CTP - Compliance & Assurance Officer
£45,192 to £49,280 plus a Location allowance of £1,721. You will receive £45,192 the band minimum. Progress to the band maximum of £49,280 will be via incremental progression.
Location: Across London
Take your place at the forefront of national security and public safety
Threats to the UK are always changing and evolving, especially when it comes to cyber security. Counter Terrorism Policing (CTP) plays a crucial role in keeping our country — and everyone in it — safe. In this role, you’ll be contributing to something that really matters as you make sure that officers and staff can continue to protect the UK.
From monitoring mailboxes to supporting accreditation and managing enquiries, you’ll be responsible for providing CT governing bodies with assurance that policies and procedures are adhered to.
It will see you supporting regions right across the CTP Network and establish local mechanisms to continually monitor and maintain compliance. This will involve IT related monitoring and audits, and it’ll also call on your ability to collate, interpret and evaluate information to produce detailed reports in a clear format. You’ll be producing high level reports for senior management on assurance activity and findings, and making recommendations for any areas that could be improved.
You’ll need initiative, drive, personal resilience and the motivation to deliver a high quality service. Your experience in the administration of security incidents will be key, as will your skills in collaboration and stakeholder engagement. Ideally, you’ll also have a background or qualification in cyber security, computing or information security.
You can be sure you’ll be among some of the best and brightest individuals around. You’ll also have the chance to learn new skills and be part of a team operating at the highest level of national responsibilities.
As well as this, you’ll enjoy benefits including substantial annual leave, Civil Service pension arrangements, interest free season ticket loans, flexible working conditions and more.
Vetting
This post requires access to the most sensitive intelligence material on a daily basis. Applicants must hold or be prepared to undergo National Security Vetting (NSV) Developed Vetting (DV) level before taking up the post.
Additionally, this material is of particular sensitivity to the UK and its distribution must be restricted to UK nationals. In approved circumstances dual nationals (of which one element is British) may also be granted access. However, in the event that potential conflicts of interest cannot be managed the post holder will not be able to see the intelligence material and will not be able to perform their duties. For the purpose of safeguarding national security and in line with Cabinet Office Policy, supported by Section 82(2) to (4) of the Police Reform Act (2002), applicants who do not hold or acquire Security Check (enhanced) (SC(e)) or Developed Vetting (DV) clearance and meet the nationality requirements cannot be offered the post.
Confidentiality Agreement
Applicants should also be aware of the need to sign a confidentiality agreement on taking up the post.
Our Employee Commitments
Counter Terrorism Policing aims to create an inclusive and welcoming atmosphere and culture and an environment where all our people feel a strong sense of belonging and are able to reach their full potential. Where any group or individual can be and feel respected, supported and valued to fully participate and contribute to our mission of “Working to keep people safe from Terrorism”.
Inclusion, diversity and equality is at the front and centre of our approach to make the composition of Counter Terrorism Policing more representative of the communities we serve. As Counter Terrorism is rooted in Local Policing, to tackle today’s complex policing challenges, applications from across all communities are therefore essential and encouraged. Counter Terrorism Policing as a network is committed to ensuring that disabled people and those with long-term health conditions have the opportunities to fulfil their potential and realise their aspirations’.
Counter Terrorism Policing is committed to creating an inclusive working environment. We welcome and encourage applications from candidates who are seeking flexible working arrangements and including part time working or job share. In addition, this role has been reviewed following learning from work during the Covid pandemic and may be done in an agile manner. In the first instance, please contact the vacancy holder to discuss how such arrangements could be accommodated (where applicable).
Counter Terrorism Policing recruitment is open to all, but we are keen to positively support those who are younger in service to join into our specialist environment.
Please click on the below link to view an online candidate information pack that will you give you an insight into the Met, the competency framework we use which shapes our daily work behaviours, the application process and a host of other information, that will help inform and support your application:
https://sscl-innovation.com/MPScandidatepack/
Click the apply now button below and start your career at the Met . Applications will be via a detailed CV and online application form.
Completed applications must be submitted by 10 January 2023.
We view diversity as fundamental to our success. To tackle today’s complex policing challenges, we need a workforce made up from all of London’s communities. Applications from across the community are therefore essential.
As a Disability Confident Committed Employer the Met have committed to ensuring that disabled people and those with long-term health conditions have the opportunities to fulfil their potential and realise their aspirations.
Dec 13, 2022
Full time
CTP - Compliance & Assurance Officer
£45,192 to £49,280 plus a Location allowance of £1,721. You will receive £45,192 the band minimum. Progress to the band maximum of £49,280 will be via incremental progression.
Location: Across London
Take your place at the forefront of national security and public safety
Threats to the UK are always changing and evolving, especially when it comes to cyber security. Counter Terrorism Policing (CTP) plays a crucial role in keeping our country — and everyone in it — safe. In this role, you’ll be contributing to something that really matters as you make sure that officers and staff can continue to protect the UK.
From monitoring mailboxes to supporting accreditation and managing enquiries, you’ll be responsible for providing CT governing bodies with assurance that policies and procedures are adhered to.
It will see you supporting regions right across the CTP Network and establish local mechanisms to continually monitor and maintain compliance. This will involve IT related monitoring and audits, and it’ll also call on your ability to collate, interpret and evaluate information to produce detailed reports in a clear format. You’ll be producing high level reports for senior management on assurance activity and findings, and making recommendations for any areas that could be improved.
You’ll need initiative, drive, personal resilience and the motivation to deliver a high quality service. Your experience in the administration of security incidents will be key, as will your skills in collaboration and stakeholder engagement. Ideally, you’ll also have a background or qualification in cyber security, computing or information security.
You can be sure you’ll be among some of the best and brightest individuals around. You’ll also have the chance to learn new skills and be part of a team operating at the highest level of national responsibilities.
As well as this, you’ll enjoy benefits including substantial annual leave, Civil Service pension arrangements, interest free season ticket loans, flexible working conditions and more.
Vetting
This post requires access to the most sensitive intelligence material on a daily basis. Applicants must hold or be prepared to undergo National Security Vetting (NSV) Developed Vetting (DV) level before taking up the post.
Additionally, this material is of particular sensitivity to the UK and its distribution must be restricted to UK nationals. In approved circumstances dual nationals (of which one element is British) may also be granted access. However, in the event that potential conflicts of interest cannot be managed the post holder will not be able to see the intelligence material and will not be able to perform their duties. For the purpose of safeguarding national security and in line with Cabinet Office Policy, supported by Section 82(2) to (4) of the Police Reform Act (2002), applicants who do not hold or acquire Security Check (enhanced) (SC(e)) or Developed Vetting (DV) clearance and meet the nationality requirements cannot be offered the post.
Confidentiality Agreement
Applicants should also be aware of the need to sign a confidentiality agreement on taking up the post.
Our Employee Commitments
Counter Terrorism Policing aims to create an inclusive and welcoming atmosphere and culture and an environment where all our people feel a strong sense of belonging and are able to reach their full potential. Where any group or individual can be and feel respected, supported and valued to fully participate and contribute to our mission of “Working to keep people safe from Terrorism”.
Inclusion, diversity and equality is at the front and centre of our approach to make the composition of Counter Terrorism Policing more representative of the communities we serve. As Counter Terrorism is rooted in Local Policing, to tackle today’s complex policing challenges, applications from across all communities are therefore essential and encouraged. Counter Terrorism Policing as a network is committed to ensuring that disabled people and those with long-term health conditions have the opportunities to fulfil their potential and realise their aspirations’.
Counter Terrorism Policing is committed to creating an inclusive working environment. We welcome and encourage applications from candidates who are seeking flexible working arrangements and including part time working or job share. In addition, this role has been reviewed following learning from work during the Covid pandemic and may be done in an agile manner. In the first instance, please contact the vacancy holder to discuss how such arrangements could be accommodated (where applicable).
Counter Terrorism Policing recruitment is open to all, but we are keen to positively support those who are younger in service to join into our specialist environment.
Please click on the below link to view an online candidate information pack that will you give you an insight into the Met, the competency framework we use which shapes our daily work behaviours, the application process and a host of other information, that will help inform and support your application:
https://sscl-innovation.com/MPScandidatepack/
Click the apply now button below and start your career at the Met . Applications will be via a detailed CV and online application form.
Completed applications must be submitted by 10 January 2023.
We view diversity as fundamental to our success. To tackle today’s complex policing challenges, we need a workforce made up from all of London’s communities. Applications from across the community are therefore essential.
As a Disability Confident Committed Employer the Met have committed to ensuring that disabled people and those with long-term health conditions have the opportunities to fulfil their potential and realise their aspirations.
Alexander Mann Solutions - Public Sector Resourcing
City, London
Swift Configuration Analyst - (Inside IR35) Contract Term: 6 Months Contracting Authority: Bank of England Location: London - Hybrid Description: We are seeking an experienced senior configuration analyst to join the Financial Messaging Services team (FMS) within the Digital Platforms division of Technology. FMS support and configure third party applications and hardware, primarily products provided by SWIFT. The successful candidate should have extensive previous experience of configuring and supporting SWIFT products. Summary of the Team/Division Technology manage and support all aspect of technology delivery across the Bank, from maintaining critical systems which underpin the UK economy, to providing complex data analytics, implementing comprehensive cyber security programmes, and introducing innovative solutions in support of a digital workplace. Technology's key objective is to support all other areas of the Bank in achieving our collective mission to promote the good of the people of the UK by maintaining monetary and financial stability. This is achieved through the delivery of appropriate, high performing, resilient solutions and information services across the organisation and externally. The Digital Platforms division develops and maintains our IT applications and infrastructure, working with Architecture, Analysis and Consultancy to translate requirements and high-level outline solutions into new and enhanced services. Digital Platforms also provides on-going maintenance and support across our IT estate to ensure that we continually deliver great service to our customers. Within Digital Platforms, Financial Systems Solutions (FSS) develops and supports a number of the Bank's critical services. Within FSS itself, FMS support a number of key third party applications and some hardware associated with the Bank of England financial messaging services. The team's primary focus is on the support and configuration of SWIFT products plus a small number of other applications which interact with SWIFT messages. The Bank uses SWIFT for a number of key services within the Banking, Payments and Innovation directorate. As the Operator of the UK Real-Time Gross Settlement System (RTGS), the reliance on SWIFT is paramount. Detailed Description of the Role : We are seeking an experienced senior configuration analyst to join the Financial Messaging Services team. From a service perspective, the team are responsible for maintaining and supporting the Bank's SWIFT product estate which underpin critical financial services within the Banking, Payments and Financial Resilience directorate. Key areas of responsibility are: Technica l Display an ability to provide technical leadership for the development and support of SWIFT services Use your technical and business experience to support the Bank's production and UAT financial messaging systems. Provide daily support of the Bank's operational Live and UAT financial messaging systems; monitoring performance and ensure full and rapid problem resolution. Provide out of hours support, including Bank holidays. Deliver high quality software components and documentation which conform to FMS guidelines and standards. Coordinate operational activity for a set of systems/services. This will include (but is not limited to) failover and backup tests, pen test response/remediation, audit actions, risk and threat registers and security reviews. Apply analytical and problem-solving skills to incidents, requests and problems (as defined by ITIL) Triage calls as they arrive, making initial assessments around impact and urgency to derive priority Proactively manage major/significant IT incidents. Service Improvement Proactively seek out system improvements that result in a reduction in support calls Implement process changes that improve the service delivered to the business Identify improvements that result in increased team performance against Technology's SLA Empower first line colleagues and the business to be able to resolve incidents and requests earlier in the lifecycle Team Working Engage with multiple stakeholders both internally and externally Ensure team standards and processes are adhered to Proactively contribute and update system/process documentation Consistently demonstrate Bank values in day to day work, namely being: collaborative, inclusive, empowering, decisive and open Adopt the Service First culture The ideal candidate will have: Demonstrable specialist experience of the following SWIFT products Alliance Connect Alliance Gateway Alliance Web Platform SWIFT Alliance Messaging Hub HSM Transaction Delivery Agent An ability to engage confidently and effectively with senior stakeholders, both business and technical The ability to create concise, informative technical documentation The ability to identify and escalate risks in the interests of protecting Live service/systems Have an understanding of good team practice and the ability to work with others sharing. Have the ability to form and maintain trusting relationships with business colleagues and demonstrate an understanding of business processes. The following skills and competencies are desirable for this role (although they could be learnt on the job): Demonstrable technical experience with the following products SWIFT Alliance Access SWIFT Security Officer and O2M IBM MQ Client Both Windows and Linux operating systems
Apr 19, 2024
Contractor
Swift Configuration Analyst - (Inside IR35) Contract Term: 6 Months Contracting Authority: Bank of England Location: London - Hybrid Description: We are seeking an experienced senior configuration analyst to join the Financial Messaging Services team (FMS) within the Digital Platforms division of Technology. FMS support and configure third party applications and hardware, primarily products provided by SWIFT. The successful candidate should have extensive previous experience of configuring and supporting SWIFT products. Summary of the Team/Division Technology manage and support all aspect of technology delivery across the Bank, from maintaining critical systems which underpin the UK economy, to providing complex data analytics, implementing comprehensive cyber security programmes, and introducing innovative solutions in support of a digital workplace. Technology's key objective is to support all other areas of the Bank in achieving our collective mission to promote the good of the people of the UK by maintaining monetary and financial stability. This is achieved through the delivery of appropriate, high performing, resilient solutions and information services across the organisation and externally. The Digital Platforms division develops and maintains our IT applications and infrastructure, working with Architecture, Analysis and Consultancy to translate requirements and high-level outline solutions into new and enhanced services. Digital Platforms also provides on-going maintenance and support across our IT estate to ensure that we continually deliver great service to our customers. Within Digital Platforms, Financial Systems Solutions (FSS) develops and supports a number of the Bank's critical services. Within FSS itself, FMS support a number of key third party applications and some hardware associated with the Bank of England financial messaging services. The team's primary focus is on the support and configuration of SWIFT products plus a small number of other applications which interact with SWIFT messages. The Bank uses SWIFT for a number of key services within the Banking, Payments and Innovation directorate. As the Operator of the UK Real-Time Gross Settlement System (RTGS), the reliance on SWIFT is paramount. Detailed Description of the Role : We are seeking an experienced senior configuration analyst to join the Financial Messaging Services team. From a service perspective, the team are responsible for maintaining and supporting the Bank's SWIFT product estate which underpin critical financial services within the Banking, Payments and Financial Resilience directorate. Key areas of responsibility are: Technica l Display an ability to provide technical leadership for the development and support of SWIFT services Use your technical and business experience to support the Bank's production and UAT financial messaging systems. Provide daily support of the Bank's operational Live and UAT financial messaging systems; monitoring performance and ensure full and rapid problem resolution. Provide out of hours support, including Bank holidays. Deliver high quality software components and documentation which conform to FMS guidelines and standards. Coordinate operational activity for a set of systems/services. This will include (but is not limited to) failover and backup tests, pen test response/remediation, audit actions, risk and threat registers and security reviews. Apply analytical and problem-solving skills to incidents, requests and problems (as defined by ITIL) Triage calls as they arrive, making initial assessments around impact and urgency to derive priority Proactively manage major/significant IT incidents. Service Improvement Proactively seek out system improvements that result in a reduction in support calls Implement process changes that improve the service delivered to the business Identify improvements that result in increased team performance against Technology's SLA Empower first line colleagues and the business to be able to resolve incidents and requests earlier in the lifecycle Team Working Engage with multiple stakeholders both internally and externally Ensure team standards and processes are adhered to Proactively contribute and update system/process documentation Consistently demonstrate Bank values in day to day work, namely being: collaborative, inclusive, empowering, decisive and open Adopt the Service First culture The ideal candidate will have: Demonstrable specialist experience of the following SWIFT products Alliance Connect Alliance Gateway Alliance Web Platform SWIFT Alliance Messaging Hub HSM Transaction Delivery Agent An ability to engage confidently and effectively with senior stakeholders, both business and technical The ability to create concise, informative technical documentation The ability to identify and escalate risks in the interests of protecting Live service/systems Have an understanding of good team practice and the ability to work with others sharing. Have the ability to form and maintain trusting relationships with business colleagues and demonstrate an understanding of business processes. The following skills and competencies are desirable for this role (although they could be learnt on the job): Demonstrable technical experience with the following products SWIFT Alliance Access SWIFT Security Officer and O2M IBM MQ Client Both Windows and Linux operating systems
