically minded individual who is committed to continuous improvement. To be considered for this role you will also have: Essential: Excellent organisation skills with the ability to work to multiple deadline Financial and/or analytical experience The ability to communicate with a variety of people Comfortable with data and reporting with good Microsoft Excel knowledge. Knowledge of accounting and double entry principles. Desirable: Experience of working with an ERP such as SAP or Oracle Experience of using a consolidation tool such as Hyperion. Benefits We care about work/life balance here at OUP. With this in mind we offer 25 days' holiday that rises with service, plus bank holidays and Christmas closure (3-days) and a 35-hour working week. We are open to discussing flexibility in respect of working hours and the use of technology to support regular remote working, dependent on role. We also have a great variety of active employee networks and societies. We help make your money go further by contributing to your pension up to 12%, offering loans and savings schemes through our partnership with Salary Finance, in addition to travel to work schemes and access to a wide range of local discounts. Please see our Rewards and Recognition page for more information. Queries Please contact with any queries relating to this role. We are committed to supporting diversity in our workforce, and ensuring an inclusive environment where all individuals can thrive. We seek to employ a workforce representative of the markets that we serve and encourage applications from all.