End Date Wednesday 01 May 2024 Salary Range £0 - £0 We support flexible working - click here for more information on flexible working options Flexible Working Options Hybrid Working, Job Share Job Description Summary JOB TITLE:Head of Information, Cyber & Physical Security Risk Specialist LOCATION(S): Birmingham, Bristol, Edinburgh, Leeds, Halifax, Chester & Manchester HOURS: Full time WORKING PATTERN:Our work style is hybrid, which involves spending two days per week, or 40% of our time at one of our hubs. Who are we looking for? We re on an exciting journey and there couldn t be a better time to join us. We re putting in place a fresh operating model for non-financial risk management across the Group, empowering our people to take end-to-end accountability for managing the risks that they face! We're looking for a Head of Information, Cyber & Physical Security Risk Specialist who'll lead and develop its risk specialist centre of excellence, to support robust risk management in alignment with the Group s Enterprise Risk Management Framework (ERMF). This will include giving our senior leaders and Risk Owners of the Group businesses advice on their risk decisions, safely, and at pace. You will be part of management s security leadership team. To assure our Group s strategic transformation on this scale we need you to have a breadth and depth of knowledge in current tech, and we want you to be passionate about its application and how we manage its risk; prepare to disrupt the norm in the pursuit of the best possible customer and staff experience. You should have people at your heart; we strive for excellent customer experience but to achieve this we focus on our people - building a culture around continued learning and support so everyone can feel bold to share new ideas and solutions. You'll have deep operational risk knowledge and provide thought leadership, insight and oversight that supports the implementation of the second line of defence and executes its roles and responsibilities. You'll lead our approach to implementing risk policy, appetite, and control objectives to enable the delivery of customer, regulatory and business strategic outcomes. Job Description What will you be doing? Leads a diverse team of risk specialists, coaching and inspiring them to drive optimal risk outcomes for our customers, in collaboration with a wider team of risk and control experts Owns an effective policy and suite of control objectives to manage this risk type effectively across the Group. Owns the policy with complete traceability back to legal and regulatory requirements. Manages relationships with risk and control owners acting as primary Operational Risk specialist business partner, utilising their team to help deliver against customer, business and strategic outcomes. Takes responsibility for design and implementation of risk policies and appetite to enable the Group to meet regulatory and operational risk objectives, providing consistent, fair outcomes for customers. Leads continuous review and enhancement of risk policies & appetite through the identification & assessment of emerging & growing risks, ensure policies and appetite reflect new opportunities or threats. Establishes continuous monitoring and reporting of the Group s exposure relative to risk appetite, highlighting any significant deviations. Identifies and develops key risk indicators and key performance indicators to enable appropriate monitoring. Develops effective, ongoing data-led Operational Risk control objectives to meet the needs or risk and control owners, control specialist teams, Audit and external regulators. Supports control owners and specialists to implement control measures that are designed to achieve the control objectives, including advising on optimal implementations where appropriate. Regularly monitors and validates the effectiveness of the design of control measures to ensure they are achieving the control objectives. Leads the development and implementation of a risk and control oversight plan to assess compliance to relevant laws, regulations, industry standards and established controls. Interprets new operational risk regulation and emerging technology opportunities and threats accurately and adeptly. Forethinking the direction of travel and anticipating the impact of the proposed changes on the Group. Drives automation of risk and control measurement, monitoring, and reporting, in coordination with technology, data, and analytics teams, raising and defining action plans in pursuit of sustainable risk management. Innovates, ensuring we're future fit: build scenarios for different approaches to risk management and strategies for controls that tackle emerging and horizon risks, with clear options and recommendations. Provides pragmatic advice to support informed key risk decisions and trade-offs (balancing commerciality and risk appetite), being bold to call it , and influence senior decision makers. What will you need to bring? Detailed knowledge of the key security risks facing a financial services group, with a proven ability to assess and manage security risk and threats (e.g. using ISMS, MITRE ATT&CK, PASTA/STRIDE/DREAD frameworks and methodologies), set policy and manage compliance, design controls, provide assurance oversight and challenge, and offer advice balancing risk and reward. Experienced in the domains of information, cyber and physical security, with applied knowledge across key elements including identity and access management, data security, threat and vulnerability management, security architecture and design, security engineering and application development (inc. devsecops), cloud services and shared responsibility models (inc. native and microservices architecture), infrastructure security, people security, cryptography, security operations, and physical and environmental security. Demonstrable curiosity and understanding of the emerging technologies shaping the risk landscape (inc. AI, Digital Ledger Technology, Quantum). Considered a deep subject matter expert with a strong depth of understanding of the latest Operational Risk frameworks and technology being used across financial and non-financial services to enable them to lead a specialist risk centre of excellence. Experience of developing and owning group-level policy and setting risk-appetite, with expertise in continuous monitoring and reporting on group exposure. Able to set control objectives and set performance indicators. Demonstrates good and timely decision making that keeps the organisation moving forward and skilfully balances difficult trade-offs with the ability to understand business strategy and opportunity risks. Has examples where they have assimilated different sources of data and complex information to effectively problem solve and make relevant conclusions and recommendations. Demonstrates ability to interpret new operational risk regulation, emerging risks and technology innovations with forethinking to anticipate the impact of changes on the Group and act accordingly. Has acted as a Risk Specialist business partner, using strong communication skills to build partnerships and work collaboratively with others, including Risk Owner, Control Owner and Control Office to meet shared objectives. Able to work effectively with all other lines of defence and understands the different but complimentary roles. Seen as the primary Operational Risk specialist and expert across the Group to help deliver against aligned customer, business and strategic outcomes. Has examples of building effective, ongoing data-led Operational Risk control objectives working with others, including external regulators. Inspires others by gaining followership and commitment to future action through personal integrity and collaboration; demonstrating an inclusive approach. Coaches to go faster by demonstrating commitment to create an environment that builds teams with skills aligned to our Group Strategy and Purpose creating new and better ways for the organisation to change at pace. What s in it for you? You'll have both opportunity and profile - we'll provide you with a diverse, energising and lively environment that focuses on equal opportunity and real career progression in a leading digital organisation. We'll take your personal and professional development very seriously and enable you to make a genuine difference to millions throughout your career with us. We also offer a wide-ranging benefits package, which includes: A generous pension contribution of up to 15% An annual performance-related bonus Share schemes including free shares Benefits you can adapt to your lifestyle, such as discounted shopping 30 days holiday, with bank holidays on top A range of wellbeing initiatives and generous parental leave policies Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society and celebrates diversity in all its forms. We want our people to feel that they belong and can be their best, regardless of background, identity or culture. We were one of the first major organisations to set goals on diversity in senior roles, create a menopause health package, and a dedicated Working with Cancer initiative. And it s why we especially welcome applications from under-represented groups. We re disability confident. So if you d like reasonable adjustments to be made to our recruitment processes . click apply for full job details
Apr 19, 2024
Full time
End Date Wednesday 01 May 2024 Salary Range £0 - £0 We support flexible working - click here for more information on flexible working options Flexible Working Options Hybrid Working, Job Share Job Description Summary JOB TITLE:Head of Information, Cyber & Physical Security Risk Specialist LOCATION(S): Birmingham, Bristol, Edinburgh, Leeds, Halifax, Chester & Manchester HOURS: Full time WORKING PATTERN:Our work style is hybrid, which involves spending two days per week, or 40% of our time at one of our hubs. Who are we looking for? We re on an exciting journey and there couldn t be a better time to join us. We re putting in place a fresh operating model for non-financial risk management across the Group, empowering our people to take end-to-end accountability for managing the risks that they face! We're looking for a Head of Information, Cyber & Physical Security Risk Specialist who'll lead and develop its risk specialist centre of excellence, to support robust risk management in alignment with the Group s Enterprise Risk Management Framework (ERMF). This will include giving our senior leaders and Risk Owners of the Group businesses advice on their risk decisions, safely, and at pace. You will be part of management s security leadership team. To assure our Group s strategic transformation on this scale we need you to have a breadth and depth of knowledge in current tech, and we want you to be passionate about its application and how we manage its risk; prepare to disrupt the norm in the pursuit of the best possible customer and staff experience. You should have people at your heart; we strive for excellent customer experience but to achieve this we focus on our people - building a culture around continued learning and support so everyone can feel bold to share new ideas and solutions. You'll have deep operational risk knowledge and provide thought leadership, insight and oversight that supports the implementation of the second line of defence and executes its roles and responsibilities. You'll lead our approach to implementing risk policy, appetite, and control objectives to enable the delivery of customer, regulatory and business strategic outcomes. Job Description What will you be doing? Leads a diverse team of risk specialists, coaching and inspiring them to drive optimal risk outcomes for our customers, in collaboration with a wider team of risk and control experts Owns an effective policy and suite of control objectives to manage this risk type effectively across the Group. Owns the policy with complete traceability back to legal and regulatory requirements. Manages relationships with risk and control owners acting as primary Operational Risk specialist business partner, utilising their team to help deliver against customer, business and strategic outcomes. Takes responsibility for design and implementation of risk policies and appetite to enable the Group to meet regulatory and operational risk objectives, providing consistent, fair outcomes for customers. Leads continuous review and enhancement of risk policies & appetite through the identification & assessment of emerging & growing risks, ensure policies and appetite reflect new opportunities or threats. Establishes continuous monitoring and reporting of the Group s exposure relative to risk appetite, highlighting any significant deviations. Identifies and develops key risk indicators and key performance indicators to enable appropriate monitoring. Develops effective, ongoing data-led Operational Risk control objectives to meet the needs or risk and control owners, control specialist teams, Audit and external regulators. Supports control owners and specialists to implement control measures that are designed to achieve the control objectives, including advising on optimal implementations where appropriate. Regularly monitors and validates the effectiveness of the design of control measures to ensure they are achieving the control objectives. Leads the development and implementation of a risk and control oversight plan to assess compliance to relevant laws, regulations, industry standards and established controls. Interprets new operational risk regulation and emerging technology opportunities and threats accurately and adeptly. Forethinking the direction of travel and anticipating the impact of the proposed changes on the Group. Drives automation of risk and control measurement, monitoring, and reporting, in coordination with technology, data, and analytics teams, raising and defining action plans in pursuit of sustainable risk management. Innovates, ensuring we're future fit: build scenarios for different approaches to risk management and strategies for controls that tackle emerging and horizon risks, with clear options and recommendations. Provides pragmatic advice to support informed key risk decisions and trade-offs (balancing commerciality and risk appetite), being bold to call it , and influence senior decision makers. What will you need to bring? Detailed knowledge of the key security risks facing a financial services group, with a proven ability to assess and manage security risk and threats (e.g. using ISMS, MITRE ATT&CK, PASTA/STRIDE/DREAD frameworks and methodologies), set policy and manage compliance, design controls, provide assurance oversight and challenge, and offer advice balancing risk and reward. Experienced in the domains of information, cyber and physical security, with applied knowledge across key elements including identity and access management, data security, threat and vulnerability management, security architecture and design, security engineering and application development (inc. devsecops), cloud services and shared responsibility models (inc. native and microservices architecture), infrastructure security, people security, cryptography, security operations, and physical and environmental security. Demonstrable curiosity and understanding of the emerging technologies shaping the risk landscape (inc. AI, Digital Ledger Technology, Quantum). Considered a deep subject matter expert with a strong depth of understanding of the latest Operational Risk frameworks and technology being used across financial and non-financial services to enable them to lead a specialist risk centre of excellence. Experience of developing and owning group-level policy and setting risk-appetite, with expertise in continuous monitoring and reporting on group exposure. Able to set control objectives and set performance indicators. Demonstrates good and timely decision making that keeps the organisation moving forward and skilfully balances difficult trade-offs with the ability to understand business strategy and opportunity risks. Has examples where they have assimilated different sources of data and complex information to effectively problem solve and make relevant conclusions and recommendations. Demonstrates ability to interpret new operational risk regulation, emerging risks and technology innovations with forethinking to anticipate the impact of changes on the Group and act accordingly. Has acted as a Risk Specialist business partner, using strong communication skills to build partnerships and work collaboratively with others, including Risk Owner, Control Owner and Control Office to meet shared objectives. Able to work effectively with all other lines of defence and understands the different but complimentary roles. Seen as the primary Operational Risk specialist and expert across the Group to help deliver against aligned customer, business and strategic outcomes. Has examples of building effective, ongoing data-led Operational Risk control objectives working with others, including external regulators. Inspires others by gaining followership and commitment to future action through personal integrity and collaboration; demonstrating an inclusive approach. Coaches to go faster by demonstrating commitment to create an environment that builds teams with skills aligned to our Group Strategy and Purpose creating new and better ways for the organisation to change at pace. What s in it for you? You'll have both opportunity and profile - we'll provide you with a diverse, energising and lively environment that focuses on equal opportunity and real career progression in a leading digital organisation. We'll take your personal and professional development very seriously and enable you to make a genuine difference to millions throughout your career with us. We also offer a wide-ranging benefits package, which includes: A generous pension contribution of up to 15% An annual performance-related bonus Share schemes including free shares Benefits you can adapt to your lifestyle, such as discounted shopping 30 days holiday, with bank holidays on top A range of wellbeing initiatives and generous parental leave policies Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society and celebrates diversity in all its forms. We want our people to feel that they belong and can be their best, regardless of background, identity or culture. We were one of the first major organisations to set goals on diversity in senior roles, create a menopause health package, and a dedicated Working with Cancer initiative. And it s why we especially welcome applications from under-represented groups. We re disability confident. So if you d like reasonable adjustments to be made to our recruitment processes . click apply for full job details
UK Power Networks (Operations) Ltd
Crawley, Sussex
Cyber Security Technical Assurance Manager Reference Number - 78651 This Cyber Security Technical Assurance Manager will report to the Head of Cyber Security and Technology Risk and will work within the Information Systems directorate based in either our Crawley, London or Ipswich offices. You will be a permanent employee. You will attract a salary of 80,000.00 and a bonus of 10%. This role can also offer blended working after probationary period (6 months) - 3 days in the office and 2 remote Close Date: 19/04/2024 We also provide the following additional benefits Annual Leave Personal Pension Plan - Personal contribution rates of 4% or 5% (UK Power Networks will make a corresponding contribution of 8% or 10%) Tenancy Loan Deposit scheme Tax efficient benefits: cycle to work scheme Season ticket loan Occupational Health support Switched On - scheme providing discount on hundreds of retailers products. Discounted access to sports and social clubs Employee Assistance Programme. JOB PURPOSE: You will support the Head of Cyber Security and Technology Risk in ensuring that UK Power Networks (UKPN) network systems and customer data are adequately protected from cyber threats. You will help maintain a strong cyber security posture across the UK Power Networks (UKPN) IT estate, by ensuring that cyber security weaknesses and vulnerabilities are identified and guiding actions to mitigate the risks and avoid disruption to the IT services that are crucial to delivering UKPN services to customers. DIMENSIONS: People - Direct management of circa 8 permanent and temporary cyber security testing and assurance resources. Financial - Shared annual budget responsibility for circa 1-3m covering resources, tools and 3rd Party professional services and suppliers. Suppliers - Management and oversight of 3rd Party suppliers commissioned for meeting specialist testing and assurance requirements. Communication - articulate the cyber security risks and implications to important partners with sufficient information, and recommendations for action, which enable senior leaders to make decisions. Partners - Create relationships with all partners, third party providers, suppliers, and partners to improve outcomes and create agreement around a vision or course of action. PRINCIPAL ACCOUNTABILITIES: Define and deliver the cyber security technical assurance strategy, setting out clear policies and technical standards, modelling best practices and measuring success against defined measurement metrics (KPIs). Manage the cyber security technical assurance team, to ensure the quality and timeliness of services and deliverables to meet our requirements, reviewing performance, driving improvements, optimisation and automation of the cyber security assurance capabilities across a variety of technologies and platforms. Ensure the IT estate is compliant with UKPN policies and technical standards to protect company assets having management responsibility for driving the necessary remediation actions and countermeasures to mitigate identified weaknesses and vulnerabilities. Establish and improve a regular red and purple team penetration testing program aligned to main threat information and industry cyber security intelligence. Establish a Vulnerability Management process to ensure that all known security vulnerabilities and weaknesses are identified, contextually assessed, prioritised and tracked to remediation against UKPN policy. Ensure that an IT Disaster Recovery and Business Continuity strategy and plans are established with appropriate testing performed to demonstrate it works. Collaborate with the wider IT, application and Team members to devise assurance objectives and to ensure appropriate mitigation actions are considered and delivered. Help develop and implement UK Power Networks' Cyber Security Strategy ensuring understanding to the company vision, values and strategic objectives. Deputise for the Head of Cyber Security and Technology Risk for certain pre-agreed tasks and activities. NATURE AND SCOPE: The Information Systems Department works across UK Power Networks, supporting us in the achievement of our vision to become the best performing DNO. The team achieve this through the provision of technology solutions and the optimisation of current solutions to improve how we operate. Continuous improvement, customer service and seamless delivery is at the heart of this ethos and are therefore strongly underpinned by effective cyber security. You will work with the Cyber Security Architecture Manager, Cyber Security Operations Manager, Cyber Security Governance, Risk and Compliance Manager, and Cyber Security Portfolio Manager. Also, you will support the wider Information Systems team, IT Service Providers and partners across UK Power Networks to implement and optimise cyber security technical assurance capabilities across four main services:- Technical Security Compliance - to check and validate that the various IT hardware, software and application components (including Cloud) across the IT estate are compliant with defined technical security policies and will run the process for documenting, risk assessing, remediating, exception handling. Product Security Assurance - ensure that all IT hardware and software products (including Cloud and 3rd Party services) are securely configured to meet the relevant UKPN functional and non-functional security requirements. Vulnerability Management (VM) - ensure a robust end to end VM service to identify, contextualise, rank and prioritise security vulnerabilities and weaknesses across the IT estate and to drive and track remediation actions to mitigate the risks. Disaster Recovery and Business Continuity - plan, schedule, organise and perform Crisis Management, Disaster Recovery and Business Continuity tests across senior partners and technical operations teams, testing ability to withstand and recover from a cyberattack or data breach within agreed objectives and timescales, and to minimise business disruption. Your principal challenge is to maintain a strong cyber security posture across the UKPN IT estate whilst ensuring that the numerous daily operational changes and multiple project deliverables re-enforce and strengthen the posture rather than undermine it and risk our information assets. Qualifications: Minimum 5 years+ experience leading a Cyber Security Assurance function or similar such as Cyber Security Integration function, Cyber Security Engineering function with some experience of assurance testing techniques and methodologies. Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, related field or equivalent training and/or experience. Professional Information Security certification by a recognised professional body such as Certified in Information Security Management (CISM), Certified Information Systems Security Professional (CISSP), certified Ethical Hacker (CEH), Global Information Assurance Certification (GIAC), or CompTIA Advanced Security Practitioner (CASP+). Track record leading a security team or function where you have had to collaborate across partners with differing levels of technical security competency. Advanced knowledge and an understanding of operational excellence in Cloud Security Posture Management and Vulnerability Management programs. Understanding risk, resource availability and business objectives at a group level is necessary. Putting our customers interests at the heart of everything we do must always come first. An understanding of compliance and regulatory frameworks such as National Cyber Security Centre (NCSC) Cyber Assessment Framework (CAF) and ISA/IEC 62443, ISO/IEC 27001/27002, GDPR. Working knowledge of security technologies including SIEM, SOAR, EDR, AV, IDS/IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics. Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry standard frameworks (Mitre ATT&CK). Experience working within a regulated environment, preferably Energy sector Critical National Infrastructure (CNI) We are committed to equal employment opportunity regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.
Apr 19, 2024
Full time
Cyber Security Technical Assurance Manager Reference Number - 78651 This Cyber Security Technical Assurance Manager will report to the Head of Cyber Security and Technology Risk and will work within the Information Systems directorate based in either our Crawley, London or Ipswich offices. You will be a permanent employee. You will attract a salary of 80,000.00 and a bonus of 10%. This role can also offer blended working after probationary period (6 months) - 3 days in the office and 2 remote Close Date: 19/04/2024 We also provide the following additional benefits Annual Leave Personal Pension Plan - Personal contribution rates of 4% or 5% (UK Power Networks will make a corresponding contribution of 8% or 10%) Tenancy Loan Deposit scheme Tax efficient benefits: cycle to work scheme Season ticket loan Occupational Health support Switched On - scheme providing discount on hundreds of retailers products. Discounted access to sports and social clubs Employee Assistance Programme. JOB PURPOSE: You will support the Head of Cyber Security and Technology Risk in ensuring that UK Power Networks (UKPN) network systems and customer data are adequately protected from cyber threats. You will help maintain a strong cyber security posture across the UK Power Networks (UKPN) IT estate, by ensuring that cyber security weaknesses and vulnerabilities are identified and guiding actions to mitigate the risks and avoid disruption to the IT services that are crucial to delivering UKPN services to customers. DIMENSIONS: People - Direct management of circa 8 permanent and temporary cyber security testing and assurance resources. Financial - Shared annual budget responsibility for circa 1-3m covering resources, tools and 3rd Party professional services and suppliers. Suppliers - Management and oversight of 3rd Party suppliers commissioned for meeting specialist testing and assurance requirements. Communication - articulate the cyber security risks and implications to important partners with sufficient information, and recommendations for action, which enable senior leaders to make decisions. Partners - Create relationships with all partners, third party providers, suppliers, and partners to improve outcomes and create agreement around a vision or course of action. PRINCIPAL ACCOUNTABILITIES: Define and deliver the cyber security technical assurance strategy, setting out clear policies and technical standards, modelling best practices and measuring success against defined measurement metrics (KPIs). Manage the cyber security technical assurance team, to ensure the quality and timeliness of services and deliverables to meet our requirements, reviewing performance, driving improvements, optimisation and automation of the cyber security assurance capabilities across a variety of technologies and platforms. Ensure the IT estate is compliant with UKPN policies and technical standards to protect company assets having management responsibility for driving the necessary remediation actions and countermeasures to mitigate identified weaknesses and vulnerabilities. Establish and improve a regular red and purple team penetration testing program aligned to main threat information and industry cyber security intelligence. Establish a Vulnerability Management process to ensure that all known security vulnerabilities and weaknesses are identified, contextually assessed, prioritised and tracked to remediation against UKPN policy. Ensure that an IT Disaster Recovery and Business Continuity strategy and plans are established with appropriate testing performed to demonstrate it works. Collaborate with the wider IT, application and Team members to devise assurance objectives and to ensure appropriate mitigation actions are considered and delivered. Help develop and implement UK Power Networks' Cyber Security Strategy ensuring understanding to the company vision, values and strategic objectives. Deputise for the Head of Cyber Security and Technology Risk for certain pre-agreed tasks and activities. NATURE AND SCOPE: The Information Systems Department works across UK Power Networks, supporting us in the achievement of our vision to become the best performing DNO. The team achieve this through the provision of technology solutions and the optimisation of current solutions to improve how we operate. Continuous improvement, customer service and seamless delivery is at the heart of this ethos and are therefore strongly underpinned by effective cyber security. You will work with the Cyber Security Architecture Manager, Cyber Security Operations Manager, Cyber Security Governance, Risk and Compliance Manager, and Cyber Security Portfolio Manager. Also, you will support the wider Information Systems team, IT Service Providers and partners across UK Power Networks to implement and optimise cyber security technical assurance capabilities across four main services:- Technical Security Compliance - to check and validate that the various IT hardware, software and application components (including Cloud) across the IT estate are compliant with defined technical security policies and will run the process for documenting, risk assessing, remediating, exception handling. Product Security Assurance - ensure that all IT hardware and software products (including Cloud and 3rd Party services) are securely configured to meet the relevant UKPN functional and non-functional security requirements. Vulnerability Management (VM) - ensure a robust end to end VM service to identify, contextualise, rank and prioritise security vulnerabilities and weaknesses across the IT estate and to drive and track remediation actions to mitigate the risks. Disaster Recovery and Business Continuity - plan, schedule, organise and perform Crisis Management, Disaster Recovery and Business Continuity tests across senior partners and technical operations teams, testing ability to withstand and recover from a cyberattack or data breach within agreed objectives and timescales, and to minimise business disruption. Your principal challenge is to maintain a strong cyber security posture across the UKPN IT estate whilst ensuring that the numerous daily operational changes and multiple project deliverables re-enforce and strengthen the posture rather than undermine it and risk our information assets. Qualifications: Minimum 5 years+ experience leading a Cyber Security Assurance function or similar such as Cyber Security Integration function, Cyber Security Engineering function with some experience of assurance testing techniques and methodologies. Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, related field or equivalent training and/or experience. Professional Information Security certification by a recognised professional body such as Certified in Information Security Management (CISM), Certified Information Systems Security Professional (CISSP), certified Ethical Hacker (CEH), Global Information Assurance Certification (GIAC), or CompTIA Advanced Security Practitioner (CASP+). Track record leading a security team or function where you have had to collaborate across partners with differing levels of technical security competency. Advanced knowledge and an understanding of operational excellence in Cloud Security Posture Management and Vulnerability Management programs. Understanding risk, resource availability and business objectives at a group level is necessary. Putting our customers interests at the heart of everything we do must always come first. An understanding of compliance and regulatory frameworks such as National Cyber Security Centre (NCSC) Cyber Assessment Framework (CAF) and ISA/IEC 62443, ISO/IEC 27001/27002, GDPR. Working knowledge of security technologies including SIEM, SOAR, EDR, AV, IDS/IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics. Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry standard frameworks (Mitre ATT&CK). Experience working within a regulated environment, preferably Energy sector Critical National Infrastructure (CNI) We are committed to equal employment opportunity regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.
Crisis24, a GardaWorld company, is widely regarded as the leading integrated risk management, crisis response, consulting, and global protective solutions firm, serving the world's most influential people, disruptive brands, and prominent organizations. Championed by our advanced Global Operation Centers and our skilled team of intelligence analysts, we offer highly specialized services, security and consulting, with the technology and AI to power it all across the globe. At Crisis24, we go beyond mere employment; we pave the way to a realm where your skills become instrumental in shaping global security, guiding clients through a multifaceted and challenging landscape. Your journey with us will be deeply fulfilling, driven by a powerful sense of purpose and accomplishment. Within our thriving environment, you'll discover abundant chances for both personal and career advancement. Seize this moment to push your limits, broaden your expertise, and elevate your professional journey to unprecedented levels. Join the Crisis24 team today and be a part of something extraordinary where growth and impact converge. Crisis24's Crisis & Security Consulting (CSC) division, specifically the All-Hazards Response team, is on the lookout for a Senior Consultant. This role is ideally suited for candidates based in the UK or in mainland Europe. As a part of our dynamic and agile Response Group, the successful applicant will have the chance to enhance their skill set and knowledge, enabling them to contribute across various teams within the organization. Candidates should possess comprehensive experience in crisis management at both tactical and strategic levels and have a wide-ranging understanding of different industries. The position involves readiness to deploy globally at short notice, often in challenging situations, requiring confidence and the ability to provide immediate support and guidance to high-level / C-Suite stakeholders. What You Will Work On Summary You will deliver All Hazards Response services, providing expert advice and guidance to clients facing crises, from threats and violence to political and cyber-related issues. This role entails global deployment, often without prior notice, creating documentation in line with CSC's methodologies, conducting sensitive investigations, and potentially training as a subject matter expert for example as a crisis communications consultant. You will also support the development of junior team members and collaborate with the global consulting team on service delivery, maintaining accurate records across platforms such as Salesforce. Specifics Provide advice and guidance to clients in response to case activations on the following peril types: Active Assailant / Workplace Violence; Political Violence & Terrorism; Cyber Extortion; and Any other crisis-level event in which All-Hazard Response are engaged. Deployment globally in support of any new case activation, often with no notice. Produce all relevant documentation in support of assigned response cases, in line with CSC's doctrine and methodology. Coordinate and conduct sensitive investigational support to clients. Train as a Crisis Communications consultant. Support the development of more junior team members and work in cooperation with the wider global consulting team on all other aspects of consulting services delivery. Keep Salesforce and any other platforms used by Crisis24 up to date and accurate in relation to relevant accounts and proposals. Obtain the skill set and knowledge to actively respond as a Special Risks Response Consultant when required. Support to Insurance Partners Deliver onboarding briefings to new policy holders. Provide capability briefings in support of marketing the wider insurance policies. Assist in the delivery of update reports to insurance underwriters during ongoing cases. Generation of new response retainers, providing services to insurance partners or private clients. Direct engagement contracts for new response cases when insurance options are not present. Assist wider CSC team members in any business development briefings and activity when required. Support the implementation of a business development plan for the region. Scope, price, manage and/or oversee the development of client proposals and responses to RFPs. Represent CSC, Crisis24 and GardaWorld in client pitches/senior-level presentations/in-person meetings. Duty officer Following training, there may be a requirement to join the Duty Officer roster for All-Hazards Response activations. Account management Client liaison and account/client relationship management of new and existing consulting clients. Other Support the wider Crisis24 and GardaWorld business as required. Who You Will Work With Under the guidance of the Associate Director for All Hazards Response, you will collaborate on a variety of response cases and projects. These initiatives are diverse in terms of geography, industry, and complexity, necessitating effective management of pressures. You will be an integral part of both the Response Group and the wider CSC team, frequently assisting other teams within Crisis24 and GardaWorld. Owing to the sensitive nature of the case activity, All Hazards personnel are often visible to the highest levels of leadership within Crisis24 and GardaWorld. What You Will Bring Summary Candidates should have at least 10 years of experience in Crisis Management, preferably within a corporate or consulting environment, and a solid background in Security Risk and Crisis Management. You should be knowledgeable about crisis response processes, the specialist insurance market, and have a track record of developing new business opportunities. The role demands extensive global travel, often to high-risk areas, and requires strong analytical, problem-solving, and communication skills. Candidates must be adaptable, motivated to work irregular hours, and committed to continuous professional development. Specifics 10+ years of experience in Crisis Management, preferably in a corporate and/or consulting setting. Strong working knowledge of Security Risk and Crisis Management. In-depth knowledge and experience of crisis response processes. An understanding of specialist insurance markets. Demonstrable commercial experience developing new business opportunities. Extensive travel experience globally, including in high-threat/hostile environments. Strong analytical and problem-solving skills; a creative thinker who can apply initiative and create solutions to solve clients' problems. Ability to manage multiple cases simultaneously with strong attention to detail. Personable and able to communicate effectively at all levels with team members and clients, with the gravitas to influence at a very senior level, including verbal communications and presentations skills. Able to relate well to others with confidence and empathy, build trust and be calm and resourceful during difficult and emotive situations. The flexibility and motivation to work irregular hours and maintain quality delivery. Invested in development; maintains a high level of industry knowledge and awareness of geopolitical and security/crisis management issues and trends. The annual leave year runs from 1 January to 31 December. Your paid annual leave entitlement will be 25 days per annum (pro rata for part time hours). Group Life Insurance effective upon commencement of employment. Death in Service pays out at 4x base salary. Employee Assistance Program effective upon commencement of employment. Full details will be provided after joining the company. A Discretionary Bonus Scheme, effective in the year following your employment, and based on company performance in the previous fiscal year. Group Pension Scheme, to which you will be automatically enrolled from the beginning of the third month following start date: We will match your contributions up to 5%. The minimum contribution you can make to the scheme is 4%. You will be entitled to opt out should you wish. Information Security Protect the data and systems of Crisis24 and its stakeholders by adhering to policies, reporting incidents and potential problems, completing regular training, and identifying opportunities for improvement. Crisis24, A GardaWorld Company is dedicated to equal opportunity in employment. We are committed to a work environment that celebrates diversity. We do not discriminate against any individual based on race, color, sex, national origin, age, religion, marital or parental status, sexual orientation, gender identity, gender expression, military or veteran status, disability, or any factors protected by applicable laws.
Apr 19, 2024
Full time
Crisis24, a GardaWorld company, is widely regarded as the leading integrated risk management, crisis response, consulting, and global protective solutions firm, serving the world's most influential people, disruptive brands, and prominent organizations. Championed by our advanced Global Operation Centers and our skilled team of intelligence analysts, we offer highly specialized services, security and consulting, with the technology and AI to power it all across the globe. At Crisis24, we go beyond mere employment; we pave the way to a realm where your skills become instrumental in shaping global security, guiding clients through a multifaceted and challenging landscape. Your journey with us will be deeply fulfilling, driven by a powerful sense of purpose and accomplishment. Within our thriving environment, you'll discover abundant chances for both personal and career advancement. Seize this moment to push your limits, broaden your expertise, and elevate your professional journey to unprecedented levels. Join the Crisis24 team today and be a part of something extraordinary where growth and impact converge. Crisis24's Crisis & Security Consulting (CSC) division, specifically the All-Hazards Response team, is on the lookout for a Senior Consultant. This role is ideally suited for candidates based in the UK or in mainland Europe. As a part of our dynamic and agile Response Group, the successful applicant will have the chance to enhance their skill set and knowledge, enabling them to contribute across various teams within the organization. Candidates should possess comprehensive experience in crisis management at both tactical and strategic levels and have a wide-ranging understanding of different industries. The position involves readiness to deploy globally at short notice, often in challenging situations, requiring confidence and the ability to provide immediate support and guidance to high-level / C-Suite stakeholders. What You Will Work On Summary You will deliver All Hazards Response services, providing expert advice and guidance to clients facing crises, from threats and violence to political and cyber-related issues. This role entails global deployment, often without prior notice, creating documentation in line with CSC's methodologies, conducting sensitive investigations, and potentially training as a subject matter expert for example as a crisis communications consultant. You will also support the development of junior team members and collaborate with the global consulting team on service delivery, maintaining accurate records across platforms such as Salesforce. Specifics Provide advice and guidance to clients in response to case activations on the following peril types: Active Assailant / Workplace Violence; Political Violence & Terrorism; Cyber Extortion; and Any other crisis-level event in which All-Hazard Response are engaged. Deployment globally in support of any new case activation, often with no notice. Produce all relevant documentation in support of assigned response cases, in line with CSC's doctrine and methodology. Coordinate and conduct sensitive investigational support to clients. Train as a Crisis Communications consultant. Support the development of more junior team members and work in cooperation with the wider global consulting team on all other aspects of consulting services delivery. Keep Salesforce and any other platforms used by Crisis24 up to date and accurate in relation to relevant accounts and proposals. Obtain the skill set and knowledge to actively respond as a Special Risks Response Consultant when required. Support to Insurance Partners Deliver onboarding briefings to new policy holders. Provide capability briefings in support of marketing the wider insurance policies. Assist in the delivery of update reports to insurance underwriters during ongoing cases. Generation of new response retainers, providing services to insurance partners or private clients. Direct engagement contracts for new response cases when insurance options are not present. Assist wider CSC team members in any business development briefings and activity when required. Support the implementation of a business development plan for the region. Scope, price, manage and/or oversee the development of client proposals and responses to RFPs. Represent CSC, Crisis24 and GardaWorld in client pitches/senior-level presentations/in-person meetings. Duty officer Following training, there may be a requirement to join the Duty Officer roster for All-Hazards Response activations. Account management Client liaison and account/client relationship management of new and existing consulting clients. Other Support the wider Crisis24 and GardaWorld business as required. Who You Will Work With Under the guidance of the Associate Director for All Hazards Response, you will collaborate on a variety of response cases and projects. These initiatives are diverse in terms of geography, industry, and complexity, necessitating effective management of pressures. You will be an integral part of both the Response Group and the wider CSC team, frequently assisting other teams within Crisis24 and GardaWorld. Owing to the sensitive nature of the case activity, All Hazards personnel are often visible to the highest levels of leadership within Crisis24 and GardaWorld. What You Will Bring Summary Candidates should have at least 10 years of experience in Crisis Management, preferably within a corporate or consulting environment, and a solid background in Security Risk and Crisis Management. You should be knowledgeable about crisis response processes, the specialist insurance market, and have a track record of developing new business opportunities. The role demands extensive global travel, often to high-risk areas, and requires strong analytical, problem-solving, and communication skills. Candidates must be adaptable, motivated to work irregular hours, and committed to continuous professional development. Specifics 10+ years of experience in Crisis Management, preferably in a corporate and/or consulting setting. Strong working knowledge of Security Risk and Crisis Management. In-depth knowledge and experience of crisis response processes. An understanding of specialist insurance markets. Demonstrable commercial experience developing new business opportunities. Extensive travel experience globally, including in high-threat/hostile environments. Strong analytical and problem-solving skills; a creative thinker who can apply initiative and create solutions to solve clients' problems. Ability to manage multiple cases simultaneously with strong attention to detail. Personable and able to communicate effectively at all levels with team members and clients, with the gravitas to influence at a very senior level, including verbal communications and presentations skills. Able to relate well to others with confidence and empathy, build trust and be calm and resourceful during difficult and emotive situations. The flexibility and motivation to work irregular hours and maintain quality delivery. Invested in development; maintains a high level of industry knowledge and awareness of geopolitical and security/crisis management issues and trends. The annual leave year runs from 1 January to 31 December. Your paid annual leave entitlement will be 25 days per annum (pro rata for part time hours). Group Life Insurance effective upon commencement of employment. Death in Service pays out at 4x base salary. Employee Assistance Program effective upon commencement of employment. Full details will be provided after joining the company. A Discretionary Bonus Scheme, effective in the year following your employment, and based on company performance in the previous fiscal year. Group Pension Scheme, to which you will be automatically enrolled from the beginning of the third month following start date: We will match your contributions up to 5%. The minimum contribution you can make to the scheme is 4%. You will be entitled to opt out should you wish. Information Security Protect the data and systems of Crisis24 and its stakeholders by adhering to policies, reporting incidents and potential problems, completing regular training, and identifying opportunities for improvement. Crisis24, A GardaWorld Company is dedicated to equal opportunity in employment. We are committed to a work environment that celebrates diversity. We do not discriminate against any individual based on race, color, sex, national origin, age, religion, marital or parental status, sexual orientation, gender identity, gender expression, military or veteran status, disability, or any factors protected by applicable laws.
Head of Cyber and Information Security This position will be a hybrid role based out of London. Description Purpose of Role: The Head of Cyber & Information Security forms part of the senior leadership team within the Security function reporting directly to the Chief Security Officer (CSO) You will act as a trusted advisor to the CSO and C-Suite stakeholders across the UK and work with them to ensure the business is secure and compliant with the policies, standards and regulations set out in the Security Operating Model This is a highly operational and highly visible leadership role, as you will take overall charge of the UK's Cyber Defence and Security Operations teams. You will also have overall responsibility for Security Governance, Risk & Compliance and lead the Business Continuity and Crisis Management teams, working across the whole of the business to ensure we are resilient and prepared should business interruption occur. Team Description: We work in a heavily regulated environment and must secure one of the most visited websites in the UK, a very large retail channel and numerous back-office systems spread across both on premise datacenters and the Cloud. The Security function is comprised of 3 Team Groups Enterprise Security Security Architecture Security Design Engineering Security Consultancy Security Testing Cyber & Information Security Governance, Risk & Compliance Cyber Defence Security Operations Protective Security Physical Security Investigations Intelligence The Cyber & Information Security team form a key pillar in our security operating model - you will be responsible for leading the activities of the Cyber and Information security team, and you will be expected to get deeply involved in ensuring our key suppliers operate to the same high security standards we demand of ourselves. Key Accountabilities or Duties: Manage, develop & Lead the Cyber & Information Security teams Be a member of the Security SLT Identify, measure, control and report on security risks within information systems Accountable for the creation and upkeep of our documented security standards, policies, processes Manage the budget of the Cyber & Information Security Cost Centre Co-create the security strategy Manage operational teams that protect, defend and respond to threats Anticipate, influence and assist the organization to assess and rapidly adjust to changing threat conditions and trends both internally and externally Establish and maintain relationships with industry peers, other Group operating companies and external security organisations, working with Specialist consultants where appropriate Implement KPIs and metrics to measure our security performance and assess and track our exposure to risk Accountable for continuous improvement / maturity of our Cyber Defence team and ensuring our capabilities are operating at optimal levels to both identify threats and maintain effectiveness of the SOC Overall Accountability for overall leadership of the 24/7 SOC and the efficient response to Cyber attacks. Overall Accountability for Business Continuity and Crisis Management the UK Overall Accountability for ensuring we maintain or achieve certification to ISO22301/2700/27701/27002/PCI DSS/ WLA SCS2020 / NCSC CAF As part of the senior nature of this role, you'll be required to be available outside of normal office hours Skills & Experience: The successful individual will be one of the most important Information Security professional across the global organisation and will advise the most senior of our employees on Security Operations. As well as having the experience and influence to operate in this manner, you will have: At least five years' experience gained in a technically focussed security role Demonstrable experience of successful delivery in a technically focussed role Ability to articulate complex technical or sensitive issues to a wide audience is essential Experience of managing internet threats and risk mitigation Strong understanding of external and internal threat landscapes Broad experience of a wide range of security technologies and products Understanding of information security governance principles Ability to demonstrate an understanding of common security management principles (eg PCI-DSS) Bring the skills, experience and ability to adapt to be able to deliver any desired solution potentially using a wide variety of technologies that will help reduce security related risks Excellent communication skills Excellent judgement Line management experience Experienced in deploying security technology in a cloud environment. Cyber security incident management experience Desirable: Experience of working with AWS and Azure Working in a regulated environment
Apr 19, 2024
Full time
Head of Cyber and Information Security This position will be a hybrid role based out of London. Description Purpose of Role: The Head of Cyber & Information Security forms part of the senior leadership team within the Security function reporting directly to the Chief Security Officer (CSO) You will act as a trusted advisor to the CSO and C-Suite stakeholders across the UK and work with them to ensure the business is secure and compliant with the policies, standards and regulations set out in the Security Operating Model This is a highly operational and highly visible leadership role, as you will take overall charge of the UK's Cyber Defence and Security Operations teams. You will also have overall responsibility for Security Governance, Risk & Compliance and lead the Business Continuity and Crisis Management teams, working across the whole of the business to ensure we are resilient and prepared should business interruption occur. Team Description: We work in a heavily regulated environment and must secure one of the most visited websites in the UK, a very large retail channel and numerous back-office systems spread across both on premise datacenters and the Cloud. The Security function is comprised of 3 Team Groups Enterprise Security Security Architecture Security Design Engineering Security Consultancy Security Testing Cyber & Information Security Governance, Risk & Compliance Cyber Defence Security Operations Protective Security Physical Security Investigations Intelligence The Cyber & Information Security team form a key pillar in our security operating model - you will be responsible for leading the activities of the Cyber and Information security team, and you will be expected to get deeply involved in ensuring our key suppliers operate to the same high security standards we demand of ourselves. Key Accountabilities or Duties: Manage, develop & Lead the Cyber & Information Security teams Be a member of the Security SLT Identify, measure, control and report on security risks within information systems Accountable for the creation and upkeep of our documented security standards, policies, processes Manage the budget of the Cyber & Information Security Cost Centre Co-create the security strategy Manage operational teams that protect, defend and respond to threats Anticipate, influence and assist the organization to assess and rapidly adjust to changing threat conditions and trends both internally and externally Establish and maintain relationships with industry peers, other Group operating companies and external security organisations, working with Specialist consultants where appropriate Implement KPIs and metrics to measure our security performance and assess and track our exposure to risk Accountable for continuous improvement / maturity of our Cyber Defence team and ensuring our capabilities are operating at optimal levels to both identify threats and maintain effectiveness of the SOC Overall Accountability for overall leadership of the 24/7 SOC and the efficient response to Cyber attacks. Overall Accountability for Business Continuity and Crisis Management the UK Overall Accountability for ensuring we maintain or achieve certification to ISO22301/2700/27701/27002/PCI DSS/ WLA SCS2020 / NCSC CAF As part of the senior nature of this role, you'll be required to be available outside of normal office hours Skills & Experience: The successful individual will be one of the most important Information Security professional across the global organisation and will advise the most senior of our employees on Security Operations. As well as having the experience and influence to operate in this manner, you will have: At least five years' experience gained in a technically focussed security role Demonstrable experience of successful delivery in a technically focussed role Ability to articulate complex technical or sensitive issues to a wide audience is essential Experience of managing internet threats and risk mitigation Strong understanding of external and internal threat landscapes Broad experience of a wide range of security technologies and products Understanding of information security governance principles Ability to demonstrate an understanding of common security management principles (eg PCI-DSS) Bring the skills, experience and ability to adapt to be able to deliver any desired solution potentially using a wide variety of technologies that will help reduce security related risks Excellent communication skills Excellent judgement Line management experience Experienced in deploying security technology in a cloud environment. Cyber security incident management experience Desirable: Experience of working with AWS and Azure Working in a regulated environment
Senior Penetration Tester (Check Certified) - £80,000 to £100,000+ (DOE) - Remote UK FryerMiles are thrilled to be partnered with a specialist cyber security consultancy to assist them on their search for a Senior Penetration Tester. The succesful candidate will hold either CTL or CTM certification and have experience working as a billable consultant and have a wide range of testing experience in either Mobile, Web App or Infrastructure. Responsibilities: Conduct comprehensive penetration tests on diverse systems, networks, and applications. Utilize advanced methodologies to identify, exploit, and mitigate security weaknesses. Collaborate with cross-functional teams to develop robust security strategies and solutions. Provide expert guidance on remediation measures and risk mitigation techniques. Stay abreast of emerging threats and industry best practices to enhance security posture continuously. Contribute to the enhancement of internal processes and methodologies. Requirements: Extensive experience in penetration testing, preferably in a senior capacity. Proficiency in Inf testing with at least one other out of Webapp, Mobile, Red team engagements. Strong understanding of networking protocols, operating systems, and security concepts. Excellent communication skills with the ability to articulate technical concepts to non-technical stakeholders. Demonstrated ability to manage multiple projects and prioritize tasks effectively. CTL or CTM certification is mandatory. This is a remote position for UK candidates only. Unfortunately sponsorship cannot be offered at this time Senior Penetration Tester (Check Certified) - £80,000 to £100,000+ (DOE) - Remote UK
Apr 18, 2024
Full time
Senior Penetration Tester (Check Certified) - £80,000 to £100,000+ (DOE) - Remote UK FryerMiles are thrilled to be partnered with a specialist cyber security consultancy to assist them on their search for a Senior Penetration Tester. The succesful candidate will hold either CTL or CTM certification and have experience working as a billable consultant and have a wide range of testing experience in either Mobile, Web App or Infrastructure. Responsibilities: Conduct comprehensive penetration tests on diverse systems, networks, and applications. Utilize advanced methodologies to identify, exploit, and mitigate security weaknesses. Collaborate with cross-functional teams to develop robust security strategies and solutions. Provide expert guidance on remediation measures and risk mitigation techniques. Stay abreast of emerging threats and industry best practices to enhance security posture continuously. Contribute to the enhancement of internal processes and methodologies. Requirements: Extensive experience in penetration testing, preferably in a senior capacity. Proficiency in Inf testing with at least one other out of Webapp, Mobile, Red team engagements. Strong understanding of networking protocols, operating systems, and security concepts. Excellent communication skills with the ability to articulate technical concepts to non-technical stakeholders. Demonstrated ability to manage multiple projects and prioritize tasks effectively. CTL or CTM certification is mandatory. This is a remote position for UK candidates only. Unfortunately sponsorship cannot be offered at this time Senior Penetration Tester (Check Certified) - £80,000 to £100,000+ (DOE) - Remote UK
I'm currently looking for a Cyber Security Assurance Specialist to join a public sector organisation within the Midlands Purpose: Act as Cyber Security Assurance support for the Technology Team, providing management of risk in a pragmatic and cost-effective manner to ensure stakeholder confidence. Salary: 63,049 per annum Contract Type: Full Time (35 hours per week), Permanent. Location: Central Birmingham (3 days x onsite, 2 x days remote) Technical Experience Penetrating security, firewall protection, Securing Infrastructure Role Duties; Review new business proposals and provide specialist advice on security issues and implications. Set policies, standards and guidelines for how the organisation conducts security operations across the business and ensures alignment. Develop & establish supplier chain security agreements / contracts / questionnaires and manage completion and disengagement. Lead reviews of governance practices with appropriate and sufficient independence from management activity. Develop policies, standards, processes, guidelines for ensuring appropriate security standards are in place and are adhered to. Ensure architectural security principles are applied during project design to reduce risk. Drives adoption and adherence to policy, standards and guidelines. Design, architect and deliver security aspects within projects and provide expert assurance for secure implementation. Lead and support product security activities, including technical reviews and assessments of product security architectures and designs across a diverse range of complex infrastructure, data and application systems. Im keen to speak with cyber security based professionals, lead engineers, senior technical specialist's. Please apply directly or send your CV to (url removed)
Apr 18, 2024
Full time
I'm currently looking for a Cyber Security Assurance Specialist to join a public sector organisation within the Midlands Purpose: Act as Cyber Security Assurance support for the Technology Team, providing management of risk in a pragmatic and cost-effective manner to ensure stakeholder confidence. Salary: 63,049 per annum Contract Type: Full Time (35 hours per week), Permanent. Location: Central Birmingham (3 days x onsite, 2 x days remote) Technical Experience Penetrating security, firewall protection, Securing Infrastructure Role Duties; Review new business proposals and provide specialist advice on security issues and implications. Set policies, standards and guidelines for how the organisation conducts security operations across the business and ensures alignment. Develop & establish supplier chain security agreements / contracts / questionnaires and manage completion and disengagement. Lead reviews of governance practices with appropriate and sufficient independence from management activity. Develop policies, standards, processes, guidelines for ensuring appropriate security standards are in place and are adhered to. Ensure architectural security principles are applied during project design to reduce risk. Drives adoption and adherence to policy, standards and guidelines. Design, architect and deliver security aspects within projects and provide expert assurance for secure implementation. Lead and support product security activities, including technical reviews and assessments of product security architectures and designs across a diverse range of complex infrastructure, data and application systems. Im keen to speak with cyber security based professionals, lead engineers, senior technical specialist's. Please apply directly or send your CV to (url removed)
The Opportunity Our client - a leading provider of technology solutions for the yachting industry - is seeking a highly motivated and skilled IT Network Engineer to join their dynamic team. As an IT Network expert you will be responsible for supporting and maintaining the network infrastructure of clients' yachts, ensuring reliable connectivity, secure communication, and efficient operations. This role offers a unique opportunity to apply your technical expertise and contribute to the growth of the company in the fast-paced and exciting world of luxury yachting and to grow your career with on the job training with a Senior Engineer. Key Responsibilities: Network Infrastructure Management: Assist in the design, configuration, and maintenance of network infrastructure for yachts, including routers, switches, firewalls, and wireless access points. Network Monitoring and Troubleshooting: Monitor network performance, identify and resolve network issues, and proactively address potential problems to ensure uninterrupted connectivity and smooth operations. Network Security: Implement and maintain robust security measures to protect the network infrastructure and data against unauthorised access, cybersecurity threats, and malware. Network Documentation : Maintain accurate and up-to-date network documentation, including network diagrams, configurations, and equipment inventory. User Support: Provide technical support and assistance to clients' onboard IT teams, troubleshoot network-related problems, and ensure timely resolution of issues. Collaboration: Work closely with cross-functional teams, including IT, operations, and yacht crew, to ensure effective communication and coordination of network activities. Network Upgrades and Enhancements : Assist in planning and implementing network upgrades and enhancements to meet evolving business needs and technological advancements. Industry Knowledge: Stay updated with the latest trends, technologies, and best practices in IT networking within the yachting industry, and apply them to improve network performance and security. Based within commuting distance of Winchester, this role will also include occasional international travel. Salary to £30k p.a. plus benefits. The role will suit someone looking to grow their career in this exciting industry. Your skills and experience Education: Excellent knowledge of Information Technology, Computer Science, or a related field with a focus on networking. Technical Skills: Solid understanding of network protocols, TCP/IP, routing, switching, and wireless technologies. Familiarity with network security principles and best practices. Certifications: Industry certifications such as CCNA, CompTIA Network+, or equivalent are highly desirable. Problem-Solving Skills: Ability to diagnose and troubleshoot network-related issues using appropriate tools and methodologies. Communication Skills: Excellent verbal and written communication skills, with the ability to effectively convey technical information to both technical and non-technical stakeholders. Team Player: Strong teamwork and collaboration skills, with the ability to work effectively with colleagues from diverse backgrounds and departments. Attention to Detail: Strong organisational and documentation skills, with a meticulous approach to network configuration, documentation, and maintenance. Adaptability: Ability to work in a fast-paced, ever-changing environment and quickly learn and adapt to new technologies and processes. This position requires occasional international travel to luxury yacht destinations worldwide. As an IT Network Engineer, you will have the unique opportunity to work on projects in various global locations within the exclusive world of luxury yachting. A valid passport is required for this role, as you will travel to different countries to install and configure AVIT systems on luxury yachts. You will collaborate with cross-functional teams, adapt to diverse cultural contexts, and provide exceptional customer service while ensuring seamless integration and exceptional audio visual experiences. This role offers an exciting blend of technical expertise, travel, and cultural immersion, making it ideal for those with a sense of adventure and a passion for exploring new horizons and growing their career. Our client offers an innovative and supportive work environment, with opportunities for professional growth and development. Join their team and be part of an organisation that delivers cutting-edge technology solutions to the luxury yachting industry. If you are passionate about IT networking and have a keen interest in the yachting sector, we invite you to apply today and embark on an exciting career. The Organisation Our client offers its clients a range of bespoke solutions including AV systems, control systems, lighting and structured cabling in both Yachts and luxury homes. They have a wealth of experience in both markets and an enviable client list and offer the successful candidate a great career opportunity with on the job training. The Recruiters AV Jobs are the No 1 specialist Audio Visual Recruiter in the UK and work with clients and candidates to ensure a perfect job fit.
Apr 18, 2024
Full time
The Opportunity Our client - a leading provider of technology solutions for the yachting industry - is seeking a highly motivated and skilled IT Network Engineer to join their dynamic team. As an IT Network expert you will be responsible for supporting and maintaining the network infrastructure of clients' yachts, ensuring reliable connectivity, secure communication, and efficient operations. This role offers a unique opportunity to apply your technical expertise and contribute to the growth of the company in the fast-paced and exciting world of luxury yachting and to grow your career with on the job training with a Senior Engineer. Key Responsibilities: Network Infrastructure Management: Assist in the design, configuration, and maintenance of network infrastructure for yachts, including routers, switches, firewalls, and wireless access points. Network Monitoring and Troubleshooting: Monitor network performance, identify and resolve network issues, and proactively address potential problems to ensure uninterrupted connectivity and smooth operations. Network Security: Implement and maintain robust security measures to protect the network infrastructure and data against unauthorised access, cybersecurity threats, and malware. Network Documentation : Maintain accurate and up-to-date network documentation, including network diagrams, configurations, and equipment inventory. User Support: Provide technical support and assistance to clients' onboard IT teams, troubleshoot network-related problems, and ensure timely resolution of issues. Collaboration: Work closely with cross-functional teams, including IT, operations, and yacht crew, to ensure effective communication and coordination of network activities. Network Upgrades and Enhancements : Assist in planning and implementing network upgrades and enhancements to meet evolving business needs and technological advancements. Industry Knowledge: Stay updated with the latest trends, technologies, and best practices in IT networking within the yachting industry, and apply them to improve network performance and security. Based within commuting distance of Winchester, this role will also include occasional international travel. Salary to £30k p.a. plus benefits. The role will suit someone looking to grow their career in this exciting industry. Your skills and experience Education: Excellent knowledge of Information Technology, Computer Science, or a related field with a focus on networking. Technical Skills: Solid understanding of network protocols, TCP/IP, routing, switching, and wireless technologies. Familiarity with network security principles and best practices. Certifications: Industry certifications such as CCNA, CompTIA Network+, or equivalent are highly desirable. Problem-Solving Skills: Ability to diagnose and troubleshoot network-related issues using appropriate tools and methodologies. Communication Skills: Excellent verbal and written communication skills, with the ability to effectively convey technical information to both technical and non-technical stakeholders. Team Player: Strong teamwork and collaboration skills, with the ability to work effectively with colleagues from diverse backgrounds and departments. Attention to Detail: Strong organisational and documentation skills, with a meticulous approach to network configuration, documentation, and maintenance. Adaptability: Ability to work in a fast-paced, ever-changing environment and quickly learn and adapt to new technologies and processes. This position requires occasional international travel to luxury yacht destinations worldwide. As an IT Network Engineer, you will have the unique opportunity to work on projects in various global locations within the exclusive world of luxury yachting. A valid passport is required for this role, as you will travel to different countries to install and configure AVIT systems on luxury yachts. You will collaborate with cross-functional teams, adapt to diverse cultural contexts, and provide exceptional customer service while ensuring seamless integration and exceptional audio visual experiences. This role offers an exciting blend of technical expertise, travel, and cultural immersion, making it ideal for those with a sense of adventure and a passion for exploring new horizons and growing their career. Our client offers an innovative and supportive work environment, with opportunities for professional growth and development. Join their team and be part of an organisation that delivers cutting-edge technology solutions to the luxury yachting industry. If you are passionate about IT networking and have a keen interest in the yachting sector, we invite you to apply today and embark on an exciting career. The Organisation Our client offers its clients a range of bespoke solutions including AV systems, control systems, lighting and structured cabling in both Yachts and luxury homes. They have a wealth of experience in both markets and an enviable client list and offer the successful candidate a great career opportunity with on the job training. The Recruiters AV Jobs are the No 1 specialist Audio Visual Recruiter in the UK and work with clients and candidates to ensure a perfect job fit.
The purpose of this post is to lead the Security Risk Team to ensure that cyber & physical risks facing the business are assessed and data is available to inform business-level and Exec decision-making. The scope includes (but is not limited to), Operational Technology (OT) and associated IT environments comprising of Control centres Optel Network & Services Critical data centres Substations. The focus being on critical systems that support the operation of the essential service to deliver electricity transmission across England and Wales and that form the scope of NIS Critical Systems. Responsible for setting the strategy and leading the formation of a consistent cyber risk management framework. The framework will ensure risks are understood by stakeholders, are documented, assessed and appropriate risk mitigation strategies are in place. The role will lead the engagement on the Cyber Risk Framework with senior leadership, group security and external bodies including Ofgem, DESNZ and NCSC. You will lead a team of specialists, collaborate with cross-functional teams, and implement risk management strategies tailored to the unique cyber challenges. Key stakeholders will include: Control & Cyber Strategy NIS system leads. ET Asset Operations (AO) Global Strategic Risk group who provides a risk framework for high level risks This role will: Ensure a regular cadence for OT Cyber risk capture, appraisal, and assessment for NIS critical systems. Ensure there is consistent document and justification of NIST CSF controls process maturity and coverage of these systems. Ensure Improvement plans are underpinned by comprehensive risk registers that quantify gaps in our controls that support our NIS critical environment. Take a lead in ensuring our regulatory submissions have strong risk-based justifications in order to ensure our Improvement plans financed. Key Accountabilities include: Defining the OT Cyber Risk Framework Driving a consistent approach to the capturing, recording and management of OT Cyber Security risks across the business Take a lead in OT Cyber Risk Management Governance Forums Collaborate with Group security to ensure OT Risk Framework aligns to and support group strategic risk assessments. Leading the business to deliver frequent risk assessments for approval by supported business functions and the Control & Cyber Strategy Manager, ensuring registers are maintained/amended as required. Leading and managing a team of Operational Technology Cyber risk specialists who will conduct risk assessments of NIS Critical systems. Ensuring risk assessments are resourced appropriately. Leads the development of risk assessment processes for ET NIS critical system level risks. Ensuring risk assessments are completed according to agreed processes and the timescales demanded by the risk assessment programme and supporting group security's strategic risk assessment processes. Directly supporting selected risk assessments as required. Ensuring data resulting from risk assessments is shared with the Control & Cyber Strategy team, Cyber risk governance forums and senior managers as required in accordance with agreed processes. Work closely with leadership to report on risk posture, metrics, mitigation strategies and investment priorities. Experience Demonstrable experience utilising risk assessment methodologies (e.g., NIST 800-30, ISO27005, IEC 62443, FAIR). Demonstrable experience working with industry best practices and security control frameworks (e.g., NIST , ISO 27001, IEC 62443, NIST CSF, NCSC CAF). Demonstrable experience implementing security risk management frameworks (e.g., NIST 800-39, 800-37) Ability to communicate complex messages both orally & in writing using quantitative & qualitative measures to senior leaders across the business. Confidence to challenge, take ownership of complex challenges, lead risk assessments, agree and build future improvement plans. Moderate understanding of ICS/SCADA (e.g., IEC 62443 framework). Understanding of UK Network & Information Systems (NIS) Regulations desirable. Communicating complex messages both orally & in writing using quantitative & qualitative measures. Experience with MITRE ATT&CK desirable Able to operate as a highly independent motivated worker and as part of a strong team with a collaborative approach, delivering high-quality outputs. Previous experience of risk management within an Operational Technology environment
Apr 18, 2024
Full time
The purpose of this post is to lead the Security Risk Team to ensure that cyber & physical risks facing the business are assessed and data is available to inform business-level and Exec decision-making. The scope includes (but is not limited to), Operational Technology (OT) and associated IT environments comprising of Control centres Optel Network & Services Critical data centres Substations. The focus being on critical systems that support the operation of the essential service to deliver electricity transmission across England and Wales and that form the scope of NIS Critical Systems. Responsible for setting the strategy and leading the formation of a consistent cyber risk management framework. The framework will ensure risks are understood by stakeholders, are documented, assessed and appropriate risk mitigation strategies are in place. The role will lead the engagement on the Cyber Risk Framework with senior leadership, group security and external bodies including Ofgem, DESNZ and NCSC. You will lead a team of specialists, collaborate with cross-functional teams, and implement risk management strategies tailored to the unique cyber challenges. Key stakeholders will include: Control & Cyber Strategy NIS system leads. ET Asset Operations (AO) Global Strategic Risk group who provides a risk framework for high level risks This role will: Ensure a regular cadence for OT Cyber risk capture, appraisal, and assessment for NIS critical systems. Ensure there is consistent document and justification of NIST CSF controls process maturity and coverage of these systems. Ensure Improvement plans are underpinned by comprehensive risk registers that quantify gaps in our controls that support our NIS critical environment. Take a lead in ensuring our regulatory submissions have strong risk-based justifications in order to ensure our Improvement plans financed. Key Accountabilities include: Defining the OT Cyber Risk Framework Driving a consistent approach to the capturing, recording and management of OT Cyber Security risks across the business Take a lead in OT Cyber Risk Management Governance Forums Collaborate with Group security to ensure OT Risk Framework aligns to and support group strategic risk assessments. Leading the business to deliver frequent risk assessments for approval by supported business functions and the Control & Cyber Strategy Manager, ensuring registers are maintained/amended as required. Leading and managing a team of Operational Technology Cyber risk specialists who will conduct risk assessments of NIS Critical systems. Ensuring risk assessments are resourced appropriately. Leads the development of risk assessment processes for ET NIS critical system level risks. Ensuring risk assessments are completed according to agreed processes and the timescales demanded by the risk assessment programme and supporting group security's strategic risk assessment processes. Directly supporting selected risk assessments as required. Ensuring data resulting from risk assessments is shared with the Control & Cyber Strategy team, Cyber risk governance forums and senior managers as required in accordance with agreed processes. Work closely with leadership to report on risk posture, metrics, mitigation strategies and investment priorities. Experience Demonstrable experience utilising risk assessment methodologies (e.g., NIST 800-30, ISO27005, IEC 62443, FAIR). Demonstrable experience working with industry best practices and security control frameworks (e.g., NIST , ISO 27001, IEC 62443, NIST CSF, NCSC CAF). Demonstrable experience implementing security risk management frameworks (e.g., NIST 800-39, 800-37) Ability to communicate complex messages both orally & in writing using quantitative & qualitative measures to senior leaders across the business. Confidence to challenge, take ownership of complex challenges, lead risk assessments, agree and build future improvement plans. Moderate understanding of ICS/SCADA (e.g., IEC 62443 framework). Understanding of UK Network & Information Systems (NIS) Regulations desirable. Communicating complex messages both orally & in writing using quantitative & qualitative measures. Experience with MITRE ATT&CK desirable Able to operate as a highly independent motivated worker and as part of a strong team with a collaborative approach, delivering high-quality outputs. Previous experience of risk management within an Operational Technology environment
As the lead Security Risk Analyst, you will drive the strategic direction for the system level risk identification, management, and review for one of the most critical networks - the Operational Technology Services Network (OTSN). Ensuring new and changed standards grow the cyber security maturity of the organisation, are proportionate to the risk (in line with the ET's risk appetite & the NIS Regulation) and are in line with security & resilience strategies. Key accountabilities Lead the creation, development, and management of OTSNs risk assessment frameworks and principles to support the cyber security decision making processes within ET. Provide expert technical support for the risk assessment of vulnerabilities and deviations from the target state including agreeing mitigating actions within agreed delegated authority. Support the development of cyber security policies and specifications to reduce risk. Improve organisational cyber security maturity and support compliance with the NIS Regulation for the OTSN by managing OTSN registers in line with risk appetite. Support the business to understand cyber security requirements for OTSN through engagement with projects and design teams on OTSN risks. Support the business to understand cyber security risks through appropriate reporting and communication of current risks and vulnerabilities. Influence the security and resilience strategies to accelerate cyber security risk reduction. Support the optimisation of OTSN management strategies in the long-term interests of consumers and the business Interpersonal, Supervisory or Management Relevant experience risk reporting including leading teams of risk analysts and/or project management. Strong data analytical skills and excellent written and communication skills with the ability to interface comfortably with senior stakeholders. Strong investigation and problem-solving skills, demonstrating autonomy and initiative. Proactive with the ability to work under tight deadline pressures across multiple workstreams. Sound understanding and proven experience of IEC 62443, ISO27000, NIST CSF and audit processes. Experience of introducing changes to specifications or policies that apply to a technical audience. Extensive experience communicating difficult and standard issues associated with areas of expertise in a clear and concise manner both verbally & in writing. Eager to develop their business and technical skills, you will be comfortable breaking new ground and changing the way the business makes decisions. Technical or Specialist Technical understanding of the LAN / WAN Networks and Operational Technology (OT). Detailed understanding of how cyber security risks can manifest within networks, devices, and systems. Understanding of asset management principles, including risk management, decision making, planning, asset lifecycle and asset data/information. Experience of using and developing decision making frameworks and tools including economic assessments (NPV, CBA) and whole life asset assessments (WLV) Familiarity with international standards related to cyber security including IEC62443 and IEC62351 Commensurate experience with O365, including excel and preferable Power BI. Experience with MITRE ATT&CK desirable, preferably MITRE ICS.
Apr 18, 2024
Full time
As the lead Security Risk Analyst, you will drive the strategic direction for the system level risk identification, management, and review for one of the most critical networks - the Operational Technology Services Network (OTSN). Ensuring new and changed standards grow the cyber security maturity of the organisation, are proportionate to the risk (in line with the ET's risk appetite & the NIS Regulation) and are in line with security & resilience strategies. Key accountabilities Lead the creation, development, and management of OTSNs risk assessment frameworks and principles to support the cyber security decision making processes within ET. Provide expert technical support for the risk assessment of vulnerabilities and deviations from the target state including agreeing mitigating actions within agreed delegated authority. Support the development of cyber security policies and specifications to reduce risk. Improve organisational cyber security maturity and support compliance with the NIS Regulation for the OTSN by managing OTSN registers in line with risk appetite. Support the business to understand cyber security requirements for OTSN through engagement with projects and design teams on OTSN risks. Support the business to understand cyber security risks through appropriate reporting and communication of current risks and vulnerabilities. Influence the security and resilience strategies to accelerate cyber security risk reduction. Support the optimisation of OTSN management strategies in the long-term interests of consumers and the business Interpersonal, Supervisory or Management Relevant experience risk reporting including leading teams of risk analysts and/or project management. Strong data analytical skills and excellent written and communication skills with the ability to interface comfortably with senior stakeholders. Strong investigation and problem-solving skills, demonstrating autonomy and initiative. Proactive with the ability to work under tight deadline pressures across multiple workstreams. Sound understanding and proven experience of IEC 62443, ISO27000, NIST CSF and audit processes. Experience of introducing changes to specifications or policies that apply to a technical audience. Extensive experience communicating difficult and standard issues associated with areas of expertise in a clear and concise manner both verbally & in writing. Eager to develop their business and technical skills, you will be comfortable breaking new ground and changing the way the business makes decisions. Technical or Specialist Technical understanding of the LAN / WAN Networks and Operational Technology (OT). Detailed understanding of how cyber security risks can manifest within networks, devices, and systems. Understanding of asset management principles, including risk management, decision making, planning, asset lifecycle and asset data/information. Experience of using and developing decision making frameworks and tools including economic assessments (NPV, CBA) and whole life asset assessments (WLV) Familiarity with international standards related to cyber security including IEC62443 and IEC62351 Commensurate experience with O365, including excel and preferable Power BI. Experience with MITRE ATT&CK desirable, preferably MITRE ICS.
Role Title:Cyber Security Assurance Specialist Key Role Responsibilities Review new business proposals and provide specialist advice on security issues and implications. Set policies, standards and guidelines for how the organisation conducts security operations across the business and ensures alignment. Develop & establish supplier chain security agreements / contracts / questionnaires and manage completion and disengagement. Lead reviews of governance practices with appropriate and sufficient independence from management activity. Develop policies, standards, processes, guidelines for ensuring appropriate security standards are in place and are adhered to. Ensure architectural security principles are applied during project design to reduce risk. Drives adoption and adherence to policy, standards and guidelines. Design, architect and deliver security aspects within projects and provide expert assurance for secure implementation. Lead and support product security activities, including technical reviews and assessments of product security architectures and designs across a diverse range of complex infrastructure, data and application systems. Ensure timely and robust incident management resolution, including major incident response coordination and management. Deputise for the Senior IT Security Manager as and when required. Education, Qualifications & Training Achieved one or more relevant qualification / certification (i.e. CISSP, CISA, CISM Knowledge & Experience Expert knowledge of security data tools, information security controls, security best practice and management strategies. Experience of designing control maturity tests and conducting control maturity assessments. Experience of overseeing and leading remediation of security assessments, technical testing, and vulnerability analysis including Cyber Essentials, Cyber Essentials Plus, and NIST CSF. Experience in incident response and overseeing improvement actions such as development and tuning of security monitoring, alerting, and reporting. Technical knowledge and broad hands-on experience of working with security technologies such as the Microsoft XDR stack, vulnerability management tools (Nessus and Rapid 7), EDR platforms, SIEMs (Splunk / Azure Sentinel), Powershell automation etc. Previous exposure to enterprise networking and infrastructure technologies Role Specific Skills & Behaviours Ability to work supportively and collaboratively with colleagues across Technology & transformation as well as the wider business. Ability to effectively coordinate and manage major incident responses. Ability to work under pressure and maintain customer service ethic. Ability to be creative. Ability to present complex security solutions and situations to those without technical knowledge. Ability to formulate effective and appropriate recommendations based on sound technical knowledge. Ability to confidently challenge deadlines, priorities and suggest alternative ways of achieving targets. Meticulous documentation skills used for service descriptions and in service/asset management tooling and knowledge bases. Excellent written and oral communication skills. Customer focused - always assessing the impact and urgency for customers as the priority. Able to develop the skills and competencies of others. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk
Apr 18, 2024
Full time
Role Title:Cyber Security Assurance Specialist Key Role Responsibilities Review new business proposals and provide specialist advice on security issues and implications. Set policies, standards and guidelines for how the organisation conducts security operations across the business and ensures alignment. Develop & establish supplier chain security agreements / contracts / questionnaires and manage completion and disengagement. Lead reviews of governance practices with appropriate and sufficient independence from management activity. Develop policies, standards, processes, guidelines for ensuring appropriate security standards are in place and are adhered to. Ensure architectural security principles are applied during project design to reduce risk. Drives adoption and adherence to policy, standards and guidelines. Design, architect and deliver security aspects within projects and provide expert assurance for secure implementation. Lead and support product security activities, including technical reviews and assessments of product security architectures and designs across a diverse range of complex infrastructure, data and application systems. Ensure timely and robust incident management resolution, including major incident response coordination and management. Deputise for the Senior IT Security Manager as and when required. Education, Qualifications & Training Achieved one or more relevant qualification / certification (i.e. CISSP, CISA, CISM Knowledge & Experience Expert knowledge of security data tools, information security controls, security best practice and management strategies. Experience of designing control maturity tests and conducting control maturity assessments. Experience of overseeing and leading remediation of security assessments, technical testing, and vulnerability analysis including Cyber Essentials, Cyber Essentials Plus, and NIST CSF. Experience in incident response and overseeing improvement actions such as development and tuning of security monitoring, alerting, and reporting. Technical knowledge and broad hands-on experience of working with security technologies such as the Microsoft XDR stack, vulnerability management tools (Nessus and Rapid 7), EDR platforms, SIEMs (Splunk / Azure Sentinel), Powershell automation etc. Previous exposure to enterprise networking and infrastructure technologies Role Specific Skills & Behaviours Ability to work supportively and collaboratively with colleagues across Technology & transformation as well as the wider business. Ability to effectively coordinate and manage major incident responses. Ability to work under pressure and maintain customer service ethic. Ability to be creative. Ability to present complex security solutions and situations to those without technical knowledge. Ability to formulate effective and appropriate recommendations based on sound technical knowledge. Ability to confidently challenge deadlines, priorities and suggest alternative ways of achieving targets. Meticulous documentation skills used for service descriptions and in service/asset management tooling and knowledge bases. Excellent written and oral communication skills. Customer focused - always assessing the impact and urgency for customers as the priority. Able to develop the skills and competencies of others. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk
End Date Sunday 21 April 2024 Salary Range £42,120 - £46,800 We support flexible working - click here for more information on flexible working options Flexible Working Options Hybrid Working, Job Share Job Description Summary JOB TITLE: Security, Business Continuity & Supplier Control Specialist, Assistant Manager LOCATION: Leeds, Halifax, Glasgow, Edinburgh. HOURS: Full-time WORKING PATTERN: Our work style is hybrid, which involves spending at least two days per week, or 40% of our time, at one of our Risk hub locations. As a Security, Business Continuity & Supplier Control Specialist you'll be responsible for supporting & monitoring the control environment to support the management of Information, Cyber & Physical Security Risk, Business Continuity Risk & Supplier Risk, working in collaboration with other SMEs to ensure Risk Function s operational resilience. Job Description ABOUT THIS OPPORTUNITY We re on an exciting journey and there couldn t be a better time to join us. We re putting in place a fresh operating model for non-financial risk management across the Group, empowering our people to take end-to-end accountability for managing the risks that they face! As a Security, Business Continuity & Supplier Control Specialist you'll be responsible for supporting & monitoring the control environment to support the management of Information, Cyber & Physical Security Risk, Business Continuity Risk & Supplier Risk, working in collaboration with other SMEs to ensure Risk Function s operational resilience. WHAT YOU'LL BE DOING: Support management of Information, Cyber & Physical Security Risk, Business Continuity Risk & Supplier Risk control environment including control testing & effectiveness, engagement with application owner population & reporting of compliance to senior colleagues. Works with risk and control owner teams to help deliver against aligned customer, business and strategic outcomes. Produces timely and accurate documents and reports by collecting risk and control data from a variety of sources and input data into standardised formats. Assists the development of the first line control management centre of excellence that supports safe growth and enables high quality customer service. Delivers prescribed outcomes by working with established control design, mapping, monitoring and testing approaches. Reports findings and deviations using concise and clear reporting and escalates appropriately to senior colleagues. Works with risk and control owner teams to investigate questions related to the existing control environment. Provides advice to managers on how to apply a wide variety of control monitoring and testing procedures. Supports timely reporting on the effectiveness and performance of controls and compliance. Identifies and reports any deviations to more senior colleagues. Assists in the management of actions on operational risk events and breaches following Risk & Control Self-Assessment (RCSA). Identifies issues and then suggests and implements improvements to control environment with guidance from senior colleagues. WHAT YOU'LL NEED: Good understanding of relevant standards and policies, including Supplier Treatment Standards, Group Security Standards & Policy and the Group Operational Resilience Framework. Some understanding of control management and the practical implementation across relevant functional area of expertise. Good business knowledge and organisational awareness and with some experience in supporting and managing control design, optimisation, testing and monitoring activities. Takes responsibility for developing personal capabilities using existing formal and informal training opportunities, while also coaching others as required. Good ability to understand and assimilate different sources of data to identify and make relevant conclusions and recommendations. Plans and co-ordinates workloads to monitor and test control environment. Supports the implementation of corrective actions and/or continuous improvement initiatives. Supports management to make good and timely decisions that keep the organisation moving forward. For example, provides timely and accurate control monitoring and testing outcomes to support the prioritisation of future control design and optimisation activities. Designs own work schedule and potentially assigns work to other colleagues as needed to expedite workflow and deliver high-priority tasks. Builds partnerships and works collaboratively with others to meet shared objectives. ABOUT WORKING FOR US Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society and celebrates diversity in all its forms. We want everyone to feel that they belong and can be their best, regardless of background, identity or culture. We were one of the first major organisations to set goals on diversity in senior roles, create a menopause health package, and a dedicated Working with Cancer initiative. And it s why we especially welcome applications from under-represented groups. We re disability confident. So, if you d like reasonable adjustments to be made to our recruitment processes, just let us know. We also offer a wide-ranging benefits package, which includes: A generous pension contribution of up to 15% An annual bonus award, subject to Group performance Share schemes including free shares! Benefits you can adapt to your lifestyle, such as discounted shopping. 28 days holiday, with bank holidays on top A range of wellbeing initiatives and generous parental leave policies If you re excited by the thought of becoming part of our team, get in touch. We d love to hear from you. At Lloyds Banking Group, we're driven by a clear purpose; to help Britain prosper. Across the Group, our colleagues are focused on making a difference to customers, businesses and communities. With us you'll have a key role to play in shaping the financial services of the future, whilst the scale and reach of our Group means you'll have many opportunities to learn, grow and develop. We keep your data safe. So, we'll only ever ask you to provide confidential or sensitive information once you have formally been invited along to an interview or accepted a verbal offer to join us which is when we run our background checks. We'll always explain what we need and why, with any request coming from a trusted Lloyds Banking Group person. We're focused on creating a values-led culture and are committed to building a workforce which reflects the diversity of the customers and communities we serve. Together we re building a truly inclusive workplace where all of our colleagues have the opportunity to make a real difference.
Apr 18, 2024
Full time
End Date Sunday 21 April 2024 Salary Range £42,120 - £46,800 We support flexible working - click here for more information on flexible working options Flexible Working Options Hybrid Working, Job Share Job Description Summary JOB TITLE: Security, Business Continuity & Supplier Control Specialist, Assistant Manager LOCATION: Leeds, Halifax, Glasgow, Edinburgh. HOURS: Full-time WORKING PATTERN: Our work style is hybrid, which involves spending at least two days per week, or 40% of our time, at one of our Risk hub locations. As a Security, Business Continuity & Supplier Control Specialist you'll be responsible for supporting & monitoring the control environment to support the management of Information, Cyber & Physical Security Risk, Business Continuity Risk & Supplier Risk, working in collaboration with other SMEs to ensure Risk Function s operational resilience. Job Description ABOUT THIS OPPORTUNITY We re on an exciting journey and there couldn t be a better time to join us. We re putting in place a fresh operating model for non-financial risk management across the Group, empowering our people to take end-to-end accountability for managing the risks that they face! As a Security, Business Continuity & Supplier Control Specialist you'll be responsible for supporting & monitoring the control environment to support the management of Information, Cyber & Physical Security Risk, Business Continuity Risk & Supplier Risk, working in collaboration with other SMEs to ensure Risk Function s operational resilience. WHAT YOU'LL BE DOING: Support management of Information, Cyber & Physical Security Risk, Business Continuity Risk & Supplier Risk control environment including control testing & effectiveness, engagement with application owner population & reporting of compliance to senior colleagues. Works with risk and control owner teams to help deliver against aligned customer, business and strategic outcomes. Produces timely and accurate documents and reports by collecting risk and control data from a variety of sources and input data into standardised formats. Assists the development of the first line control management centre of excellence that supports safe growth and enables high quality customer service. Delivers prescribed outcomes by working with established control design, mapping, monitoring and testing approaches. Reports findings and deviations using concise and clear reporting and escalates appropriately to senior colleagues. Works with risk and control owner teams to investigate questions related to the existing control environment. Provides advice to managers on how to apply a wide variety of control monitoring and testing procedures. Supports timely reporting on the effectiveness and performance of controls and compliance. Identifies and reports any deviations to more senior colleagues. Assists in the management of actions on operational risk events and breaches following Risk & Control Self-Assessment (RCSA). Identifies issues and then suggests and implements improvements to control environment with guidance from senior colleagues. WHAT YOU'LL NEED: Good understanding of relevant standards and policies, including Supplier Treatment Standards, Group Security Standards & Policy and the Group Operational Resilience Framework. Some understanding of control management and the practical implementation across relevant functional area of expertise. Good business knowledge and organisational awareness and with some experience in supporting and managing control design, optimisation, testing and monitoring activities. Takes responsibility for developing personal capabilities using existing formal and informal training opportunities, while also coaching others as required. Good ability to understand and assimilate different sources of data to identify and make relevant conclusions and recommendations. Plans and co-ordinates workloads to monitor and test control environment. Supports the implementation of corrective actions and/or continuous improvement initiatives. Supports management to make good and timely decisions that keep the organisation moving forward. For example, provides timely and accurate control monitoring and testing outcomes to support the prioritisation of future control design and optimisation activities. Designs own work schedule and potentially assigns work to other colleagues as needed to expedite workflow and deliver high-priority tasks. Builds partnerships and works collaboratively with others to meet shared objectives. ABOUT WORKING FOR US Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society and celebrates diversity in all its forms. We want everyone to feel that they belong and can be their best, regardless of background, identity or culture. We were one of the first major organisations to set goals on diversity in senior roles, create a menopause health package, and a dedicated Working with Cancer initiative. And it s why we especially welcome applications from under-represented groups. We re disability confident. So, if you d like reasonable adjustments to be made to our recruitment processes, just let us know. We also offer a wide-ranging benefits package, which includes: A generous pension contribution of up to 15% An annual bonus award, subject to Group performance Share schemes including free shares! Benefits you can adapt to your lifestyle, such as discounted shopping. 28 days holiday, with bank holidays on top A range of wellbeing initiatives and generous parental leave policies If you re excited by the thought of becoming part of our team, get in touch. We d love to hear from you. At Lloyds Banking Group, we're driven by a clear purpose; to help Britain prosper. Across the Group, our colleagues are focused on making a difference to customers, businesses and communities. With us you'll have a key role to play in shaping the financial services of the future, whilst the scale and reach of our Group means you'll have many opportunities to learn, grow and develop. We keep your data safe. So, we'll only ever ask you to provide confidential or sensitive information once you have formally been invited along to an interview or accepted a verbal offer to join us which is when we run our background checks. We'll always explain what we need and why, with any request coming from a trusted Lloyds Banking Group person. We're focused on creating a values-led culture and are committed to building a workforce which reflects the diversity of the customers and communities we serve. Together we re building a truly inclusive workplace where all of our colleagues have the opportunity to make a real difference.
End Date Sunday 21 April 2024 Salary Range £62,874 - £69,860 We support flexible working - click here for more information on flexible working options Flexible Working Options Hybrid Working, Job Share Job Description Summary JOB TITLE: Security Control Specialist SALARY: £62,874 - £69,860 LOCATION: Leeds, Halifax, Glasgow, Edinburgh. HOURS: Full-time WORKING PATTERN: Our work style is hybrid, which involves spending at least two days per week, or 40% of our time, at one of our Risk hub locations. As a Security Control Specialist, you'll be responsible for the management & implementation of an effective control environment to support the management of Information, Cyber & Physical Security Risk, working in collaboration with other SMEs to ensure Risk Function s resilience. You'll engage and collaborate with key group-wide partners including Chief Security Office, Divisional & Technical Application Owners (D/TAOs), Enterprise Risk Platforms and other key SMEs as required. Job Description ABOUT THIS OPPORTUNITY We re on an exciting journey and there couldn t be a better time to join us. We re putting in place a fresh operating model for non-financial risk management across the Group, empowering our people to take end-to-end accountability for managing the risks that they face! As a Security Control Specialist, you'll be responsible for the management & implementation of an effective control environment to support the management of Information, Cyber & Physical Security Risk, working in collaboration with other SMEs to ensure Risk Function s resilience. You'll engage and collaborate with key group-wide partners including Chief Security Office, Divisional & Technical Application Owners (D/TAOs), Enterprise Risk Platforms and other key SMEs as required. WHAT YOU'LL BE DOING: Lead management of Information, Cyber & Physical Security Risk control environment including control testing & effectiveness, engagement with application owner population & reporting of compliance to senior colleagues. Promotes a Security-first culture within Risk Function to encourage individual responsibility & accountability for protecting the Group. Works with risk and control owner teams to help deliver against aligned customer, business and strategic outcomes. Analyses and assesses control environment effectiveness using a wide range of sources and identifies potential impacts on the business. Assists the development of the first line control management centre of excellence that supports safe growth and enables high quality customer service. Supports the development and implementation of the control strategy to monitor and test the design and operating effectiveness of the control environment across e2e business processes. Organises and prepares documentation, while also gathering and summarising data and information, to produce and maintain a set of standardised risk and control process maps. Provides primary leadership for control testing and transactional work, supervising a small group performing junior control management tasks. Supports the ongoing development of control tooling solutions to enable the optimisation and automation of the control environment. Supports timely reporting on the effectiveness and performance of controls and compliance through maintaining effective data quality (KCIs), completeness and accuracy of testing and monitoring activities. Assists in the management of actions on operational risk events and breaches following Risk & Control Self-Assessment (RCSA). Identifies issues and then suggests and implements improvements to control environment with guidance from senior colleagues. WHAT YOU'LL NEED: Strong understanding of Group Security Standards and Policy. Including Application Management & remediation of Security Non-Compliances, Insider & People & Physical Asset Security. Good understanding of controls and their practical implementation across relevant financial services disciplines and risk types. Some knowledge and experience of the approaches taken to manage non-financial/financial risk and a good technical understanding of business processes. Strong understanding and practical application of control testing and monitoring activities, with some experience of delivering control design and optimisation. Takes responsibility for growing their own skills and capabilities with support from senior colleagues. Informally coaches others in area of expertise to drive an uplift in skills and risk and control culture throughout the organisation Contributes to the development of both short- and medium-term strategies. Assigns short-term work schedules to the team in order to deliver agreed outcomes and within expected timelines. Uses compelling arguments to gain support and commitment of others. Strong ability to communicate and describe drivers of change and able to plan and implement these changes by gaining commitment and understanding across the organisation. Makes good and timely decisions that keep the organisation moving forward. For example, ensures that people s decisions are in line with policies and standards. Integrates analysis, experience, and other inputs to make effective decisions. Builds partnerships and collaboratively works with others to meet shared objectives. For example, encourages colleagues to work together as a team, and make sure they get recognition for doing so. ABOUT WORKING FOR US Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society and celebrates diversity in all its forms. We want everyone to feel that they belong and can be their best, regardless of background, identity or culture. We were one of the first major organisations to set goals on diversity in senior roles, create a menopause health package, and a dedicated Working with Cancer initiative. And it s why we especially welcome applications from under-represented groups. We re disability confident. So, if you d like reasonable adjustments to be made to our recruitment processes, just let us know. We also offer a wide-ranging benefits package, which includes: A generous pension contribution of up to 15% An annual bonus award, subject to Group performance Share schemes including free shares! Benefits you can adapt to your lifestyle, such as discounted shopping. 30 days holiday, with bank holidays on top A range of wellbeing initiatives and generous parental leave policies If you re excited by the thought of becoming part of our team, get in touch. We d love to hear from you. At Lloyds Banking Group, we're driven by a clear purpose; to help Britain prosper. Across the Group, our colleagues are focused on making a difference to customers, businesses and communities. With us you'll have a key role to play in shaping the financial services of the future, whilst the scale and reach of our Group means you'll have many opportunities to learn, grow and develop. We keep your data safe. So, we'll only ever ask you to provide confidential or sensitive information once you have formally been invited along to an interview or accepted a verbal offer to join us which is when we run our background checks. We'll always explain what we need and why, with any request coming from a trusted Lloyds Banking Group person. We're focused on creating a values-led culture and are committed to building a workforce which reflects the diversity of the customers and communities we serve. Together we re building a truly inclusive workplace where all of our colleagues have the opportunity to make a real difference.
Apr 18, 2024
Full time
End Date Sunday 21 April 2024 Salary Range £62,874 - £69,860 We support flexible working - click here for more information on flexible working options Flexible Working Options Hybrid Working, Job Share Job Description Summary JOB TITLE: Security Control Specialist SALARY: £62,874 - £69,860 LOCATION: Leeds, Halifax, Glasgow, Edinburgh. HOURS: Full-time WORKING PATTERN: Our work style is hybrid, which involves spending at least two days per week, or 40% of our time, at one of our Risk hub locations. As a Security Control Specialist, you'll be responsible for the management & implementation of an effective control environment to support the management of Information, Cyber & Physical Security Risk, working in collaboration with other SMEs to ensure Risk Function s resilience. You'll engage and collaborate with key group-wide partners including Chief Security Office, Divisional & Technical Application Owners (D/TAOs), Enterprise Risk Platforms and other key SMEs as required. Job Description ABOUT THIS OPPORTUNITY We re on an exciting journey and there couldn t be a better time to join us. We re putting in place a fresh operating model for non-financial risk management across the Group, empowering our people to take end-to-end accountability for managing the risks that they face! As a Security Control Specialist, you'll be responsible for the management & implementation of an effective control environment to support the management of Information, Cyber & Physical Security Risk, working in collaboration with other SMEs to ensure Risk Function s resilience. You'll engage and collaborate with key group-wide partners including Chief Security Office, Divisional & Technical Application Owners (D/TAOs), Enterprise Risk Platforms and other key SMEs as required. WHAT YOU'LL BE DOING: Lead management of Information, Cyber & Physical Security Risk control environment including control testing & effectiveness, engagement with application owner population & reporting of compliance to senior colleagues. Promotes a Security-first culture within Risk Function to encourage individual responsibility & accountability for protecting the Group. Works with risk and control owner teams to help deliver against aligned customer, business and strategic outcomes. Analyses and assesses control environment effectiveness using a wide range of sources and identifies potential impacts on the business. Assists the development of the first line control management centre of excellence that supports safe growth and enables high quality customer service. Supports the development and implementation of the control strategy to monitor and test the design and operating effectiveness of the control environment across e2e business processes. Organises and prepares documentation, while also gathering and summarising data and information, to produce and maintain a set of standardised risk and control process maps. Provides primary leadership for control testing and transactional work, supervising a small group performing junior control management tasks. Supports the ongoing development of control tooling solutions to enable the optimisation and automation of the control environment. Supports timely reporting on the effectiveness and performance of controls and compliance through maintaining effective data quality (KCIs), completeness and accuracy of testing and monitoring activities. Assists in the management of actions on operational risk events and breaches following Risk & Control Self-Assessment (RCSA). Identifies issues and then suggests and implements improvements to control environment with guidance from senior colleagues. WHAT YOU'LL NEED: Strong understanding of Group Security Standards and Policy. Including Application Management & remediation of Security Non-Compliances, Insider & People & Physical Asset Security. Good understanding of controls and their practical implementation across relevant financial services disciplines and risk types. Some knowledge and experience of the approaches taken to manage non-financial/financial risk and a good technical understanding of business processes. Strong understanding and practical application of control testing and monitoring activities, with some experience of delivering control design and optimisation. Takes responsibility for growing their own skills and capabilities with support from senior colleagues. Informally coaches others in area of expertise to drive an uplift in skills and risk and control culture throughout the organisation Contributes to the development of both short- and medium-term strategies. Assigns short-term work schedules to the team in order to deliver agreed outcomes and within expected timelines. Uses compelling arguments to gain support and commitment of others. Strong ability to communicate and describe drivers of change and able to plan and implement these changes by gaining commitment and understanding across the organisation. Makes good and timely decisions that keep the organisation moving forward. For example, ensures that people s decisions are in line with policies and standards. Integrates analysis, experience, and other inputs to make effective decisions. Builds partnerships and collaboratively works with others to meet shared objectives. For example, encourages colleagues to work together as a team, and make sure they get recognition for doing so. ABOUT WORKING FOR US Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society and celebrates diversity in all its forms. We want everyone to feel that they belong and can be their best, regardless of background, identity or culture. We were one of the first major organisations to set goals on diversity in senior roles, create a menopause health package, and a dedicated Working with Cancer initiative. And it s why we especially welcome applications from under-represented groups. We re disability confident. So, if you d like reasonable adjustments to be made to our recruitment processes, just let us know. We also offer a wide-ranging benefits package, which includes: A generous pension contribution of up to 15% An annual bonus award, subject to Group performance Share schemes including free shares! Benefits you can adapt to your lifestyle, such as discounted shopping. 30 days holiday, with bank holidays on top A range of wellbeing initiatives and generous parental leave policies If you re excited by the thought of becoming part of our team, get in touch. We d love to hear from you. At Lloyds Banking Group, we're driven by a clear purpose; to help Britain prosper. Across the Group, our colleagues are focused on making a difference to customers, businesses and communities. With us you'll have a key role to play in shaping the financial services of the future, whilst the scale and reach of our Group means you'll have many opportunities to learn, grow and develop. We keep your data safe. So, we'll only ever ask you to provide confidential or sensitive information once you have formally been invited along to an interview or accepted a verbal offer to join us which is when we run our background checks. We'll always explain what we need and why, with any request coming from a trusted Lloyds Banking Group person. We're focused on creating a values-led culture and are committed to building a workforce which reflects the diversity of the customers and communities we serve. Together we re building a truly inclusive workplace where all of our colleagues have the opportunity to make a real difference.
IT Graduate - London, South East & North West (UK) - September 2024 About Us Murphy is a leading international, multi-disciplined engineering and construction company founded in 1951 that improves life by delivering world-class infrastructure. Operating in the United Kingdom, Ireland and North America, Murphy provides better engineered solutions to infrastructure sectors including transportation, water, power and natural resources. We also have a number of related businesses - Ground Engineering; Utility Connections; Murphy Plant; Murphy Process Engineering; Pipeline Testing Services; Specialist Welding Services; and Electrical Services. Murphy is a specialist in delivering pipelines, design, structural steel, tunnelling, fabrication, bridges and piling, and has a substantial holding of plant, equipment and facilities. Murphy employs more than 4,000 engineers, professional managers and skilled operatives around the world. Together, we work as 'One Murphy' by directly delivering the people, plant and expertise needed to make projects a success. There's more to Murphy. Murphy Goes Green 36% reduction in carbon emission intensity to date 98% of waste diverted from landfill Introduced cleaner burning Gas-to-Liquid fuel (first construction company in the UK) Installed electric and hybrid car charging points Working towards being Net Zero by 2030 Graduate Programme We have an exciting opportunity to join our leading-edge Graduate programme for Information Technology Graduate - this role is for a person with passion for all elements of IT from customer support, through to back office server and network support, project management & delivery, People and Finance systems support and Cybersecurity. This IT Graduate will play an important role in supporting key areas of the IT department that are undergoing an exciting change to make us more streamline, more strategic and aligned to the Murphy at 75 vision. The role is suitable for someone with an interest in IT, future technology, customer service and project delivery, all to help both support the current Murphy business IT requirements but also to drive us forward in a continually changing and exciting environment. This will involve using a range of industry wide programmes and some bespoke applications; therefore, the candidate will need to be IT proficient as well as being eager to learn new systems and tasks. It is important they are organised, have excellent teamwork and communication skills. Key Responsibilities Since the role will be on rotation around the IT department these will be a mix of responsibilities from these rotations around the following teams; IT Service and Operations, Information Security, Infrastructure, Business Systems, IT Project Management and Data & Analytics. • Provide excellent customer service. • Collaborative working both within the IT department and wider business for items including supporting new service go lives and project delivery, actively supporting IT improvement programmes. • Ensure IT Operations tickets are created for every task undertaken, are appropriately updated, escalated where necessary, completed & closed in line with SLA & Service Desk processes. • Provide support for Site mobilisation, changes and demobilisation. Ensuring the required to setup IT equipment are consistent & to the required standard and delivered according to the set KPI. • Monitor security alerts, logs, and events to identify potential threats or breaches. • Collaborate with incident response teams to mitigate risks and minimize impact. • Identify and prioritize vulnerabilities. • Assess security risks and recommend appropriate controls. • Work with stakeholders to implement risk mitigation strategies. • Assist in remediation efforts to address security gaps. • Assist in developing and implementing security policies, standards, and guidelines. • Educate employees on security best practices. • Provide operational assistance for IT Infrastructure services and all associated applications, hardware, software and security. • Contribute to Information Security processes regarding all business technical infrastructure, ensuring that all infrastructure services are secure built and run in line with agreed best practice and company policies. This includes contributing to the ownership and resolution of any identified risks or incidents identified as part of security escalation processes. • Working closely with the Technical Architect and PMO function - contributing to the ongoing planning, design, implementation, operation, maintenance and improvement of Murphy's technology infrastructure within approved capital and operational expenditure budgets. • Provide technical support and guidance to the IT Commercial and Operations teams in the design and delivery of technical infrastructure for projects through bid and mobilisation phases. Maintaining agreed technical blueprints to standardise project infrastructure delivery. • Assist in delivery of business systems support including D365 and Success Factors including System configuration, Environmental Management and data analysis. • Undertake assigned actions to deliver improvement project across the business systems portfolio working closely with IT Leads, Project managers and key business stakeholders. • Own Small improvement projects and deliver value to the business enhancing business processes and IT capabilities. • Delivery a customer focused service within the boundaries of IT best practices. • Prioritising tasks as appropriate to business needs. • Develop and maintain project plans, setting out key milestones with realistic dates. • Assemble and coordinate project team resource. • Ensure project interdependencies are identified. • Identify, maintain and report on the project opportunity, risk, mitigation, issues and dependencies. • Provide regular progress reporting updates. • Comfortable handling and analysing data, whilst understanding business process and reporting requirements. • Working closely with business reporting stakeholders to understanding reporting and analytical requirements to acquire and present relevant datasets. • Verify the integrity of extracted data. • Implement information security best practices in order to protect the confidentiality, integrity and availability of company data. • Awareness of, and support embedding and applying revised Data Governance and Information Security standards and best practices. • Responsible for ensuring appropriate documentation is produced. • Work closely with the IT Project managers. Graduate Programme The programme will focus on helping you to grow your personal and leadership skills, alongside business and of course, the technical skills you will learn day-to-day on the job. The programme is delivered in a variety of formats throughout the 2 years and will allow you to establish a network of contacts that will help and support you through your first 2 years and beyond. Our line managers are fully supportive of the Graduate Development Programme and will be involved in helping you along the way. In addition to the programme, we offer mentoring and support in every area of work, as well as a structured training programme to enable graduates to work towards achieving Chartership. Graduates may have the opportunity to work on several exciting and progressive projects around the UK during the 2-year period. About you • Have a passion for Murphy's Carbon Net Zero Targets • Ability to work accurately and professionally • Willingness to learn with appropriate instruction • Ability to empathise and communicate with all people, regardless of their background or circumstance • Excellent organisation, communication, and time management skills • Mobility to work on various projects over the 2-year programme throughout the UK • Driven and motivated looking to progress their career in environmental sustainability • Some experience in the construction/civil engineering industry would be advantageous but not necessary • Excellent data analysis skills and interrogation of data Location As a Construction and Civil Engineering company we have projects, big and small, based across the UK and Ireland. There is the opportunity for you to rotate around our IT department. Rotating to different part of IT will enable you to maximise your learning and exposure to your field of study. How will I learn? In short, by grabbing every chance you get. Alongside working on some fascinating, challenging and occasionally jaw-dropping projects, you'll also be part of our Murphy Learning programme, where everyone has ownership of their own training. You decide what skills you want to gain, with support and guidance from your manager. We call it the 70:20:10 principle, and it goes like this: • 70% learning on the job, challenging yourself with new projects and responsibilities • 20% learning through others, training and networking with senior managers, colleagues, and industry leaders • 10% structured learning, choosing training courses that fit your needs and your team's aims Entry Requirements Information Technology degree (or equivalent) Additional Requirements Due to the nature of our work, we may require you to have a full clean driving licence Good time management & organisational skills Computer literate with strong skills in Microsoft Office Applications (Word/Excel/Outlook/PowerPoint) . click apply for full job details
Apr 18, 2024
Full time
IT Graduate - London, South East & North West (UK) - September 2024 About Us Murphy is a leading international, multi-disciplined engineering and construction company founded in 1951 that improves life by delivering world-class infrastructure. Operating in the United Kingdom, Ireland and North America, Murphy provides better engineered solutions to infrastructure sectors including transportation, water, power and natural resources. We also have a number of related businesses - Ground Engineering; Utility Connections; Murphy Plant; Murphy Process Engineering; Pipeline Testing Services; Specialist Welding Services; and Electrical Services. Murphy is a specialist in delivering pipelines, design, structural steel, tunnelling, fabrication, bridges and piling, and has a substantial holding of plant, equipment and facilities. Murphy employs more than 4,000 engineers, professional managers and skilled operatives around the world. Together, we work as 'One Murphy' by directly delivering the people, plant and expertise needed to make projects a success. There's more to Murphy. Murphy Goes Green 36% reduction in carbon emission intensity to date 98% of waste diverted from landfill Introduced cleaner burning Gas-to-Liquid fuel (first construction company in the UK) Installed electric and hybrid car charging points Working towards being Net Zero by 2030 Graduate Programme We have an exciting opportunity to join our leading-edge Graduate programme for Information Technology Graduate - this role is for a person with passion for all elements of IT from customer support, through to back office server and network support, project management & delivery, People and Finance systems support and Cybersecurity. This IT Graduate will play an important role in supporting key areas of the IT department that are undergoing an exciting change to make us more streamline, more strategic and aligned to the Murphy at 75 vision. The role is suitable for someone with an interest in IT, future technology, customer service and project delivery, all to help both support the current Murphy business IT requirements but also to drive us forward in a continually changing and exciting environment. This will involve using a range of industry wide programmes and some bespoke applications; therefore, the candidate will need to be IT proficient as well as being eager to learn new systems and tasks. It is important they are organised, have excellent teamwork and communication skills. Key Responsibilities Since the role will be on rotation around the IT department these will be a mix of responsibilities from these rotations around the following teams; IT Service and Operations, Information Security, Infrastructure, Business Systems, IT Project Management and Data & Analytics. • Provide excellent customer service. • Collaborative working both within the IT department and wider business for items including supporting new service go lives and project delivery, actively supporting IT improvement programmes. • Ensure IT Operations tickets are created for every task undertaken, are appropriately updated, escalated where necessary, completed & closed in line with SLA & Service Desk processes. • Provide support for Site mobilisation, changes and demobilisation. Ensuring the required to setup IT equipment are consistent & to the required standard and delivered according to the set KPI. • Monitor security alerts, logs, and events to identify potential threats or breaches. • Collaborate with incident response teams to mitigate risks and minimize impact. • Identify and prioritize vulnerabilities. • Assess security risks and recommend appropriate controls. • Work with stakeholders to implement risk mitigation strategies. • Assist in remediation efforts to address security gaps. • Assist in developing and implementing security policies, standards, and guidelines. • Educate employees on security best practices. • Provide operational assistance for IT Infrastructure services and all associated applications, hardware, software and security. • Contribute to Information Security processes regarding all business technical infrastructure, ensuring that all infrastructure services are secure built and run in line with agreed best practice and company policies. This includes contributing to the ownership and resolution of any identified risks or incidents identified as part of security escalation processes. • Working closely with the Technical Architect and PMO function - contributing to the ongoing planning, design, implementation, operation, maintenance and improvement of Murphy's technology infrastructure within approved capital and operational expenditure budgets. • Provide technical support and guidance to the IT Commercial and Operations teams in the design and delivery of technical infrastructure for projects through bid and mobilisation phases. Maintaining agreed technical blueprints to standardise project infrastructure delivery. • Assist in delivery of business systems support including D365 and Success Factors including System configuration, Environmental Management and data analysis. • Undertake assigned actions to deliver improvement project across the business systems portfolio working closely with IT Leads, Project managers and key business stakeholders. • Own Small improvement projects and deliver value to the business enhancing business processes and IT capabilities. • Delivery a customer focused service within the boundaries of IT best practices. • Prioritising tasks as appropriate to business needs. • Develop and maintain project plans, setting out key milestones with realistic dates. • Assemble and coordinate project team resource. • Ensure project interdependencies are identified. • Identify, maintain and report on the project opportunity, risk, mitigation, issues and dependencies. • Provide regular progress reporting updates. • Comfortable handling and analysing data, whilst understanding business process and reporting requirements. • Working closely with business reporting stakeholders to understanding reporting and analytical requirements to acquire and present relevant datasets. • Verify the integrity of extracted data. • Implement information security best practices in order to protect the confidentiality, integrity and availability of company data. • Awareness of, and support embedding and applying revised Data Governance and Information Security standards and best practices. • Responsible for ensuring appropriate documentation is produced. • Work closely with the IT Project managers. Graduate Programme The programme will focus on helping you to grow your personal and leadership skills, alongside business and of course, the technical skills you will learn day-to-day on the job. The programme is delivered in a variety of formats throughout the 2 years and will allow you to establish a network of contacts that will help and support you through your first 2 years and beyond. Our line managers are fully supportive of the Graduate Development Programme and will be involved in helping you along the way. In addition to the programme, we offer mentoring and support in every area of work, as well as a structured training programme to enable graduates to work towards achieving Chartership. Graduates may have the opportunity to work on several exciting and progressive projects around the UK during the 2-year period. About you • Have a passion for Murphy's Carbon Net Zero Targets • Ability to work accurately and professionally • Willingness to learn with appropriate instruction • Ability to empathise and communicate with all people, regardless of their background or circumstance • Excellent organisation, communication, and time management skills • Mobility to work on various projects over the 2-year programme throughout the UK • Driven and motivated looking to progress their career in environmental sustainability • Some experience in the construction/civil engineering industry would be advantageous but not necessary • Excellent data analysis skills and interrogation of data Location As a Construction and Civil Engineering company we have projects, big and small, based across the UK and Ireland. There is the opportunity for you to rotate around our IT department. Rotating to different part of IT will enable you to maximise your learning and exposure to your field of study. How will I learn? In short, by grabbing every chance you get. Alongside working on some fascinating, challenging and occasionally jaw-dropping projects, you'll also be part of our Murphy Learning programme, where everyone has ownership of their own training. You decide what skills you want to gain, with support and guidance from your manager. We call it the 70:20:10 principle, and it goes like this: • 70% learning on the job, challenging yourself with new projects and responsibilities • 20% learning through others, training and networking with senior managers, colleagues, and industry leaders • 10% structured learning, choosing training courses that fit your needs and your team's aims Entry Requirements Information Technology degree (or equivalent) Additional Requirements Due to the nature of our work, we may require you to have a full clean driving licence Good time management & organisational skills Computer literate with strong skills in Microsoft Office Applications (Word/Excel/Outlook/PowerPoint) . click apply for full job details
Want to do the best work of your life? With 24 million customers in 6 countries, make your mark at Europe's leading media and entertainment brand. A workplace where you can proudly be yourself; our people make Sky a truly exciting and inclusive place to work. What you'll do: Support the Linux estate and management platform, Tanium, ensuring smooth daily operations. Manage endpoint vulnerabilities using tools like Service Now, coordinating with teams for remediation to implement and uphold cybersecurity best practices. Support and continue to improve the Linux Build, ensuring process documentation is maintained to reflect production. Troubleshoot business incidents on the Linux endpoint estate. What you'll bring: Proven experience as a Tanium SME or similar Management Platform and its integration with Ubuntu Linux Desktop. Advanced knowledge in Linux System Administration. Knowledge of device hardening, CIS, and security baselining. Experience in Cyberark EPM or similar Endpoint Privilege Management. Knowledge in Modern Authentication, Azure AD/Entra ID. Proficiency in Bash scripting creation for automation and deployment. Strong analytical skills to convert business requirements into technical solutions. A proactive attitude with the ability to work under tight deadlines in a dynamic environment. Desired Qualities: Proficiency in MDM solutions such as Microsoft Intune and Jamf Pro. An enthusiastic and positive attitude. Ability to act independently while being a team player.
Apr 18, 2024
Full time
Want to do the best work of your life? With 24 million customers in 6 countries, make your mark at Europe's leading media and entertainment brand. A workplace where you can proudly be yourself; our people make Sky a truly exciting and inclusive place to work. What you'll do: Support the Linux estate and management platform, Tanium, ensuring smooth daily operations. Manage endpoint vulnerabilities using tools like Service Now, coordinating with teams for remediation to implement and uphold cybersecurity best practices. Support and continue to improve the Linux Build, ensuring process documentation is maintained to reflect production. Troubleshoot business incidents on the Linux endpoint estate. What you'll bring: Proven experience as a Tanium SME or similar Management Platform and its integration with Ubuntu Linux Desktop. Advanced knowledge in Linux System Administration. Knowledge of device hardening, CIS, and security baselining. Experience in Cyberark EPM or similar Endpoint Privilege Management. Knowledge in Modern Authentication, Azure AD/Entra ID. Proficiency in Bash scripting creation for automation and deployment. Strong analytical skills to convert business requirements into technical solutions. A proactive attitude with the ability to work under tight deadlines in a dynamic environment. Desired Qualities: Proficiency in MDM solutions such as Microsoft Intune and Jamf Pro. An enthusiastic and positive attitude. Ability to act independently while being a team player.
Junior Technical Writer - Banking/remote Are you a passionate and confident Junior Technical Writer (Cyber security) ready to make a significant contribution working for one of the UK's fastest growing Financial Services Consultancies? Then read on! MHC Overview: MHC are an award-winning IT and Business Consultancy, specialising in Change Management initiatives, which we deliver working in a collaborative way with our Clients. You will have the confidence and the capability to step straight into a specialist consultancy role within one of MHC's Practice areas to provide effective and efficient solutions that support our Clients' business requirements, while working constructively with senior MHC and Client managers and other staff. MHC are hiring a Junior Technical Writer to join us on a PAYE contract basis and work on a project we are delivering for a Tier 1 Bank. We are seeking a Junior Technical Writer to join the bank's Cybersecurity Education and Awareness team to design and deliver clear and effective documentation and communications across several projects of varying complexity. Ideally you will have experience in a technical field such as cybersecurity, software development, or engineering, and is confident working with stakeholders at all levels to gather requirements and translate complex processes and information into accurate, engaging, and digestible content. Responsibilities Work closely with the Senior Technical Writer, you will create effective and impactful: - Technical documentation, - User manuals/guidelines, - Brochures, - Documentation packs, Actively engage with relevant stakeholders and teams to understand projects and their impact. Gather information from subject matter experts to create accurate, accessible, and engaging content to brand and communication guidelines. Create reusable, easy to maintain templates across a range of documentation and content types, including Intranet portals, product catalogues, and presentations. Knowledge, Qualifications & Experience Required skills and qualifications: Must: Minimum of 3 years of experience as technical writer. Must: Excellent spoken and written English with a keen eye for detail. Must: Rapidly grasp complex processes and translate them into accurate and simple content. Minimum of 5 years of experience in the IT industry. Functional understanding of designing and writing for neurodiverse audiences. A flexible, enthusiastic, and accessible team member, calm under pressure, keen to share knowledge, introduce ideas, and assist the team when needed. Good to have skillsets: Use of a project and task management tool such as JIRA or Understanding of process and workflow optimisation. A certification in technical writing. Functional understanding of CSS and HTML, and a development language such as JavaScript. Functional understanding of project, software, UI/UX, and documentation development life cycles. Strong project, prioritisation, and stakeholder management across concurrent projects. Remote working. Please apply now for immediate consideration.
Apr 18, 2024
Contractor
Junior Technical Writer - Banking/remote Are you a passionate and confident Junior Technical Writer (Cyber security) ready to make a significant contribution working for one of the UK's fastest growing Financial Services Consultancies? Then read on! MHC Overview: MHC are an award-winning IT and Business Consultancy, specialising in Change Management initiatives, which we deliver working in a collaborative way with our Clients. You will have the confidence and the capability to step straight into a specialist consultancy role within one of MHC's Practice areas to provide effective and efficient solutions that support our Clients' business requirements, while working constructively with senior MHC and Client managers and other staff. MHC are hiring a Junior Technical Writer to join us on a PAYE contract basis and work on a project we are delivering for a Tier 1 Bank. We are seeking a Junior Technical Writer to join the bank's Cybersecurity Education and Awareness team to design and deliver clear and effective documentation and communications across several projects of varying complexity. Ideally you will have experience in a technical field such as cybersecurity, software development, or engineering, and is confident working with stakeholders at all levels to gather requirements and translate complex processes and information into accurate, engaging, and digestible content. Responsibilities Work closely with the Senior Technical Writer, you will create effective and impactful: - Technical documentation, - User manuals/guidelines, - Brochures, - Documentation packs, Actively engage with relevant stakeholders and teams to understand projects and their impact. Gather information from subject matter experts to create accurate, accessible, and engaging content to brand and communication guidelines. Create reusable, easy to maintain templates across a range of documentation and content types, including Intranet portals, product catalogues, and presentations. Knowledge, Qualifications & Experience Required skills and qualifications: Must: Minimum of 3 years of experience as technical writer. Must: Excellent spoken and written English with a keen eye for detail. Must: Rapidly grasp complex processes and translate them into accurate and simple content. Minimum of 5 years of experience in the IT industry. Functional understanding of designing and writing for neurodiverse audiences. A flexible, enthusiastic, and accessible team member, calm under pressure, keen to share knowledge, introduce ideas, and assist the team when needed. Good to have skillsets: Use of a project and task management tool such as JIRA or Understanding of process and workflow optimisation. A certification in technical writing. Functional understanding of CSS and HTML, and a development language such as JavaScript. Functional understanding of project, software, UI/UX, and documentation development life cycles. Strong project, prioritisation, and stakeholder management across concurrent projects. Remote working. Please apply now for immediate consideration.
ForgeRock Identity Cloud Consultant - London (Hybrid) - FTE 12 months to be extended - My client, a prominent IT Services and Consulting firm, is renowned for delivering inventive solutions to clients globally. Their proficiency encompasses the deployment of state-of-the-art technologies and spearheading digital transformation endeavors. Presently, they are in search of an adept ForgeRock Identity Cloud Consultant to join their London team on a Full time basis for an initial 12-month contract, with the potential for extension. Location: London (Hybrid: 2 days onsite, 3 days remote) Responsibilities: Lead the implementation, configuration, development, and administration of ForgeRock CIAM solutions, both on-premise and in the cloud. Develop and deploy ForgeRock OpenAM/AM Custom Authentication modules tailored to meet client requirements. Provide operational support and maintenance for ForgeRock Identity Cloud deployments. Collaborate with cross-functional teams to design and implement integrated solutions. Troubleshoot and resolve technical issues related to ForgeRock Identity Cloud platform. Requirements: Bachelor's degree in Computer Science, Engineering, or a related field. Proven experience in implementing, configuring, and administering ForgeRock CIAM solutions. Strong proficiency in developing custom authentication modules for ForgeRock OpenAM/AM. Hands-on experience with ForgeRock Identity Cloud platform, both on-premise and in cloud environments. Familiarity with identity and access management (IAM) principles and best practices. Excellent communication and interpersonal skills, with the ability to collaborate effectively with diverse teams. Problem-solving mindset and ability to thrive in a fast-paced, dynamic environment. If you are a motivated ForgeRock Identity Cloud Consultant looking to take on new challenges and make a meaningful impact, we encourage you to apply. Please submit your resume and cover letter detailing your relevant experience and qualifications to (see below) We look forward to hearing from you! Randstad Technologies Ltd is a leading specialist recruitment business for the IT & Engineering industries. Please note that due to a high level of applications, we can only respond to applicants whose skills & qualifications are suitable for this position. No terminology in this advert is intended to discriminate against any of the protected characteristics that fall under the Equality Act 2010. For the purposes of the Conduct Regulations 2003, when advertising permanent vacancies we are acting as an Employment Agency, and when advertising temporary/contract vacancies we are acting as an Employment Business.
Apr 18, 2024
Full time
ForgeRock Identity Cloud Consultant - London (Hybrid) - FTE 12 months to be extended - My client, a prominent IT Services and Consulting firm, is renowned for delivering inventive solutions to clients globally. Their proficiency encompasses the deployment of state-of-the-art technologies and spearheading digital transformation endeavors. Presently, they are in search of an adept ForgeRock Identity Cloud Consultant to join their London team on a Full time basis for an initial 12-month contract, with the potential for extension. Location: London (Hybrid: 2 days onsite, 3 days remote) Responsibilities: Lead the implementation, configuration, development, and administration of ForgeRock CIAM solutions, both on-premise and in the cloud. Develop and deploy ForgeRock OpenAM/AM Custom Authentication modules tailored to meet client requirements. Provide operational support and maintenance for ForgeRock Identity Cloud deployments. Collaborate with cross-functional teams to design and implement integrated solutions. Troubleshoot and resolve technical issues related to ForgeRock Identity Cloud platform. Requirements: Bachelor's degree in Computer Science, Engineering, or a related field. Proven experience in implementing, configuring, and administering ForgeRock CIAM solutions. Strong proficiency in developing custom authentication modules for ForgeRock OpenAM/AM. Hands-on experience with ForgeRock Identity Cloud platform, both on-premise and in cloud environments. Familiarity with identity and access management (IAM) principles and best practices. Excellent communication and interpersonal skills, with the ability to collaborate effectively with diverse teams. Problem-solving mindset and ability to thrive in a fast-paced, dynamic environment. If you are a motivated ForgeRock Identity Cloud Consultant looking to take on new challenges and make a meaningful impact, we encourage you to apply. Please submit your resume and cover letter detailing your relevant experience and qualifications to (see below) We look forward to hearing from you! Randstad Technologies Ltd is a leading specialist recruitment business for the IT & Engineering industries. Please note that due to a high level of applications, we can only respond to applicants whose skills & qualifications are suitable for this position. No terminology in this advert is intended to discriminate against any of the protected characteristics that fall under the Equality Act 2010. For the purposes of the Conduct Regulations 2003, when advertising permanent vacancies we are acting as an Employment Agency, and when advertising temporary/contract vacancies we are acting as an Employment Business.
ForgeRock Identity Cloud Consultant - London (Hybrid) - FTE 12 months to be extended - My client, a prominent IT Services and Consulting firm, is renowned for delivering inventive solutions to clients globally. Their proficiency encompasses the deployment of state-of-the-art technologies and spearheading digital transformation endeavors. Presently, they are in search of an adept ForgeRock Identity Cloud Consultant to join their London team on a full-time basis for an initial 12-month contract, with the potential for extension. Location: London (Hybrid: 2 days onsite, 3 days remote) Responsibilities: Lead the implementation, configuration, development, and administration of ForgeRock CIAM solutions, both on-premise and in the cloud. Develop and deploy ForgeRock OpenAM/AM Custom Authentication modules tailored to meet client requirements. Provide operational support and maintenance for ForgeRock Identity Cloud deployments. Collaborate with cross-functional teams to design and implement integrated solutions. Troubleshoot and resolve technical issues related to ForgeRock Identity Cloud platform. Requirements: Bachelor's degree in Computer Science, Engineering, or a related field. Proven experience in implementing, configuring, and administering ForgeRock CIAM solutions. Strong proficiency in developing custom authentication modules for ForgeRock OpenAM/AM. Hands-on experience with ForgeRock Identity Cloud platform, both on-premise and in cloud environments. Familiarity with identity and access management (IAM) principles and best practices. Excellent communication and interpersonal skills, with the ability to collaborate effectively with diverse teams. Problem-solving mindset and ability to thrive in a fast-paced, dynamic environment. If you are a motivated ForgeRock Identity Cloud Consultant looking to take on new challenges and make a meaningful impact, we encourage you to apply. Please submit your resume and cover letter detailing your relevant experience and qualifications to (url removed) We look forward to hearing from you! Randstad Technologies Ltd is a leading specialist recruitment business for the IT & Engineering industries. Please note that due to a high level of applications, we can only respond to applicants whose skills & qualifications are suitable for this position. No terminology in this advert is intended to discriminate against any of the protected characteristics that fall under the Equality Act 2010. For the purposes of the Conduct Regulations 2003, when advertising permanent vacancies we are acting as an Employment Agency, and when advertising temporary/contract vacancies we are acting as an Employment Business.
Apr 18, 2024
Full time
ForgeRock Identity Cloud Consultant - London (Hybrid) - FTE 12 months to be extended - My client, a prominent IT Services and Consulting firm, is renowned for delivering inventive solutions to clients globally. Their proficiency encompasses the deployment of state-of-the-art technologies and spearheading digital transformation endeavors. Presently, they are in search of an adept ForgeRock Identity Cloud Consultant to join their London team on a full-time basis for an initial 12-month contract, with the potential for extension. Location: London (Hybrid: 2 days onsite, 3 days remote) Responsibilities: Lead the implementation, configuration, development, and administration of ForgeRock CIAM solutions, both on-premise and in the cloud. Develop and deploy ForgeRock OpenAM/AM Custom Authentication modules tailored to meet client requirements. Provide operational support and maintenance for ForgeRock Identity Cloud deployments. Collaborate with cross-functional teams to design and implement integrated solutions. Troubleshoot and resolve technical issues related to ForgeRock Identity Cloud platform. Requirements: Bachelor's degree in Computer Science, Engineering, or a related field. Proven experience in implementing, configuring, and administering ForgeRock CIAM solutions. Strong proficiency in developing custom authentication modules for ForgeRock OpenAM/AM. Hands-on experience with ForgeRock Identity Cloud platform, both on-premise and in cloud environments. Familiarity with identity and access management (IAM) principles and best practices. Excellent communication and interpersonal skills, with the ability to collaborate effectively with diverse teams. Problem-solving mindset and ability to thrive in a fast-paced, dynamic environment. If you are a motivated ForgeRock Identity Cloud Consultant looking to take on new challenges and make a meaningful impact, we encourage you to apply. Please submit your resume and cover letter detailing your relevant experience and qualifications to (url removed) We look forward to hearing from you! Randstad Technologies Ltd is a leading specialist recruitment business for the IT & Engineering industries. Please note that due to a high level of applications, we can only respond to applicants whose skills & qualifications are suitable for this position. No terminology in this advert is intended to discriminate against any of the protected characteristics that fall under the Equality Act 2010. For the purposes of the Conduct Regulations 2003, when advertising permanent vacancies we are acting as an Employment Agency, and when advertising temporary/contract vacancies we are acting as an Employment Business.
Technical Writer - Banking/remote Are you a passionate and confident Technical Writer ready to make a significant contribution working for one of the UK's fastest growing Financial Services Consultancies? Then read on! MHC Overview: MHC are an award-winning IT and Business Consultancy, specialising in Change Management initiatives, which we deliver working in a collaborative way with our Clients. You will have the confidence and the capability to step straight into a specialist consultancy role within one of MHC's Practice areas to provide effective and efficient solutions that support our Clients' business requirements, while working constructively with senior MHC and Client managers and other staff. MHC are hiring an Technical Writer to join us on a PAYE contract basis and work on a project we are delivering for a Tier 1 Bank. We are seeking a Technical Writer to join the bank's Cybersecurity Education and Awareness team to design and deliver clear and effective documentation and communications across several projects of varying complexity. The ideal candidate has proficiency in a technical field such as cybersecurity, software development, or engineering, and is confident working with stakeholders at all levels to gather requirements and translate complex processes and information into accurate, engaging, and digestible content. Responsibilities Work closely with the Senior Technical Writer to create an effective and impactful: Technical documentation, User manuals/guidelines, Brochures, Documentation packs, Actively engage with relevant stakeholders and teams to understand projects and their impact. Gather information from subject matter experts to create accurate, accessible, and engaging content to brand and communication guidelines. Create reusable, easy to maintain templates across a range of documentation and content types, including Intranet portals, product catalogues, and presentations. Knowledge, Qualifications & Experience Required skills and qualifications: Must: Minimum of 3 years of experience as technical writer. Must: Excellent spoken and written English with a keen eye for detail. Must: Rapidly grasp complex processes and translate them into accurate and simple content. Minimum of 5 years of experience in the IT industry. Functional understanding of designing and writing for neurodiverse audiences. A flexible, enthusiastic, and accessible team member, calm under pressure, keen to share knowledge, introduce ideas, and assist the team when needed. Good to have skillsets: Use of a project and task management tool such as JIRA or Understanding of process and workflow optimisation. A certification in technical writing. Functional understanding of CSS and HTML, and a development language such as JavaScript. Functional understanding of project, software, UI/UX, and documentation development life cycles. Strong project, prioritisation, and stakeholder management across concurrent projects. Remote working. Please apply now for immediate consideration.
Apr 18, 2024
Contractor
Technical Writer - Banking/remote Are you a passionate and confident Technical Writer ready to make a significant contribution working for one of the UK's fastest growing Financial Services Consultancies? Then read on! MHC Overview: MHC are an award-winning IT and Business Consultancy, specialising in Change Management initiatives, which we deliver working in a collaborative way with our Clients. You will have the confidence and the capability to step straight into a specialist consultancy role within one of MHC's Practice areas to provide effective and efficient solutions that support our Clients' business requirements, while working constructively with senior MHC and Client managers and other staff. MHC are hiring an Technical Writer to join us on a PAYE contract basis and work on a project we are delivering for a Tier 1 Bank. We are seeking a Technical Writer to join the bank's Cybersecurity Education and Awareness team to design and deliver clear and effective documentation and communications across several projects of varying complexity. The ideal candidate has proficiency in a technical field such as cybersecurity, software development, or engineering, and is confident working with stakeholders at all levels to gather requirements and translate complex processes and information into accurate, engaging, and digestible content. Responsibilities Work closely with the Senior Technical Writer to create an effective and impactful: Technical documentation, User manuals/guidelines, Brochures, Documentation packs, Actively engage with relevant stakeholders and teams to understand projects and their impact. Gather information from subject matter experts to create accurate, accessible, and engaging content to brand and communication guidelines. Create reusable, easy to maintain templates across a range of documentation and content types, including Intranet portals, product catalogues, and presentations. Knowledge, Qualifications & Experience Required skills and qualifications: Must: Minimum of 3 years of experience as technical writer. Must: Excellent spoken and written English with a keen eye for detail. Must: Rapidly grasp complex processes and translate them into accurate and simple content. Minimum of 5 years of experience in the IT industry. Functional understanding of designing and writing for neurodiverse audiences. A flexible, enthusiastic, and accessible team member, calm under pressure, keen to share knowledge, introduce ideas, and assist the team when needed. Good to have skillsets: Use of a project and task management tool such as JIRA or Understanding of process and workflow optimisation. A certification in technical writing. Functional understanding of CSS and HTML, and a development language such as JavaScript. Functional understanding of project, software, UI/UX, and documentation development life cycles. Strong project, prioritisation, and stakeholder management across concurrent projects. Remote working. Please apply now for immediate consideration.